00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000060000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:46 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0049dc000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:46 executing program 0 (fault-call:0 fault-nth:2): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:46 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000004000100070c10000000000000000000", 0x58}], 0x1) 16:50:46 executing program 3: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10], 0x95) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) [ 745.186906][ T7274] FAULT_INJECTION: forcing a failure. [ 745.186906][ T7274] name failslab, interval 1, probability 0, space 0, times 0 [ 745.226341][ T7274] CPU: 0 PID: 7274 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 16:50:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000040010000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 745.234995][ T7274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 745.245067][ T7274] Call Trace: [ 745.248366][ T7274] dump_stack+0x1fb/0x318 [ 745.252717][ T7274] should_fail+0x555/0x770 [ 745.257163][ T7274] __should_failslab+0x11a/0x160 [ 745.262124][ T7274] ? security_inode_alloc+0x36/0x1e0 [ 745.267426][ T7274] should_failslab+0x9/0x20 [ 745.271942][ T7274] kmem_cache_alloc+0x56/0x2e0 [ 745.276731][ T7274] ? rcu_read_lock_sched_held+0x10b/0x170 [ 745.282476][ T7274] security_inode_alloc+0x36/0x1e0 [ 745.287614][ T7274] inode_init_always+0x3b5/0x920 [ 745.292573][ T7274] ? shmem_match+0x180/0x180 [ 745.297186][ T7274] new_inode_pseudo+0x7f/0x240 [ 745.301971][ T7274] new_inode+0x28/0x1c0 [ 745.306153][ T7274] shmem_get_inode+0x108/0x6e0 [ 745.310946][ T7274] __shmem_file_setup+0x129/0x280 [ 745.315999][ T7274] shmem_file_setup+0x2f/0x40 [ 745.320705][ T7274] __se_sys_memfd_create+0x28e/0x4b0 [ 745.326125][ T7274] ? do_syscall_64+0x1d/0x1c0 [ 745.331010][ T7274] __x64_sys_memfd_create+0x5b/0x70 16:50:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000a0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 745.336274][ T7274] do_syscall_64+0xf7/0x1c0 [ 745.340919][ T7274] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 745.346822][ T7274] RIP: 0033:0x45a639 [ 745.350725][ T7274] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 745.370346][ T7274] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 745.370358][ T7274] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a639 16:50:46 executing program 3 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:46 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000040030000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:46 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000007000100070c10000000000000000000", 0x58}], 0x1) 16:50:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000c00e0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 745.370362][ T7274] RDX: 00000000200001d8 RSI: 0000000000000000 RDI: 00000000004bf6d2 [ 745.370367][ T7274] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 745.370372][ T7274] R10: 00000000006321e5 R11: 0000000000000246 R12: 00007f96751f16d4 [ 745.370377][ T7274] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 745.802663][ T7278] device nr0 entered promiscuous mode [ 745.847952][ T7278] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 745.857056][ T7278] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 745.871449][ T7278] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 745.883692][ T7278] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:47 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xd}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac3363") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:47 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000003400000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:47 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000000a000100070c10000000000000000000", 0x58}], 0x1) 16:50:47 executing program 0 (fault-call:0 fault-nth:3): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 746.273904][ T7519] FAULT_INJECTION: forcing a failure. [ 746.273904][ T7519] name failslab, interval 1, probability 0, space 0, times 0 [ 746.326229][ T7519] CPU: 1 PID: 7519 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 746.334876][ T7519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 746.344945][ T7519] Call Trace: [ 746.348257][ T7519] dump_stack+0x1fb/0x318 [ 746.352606][ T7519] should_fail+0x555/0x770 [ 746.357036][ T7519] __should_failslab+0x11a/0x160 [ 746.361986][ T7519] ? security_inode_alloc+0x36/0x1e0 [ 746.367272][ T7519] should_failslab+0x9/0x20 [ 746.371772][ T7519] kmem_cache_alloc+0x56/0x2e0 16:50:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000022140000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:47 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000000c000100070c10000000000000000000", 0x58}], 0x1) [ 746.376536][ T7519] ? rcu_read_lock_sched_held+0x10b/0x170 [ 746.382266][ T7519] security_inode_alloc+0x36/0x1e0 [ 746.387387][ T7519] inode_init_always+0x3b5/0x920 [ 746.392333][ T7519] ? shmem_match+0x180/0x180 [ 746.396922][ T7519] new_inode_pseudo+0x7f/0x240 [ 746.401682][ T7519] new_inode+0x28/0x1c0 [ 746.405840][ T7519] shmem_get_inode+0x108/0x6e0 [ 746.410614][ T7519] __shmem_file_setup+0x129/0x280 [ 746.415643][ T7519] shmem_file_setup+0x2f/0x40 [ 746.420326][ T7519] __se_sys_memfd_create+0x28e/0x4b0 [ 746.425615][ T7519] ? do_syscall_64+0x1d/0x1c0 [ 746.430541][ T7519] __x64_sys_memfd_create+0x5b/0x70 [ 746.435796][ T7519] do_syscall_64+0xf7/0x1c0 [ 746.440326][ T7519] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 746.446198][ T7519] RIP: 0033:0x45a639 [ 746.450078][ T7519] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:50:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x2, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 746.469672][ T7519] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 746.478068][ T7519] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a639 [ 746.486020][ T7519] RDX: 00000000200001d8 RSI: 0000000000000000 RDI: 00000000004bf6d2 [ 746.493983][ T7519] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 746.501938][ T7519] R10: 00000000006321e5 R11: 0000000000000246 R12: 00007f96751f16d4 [ 746.509891][ T7519] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:47 executing program 0 (fault-call:0 fault-nth:4): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:47 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000100008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000001f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 746.751857][ T7600] FAULT_INJECTION: forcing a failure. [ 746.751857][ T7600] name failslab, interval 1, probability 0, space 0, times 0 [ 746.829062][ T7600] CPU: 0 PID: 7600 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 746.837698][ T7600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 746.847760][ T7600] Call Trace: [ 746.851066][ T7600] dump_stack+0x1fb/0x318 [ 746.855586][ T7600] should_fail+0x555/0x770 [ 746.860016][ T7600] __should_failslab+0x11a/0x160 [ 746.864954][ T7600] ? __alloc_file+0x2c/0x390 [ 746.869546][ T7600] should_failslab+0x9/0x20 [ 746.874045][ T7600] kmem_cache_alloc+0x56/0x2e0 [ 746.874065][ T7600] __alloc_file+0x2c/0x390 [ 746.874082][ T7600] alloc_empty_file+0xac/0x1b0 [ 746.874093][ T7600] alloc_file+0x60/0x4c0 [ 746.874107][ T7600] alloc_file_pseudo+0x1d4/0x260 [ 746.874128][ T7600] __shmem_file_setup+0x1a2/0x280 [ 746.874142][ T7600] shmem_file_setup+0x2f/0x40 [ 746.874156][ T7600] __se_sys_memfd_create+0x28e/0x4b0 [ 746.874169][ T7600] ? do_syscall_64+0x1d/0x1c0 [ 746.874180][ T7600] __x64_sys_memfd_create+0x5b/0x70 [ 746.874193][ T7600] do_syscall_64+0xf7/0x1c0 [ 746.888112][ T7600] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 746.888123][ T7600] RIP: 0033:0x45a639 [ 746.888133][ T7600] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 746.888141][ T7600] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 746.897275][ T7600] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a639 [ 746.897281][ T7600] RDX: 00000000200001d8 RSI: 0000000000000000 RDI: 00000000004bf6d2 [ 746.897286][ T7600] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 746.897290][ T7600] R10: 00000000006321e5 R11: 0000000000000246 R12: 00007f96751f16d4 [ 746.897295][ T7600] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 747.029363][ T7522] device nr0 entered promiscuous mode [ 747.074405][ T7522] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 747.087689][ T7522] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 747.100361][ T7522] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 747.109156][ T7522] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:48 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:48 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x3, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:48 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd02000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000200000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:48 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400100008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:48 executing program 0 (fault-call:0 fault-nth:5): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 747.508280][ T7661] FAULT_INJECTION: forcing a failure. [ 747.508280][ T7661] name failslab, interval 1, probability 0, space 0, times 0 16:50:48 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd04000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000014220000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 747.589393][ T7661] CPU: 1 PID: 7661 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 747.598032][ T7661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 747.608111][ T7661] Call Trace: [ 747.611415][ T7661] dump_stack+0x1fb/0x318 [ 747.615767][ T7661] should_fail+0x555/0x770 [ 747.620188][ T7661] __should_failslab+0x11a/0x160 [ 747.625129][ T7661] ? __alloc_file+0x2c/0x390 [ 747.629720][ T7661] should_failslab+0x9/0x20 [ 747.634217][ T7661] kmem_cache_alloc+0x56/0x2e0 [ 747.638976][ T7661] __alloc_file+0x2c/0x390 [ 747.643387][ T7661] alloc_empty_file+0xac/0x1b0 [ 747.648141][ T7661] alloc_file+0x60/0x4c0 [ 747.652384][ T7661] alloc_file_pseudo+0x1d4/0x260 [ 747.657321][ T7661] __shmem_file_setup+0x1a2/0x280 [ 747.662335][ T7661] shmem_file_setup+0x2f/0x40 [ 747.667000][ T7661] __se_sys_memfd_create+0x28e/0x4b0 [ 747.672271][ T7661] ? do_syscall_64+0x1d/0x1c0 [ 747.676940][ T7661] __x64_sys_memfd_create+0x5b/0x70 [ 747.682125][ T7661] do_syscall_64+0xf7/0x1c0 [ 747.686619][ T7661] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 747.692496][ T7661] RIP: 0033:0x45a639 [ 747.696379][ T7661] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 747.715969][ T7661] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 747.724366][ T7661] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a639 [ 747.732320][ T7661] RDX: 00000000200001d8 RSI: 0000000000000000 RDI: 00000000004bf6d2 [ 747.740275][ T7661] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 747.748245][ T7661] R10: 00000000006321e5 R11: 0000000000000246 R12: 00007f96751f16d4 [ 747.756199][ T7661] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000003f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:48 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000200008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0a000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:49 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 748.131150][ T7732] device nr0 entered promiscuous mode [ 748.280551][ T7689] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 748.290418][ T7689] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 748.321555][ T7689] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 748.332197][ T7689] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:49 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:49 executing program 0 (fault-call:0 fault-nth:6): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:49 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000400008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:49 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x4, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0f000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:49 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000001400000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 748.692323][ T7804] FAULT_INJECTION: forcing a failure. [ 748.692323][ T7804] name failslab, interval 1, probability 0, space 0, times 0 16:50:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd60000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:49 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000dc490000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:49 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 748.883216][ T7804] CPU: 1 PID: 7804 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 748.891843][ T7804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 748.901902][ T7804] Call Trace: [ 748.905208][ T7804] dump_stack+0x1fb/0x318 [ 748.909556][ T7804] should_fail+0x555/0x770 [ 748.913988][ T7804] __should_failslab+0x11a/0x160 [ 748.919042][ T7804] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 748.924780][ T7804] should_failslab+0x9/0x20 [ 748.929293][ T7804] __kmalloc+0x7a/0x340 [ 748.933471][ T7804] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 748.933483][ T7804] tomoyo_realpath_from_path+0xdc/0x7c0 [ 748.933501][ T7804] tomoyo_path_perm+0x192/0x850 [ 748.933534][ T7804] tomoyo_path_truncate+0x1c/0x20 [ 748.933544][ T7804] security_path_truncate+0xd5/0x150 [ 748.933558][ T7804] do_sys_ftruncate+0x493/0x710 [ 748.933574][ T7804] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 748.970653][ T7804] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 748.976120][ T7804] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 748.981842][ T7804] ? do_syscall_64+0x1d/0x1c0 [ 748.986537][ T7804] __x64_sys_ftruncate+0x60/0x70 [ 748.991487][ T7804] do_syscall_64+0xf7/0x1c0 [ 748.996173][ T7804] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 749.002107][ T7804] RIP: 0033:0x45a607 [ 749.006007][ T7804] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 749.025607][ T7804] RSP: 002b:00007f96751f0a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d 16:50:49 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x5, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:50 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd40010010000100070c10000000000000000000", 0x58}], 0x1) [ 749.034022][ T7804] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a607 [ 749.042089][ T7804] RDX: 00000000200001d8 RSI: 0000000008100000 RDI: 0000000000000004 [ 749.050056][ T7804] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 749.058027][ T7804] R10: 00000000006321e5 R11: 0000000000000217 R12: 0000000000000004 [ 749.065997][ T7804] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00006a500000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 749.078812][ T7804] ERROR: Out of memory at tomoyo_realpath_from_path. [ 749.529397][ T7858] device nr0 entered promiscuous mode [ 749.584956][ T7858] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 749.595403][ T7858] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 749.608721][ T7858] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 749.617300][ T7858] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000600000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5ddd4020010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 0 (fault-call:0 fault-nth:7): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:51 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x6, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 749.997026][ T8091] FAULT_INJECTION: forcing a failure. [ 749.997026][ T8091] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 750.010264][ T8091] CPU: 0 PID: 8091 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 750.010273][ T8091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 750.010277][ T8091] Call Trace: [ 750.010299][ T8091] dump_stack+0x1fb/0x318 [ 750.010323][ T8091] should_fail+0x555/0x770 [ 750.040991][ T8091] should_fail_alloc_page+0x55/0x60 [ 750.046188][ T8091] prepare_alloc_pages+0x283/0x460 [ 750.051293][ T8091] __alloc_pages_nodemask+0xb2/0x5d0 [ 750.056583][ T8091] kmem_getpages+0x4d/0xa00 [ 750.061077][ T8091] cache_grow_begin+0x7e/0x2c0 [ 750.065832][ T8091] cache_alloc_refill+0x311/0x3f0 [ 750.070847][ T8091] ? check_preemption_disabled+0xb7/0x2a0 [ 750.076557][ T8091] __kmalloc+0x318/0x340 [ 750.080788][ T8091] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 750.086499][ T8091] tomoyo_realpath_from_path+0xdc/0x7c0 [ 750.092045][ T8091] tomoyo_path_perm+0x192/0x850 [ 750.096911][ T8091] tomoyo_path_truncate+0x1c/0x20 [ 750.101926][ T8091] security_path_truncate+0xd5/0x150 [ 750.107201][ T8091] do_sys_ftruncate+0x493/0x710 [ 750.112060][ T8091] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 750.117768][ T8091] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 750.123210][ T8091] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 750.128933][ T8091] ? do_syscall_64+0x1d/0x1c0 [ 750.133612][ T8091] __x64_sys_ftruncate+0x60/0x70 [ 750.138550][ T8091] do_syscall_64+0xf7/0x1c0 [ 750.143058][ T8091] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 750.148952][ T8091] RIP: 0033:0x45a607 [ 750.152842][ T8091] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 750.172434][ T8091] RSP: 002b:00007f96751f0a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 750.180832][ T8091] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a607 [ 750.188809][ T8091] RDX: 00000000200001d8 RSI: 0000000008100000 RDI: 0000000000000004 [ 750.196766][ T8091] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 750.204728][ T8091] R10: 00000000006321e5 R11: 0000000000000217 R12: 0000000000000004 [ 750.212690][ T8091] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000a0010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x7, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000067660000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000001f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 0 (fault-call:0 fault-nth:8): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5ddc00e0010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x8, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000066670000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000f0010000100070c10000000000000000000", 0x58}], 0x1) 16:50:51 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000002000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 750.790725][ T8095] device nr0 entered promiscuous mode [ 750.901160][ T8331] FAULT_INJECTION: forcing a failure. [ 750.901160][ T8331] name failslab, interval 1, probability 0, space 0, times 0 [ 750.908070][ T8095] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 750.946236][ T8095] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 750.949730][ T8331] CPU: 1 PID: 8331 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 750.964096][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 750.970389][ T8095] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 750.974151][ T8331] Call Trace: [ 750.974178][ T8331] dump_stack+0x1fb/0x318 [ 750.974198][ T8331] should_fail+0x555/0x770 [ 750.974218][ T8331] __should_failslab+0x11a/0x160 [ 750.974231][ T8331] ? tomoyo_encode2+0x273/0x5a0 [ 750.974242][ T8331] should_failslab+0x9/0x20 [ 750.974251][ T8331] __kmalloc+0x7a/0x340 [ 750.974268][ T8331] tomoyo_encode2+0x273/0x5a0 [ 750.974345][ T8331] ? dynamic_dname+0xf0/0xf0 [ 750.974359][ T8331] tomoyo_realpath_from_path+0x769/0x7c0 [ 750.974379][ T8331] tomoyo_path_perm+0x192/0x850 [ 750.974424][ T8331] tomoyo_path_truncate+0x1c/0x20 [ 750.974443][ T8331] security_path_truncate+0xd5/0x150 [ 750.982907][ T8095] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 750.985980][ T8331] do_sys_ftruncate+0x493/0x710 [ 750.985996][ T8331] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 750.986009][ T8331] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 750.986017][ T8331] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 750.986025][ T8331] ? do_syscall_64+0x1d/0x1c0 [ 750.986038][ T8331] __x64_sys_ftruncate+0x60/0x70 [ 750.986049][ T8331] do_syscall_64+0xf7/0x1c0 [ 750.986064][ T8331] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 750.986080][ T8331] RIP: 0033:0x45a607 [ 750.999723][ T8331] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 750.999729][ T8331] RSP: 002b:00007f96751f0a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 750.999740][ T8331] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045a607 [ 750.999749][ T8331] RDX: 00000000200001d8 RSI: 0000000008100000 RDI: 0000000000000004 [ 751.009067][ T8331] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 751.009074][ T8331] R10: 00000000006321e5 R11: 0000000000000217 R12: 0000000000000004 [ 751.009078][ T8331] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 751.098596][ T8331] ERROR: Out of memory at tomoyo_realpath_from_path. 16:50:52 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000506a0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x9, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:52 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd001f0010000100070c10000000000000000000", 0x58}], 0x1) 16:50:52 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000003f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:52 executing program 0 (fault-call:0 fault-nth:9): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 751.652319][ T8556] FAULT_INJECTION: forcing a failure. [ 751.652319][ T8556] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 751.678476][ T8556] CPU: 1 PID: 8556 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 751.687103][ T8556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 751.697166][ T8556] Call Trace: [ 751.700458][ T8556] dump_stack+0x1fb/0x318 [ 751.704784][ T8556] should_fail+0x555/0x770 [ 751.709217][ T8556] should_fail_alloc_page+0x55/0x60 [ 751.714406][ T8556] prepare_alloc_pages+0x283/0x460 [ 751.719508][ T8556] __alloc_pages_nodemask+0xb2/0x5d0 [ 751.724798][ T8556] alloc_pages_vma+0x4f7/0xd50 [ 751.729557][ T8556] shmem_alloc_and_acct_page+0x425/0xbb0 [ 751.735198][ T8556] shmem_getpage_gfp+0x2313/0x2a90 [ 751.740319][ T8556] shmem_write_begin+0xcb/0x1b0 [ 751.745159][ T8556] generic_perform_write+0x25d/0x4e0 [ 751.750442][ T8556] __generic_file_write_iter+0x235/0x500 [ 751.756065][ T8556] generic_file_write_iter+0x48e/0x630 [ 751.761527][ T8556] __vfs_write+0x5a1/0x740 [ 751.765943][ T8556] vfs_write+0x275/0x590 [ 751.770176][ T8556] __x64_sys_pwrite64+0x162/0x1d0 [ 751.775190][ T8556] do_syscall_64+0xf7/0x1c0 [ 751.779684][ T8556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 751.785560][ T8556] RIP: 0033:0x414437 [ 751.789446][ T8556] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 751.809039][ T8556] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 751.817439][ T8556] RAX: ffffffffffffffda RBX: 00000000200000d0 RCX: 0000000000414437 [ 751.825396][ T8556] RDX: 00000000000000be RSI: 0000000020000140 RDI: 0000000000000004 [ 751.833356][ T8556] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 751.841314][ T8556] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004 [ 751.849272][ T8556] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000e2850000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00200010000100070c10000000000000000000", 0x58}], 0x1) 16:50:53 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xb, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:53 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:53 executing program 0 (fault-call:0 fault-nth:10): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00400010000100070c10000000000000000000", 0x58}], 0x1) [ 752.205759][ T8663] device nr0 entered promiscuous mode [ 752.261135][ T8690] FAULT_INJECTION: forcing a failure. [ 752.261135][ T8690] name failslab, interval 1, probability 0, space 0, times 0 [ 752.311390][ T8690] CPU: 0 PID: 8690 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 752.320033][ T8690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 752.324171][ T8563] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 752.330093][ T8690] Call Trace: [ 752.330121][ T8690] dump_stack+0x1fb/0x318 [ 752.330143][ T8690] should_fail+0x555/0x770 [ 752.350380][ T8690] __should_failslab+0x11a/0x160 [ 752.355325][ T8690] ? getname_flags+0xba/0x640 [ 752.359997][ T8690] should_failslab+0x9/0x20 [ 752.364503][ T8690] kmem_cache_alloc+0x56/0x2e0 [ 752.369264][ T8690] ? check_preemption_disabled+0xb7/0x2a0 [ 752.374970][ T8690] getname_flags+0xba/0x640 [ 752.374981][ T8690] getname+0x19/0x20 [ 752.374993][ T8690] do_sys_open+0x261/0x560 [ 752.375006][ T8690] __x64_sys_open+0x87/0x90 [ 752.375021][ T8690] do_syscall_64+0xf7/0x1c0 [ 752.375034][ T8690] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 752.375044][ T8690] RIP: 0033:0x4143d1 [ 752.375053][ T8690] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 752.375058][ T8690] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 752.375066][ T8690] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 752.375071][ T8690] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 [ 752.375075][ T8690] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 752.375081][ T8690] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 752.375086][ T8690] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 752.376634][ T8563] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 752.492384][ T8563] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 752.516287][ T8563] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:53 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000014000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000ec00000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd01400010000100070c10000000000000000000", 0x58}], 0x1) 16:50:53 executing program 0 (fault-call:0 fault-nth:11): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:53 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:53 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xc, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 752.907079][ T8810] FAULT_INJECTION: forcing a failure. [ 752.907079][ T8810] name failslab, interval 1, probability 0, space 0, times 0 16:50:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000049dc0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 752.989067][ T8810] CPU: 0 PID: 8810 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 752.997705][ T8810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 753.007771][ T8810] Call Trace: [ 753.011083][ T8810] dump_stack+0x1fb/0x318 [ 753.015422][ T8810] should_fail+0x555/0x770 [ 753.019846][ T8810] __should_failslab+0x11a/0x160 [ 753.024804][ T8810] ? __alloc_file+0x2c/0x390 [ 753.029398][ T8810] should_failslab+0x9/0x20 [ 753.033899][ T8810] kmem_cache_alloc+0x56/0x2e0 [ 753.038657][ T8810] __alloc_file+0x2c/0x390 [ 753.043079][ T8810] alloc_empty_file+0xac/0x1b0 [ 753.047845][ T8810] path_openat+0x9e/0x4420 [ 753.052264][ T8810] ? __kasan_kmalloc+0x178/0x1b0 [ 753.057204][ T8810] ? __lock_acquire+0xc75/0x1be0 [ 753.062172][ T8810] do_filp_open+0x192/0x3d0 [ 753.066682][ T8810] ? _raw_spin_unlock+0x2c/0x50 [ 753.071554][ T8810] do_sys_open+0x29f/0x560 [ 753.075988][ T8810] __x64_sys_open+0x87/0x90 [ 753.080499][ T8810] do_syscall_64+0xf7/0x1c0 [ 753.085008][ T8810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 753.090896][ T8810] RIP: 0033:0x4143d1 [ 753.094873][ T8810] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 753.114487][ T8810] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 753.122904][ T8810] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 753.130874][ T8810] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 16:50:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dddc490010000100070c10000000000000000000", 0x58}], 0x1) 16:50:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000034c00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 753.138834][ T8810] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 753.138840][ T8810] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 753.138845][ T8810] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000085e20000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd6a500010000100070c10000000000000000000", 0x58}], 0x1) [ 753.181347][ T8834] device nr0 entered promiscuous mode [ 753.206148][ T8834] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 753.263227][ T8834] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 753.384553][ T8834] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 753.392852][ T8834] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xd, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400300008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00600010000100070c10000000000000000000", 0x58}], 0x1) 16:50:54 executing program 0 (fault-call:0 fault-nth:12): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 753.852106][ T9057] FAULT_INJECTION: forcing a failure. [ 753.852106][ T9057] name failslab, interval 1, probability 0, space 0, times 0 [ 753.886637][ T9057] CPU: 1 PID: 9057 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 753.895263][ T9057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 753.905313][ T9057] Call Trace: [ 753.908598][ T9057] dump_stack+0x1fb/0x318 [ 753.912917][ T9057] should_fail+0x555/0x770 [ 753.917319][ T9057] __should_failslab+0x11a/0x160 [ 753.922238][ T9057] ? getname_flags+0xba/0x640 [ 753.926976][ T9057] should_failslab+0x9/0x20 [ 753.931475][ T9057] kmem_cache_alloc+0x56/0x2e0 [ 753.936234][ T9057] ? check_preemption_disabled+0xb7/0x2a0 [ 753.941932][ T9057] getname_flags+0xba/0x640 [ 753.946416][ T9057] getname+0x19/0x20 [ 753.950305][ T9057] do_sys_open+0x261/0x560 [ 753.954701][ T9057] __x64_sys_open+0x87/0x90 [ 753.959183][ T9057] do_syscall_64+0xf7/0x1c0 [ 753.963678][ T9057] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 753.969546][ T9057] RIP: 0033:0x4143d1 [ 753.973545][ T9057] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 753.993141][ T9057] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 754.001537][ T9057] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 754.009493][ T9057] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 [ 754.017448][ T9057] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 754.025398][ T9057] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 754.033349][ T9057] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:55 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:55 executing program 0 (fault-call:0 fault-nth:13): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000034000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:55 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000676600008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:55 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd67660010000100070c10000000000000000000", 0x58}], 0x1) 16:50:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xe, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 754.340657][ T9067] FAULT_INJECTION: forcing a failure. [ 754.340657][ T9067] name failslab, interval 1, probability 0, space 0, times 0 [ 754.370181][ T9067] CPU: 1 PID: 9067 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 754.378839][ T9067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 754.389207][ T9067] Call Trace: [ 754.392800][ T9067] dump_stack+0x1fb/0x318 [ 754.397240][ T9067] should_fail+0x555/0x770 [ 754.401708][ T9067] __should_failslab+0x11a/0x160 [ 754.406662][ T9067] ? __alloc_file+0x2c/0x390 [ 754.411440][ T9067] should_failslab+0x9/0x20 [ 754.415969][ T9067] kmem_cache_alloc+0x56/0x2e0 [ 754.420760][ T9067] __alloc_file+0x2c/0x390 [ 754.425183][ T9067] alloc_empty_file+0xac/0x1b0 [ 754.429946][ T9067] path_openat+0x9e/0x4420 [ 754.434354][ T9067] ? __kasan_kmalloc+0x178/0x1b0 [ 754.439325][ T9067] ? __lock_acquire+0xc75/0x1be0 [ 754.444272][ T9067] ? rcu_read_lock_sched_held+0x10b/0x170 [ 754.450016][ T9067] do_filp_open+0x192/0x3d0 [ 754.454516][ T9067] ? _raw_spin_unlock+0x2c/0x50 [ 754.459371][ T9067] do_sys_open+0x29f/0x560 [ 754.463793][ T9067] __x64_sys_open+0x87/0x90 [ 754.468292][ T9067] do_syscall_64+0xf7/0x1c0 [ 754.472793][ T9067] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 754.478676][ T9067] RIP: 0033:0x4143d1 [ 754.482564][ T9067] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 754.502294][ T9067] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 754.510714][ T9067] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 754.518708][ T9067] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 [ 754.526679][ T9067] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a 16:50:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000001008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 754.534661][ T9067] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 754.542753][ T9067] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:55 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000506a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:55 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd66670010000100070c10000000000000000000", 0x58}], 0x1) 16:50:55 executing program 0 (fault-call:0 fault-nth:14): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004001008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xf, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 754.826228][ T9188] FAULT_INJECTION: forcing a failure. [ 754.826228][ T9188] name failslab, interval 1, probability 0, space 0, times 0 [ 754.868771][ T9188] CPU: 0 PID: 9188 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 754.877537][ T9188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 754.877550][ T9188] Call Trace: [ 754.890945][ T9188] dump_stack+0x1fb/0x318 [ 754.895300][ T9188] should_fail+0x555/0x770 [ 754.899737][ T9188] __should_failslab+0x11a/0x160 [ 754.904700][ T9188] ? security_file_alloc+0x36/0x200 [ 754.910065][ T9188] should_failslab+0x9/0x20 [ 754.915102][ T9188] kmem_cache_alloc+0x56/0x2e0 [ 754.915118][ T9188] security_file_alloc+0x36/0x200 [ 754.915130][ T9188] __alloc_file+0xde/0x390 [ 754.915142][ T9188] alloc_empty_file+0xac/0x1b0 [ 754.915154][ T9188] path_openat+0x9e/0x4420 [ 754.915165][ T9188] ? __kasan_kmalloc+0x178/0x1b0 [ 754.915179][ T9188] ? __lock_acquire+0xc75/0x1be0 [ 754.915198][ T9188] ? cache_alloc_refill+0x3b1/0x3f0 [ 754.915219][ T9188] do_filp_open+0x192/0x3d0 [ 754.915239][ T9188] ? _raw_spin_unlock+0x2c/0x50 [ 754.963094][ T9188] do_sys_open+0x29f/0x560 [ 754.967513][ T9188] __x64_sys_open+0x87/0x90 [ 754.972011][ T9188] do_syscall_64+0xf7/0x1c0 [ 754.976511][ T9188] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 754.982394][ T9188] RIP: 0033:0x4143d1 [ 754.986390][ T9188] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 755.006013][ T9188] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 755.014426][ T9188] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 755.022534][ T9188] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 [ 755.030640][ T9188] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 755.038616][ T9188] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 755.046580][ T9188] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 755.260330][ T9300] device nr0 entered promiscuous mode [ 755.281978][ T9071] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 755.292816][ T9071] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 755.309632][ T9071] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 755.319567][ T9071] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:56 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00ffffff9e00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:56 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd506a0010000100070c10000000000000000000", 0x58}], 0x1) 16:50:56 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000002008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:56 executing program 0 (fault-call:0 fault-nth:15): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:56 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700), 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:56 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x10, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 755.691493][ T9308] FAULT_INJECTION: forcing a failure. [ 755.691493][ T9308] name failslab, interval 1, probability 0, space 0, times 0 [ 755.752814][ T9308] CPU: 0 PID: 9308 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 755.761558][ T9308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 755.771826][ T9308] Call Trace: [ 755.775119][ T9308] dump_stack+0x1fb/0x318 [ 755.779477][ T9308] should_fail+0x555/0x770 [ 755.783891][ T9308] __should_failslab+0x11a/0x160 [ 755.788846][ T9308] ? tomoyo_encode2+0x273/0x5a0 [ 755.793727][ T9308] should_failslab+0x9/0x20 [ 755.798216][ T9308] __kmalloc+0x7a/0x340 [ 755.802416][ T9308] tomoyo_encode2+0x273/0x5a0 [ 755.807088][ T9308] tomoyo_realpath_from_path+0x769/0x7c0 [ 755.812706][ T9308] tomoyo_check_open_permission+0x1ce/0x9d0 [ 755.818603][ T9308] tomoyo_file_open+0x141/0x190 [ 755.823438][ T9308] security_file_open+0x65/0x2f0 [ 755.828361][ T9308] do_dentry_open+0x351/0x10c0 [ 755.833113][ T9308] vfs_open+0x73/0x80 [ 755.837075][ T9308] path_openat+0x1397/0x4420 [ 755.841742][ T9308] do_filp_open+0x192/0x3d0 [ 755.846457][ T9308] do_sys_open+0x29f/0x560 [ 755.850859][ T9308] __x64_sys_open+0x87/0x90 [ 755.855366][ T9308] do_syscall_64+0xf7/0x1c0 [ 755.859852][ T9308] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 755.865724][ T9308] RIP: 0033:0x4143d1 [ 755.869597][ T9308] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 755.889219][ T9308] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 16:50:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000004008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:57 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dde2850010000100070c10000000000000000000", 0x58}], 0x1) [ 755.897631][ T9308] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 755.905600][ T9308] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 [ 755.913577][ T9308] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 755.921536][ T9308] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 755.929513][ T9308] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:57 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000ec000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 756.046479][ T9308] ERROR: Out of memory at tomoyo_realpath_from_path. 16:50:57 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0ec00010000100070c10000000000000000000", 0x58}], 0x1) 16:50:57 executing program 0 (fault-call:0 fault-nth:16): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:57 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x11, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:57 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000049dc00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:57 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd02d40010000100070c10000000000000000000", 0x58}], 0x1) [ 756.424421][ T9440] FAULT_INJECTION: forcing a failure. [ 756.424421][ T9440] name failslab, interval 1, probability 0, space 0, times 0 [ 756.455492][ T9440] CPU: 1 PID: 9440 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 756.464133][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 756.474204][ T9440] Call Trace: [ 756.477519][ T9440] dump_stack+0x1fb/0x318 [ 756.481868][ T9440] should_fail+0x555/0x770 [ 756.486308][ T9440] __should_failslab+0x11a/0x160 [ 756.491260][ T9440] ? tomoyo_encode2+0x273/0x5a0 [ 756.496138][ T9440] should_failslab+0x9/0x20 [ 756.500658][ T9440] __kmalloc+0x7a/0x340 [ 756.504826][ T9440] tomoyo_encode2+0x273/0x5a0 [ 756.509517][ T9440] tomoyo_realpath_from_path+0x769/0x7c0 [ 756.515172][ T9440] tomoyo_path_number_perm+0x166/0x640 [ 756.520750][ T9440] ? smack_file_ioctl+0x226/0x2e0 [ 756.525802][ T9440] ? __fget+0x4d1/0x510 [ 756.529982][ T9440] tomoyo_file_ioctl+0x23/0x30 [ 756.534769][ T9440] security_file_ioctl+0x6d/0xd0 [ 756.539728][ T9440] __x64_sys_ioctl+0xa3/0x120 [ 756.544416][ T9440] do_syscall_64+0xf7/0x1c0 [ 756.548929][ T9440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 756.554829][ T9440] RIP: 0033:0x45a4a7 [ 756.558730][ T9440] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 756.578334][ T9440] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 756.578352][ T9440] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 756.578357][ T9440] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 756.578361][ T9440] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 756.578366][ T9440] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 756.578371][ T9440] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 756.613581][ T9440] ERROR: Out of memory at tomoyo_realpath_from_path. [ 756.658310][ T9429] device nr0 entered promiscuous mode [ 756.667740][ T9429] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 756.677342][ T9429] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 756.704902][ T9429] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 756.721365][ T9429] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:58 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700), 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:58 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00ffffffef00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:58 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd49dc0010000100070c10000000000000000000", 0x58}], 0x1) 16:50:58 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x12, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:58 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000002214008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:58 executing program 0 (fault-call:0 fault-nth:17): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 757.128920][ T9565] FAULT_INJECTION: forcing a failure. [ 757.128920][ T9565] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 757.142157][ T9565] CPU: 1 PID: 9565 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 757.142166][ T9565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 757.142170][ T9565] Call Trace: [ 757.142192][ T9565] dump_stack+0x1fb/0x318 [ 757.142209][ T9565] should_fail+0x555/0x770 [ 757.142239][ T9565] should_fail_alloc_page+0x55/0x60 [ 757.142252][ T9565] prepare_alloc_pages+0x283/0x460 [ 757.183274][ T9565] __alloc_pages_nodemask+0xb2/0x5d0 [ 757.188564][ T9565] kmem_getpages+0x4d/0xa00 [ 757.193093][ T9565] cache_grow_begin+0x7e/0x2c0 [ 757.197860][ T9565] cache_alloc_refill+0x311/0x3f0 [ 757.202880][ T9565] ? check_preemption_disabled+0xb7/0x2a0 [ 757.208595][ T9565] __kmalloc+0x318/0x340 [ 757.213002][ T9565] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 757.218713][ T9565] tomoyo_realpath_from_path+0xdc/0x7c0 [ 757.224253][ T9565] tomoyo_check_open_permission+0x1ce/0x9d0 [ 757.230160][ T9565] tomoyo_file_open+0x141/0x190 [ 757.235003][ T9565] security_file_open+0x65/0x2f0 [ 757.239965][ T9565] do_dentry_open+0x351/0x10c0 [ 757.244732][ T9565] vfs_open+0x73/0x80 [ 757.248710][ T9565] path_openat+0x1397/0x4420 [ 757.253319][ T9565] do_filp_open+0x192/0x3d0 [ 757.257827][ T9565] do_sys_open+0x29f/0x560 [ 757.262237][ T9565] __x64_sys_open+0x87/0x90 [ 757.266727][ T9565] do_syscall_64+0xf7/0x1c0 [ 757.271227][ T9565] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 757.277107][ T9565] RIP: 0033:0x4143d1 [ 757.280992][ T9565] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 757.300587][ T9565] RSP: 002b:00007f96751f0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 757.309131][ T9565] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 00000000004143d1 [ 757.317102][ T9565] RDX: 00007f96751f0b0a RSI: 0000000000000002 RDI: 00007f96751f0b00 [ 757.325096][ T9565] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 757.333070][ T9565] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 757.341028][ T9565] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:58 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00fffffff000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:58 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x13, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:58 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000001f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:58 executing program 0 (fault-call:0 fault-nth:18): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:50:58 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd85e20010000100070c10000000000000000000", 0x58}], 0x1) 16:50:58 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000020008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 757.724594][ T9717] FAULT_INJECTION: forcing a failure. [ 757.724594][ T9717] name failslab, interval 1, probability 0, space 0, times 0 [ 757.741027][ T9717] CPU: 1 PID: 9717 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 757.749648][ T9717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 757.759710][ T9717] Call Trace: [ 757.763007][ T9717] dump_stack+0x1fb/0x318 [ 757.767339][ T9717] should_fail+0x555/0x770 [ 757.771767][ T9717] __should_failslab+0x11a/0x160 [ 757.776718][ T9717] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 757.782446][ T9717] should_failslab+0x9/0x20 [ 757.786952][ T9717] __kmalloc+0x7a/0x340 [ 757.791109][ T9717] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 757.796835][ T9717] tomoyo_realpath_from_path+0xdc/0x7c0 [ 757.802396][ T9717] tomoyo_path_number_perm+0x166/0x640 [ 757.807887][ T9717] ? smack_file_ioctl+0x226/0x2e0 [ 757.812910][ T9717] ? __fget+0x4d1/0x510 [ 757.817077][ T9717] tomoyo_file_ioctl+0x23/0x30 [ 757.821838][ T9717] security_file_ioctl+0x6d/0xd0 [ 757.826774][ T9717] __x64_sys_ioctl+0xa3/0x120 [ 757.831455][ T9717] do_syscall_64+0xf7/0x1c0 [ 757.835961][ T9717] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 757.842277][ T9717] RIP: 0033:0x45a4a7 [ 757.842288][ T9717] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 757.842294][ T9717] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 757.842305][ T9717] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 757.842311][ T9717] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 757.842316][ T9717] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 757.842322][ T9717] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 757.842328][ T9717] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 757.932249][ T9685] device nr0 entered promiscuous mode [ 757.938992][ T9717] ERROR: Out of memory at tomoyo_realpath_from_path. [ 757.985359][ T9640] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 758.000047][ T9640] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 758.021079][ T9640] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 758.039175][ T9640] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:50:59 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700), 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:50:59 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000040000100070c10000000000000000000", 0x58}], 0x1) 16:50:59 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000ffff00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:59 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x14, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:50:59 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000003f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:59 executing program 0 (fault-call:0 fault-nth:19): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 758.486804][ T9816] FAULT_INJECTION: forcing a failure. [ 758.486804][ T9816] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 758.500052][ T9816] CPU: 1 PID: 9816 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 758.500061][ T9816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 758.500065][ T9816] Call Trace: [ 758.500087][ T9816] dump_stack+0x1fb/0x318 [ 758.500105][ T9816] should_fail+0x555/0x770 [ 758.500126][ T9816] should_fail_alloc_page+0x55/0x60 [ 758.500135][ T9816] prepare_alloc_pages+0x283/0x460 [ 758.500149][ T9816] __alloc_pages_nodemask+0xb2/0x5d0 [ 758.500228][ T9816] ? stack_trace_save+0x150/0x150 [ 758.500255][ T9816] kmem_getpages+0x4d/0xa00 [ 758.546608][ T9816] cache_grow_begin+0x7e/0x2c0 [ 758.546622][ T9816] cache_alloc_refill+0x311/0x3f0 [ 758.546632][ T9816] ? check_preemption_disabled+0xb7/0x2a0 [ 758.546645][ T9816] __kmalloc+0x318/0x340 [ 758.546657][ T9816] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 758.546668][ T9816] tomoyo_realpath_from_path+0xdc/0x7c0 [ 758.546689][ T9816] tomoyo_path_number_perm+0x166/0x640 [ 758.546723][ T9816] ? smack_file_ioctl+0x226/0x2e0 [ 758.597718][ T9816] ? __fget+0x4d1/0x510 [ 758.601877][ T9816] tomoyo_file_ioctl+0x23/0x30 [ 758.606649][ T9816] security_file_ioctl+0x6d/0xd0 [ 758.611957][ T9816] __x64_sys_ioctl+0xa3/0x120 [ 758.616653][ T9816] do_syscall_64+0xf7/0x1c0 [ 758.621177][ T9816] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 758.627079][ T9816] RIP: 0033:0x45a4a7 16:50:59 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000040008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 758.630977][ T9816] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 758.650699][ T9816] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 758.659129][ T9816] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 758.667132][ T9816] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 758.675111][ T9816] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 758.675117][ T9816] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 758.675122][ T9816] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:50:59 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd20000150000100070c10000000000000000000", 0x58}], 0x1) 16:50:59 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000140008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:50:59 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc009effffff00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:00 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x15, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:00 executing program 0 (fault-call:0 fault-nth:20): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 759.130230][ T9952] FAULT_INJECTION: forcing a failure. [ 759.130230][ T9952] name failslab, interval 1, probability 0, space 0, times 0 [ 759.151916][ T9952] CPU: 1 PID: 9952 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 759.160617][ T9952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 759.170820][ T9952] Call Trace: [ 759.174129][ T9952] dump_stack+0x1fb/0x318 [ 759.178466][ T9952] should_fail+0x555/0x770 [ 759.182911][ T9952] __should_failslab+0x11a/0x160 [ 759.188031][ T9952] ? __kernfs_new_node+0x97/0x6b0 [ 759.193063][ T9952] should_failslab+0x9/0x20 [ 759.197565][ T9952] kmem_cache_alloc+0x56/0x2e0 [ 759.202412][ T9952] __kernfs_new_node+0x97/0x6b0 [ 759.207275][ T9952] ? mutex_unlock+0xd/0x10 [ 759.211687][ T9952] ? kernfs_activate+0x4c7/0x4e0 [ 759.216716][ T9952] kernfs_new_node+0x97/0x170 [ 759.221399][ T9952] __kernfs_create_file+0x4a/0x2f0 [ 759.226510][ T9952] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 759.231883][ T9952] internal_create_group+0x4be/0xd80 [ 759.237180][ T9952] sysfs_create_group+0x1f/0x30 [ 759.242144][ T9952] loop_set_fd+0xf54/0x1470 [ 759.246660][ T9952] lo_ioctl+0xd5/0x2200 [ 759.250815][ T9952] ? __kasan_slab_free+0x12a/0x1e0 [ 759.255920][ T9952] ? kasan_slab_free+0xe/0x10 [ 759.260593][ T9952] ? kfree+0x115/0x200 [ 759.264708][ T9952] ? tomoyo_path_number_perm+0x4e1/0x640 [ 759.270338][ T9952] ? tomoyo_file_ioctl+0x23/0x30 [ 759.275268][ T9952] ? security_file_ioctl+0x6d/0xd0 [ 759.280389][ T9952] ? __x64_sys_ioctl+0xa3/0x120 [ 759.285233][ T9952] ? do_syscall_64+0xf7/0x1c0 [ 759.289911][ T9952] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 759.295980][ T9952] ? debug_check_no_obj_freed+0x505/0x5b0 [ 759.301715][ T9952] ? rcu_lock_release+0x9/0x30 [ 759.306479][ T9952] ? rcu_lock_release+0x9/0x30 [ 759.311238][ T9952] ? lo_release+0x1f0/0x1f0 [ 759.315786][ T9952] blkdev_ioctl+0x807/0x2980 [ 759.320379][ T9952] ? tomoyo_path_number_perm+0x53e/0x640 [ 759.326082][ T9952] block_ioctl+0xbd/0x100 [ 759.330416][ T9952] ? blkdev_iopoll+0x100/0x100 [ 759.335184][ T9952] do_vfs_ioctl+0x744/0x1730 [ 759.339776][ T9952] ? __fget+0x4d1/0x510 [ 759.343941][ T9952] ? tomoyo_file_ioctl+0x23/0x30 [ 759.348879][ T9952] ? security_file_ioctl+0xa1/0xd0 [ 759.353991][ T9952] __x64_sys_ioctl+0xe3/0x120 [ 759.358672][ T9952] do_syscall_64+0xf7/0x1c0 [ 759.363174][ T9952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 759.369064][ T9952] RIP: 0033:0x45a4a7 [ 759.372955][ T9952] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 759.392557][ T9952] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 759.400965][ T9952] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 759.408931][ T9952] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 759.416898][ T9952] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 759.424866][ T9952] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 759.432835][ T9952] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 759.450291][ T9818] device nr0 entered promiscuous mode [ 759.521737][ T9818] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 759.531907][ T9818] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 759.555716][ T9818] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 759.570664][ T9818] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:00 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r13 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r13, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r14 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r14, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r16 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r16, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r16, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r17 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r17, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r18, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r15], @ANYRESDEC=r17, @ANYRESDEC=r16, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000060008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:00 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00020010000100070c10000000000000000000", 0x58}], 0x1) 16:51:00 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00efffffff00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:00 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x16, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:01 executing program 0 (fault-call:0 fault-nth:21): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 760.001837][T10063] FAULT_INJECTION: forcing a failure. [ 760.001837][T10063] name failslab, interval 1, probability 0, space 0, times 0 [ 760.015147][T10063] CPU: 1 PID: 10063 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 760.023834][T10063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 760.033898][T10063] Call Trace: [ 760.037262][T10063] dump_stack+0x1fb/0x318 [ 760.041612][T10063] should_fail+0x555/0x770 [ 760.046198][T10063] __should_failslab+0x11a/0x160 16:51:01 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00040010000100070c10000000000000000000", 0x58}], 0x1) [ 760.051157][T10063] ? radix_tree_node_alloc+0x1a1/0x370 [ 760.056735][T10063] should_failslab+0x9/0x20 [ 760.061401][T10063] kmem_cache_alloc+0x56/0x2e0 [ 760.066179][T10063] ? radix_tree_node_alloc+0x1a1/0x370 [ 760.071723][T10063] radix_tree_node_alloc+0x1a1/0x370 [ 760.077049][T10063] idr_get_free+0x2b8/0x8c0 [ 760.081593][T10063] idr_alloc_cyclic+0x18b/0x550 [ 760.086498][T10063] __kernfs_new_node+0x124/0x6b0 [ 760.091470][T10063] ? bd_set_size+0x97/0xb0 [ 760.095915][T10063] kernfs_create_dir_ns+0x9b/0x230 16:51:01 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00f0ffffff00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 760.101042][T10063] internal_create_group+0x207/0xd80 [ 760.106360][T10063] sysfs_create_group+0x1f/0x30 [ 760.111404][T10063] loop_set_fd+0xf54/0x1470 [ 760.115946][T10063] lo_ioctl+0xd5/0x2200 [ 760.120356][T10063] ? __kasan_slab_free+0x12a/0x1e0 [ 760.125484][T10063] ? kasan_slab_free+0xe/0x10 [ 760.130292][T10063] ? kfree+0x115/0x200 [ 760.134371][T10063] ? tomoyo_path_number_perm+0x4e1/0x640 [ 760.140014][T10063] ? tomoyo_file_ioctl+0x23/0x30 [ 760.145265][T10063] ? security_file_ioctl+0x6d/0xd0 [ 760.150579][T10063] ? __x64_sys_ioctl+0xa3/0x120 [ 760.155457][T10063] ? do_syscall_64+0xf7/0x1c0 [ 760.160153][T10063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.166416][T10063] ? debug_check_no_obj_freed+0x505/0x5b0 [ 760.172250][T10063] ? rcu_lock_release+0x9/0x30 [ 760.177024][T10063] ? rcu_lock_release+0x9/0x30 [ 760.181803][T10063] ? lo_release+0x1f0/0x1f0 [ 760.186302][T10063] blkdev_ioctl+0x807/0x2980 [ 760.190889][T10063] ? tomoyo_path_number_perm+0x53e/0x640 [ 760.196536][T10063] block_ioctl+0xbd/0x100 [ 760.200901][T10063] ? blkdev_iopoll+0x100/0x100 [ 760.205664][T10063] do_vfs_ioctl+0x744/0x1730 [ 760.210245][T10063] ? __fget+0x4d1/0x510 [ 760.214404][T10063] ? tomoyo_file_ioctl+0x23/0x30 [ 760.219337][T10063] ? security_file_ioctl+0xa1/0xd0 [ 760.224444][T10063] __x64_sys_ioctl+0xe3/0x120 [ 760.229117][T10063] do_syscall_64+0xf7/0x1c0 [ 760.233617][T10063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.239499][T10063] RIP: 0033:0x45a4a7 [ 760.243393][T10063] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 760.262987][T10063] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 760.271409][T10063] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 760.279385][T10063] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 760.287349][T10063] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 760.295309][T10063] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 16:51:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006766008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 760.303272][T10063] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:01 executing program 0 (fault-call:0 fault-nth:22): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000506a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:01 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000a0010000100070c10000000000000000000", 0x58}], 0x1) [ 760.624545][T10191] FAULT_INJECTION: forcing a failure. [ 760.624545][T10191] name failslab, interval 1, probability 0, space 0, times 0 [ 760.654346][T10191] CPU: 0 PID: 10191 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 760.663193][T10191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 760.673255][T10191] Call Trace: [ 760.673280][T10191] dump_stack+0x1fb/0x318 [ 760.673299][T10191] should_fail+0x555/0x770 [ 760.673319][T10191] __should_failslab+0x11a/0x160 [ 760.673339][T10191] ? __kernfs_new_node+0x97/0x6b0 [ 760.695303][T10191] should_failslab+0x9/0x20 [ 760.695315][T10191] kmem_cache_alloc+0x56/0x2e0 [ 760.695331][T10191] __kernfs_new_node+0x97/0x6b0 [ 760.695347][T10191] ? __kasan_check_write+0x14/0x20 [ 760.695363][T10191] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 760.714705][T10191] kernfs_new_node+0x97/0x170 [ 760.714720][T10191] __kernfs_create_file+0x4a/0x2f0 [ 760.714733][T10191] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 760.714749][T10191] internal_create_group+0x4be/0xd80 [ 760.725397][T10191] sysfs_create_group+0x1f/0x30 [ 760.725411][T10191] loop_set_fd+0xf54/0x1470 [ 760.725431][T10191] lo_ioctl+0xd5/0x2200 [ 760.735888][T10191] ? __kasan_slab_free+0x12a/0x1e0 [ 760.735895][T10191] ? kasan_slab_free+0xe/0x10 [ 760.735905][T10191] ? kfree+0x115/0x200 [ 760.735915][T10191] ? tomoyo_path_number_perm+0x4e1/0x640 [ 760.735924][T10191] ? tomoyo_file_ioctl+0x23/0x30 [ 760.735937][T10191] ? security_file_ioctl+0x6d/0xd0 [ 760.746045][T10191] ? __x64_sys_ioctl+0xa3/0x120 [ 760.746058][T10191] ? do_syscall_64+0xf7/0x1c0 [ 760.746070][T10191] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.746085][T10191] ? debug_check_no_obj_freed+0x505/0x5b0 [ 760.746110][T10191] ? rcu_lock_release+0x9/0x30 [ 760.754738][T10191] ? rcu_lock_release+0x9/0x30 [ 760.754751][T10191] ? lo_release+0x1f0/0x1f0 [ 760.754761][T10191] blkdev_ioctl+0x807/0x2980 [ 760.754774][T10191] ? tomoyo_path_number_perm+0x53e/0x640 [ 760.754804][T10191] block_ioctl+0xbd/0x100 [ 760.764545][T10191] ? blkdev_iopoll+0x100/0x100 [ 760.764559][T10191] do_vfs_ioctl+0x744/0x1730 [ 760.764569][T10191] ? __fget+0x4d1/0x510 [ 760.764585][T10191] ? tomoyo_file_ioctl+0x23/0x30 [ 760.764599][T10191] ? security_file_ioctl+0xa1/0xd0 [ 760.774265][T10191] __x64_sys_ioctl+0xe3/0x120 [ 760.774283][T10191] do_syscall_64+0xf7/0x1c0 [ 760.774298][T10191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.774310][T10191] RIP: 0033:0x45a4a7 [ 760.784323][T10191] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 760.784329][T10191] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 760.784338][T10191] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 760.784343][T10191] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 760.784349][T10191] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 760.784355][T10191] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 760.784360][T10191] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 760.821081][T10196] device nr0 entered promiscuous mode [ 760.906243][T10072] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 760.940137][T10072] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 761.004450][T10072] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 761.028934][T10072] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:02 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r13 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r13, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r14 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r14, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r16 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r16, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r16, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r17 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r17, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r18, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r15], @ANYRESDEC=r17, @ANYRESDEC=r16, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:02 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000e285008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:02 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000002000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:02 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0x17, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:02 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000f0010000100070c10000000000000000000", 0x58}], 0x1) 16:51:02 executing program 0 (fault-call:0 fault-nth:23): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 761.521675][T10217] FAULT_INJECTION: forcing a failure. [ 761.521675][T10217] name failslab, interval 1, probability 0, space 0, times 0 [ 761.534742][T10217] CPU: 1 PID: 10217 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 761.543443][T10217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 761.553520][T10217] Call Trace: [ 761.556835][T10217] dump_stack+0x1fb/0x318 [ 761.561189][T10217] should_fail+0x555/0x770 [ 761.565642][T10217] __should_failslab+0x11a/0x160 [ 761.570590][T10217] ? radix_tree_node_alloc+0x1a1/0x370 [ 761.576059][T10217] should_failslab+0x9/0x20 [ 761.580552][T10217] kmem_cache_alloc+0x56/0x2e0 [ 761.585316][T10217] radix_tree_node_alloc+0x1a1/0x370 [ 761.590606][T10217] idr_get_free+0x2b8/0x8c0 [ 761.595115][T10217] idr_alloc_cyclic+0x18b/0x550 [ 761.599977][T10217] __kernfs_new_node+0x124/0x6b0 [ 761.604919][T10217] ? bd_set_size+0x97/0xb0 [ 761.609340][T10217] kernfs_create_dir_ns+0x9b/0x230 [ 761.614450][T10217] internal_create_group+0x207/0xd80 [ 761.619764][T10217] sysfs_create_group+0x1f/0x30 [ 761.624621][T10217] loop_set_fd+0xf54/0x1470 [ 761.629140][T10217] lo_ioctl+0xd5/0x2200 [ 761.633303][T10217] ? __kasan_slab_free+0x12a/0x1e0 [ 761.638505][T10217] ? kasan_slab_free+0xe/0x10 [ 761.643337][T10217] ? kfree+0x115/0x200 [ 761.647505][T10217] ? tomoyo_path_number_perm+0x4e1/0x640 [ 761.653142][T10217] ? tomoyo_file_ioctl+0x23/0x30 [ 761.658081][T10217] ? security_file_ioctl+0x6d/0xd0 [ 761.663191][T10217] ? __x64_sys_ioctl+0xa3/0x120 [ 761.668035][T10217] ? do_syscall_64+0xf7/0x1c0 [ 761.672706][T10217] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 761.678793][T10217] ? debug_check_no_obj_freed+0x505/0x5b0 [ 761.684521][T10217] ? rcu_lock_release+0x9/0x30 [ 761.689291][T10217] ? rcu_lock_release+0x9/0x30 [ 761.694053][T10217] ? lo_release+0x1f0/0x1f0 [ 761.698548][T10217] blkdev_ioctl+0x807/0x2980 [ 761.703137][T10217] ? tomoyo_path_number_perm+0x53e/0x640 [ 761.708781][T10217] block_ioctl+0xbd/0x100 [ 761.713117][T10217] ? blkdev_iopoll+0x100/0x100 [ 761.717875][T10217] do_vfs_ioctl+0x744/0x1730 [ 761.722461][T10217] ? __fget+0x4d1/0x510 [ 761.726619][T10217] ? tomoyo_file_ioctl+0x23/0x30 [ 761.731558][T10217] ? security_file_ioctl+0xa1/0xd0 [ 761.736668][T10217] __x64_sys_ioctl+0xe3/0x120 [ 761.741379][T10217] do_syscall_64+0xf7/0x1c0 [ 761.745886][T10217] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 761.751772][T10217] RIP: 0033:0x45a4a7 [ 761.755667][T10217] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 761.775271][T10217] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 761.783682][T10217] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 761.791649][T10217] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 761.799613][T10217] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 761.807581][T10217] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 16:51:02 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000ffffff9e008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:02 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00600010000100070c10000000000000000000", 0x58}], 0x1) 16:51:02 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000004000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 761.815546][T10217] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:03 executing program 0 (fault-call:0 fault-nth:24): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:03 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00400110000100070c10000000000000000000", 0x58}], 0x1) 16:51:03 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000ec0008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 762.138787][T10344] FAULT_INJECTION: forcing a failure. [ 762.138787][T10344] name failslab, interval 1, probability 0, space 0, times 0 [ 762.151742][T10344] CPU: 0 PID: 10344 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 762.160773][T10344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 762.170838][T10344] Call Trace: [ 762.174153][T10344] dump_stack+0x1fb/0x318 [ 762.178508][T10344] should_fail+0x555/0x770 [ 762.182950][T10344] __should_failslab+0x11a/0x160 [ 762.187908][T10344] ? radix_tree_node_alloc+0x1a1/0x370 [ 762.193461][T10344] should_failslab+0x9/0x20 [ 762.197958][T10344] kmem_cache_alloc+0x56/0x2e0 [ 762.202920][T10344] ? radix_tree_node_alloc+0x1a1/0x370 [ 762.208384][T10344] radix_tree_node_alloc+0x1a1/0x370 [ 762.213672][T10344] idr_get_free+0x2b8/0x8c0 [ 762.218179][T10344] idr_alloc_cyclic+0x18b/0x550 [ 762.223038][T10344] __kernfs_new_node+0x124/0x6b0 [ 762.227964][T10344] ? bd_set_size+0x97/0xb0 [ 762.232365][T10344] kernfs_create_dir_ns+0x9b/0x230 [ 762.237464][T10344] internal_create_group+0x207/0xd80 [ 762.242764][T10344] sysfs_create_group+0x1f/0x30 [ 762.247599][T10344] loop_set_fd+0xf54/0x1470 [ 762.252087][T10344] lo_ioctl+0xd5/0x2200 [ 762.256226][T10344] ? __kasan_slab_free+0x12a/0x1e0 [ 762.261312][T10344] ? kasan_slab_free+0xe/0x10 [ 762.265993][T10344] ? kfree+0x115/0x200 [ 762.270042][T10344] ? tomoyo_path_number_perm+0x4e1/0x640 [ 762.275649][T10344] ? tomoyo_file_ioctl+0x23/0x30 [ 762.280566][T10344] ? security_file_ioctl+0x6d/0xd0 [ 762.285656][T10344] ? __x64_sys_ioctl+0xa3/0x120 [ 762.290485][T10344] ? do_syscall_64+0xf7/0x1c0 [ 762.295168][T10344] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 762.301242][T10344] ? debug_check_no_obj_freed+0x505/0x5b0 [ 762.306949][T10344] ? rcu_lock_release+0x9/0x30 [ 762.311692][T10344] ? rcu_lock_release+0x9/0x30 [ 762.316436][T10344] ? lo_release+0x1f0/0x1f0 [ 762.320920][T10344] blkdev_ioctl+0x807/0x2980 [ 762.325618][T10344] ? tomoyo_path_number_perm+0x53e/0x640 [ 762.331262][T10344] block_ioctl+0xbd/0x100 [ 762.335590][T10344] ? blkdev_iopoll+0x100/0x100 [ 762.340375][T10344] do_vfs_ioctl+0x744/0x1730 [ 762.344956][T10344] ? __fget+0x4d1/0x510 [ 762.349239][T10344] ? tomoyo_file_ioctl+0x23/0x30 [ 762.354162][T10344] ? security_file_ioctl+0xa1/0xd0 [ 762.359260][T10344] __x64_sys_ioctl+0xe3/0x120 [ 762.363926][T10344] do_syscall_64+0xf7/0x1c0 [ 762.368414][T10344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 762.374287][T10344] RIP: 0033:0x45a4a7 [ 762.378191][T10344] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 762.397881][T10344] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 762.406304][T10344] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 762.414258][T10344] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 762.422216][T10344] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 762.430170][T10344] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 762.438127][T10344] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 762.620662][T10242] device nr0 entered promiscuous mode [ 762.672788][T10339] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 762.681483][T10339] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 762.700142][T10242] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 762.718644][T10242] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:04 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r13 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r13, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r14 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r14, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r16 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r16, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r16, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r17 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r17, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r18, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r15], @ANYRESDEC=r17, @ANYRESDEC=r16, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000049dc008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:04 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000a000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:04 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0x5, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:04 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00d40210000100070c10000000000000000000", 0x58}], 0x1) 16:51:04 executing program 0 (fault-call:0 fault-nth:25): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000ffffffef008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:04 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000a10000100070c10000000000000000000", 0x58}], 0x1) [ 763.197329][T10370] FAULT_INJECTION: forcing a failure. [ 763.197329][T10370] name failslab, interval 1, probability 0, space 0, times 0 [ 763.254404][T10370] CPU: 1 PID: 10370 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 763.263137][T10370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 763.273214][T10370] Call Trace: [ 763.276527][T10370] dump_stack+0x1fb/0x318 [ 763.281026][T10370] should_fail+0x555/0x770 [ 763.285449][T10370] __should_failslab+0x11a/0x160 [ 763.290387][T10370] ? __kernfs_new_node+0x97/0x6b0 [ 763.295571][T10370] should_failslab+0x9/0x20 [ 763.300071][T10370] kmem_cache_alloc+0x56/0x2e0 [ 763.304834][T10370] __kernfs_new_node+0x97/0x6b0 [ 763.309701][T10370] ? __kasan_check_write+0x14/0x20 [ 763.314811][T10370] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 763.320584][T10370] kernfs_new_node+0x97/0x170 [ 763.325258][T10370] __kernfs_create_file+0x4a/0x2f0 [ 763.330369][T10370] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 763.335922][T10370] internal_create_group+0x4be/0xd80 [ 763.341447][T10370] sysfs_create_group+0x1f/0x30 [ 763.346297][T10370] loop_set_fd+0xf54/0x1470 [ 763.350798][T10370] lo_ioctl+0xd5/0x2200 [ 763.354972][T10370] ? __kasan_slab_free+0x12a/0x1e0 [ 763.360079][T10370] ? kasan_slab_free+0xe/0x10 [ 763.364754][T10370] ? kfree+0x115/0x200 [ 763.368869][T10370] ? tomoyo_path_number_perm+0x4e1/0x640 [ 763.374581][T10370] ? tomoyo_file_ioctl+0x23/0x30 [ 763.379544][T10370] ? security_file_ioctl+0x6d/0xd0 [ 763.384651][T10370] ? __x64_sys_ioctl+0xa3/0x120 [ 763.389495][T10370] ? do_syscall_64+0xf7/0x1c0 [ 763.394167][T10370] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 763.400243][T10370] ? debug_check_no_obj_freed+0x505/0x5b0 [ 763.405963][T10370] ? rcu_lock_release+0x9/0x30 [ 763.410716][T10370] ? rcu_lock_release+0x9/0x30 [ 763.415535][T10370] ? lo_release+0x1f0/0x1f0 [ 763.420053][T10370] blkdev_ioctl+0x807/0x2980 [ 763.424636][T10370] ? tomoyo_path_number_perm+0x53e/0x640 [ 763.430270][T10370] block_ioctl+0xbd/0x100 [ 763.434594][T10370] ? blkdev_iopoll+0x100/0x100 [ 763.439380][T10370] do_vfs_ioctl+0x744/0x1730 [ 763.443955][T10370] ? __fget+0x4d1/0x510 [ 763.448098][T10370] ? tomoyo_file_ioctl+0x23/0x30 [ 763.453020][T10370] ? security_file_ioctl+0xa1/0xd0 [ 763.458119][T10370] __x64_sys_ioctl+0xe3/0x120 [ 763.462785][T10370] do_syscall_64+0xf7/0x1c0 [ 763.467283][T10370] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 763.473161][T10370] RIP: 0033:0x45a4a7 [ 763.477049][T10370] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 763.496852][T10370] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 16:51:04 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000f000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 763.505352][T10370] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 763.513333][T10370] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 763.521298][T10370] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 763.529291][T10370] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 763.537299][T10370] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:04 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe80, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000fffffff0008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:04 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000060000000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 764.055549][T10373] device nr0 entered promiscuous mode [ 764.106448][T10373] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 764.116350][T10373] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 764.129065][T10373] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 764.137517][T10373] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:05 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, 0x0, 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:05 executing program 0 (fault-call:0 fault-nth:26): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:05 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000ffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:05 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00c00e10000100070c10000000000000000000", 0x58}], 0x1) 16:51:05 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0x2000114e, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:05 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000040010000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 764.537158][T10615] FAULT_INJECTION: forcing a failure. [ 764.537158][T10615] name failslab, interval 1, probability 0, space 0, times 0 [ 764.556555][T10615] CPU: 1 PID: 10615 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 764.565257][T10615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 764.575318][T10615] Call Trace: [ 764.578611][T10615] dump_stack+0x1fb/0x318 [ 764.582945][T10615] should_fail+0x555/0x770 [ 764.587366][T10615] __should_failslab+0x11a/0x160 [ 764.592294][T10615] ? __kernfs_new_node+0x97/0x6b0 [ 764.597305][T10615] should_failslab+0x9/0x20 [ 764.601804][T10615] kmem_cache_alloc+0x56/0x2e0 [ 764.606559][T10615] __kernfs_new_node+0x97/0x6b0 [ 764.611401][T10615] ? __kasan_check_write+0x14/0x20 [ 764.616503][T10615] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 764.622136][T10615] kernfs_new_node+0x97/0x170 [ 764.626808][T10615] __kernfs_create_file+0x4a/0x2f0 [ 764.631910][T10615] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 764.637293][T10615] internal_create_group+0x4be/0xd80 [ 764.642571][T10615] sysfs_create_group+0x1f/0x30 [ 764.647431][T10615] loop_set_fd+0xf54/0x1470 [ 764.651929][T10615] lo_ioctl+0xd5/0x2200 [ 764.656072][T10615] ? __kasan_slab_free+0x12a/0x1e0 [ 764.661170][T10615] ? kasan_slab_free+0xe/0x10 [ 764.665830][T10615] ? kfree+0x115/0x200 [ 764.669887][T10615] ? tomoyo_path_number_perm+0x4e1/0x640 [ 764.675502][T10615] ? tomoyo_file_ioctl+0x23/0x30 [ 764.680425][T10615] ? security_file_ioctl+0x6d/0xd0 [ 764.685523][T10615] ? __x64_sys_ioctl+0xa3/0x120 [ 764.690357][T10615] ? do_syscall_64+0xf7/0x1c0 [ 764.695023][T10615] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 764.701082][T10615] ? debug_check_no_obj_freed+0x505/0x5b0 [ 764.706805][T10615] ? rcu_lock_release+0x9/0x30 [ 764.711567][T10615] ? rcu_lock_release+0x9/0x30 [ 764.716317][T10615] ? lo_release+0x1f0/0x1f0 [ 764.720812][T10615] blkdev_ioctl+0x807/0x2980 [ 764.725390][T10615] ? tomoyo_path_number_perm+0x53e/0x640 [ 764.731028][T10615] block_ioctl+0xbd/0x100 [ 764.735340][T10615] ? blkdev_iopoll+0x100/0x100 [ 764.740090][T10615] do_vfs_ioctl+0x744/0x1730 [ 764.744665][T10615] ? __fget+0x4d1/0x510 [ 764.748816][T10615] ? tomoyo_file_ioctl+0x23/0x30 [ 764.753740][T10615] ? security_file_ioctl+0xa1/0xd0 [ 764.758837][T10615] __x64_sys_ioctl+0xe3/0x120 [ 764.763503][T10615] do_syscall_64+0xf7/0x1c0 [ 764.767997][T10615] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 764.773872][T10615] RIP: 0033:0x45a4a7 [ 764.777754][T10615] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 764.797345][T10615] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 764.805743][T10615] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 764.813698][T10615] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 764.821652][T10615] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 764.829609][T10615] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 16:51:05 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00009effffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 764.837565][T10615] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:06 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000f10000100070c10000000000000000000", 0x58}], 0x1) 16:51:06 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00004c030000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000efffffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:06 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00001f10000100070c10000000000000000000", 0x58}], 0x1) 16:51:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000f0ffffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 765.382139][T10625] device nr0 entered promiscuous mode [ 765.440966][T10625] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 765.450260][T10625] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 765.464014][T10625] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 765.472362][T10625] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:06 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, 0x0, 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:06 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:06 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000a0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:06 executing program 0 (fault-call:0 fault-nth:27): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:06 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00002010000100070c10000000000000000000", 0x58}], 0x1) 16:51:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000020000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 765.889746][T10779] FAULT_INJECTION: forcing a failure. [ 765.889746][T10779] name failslab, interval 1, probability 0, space 0, times 0 [ 765.902618][T10779] CPU: 1 PID: 10779 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 765.911296][T10779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 765.921349][T10779] Call Trace: [ 765.924650][T10779] dump_stack+0x1fb/0x318 [ 765.928992][T10779] should_fail+0x555/0x770 [ 765.933433][T10779] __should_failslab+0x11a/0x160 [ 765.938378][T10779] ? __kernfs_new_node+0x97/0x6b0 [ 765.943498][T10779] should_failslab+0x9/0x20 [ 765.948003][T10779] kmem_cache_alloc+0x56/0x2e0 [ 765.952767][T10779] __kernfs_new_node+0x97/0x6b0 [ 765.957629][T10779] ? mutex_unlock+0xd/0x10 [ 765.962388][T10779] ? kernfs_activate+0x4c7/0x4e0 [ 765.967324][T10779] kernfs_new_node+0x97/0x170 [ 765.972109][T10779] __kernfs_create_file+0x4a/0x2f0 [ 765.977224][T10779] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 765.982609][T10779] internal_create_group+0x4be/0xd80 [ 765.987901][T10779] sysfs_create_group+0x1f/0x30 [ 765.992742][T10779] loop_set_fd+0xf54/0x1470 [ 765.997270][T10779] lo_ioctl+0xd5/0x2200 [ 766.001424][T10779] ? __kasan_slab_free+0x12a/0x1e0 [ 766.006531][T10779] ? kasan_slab_free+0xe/0x10 [ 766.011214][T10779] ? kfree+0x115/0x200 [ 766.015273][T10779] ? tomoyo_path_number_perm+0x4e1/0x640 [ 766.020894][T10779] ? tomoyo_file_ioctl+0x23/0x30 [ 766.025814][T10779] ? security_file_ioctl+0x6d/0xd0 [ 766.030910][T10779] ? __x64_sys_ioctl+0xa3/0x120 [ 766.035749][T10779] ? do_syscall_64+0xf7/0x1c0 [ 766.040414][T10779] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 766.046470][T10779] ? debug_check_no_obj_freed+0x505/0x5b0 [ 766.052192][T10779] ? rcu_lock_release+0x9/0x30 [ 766.056970][T10779] ? rcu_lock_release+0x9/0x30 [ 766.061725][T10779] ? lo_release+0x1f0/0x1f0 [ 766.066224][T10779] blkdev_ioctl+0x807/0x2980 [ 766.070804][T10779] ? tomoyo_path_number_perm+0x53e/0x640 [ 766.076445][T10779] block_ioctl+0xbd/0x100 [ 766.080758][T10779] ? blkdev_iopoll+0x100/0x100 [ 766.085509][T10779] do_vfs_ioctl+0x744/0x1730 [ 766.090083][T10779] ? __fget+0x4d1/0x510 [ 766.094233][T10779] ? tomoyo_file_ioctl+0x23/0x30 [ 766.099153][T10779] ? security_file_ioctl+0xa1/0xd0 [ 766.104256][T10779] __x64_sys_ioctl+0xe3/0x120 [ 766.108936][T10779] do_syscall_64+0xf7/0x1c0 [ 766.113428][T10779] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 766.119321][T10779] RIP: 0033:0x45a4a7 [ 766.123216][T10779] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 766.142819][T10779] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 766.151224][T10779] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 766.159320][T10779] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 766.167291][T10779] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 766.175266][T10779] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 766.183237][T10779] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:07 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00004010000100070c10000000000000000000", 0x58}], 0x1) 16:51:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000040000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:07 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000c00e0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:07 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x2, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:07 executing program 0 (fault-call:0 fault-nth:28): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000a0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 766.528055][T10784] device nr0 entered promiscuous mode [ 766.577767][T10916] FAULT_INJECTION: forcing a failure. [ 766.577767][T10916] name failslab, interval 1, probability 0, space 0, times 0 [ 766.615054][T10784] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 766.623194][T10916] CPU: 1 PID: 10916 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 766.632053][T10916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 766.637423][T10784] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 766.642107][T10916] Call Trace: [ 766.642133][T10916] dump_stack+0x1fb/0x318 [ 766.642154][T10916] should_fail+0x555/0x770 [ 766.642175][T10916] __should_failslab+0x11a/0x160 [ 766.642197][T10916] ? __kernfs_new_node+0x97/0x6b0 [ 766.673340][T10916] should_failslab+0x9/0x20 [ 766.677837][T10916] kmem_cache_alloc+0x56/0x2e0 [ 766.687308][T10916] __kernfs_new_node+0x97/0x6b0 [ 766.692169][T10916] ? mutex_unlock+0xd/0x10 [ 766.696578][T10916] ? kernfs_activate+0x4c7/0x4e0 [ 766.698984][T10784] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 766.701511][T10916] kernfs_new_node+0x97/0x170 [ 766.701526][T10916] __kernfs_create_file+0x4a/0x2f0 [ 766.701540][T10916] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 766.724874][T10916] internal_create_group+0x4be/0xd80 [ 766.730164][T10916] sysfs_create_group+0x1f/0x30 [ 766.735007][T10916] loop_set_fd+0xf54/0x1470 [ 766.738629][T10784] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 766.739518][T10916] lo_ioctl+0xd5/0x2200 [ 766.752851][T10916] ? __kasan_slab_free+0x12a/0x1e0 [ 766.757964][T10916] ? kasan_slab_free+0xe/0x10 [ 766.762644][T10916] ? kfree+0x115/0x200 [ 766.766707][T10916] ? tomoyo_path_number_perm+0x4e1/0x640 [ 766.772328][T10916] ? tomoyo_file_ioctl+0x23/0x30 [ 766.777271][T10916] ? security_file_ioctl+0x6d/0xd0 [ 766.782377][T10916] ? __x64_sys_ioctl+0xa3/0x120 [ 766.787217][T10916] ? do_syscall_64+0xf7/0x1c0 [ 766.787229][T10916] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 766.787246][T10916] ? debug_check_no_obj_freed+0x505/0x5b0 [ 766.787272][T10916] ? rcu_lock_release+0x9/0x30 [ 766.797981][T10916] ? rcu_lock_release+0x9/0x30 [ 766.797994][T10916] ? lo_release+0x1f0/0x1f0 [ 766.798004][T10916] blkdev_ioctl+0x807/0x2980 [ 766.798017][T10916] ? tomoyo_path_number_perm+0x53e/0x640 [ 766.798049][T10916] block_ioctl+0xbd/0x100 [ 766.832188][T10916] ? blkdev_iopoll+0x100/0x100 [ 766.836957][T10916] do_vfs_ioctl+0x744/0x1730 [ 766.841539][T10916] ? __fget+0x4d1/0x510 [ 766.845695][T10916] ? tomoyo_file_ioctl+0x23/0x30 [ 766.850625][T10916] ? security_file_ioctl+0xa1/0xd0 [ 766.855744][T10916] __x64_sys_ioctl+0xe3/0x120 [ 766.860433][T10916] do_syscall_64+0xf7/0x1c0 [ 766.864945][T10916] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 766.870838][T10916] RIP: 0033:0x45a4a7 [ 766.874723][T10916] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 766.874730][T10916] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 766.874739][T10916] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 766.874748][T10916] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 766.910683][T10916] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 766.910689][T10916] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 766.910695][T10916] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:08 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, 0x0, 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:08 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:08 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00014010000100070c10000000000000000000", 0x58}], 0x1) 16:51:08 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xe, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:08 executing program 0 (fault-call:0 fault-nth:29): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 767.340567][T11042] FAULT_INJECTION: forcing a failure. [ 767.340567][T11042] name failslab, interval 1, probability 0, space 0, times 0 [ 767.367786][T11042] CPU: 0 PID: 11042 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 767.376518][T11042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 767.386844][T11042] Call Trace: 16:51:08 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00dc4910000100070c10000000000000000000", 0x58}], 0x1) [ 767.390167][T11042] dump_stack+0x1fb/0x318 [ 767.394580][T11042] should_fail+0x555/0x770 [ 767.399064][T11042] __should_failslab+0x11a/0x160 [ 767.404134][T11042] ? __kernfs_new_node+0x97/0x6b0 [ 767.409353][T11042] should_failslab+0x9/0x20 [ 767.415679][T11042] kmem_cache_alloc+0x56/0x2e0 [ 767.420474][T11042] __kernfs_new_node+0x97/0x6b0 [ 767.425360][T11042] ? mutex_unlock+0xd/0x10 [ 767.429810][T11042] ? kernfs_activate+0x4c7/0x4e0 [ 767.434776][T11042] kernfs_new_node+0x97/0x170 [ 767.439606][T11042] __kernfs_create_file+0x4a/0x2f0 [ 767.444749][T11042] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 767.450158][T11042] internal_create_group+0x4be/0xd80 [ 767.455481][T11042] sysfs_create_group+0x1f/0x30 [ 767.460459][T11042] loop_set_fd+0xf54/0x1470 [ 767.464993][T11042] lo_ioctl+0xd5/0x2200 [ 767.470156][T11042] ? __kasan_slab_free+0x12a/0x1e0 [ 767.475266][T11042] ? kasan_slab_free+0xe/0x10 [ 767.479937][T11042] ? kfree+0x115/0x200 [ 767.484001][T11042] ? tomoyo_path_number_perm+0x4e1/0x640 [ 767.489621][T11042] ? tomoyo_file_ioctl+0x23/0x30 [ 767.494551][T11042] ? security_file_ioctl+0x6d/0xd0 [ 767.499707][T11042] ? __x64_sys_ioctl+0xa3/0x120 [ 767.504563][T11042] ? do_syscall_64+0xf7/0x1c0 [ 767.509254][T11042] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 767.515357][T11042] ? debug_check_no_obj_freed+0x505/0x5b0 [ 767.521102][T11042] ? rcu_lock_release+0x9/0x30 [ 767.525869][T11042] ? rcu_lock_release+0x9/0x30 [ 767.530650][T11042] ? lo_release+0x1f0/0x1f0 [ 767.535148][T11042] blkdev_ioctl+0x807/0x2980 [ 767.539915][T11042] ? tomoyo_path_number_perm+0x53e/0x640 [ 767.545594][T11042] block_ioctl+0xbd/0x100 [ 767.549932][T11042] ? blkdev_iopoll+0x100/0x100 [ 767.554720][T11042] do_vfs_ioctl+0x744/0x1730 [ 767.559450][T11042] ? __fget+0x4d1/0x510 [ 767.563610][T11042] ? tomoyo_file_ioctl+0x23/0x30 [ 767.568538][T11042] ? security_file_ioctl+0xa1/0xd0 [ 767.573641][T11042] __x64_sys_ioctl+0xe3/0x120 [ 767.578311][T11042] do_syscall_64+0xf7/0x1c0 [ 767.582831][T11042] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 767.588710][T11042] RIP: 0033:0x45a4a7 [ 767.592597][T11042] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 767.612214][T11042] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 767.620744][T11042] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 767.629295][T11042] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 16:51:08 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000001f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 767.637523][T11042] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 767.645516][T11042] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 767.653860][T11042] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000600000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:08 executing program 0 (fault-call:0 fault-nth:30): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:08 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000200000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:09 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd006a5010000100070c10000000000000000000", 0x58}], 0x1) [ 768.010789][T11130] device nr0 entered promiscuous mode [ 768.058497][T11180] FAULT_INJECTION: forcing a failure. [ 768.058497][T11180] name failslab, interval 1, probability 0, space 0, times 0 [ 768.093248][T11180] CPU: 1 PID: 11180 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 768.101988][T11180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 768.112789][T11180] Call Trace: [ 768.116260][T11180] dump_stack+0x1fb/0x318 [ 768.121172][T11180] should_fail+0x555/0x770 [ 768.125615][T11180] __should_failslab+0x11a/0x160 [ 768.130692][T11180] should_failslab+0x9/0x20 [ 768.135331][T11180] kmem_cache_alloc_trace+0x5d/0x2f0 [ 768.141094][T11180] ? kobject_uevent_env+0x2cd/0x1260 [ 768.146471][T11180] ? dev_uevent_filter+0xb0/0xb0 [ 768.151420][T11180] kobject_uevent_env+0x2cd/0x1260 [ 768.155868][T11061] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 768.157046][T11180] kobject_uevent+0x1f/0x30 [ 768.157074][T11180] loop_set_fd+0xfc3/0x1470 [ 768.165727][T11061] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 768.170144][T11180] lo_ioctl+0xd5/0x2200 [ 768.170155][T11180] ? __kasan_slab_free+0x12a/0x1e0 [ 768.170163][T11180] ? kasan_slab_free+0xe/0x10 [ 768.170172][T11180] ? kfree+0x115/0x200 [ 768.170180][T11180] ? tomoyo_path_number_perm+0x4e1/0x640 [ 768.170189][T11180] ? tomoyo_file_ioctl+0x23/0x30 [ 768.170196][T11180] ? security_file_ioctl+0x6d/0xd0 [ 768.170206][T11180] ? __x64_sys_ioctl+0xa3/0x120 [ 768.170217][T11180] ? do_syscall_64+0xf7/0x1c0 [ 768.170236][T11180] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 768.180519][T11061] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 768.184107][T11180] ? debug_check_no_obj_freed+0x505/0x5b0 [ 768.184134][T11180] ? rcu_lock_release+0x9/0x30 [ 768.184150][T11180] ? rcu_lock_release+0x9/0x30 [ 768.184161][T11180] ? lo_release+0x1f0/0x1f0 [ 768.184171][T11180] blkdev_ioctl+0x807/0x2980 [ 768.184183][T11180] ? tomoyo_path_number_perm+0x53e/0x640 [ 768.184215][T11180] block_ioctl+0xbd/0x100 [ 768.188598][T11061] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 768.193673][T11180] ? blkdev_iopoll+0x100/0x100 [ 768.193687][T11180] do_vfs_ioctl+0x744/0x1730 [ 768.193695][T11180] ? __fget+0x4d1/0x510 [ 768.193712][T11180] ? tomoyo_file_ioctl+0x23/0x30 [ 768.193723][T11180] ? security_file_ioctl+0xa1/0xd0 [ 768.193734][T11180] __x64_sys_ioctl+0xe3/0x120 [ 768.193748][T11180] do_syscall_64+0xf7/0x1c0 [ 768.193762][T11180] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 768.193773][T11180] RIP: 0033:0x45a4a7 [ 768.193784][T11180] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 768.193789][T11180] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 768.193807][T11180] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 768.208857][T11180] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 768.208863][T11180] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 768.208868][T11180] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 768.208873][T11180] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:09 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[], 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:09 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400100008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:09 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xe00, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:09 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000003f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:09 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00006010000100070c10000000000000000000", 0x58}], 0x1) 16:51:09 executing program 0 (fault-call:0 fault-nth:31): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 768.899712][T11203] FAULT_INJECTION: forcing a failure. [ 768.899712][T11203] name failslab, interval 1, probability 0, space 0, times 0 [ 768.921624][T11203] CPU: 1 PID: 11203 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 768.930319][T11203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 768.940369][T11203] Call Trace: [ 768.943663][T11203] dump_stack+0x1fb/0x318 [ 768.948002][T11203] should_fail+0x555/0x770 [ 768.952424][T11203] __should_failslab+0x11a/0x160 [ 768.957357][T11203] should_failslab+0x9/0x20 [ 768.961856][T11203] kmem_cache_alloc_trace+0x5d/0x2f0 [ 768.967130][T11203] ? kobject_uevent_env+0x2cd/0x1260 [ 768.972399][T11203] ? dev_uevent_filter+0xb0/0xb0 [ 768.977327][T11203] kobject_uevent_env+0x2cd/0x1260 [ 768.982445][T11203] kobject_uevent+0x1f/0x30 [ 768.986941][T11203] loop_set_fd+0xfc3/0x1470 [ 768.991446][T11203] lo_ioctl+0xd5/0x2200 [ 768.995591][T11203] ? __kasan_slab_free+0x12a/0x1e0 [ 769.000685][T11203] ? kasan_slab_free+0xe/0x10 [ 769.005348][T11203] ? kfree+0x115/0x200 [ 769.009750][T11203] ? tomoyo_path_number_perm+0x4e1/0x640 [ 769.015370][T11203] ? tomoyo_file_ioctl+0x23/0x30 [ 769.020292][T11203] ? security_file_ioctl+0x6d/0xd0 [ 769.025387][T11203] ? __x64_sys_ioctl+0xa3/0x120 [ 769.030306][T11203] ? do_syscall_64+0xf7/0x1c0 [ 769.034971][T11203] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 769.041027][T11203] ? debug_check_no_obj_freed+0x505/0x5b0 [ 769.046748][T11203] ? rcu_lock_release+0x9/0x30 [ 769.051506][T11203] ? rcu_lock_release+0x9/0x30 [ 769.056259][T11203] ? lo_release+0x1f0/0x1f0 [ 769.060753][T11203] blkdev_ioctl+0x807/0x2980 [ 769.065331][T11203] ? tomoyo_path_number_perm+0x53e/0x640 [ 769.070966][T11203] block_ioctl+0xbd/0x100 [ 769.075281][T11203] ? blkdev_iopoll+0x100/0x100 [ 769.080036][T11203] do_vfs_ioctl+0x744/0x1730 [ 769.084612][T11203] ? __fget+0x4d1/0x510 [ 769.088760][T11203] ? tomoyo_file_ioctl+0x23/0x30 [ 769.093683][T11203] ? security_file_ioctl+0xa1/0xd0 [ 769.098786][T11203] __x64_sys_ioctl+0xe3/0x120 [ 769.103453][T11203] do_syscall_64+0xf7/0x1c0 [ 769.107944][T11203] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 769.113820][T11203] RIP: 0033:0x45a4a7 [ 769.117709][T11203] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 769.137307][T11203] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 16:51:10 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00676610000100070c10000000000000000000", 0x58}], 0x1) [ 769.145724][T11203] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 769.153693][T11203] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 769.161668][T11203] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 769.169648][T11203] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 769.177612][T11203] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:10 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:10 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x4000, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:10 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00666710000100070c10000000000000000000", 0x58}], 0x1) 16:51:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000c00e00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 769.774347][T11207] device nr0 entered promiscuous mode [ 769.797105][T11207] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 769.809023][T11207] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 769.821464][T11207] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 769.829970][T11207] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:11 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[], 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:11 executing program 0 (fault-call:0 fault-nth:32): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:11 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00506a10000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000001400000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x8000a0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 770.256797][T11441] FAULT_INJECTION: forcing a failure. [ 770.256797][T11441] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 770.270029][T11441] CPU: 1 PID: 11441 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 770.278693][T11441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 770.288744][T11441] Call Trace: [ 770.292038][T11441] dump_stack+0x1fb/0x318 [ 770.296363][T11441] should_fail+0x555/0x770 [ 770.300778][T11441] should_fail_alloc_page+0x55/0x60 [ 770.305970][T11441] prepare_alloc_pages+0x283/0x460 [ 770.311075][T11441] __alloc_pages_nodemask+0xb2/0x5d0 [ 770.316358][T11441] kmem_getpages+0x4d/0xa00 [ 770.320858][T11441] cache_grow_begin+0x7e/0x2c0 [ 770.325615][T11441] cache_alloc_refill+0x311/0x3f0 [ 770.330643][T11441] ? check_preemption_disabled+0xb7/0x2a0 [ 770.336358][T11441] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 770.341715][T11441] ? kobject_uevent_env+0x2cd/0x1260 [ 770.346986][T11441] ? dev_uevent_filter+0xb0/0xb0 [ 770.351918][T11441] kobject_uevent_env+0x2cd/0x1260 [ 770.357030][T11441] kobject_uevent+0x1f/0x30 [ 770.361522][T11441] loop_set_fd+0xfc3/0x1470 [ 770.366022][T11441] lo_ioctl+0xd5/0x2200 [ 770.370163][T11441] ? __kasan_slab_free+0x12a/0x1e0 [ 770.375261][T11441] ? kasan_slab_free+0xe/0x10 [ 770.379925][T11441] ? kfree+0x115/0x200 [ 770.383984][T11441] ? tomoyo_path_number_perm+0x4e1/0x640 [ 770.389598][T11441] ? tomoyo_file_ioctl+0x23/0x30 [ 770.394520][T11441] ? security_file_ioctl+0x6d/0xd0 [ 770.399618][T11441] ? __x64_sys_ioctl+0xa3/0x120 [ 770.404452][T11441] ? do_syscall_64+0xf7/0x1c0 [ 770.409115][T11441] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 770.415171][T11441] ? debug_check_no_obj_freed+0x505/0x5b0 [ 770.420889][T11441] ? rcu_lock_release+0x9/0x30 [ 770.425650][T11441] ? rcu_lock_release+0x9/0x30 [ 770.430405][T11441] ? lo_release+0x1f0/0x1f0 [ 770.434900][T11441] blkdev_ioctl+0x807/0x2980 [ 770.439476][T11441] ? tomoyo_path_number_perm+0x53e/0x640 [ 770.445115][T11441] block_ioctl+0xbd/0x100 [ 770.449432][T11441] ? blkdev_iopoll+0x100/0x100 [ 770.454186][T11441] do_vfs_ioctl+0x744/0x1730 [ 770.458763][T11441] ? __fget+0x4d1/0x510 [ 770.462908][T11441] ? tomoyo_file_ioctl+0x23/0x30 [ 770.467833][T11441] ? security_file_ioctl+0xa1/0xd0 [ 770.472931][T11441] __x64_sys_ioctl+0xe3/0x120 [ 770.477598][T11441] do_syscall_64+0xf7/0x1c0 [ 770.482094][T11441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 770.487972][T11441] RIP: 0033:0x45a4a7 [ 770.491854][T11441] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 770.511443][T11441] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 770.519842][T11441] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 770.527798][T11441] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 770.535753][T11441] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 770.543709][T11441] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 770.551665][T11441] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:11 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000221400008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00e28510000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000dc490000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000ec010000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000001f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:11 executing program 0 (fault-call:0 fault-nth:33): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 770.866906][T11570] FAULT_INJECTION: forcing a failure. [ 770.866906][T11570] name failslab, interval 1, probability 0, space 0, times 0 [ 770.892598][T11570] CPU: 0 PID: 11570 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 770.901313][T11570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 770.911366][T11570] Call Trace: [ 770.911390][T11570] dump_stack+0x1fb/0x318 [ 770.911411][T11570] should_fail+0x555/0x770 [ 770.923422][T11570] __should_failslab+0x11a/0x160 [ 770.928457][T11570] ? kzalloc+0x26/0x40 [ 770.932527][T11570] should_failslab+0x9/0x20 [ 770.937024][T11570] __kmalloc+0x7a/0x340 [ 770.941182][T11570] kzalloc+0x26/0x40 [ 770.945071][T11570] kobject_get_path+0xa7/0x1d0 [ 770.945086][T11570] kobject_uevent_env+0x2f2/0x1260 [ 770.945113][T11570] kobject_uevent+0x1f/0x30 [ 770.945125][T11570] loop_set_fd+0xfc3/0x1470 [ 770.945149][T11570] lo_ioctl+0xd5/0x2200 [ 770.968100][T11570] ? __kasan_slab_free+0x12a/0x1e0 [ 770.973214][T11570] ? kasan_slab_free+0xe/0x10 [ 770.977888][T11570] ? kfree+0x115/0x200 [ 770.981959][T11570] ? tomoyo_path_number_perm+0x4e1/0x640 [ 770.987591][T11570] ? tomoyo_file_ioctl+0x23/0x30 [ 770.992523][T11570] ? security_file_ioctl+0x6d/0xd0 [ 770.992545][T11570] ? __x64_sys_ioctl+0xa3/0x120 [ 771.002480][T11570] ? do_syscall_64+0xf7/0x1c0 [ 771.007158][T11570] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 771.013238][T11570] ? debug_check_no_obj_freed+0x505/0x5b0 [ 771.018979][T11570] ? rcu_lock_release+0x9/0x30 [ 771.023749][T11570] ? rcu_lock_release+0x9/0x30 [ 771.028512][T11570] ? lo_release+0x1f0/0x1f0 [ 771.033015][T11570] blkdev_ioctl+0x807/0x2980 [ 771.037601][T11570] ? tomoyo_path_number_perm+0x53e/0x640 [ 771.037636][T11570] block_ioctl+0xbd/0x100 [ 771.037645][T11570] ? blkdev_iopoll+0x100/0x100 [ 771.037664][T11570] do_vfs_ioctl+0x744/0x1730 [ 771.037678][T11570] ? __fget+0x4d1/0x510 [ 771.061061][T11570] ? tomoyo_file_ioctl+0x23/0x30 [ 771.066005][T11570] ? security_file_ioctl+0xa1/0xd0 [ 771.071113][T11570] __x64_sys_ioctl+0xe3/0x120 [ 771.071130][T11570] do_syscall_64+0xf7/0x1c0 [ 771.080277][T11570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 771.086159][T11570] RIP: 0033:0x45a4a7 [ 771.086170][T11570] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 771.086176][T11570] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 771.086187][T11570] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 771.086193][T11570] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 771.086199][T11570] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 771.086205][T11570] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 771.086210][T11570] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 771.283957][T11453] device nr0 entered promiscuous mode [ 771.309385][T11453] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 771.318424][T11453] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 771.331351][T11453] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 771.340065][T11453] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:12 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[], 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:12 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x1000000, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:12 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000034c0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:12 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000002000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:12 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0002d410000100070c10000000000000000000", 0x58}], 0x1) 16:51:12 executing program 0 (fault-call:0 fault-nth:34): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 771.816384][T11694] FAULT_INJECTION: forcing a failure. [ 771.816384][T11694] name failslab, interval 1, probability 0, space 0, times 0 [ 771.829753][T11694] CPU: 0 PID: 11694 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 771.838435][T11694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 771.848494][T11694] Call Trace: [ 771.851798][T11694] dump_stack+0x1fb/0x318 [ 771.856146][T11694] should_fail+0x555/0x770 [ 771.860579][T11694] __should_failslab+0x11a/0x160 [ 771.865519][T11694] should_failslab+0x9/0x20 [ 771.870021][T11694] kmem_cache_alloc_node+0x65/0x280 [ 771.875249][T11694] ? __alloc_skb+0x9f/0x500 [ 771.879756][T11694] __alloc_skb+0x9f/0x500 [ 771.884094][T11694] alloc_uevent_skb+0x7f/0x230 [ 771.888858][T11694] kobject_uevent_env+0xcbc/0x1260 [ 771.893966][T11694] kobject_uevent+0x1f/0x30 [ 771.898456][T11694] loop_set_fd+0xfc3/0x1470 [ 771.902958][T11694] lo_ioctl+0xd5/0x2200 [ 771.907098][T11694] ? __kasan_slab_free+0x12a/0x1e0 [ 771.912193][T11694] ? kasan_slab_free+0xe/0x10 [ 771.916858][T11694] ? kfree+0x115/0x200 [ 771.920925][T11694] ? tomoyo_path_number_perm+0x4e1/0x640 [ 771.926550][T11694] ? tomoyo_file_ioctl+0x23/0x30 [ 771.931475][T11694] ? security_file_ioctl+0x6d/0xd0 [ 771.936586][T11694] ? __x64_sys_ioctl+0xa3/0x120 [ 771.941431][T11694] ? do_syscall_64+0xf7/0x1c0 [ 771.946103][T11694] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 771.952164][T11694] ? debug_check_no_obj_freed+0x505/0x5b0 [ 771.957915][T11694] ? rcu_lock_release+0x9/0x30 [ 771.962674][T11694] ? rcu_lock_release+0x9/0x30 [ 771.967427][T11694] ? lo_release+0x1f0/0x1f0 [ 771.971921][T11694] blkdev_ioctl+0x807/0x2980 [ 771.976508][T11694] ? tomoyo_path_number_perm+0x53e/0x640 [ 771.982170][T11694] block_ioctl+0xbd/0x100 [ 771.986502][T11694] ? blkdev_iopoll+0x100/0x100 [ 771.991267][T11694] do_vfs_ioctl+0x744/0x1730 [ 771.995843][T11694] ? __fget+0x4d1/0x510 [ 772.000005][T11694] ? tomoyo_file_ioctl+0x23/0x30 [ 772.004937][T11694] ? security_file_ioctl+0xa1/0xd0 [ 772.010047][T11694] __x64_sys_ioctl+0xe3/0x120 [ 772.014723][T11694] do_syscall_64+0xf7/0x1c0 [ 772.019226][T11694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 772.025109][T11694] RIP: 0033:0x45a4a7 [ 772.029012][T11694] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 772.048607][T11694] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 772.057021][T11694] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 16:51:13 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00006a500000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 772.064988][T11694] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 772.072965][T11694] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 772.080926][T11694] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 772.088885][T11694] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:13 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0049dc10000100070c10000000000000000000", 0x58}], 0x1) 16:51:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000142200008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x2000000, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:13 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0085e210000100070c10000000000000000000", 0x58}], 0x1) 16:51:13 executing program 0 (fault-call:0 fault-nth:35): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 772.477360][T11693] device nr0 entered promiscuous mode [ 772.560506][T11858] FAULT_INJECTION: forcing a failure. [ 772.560506][T11858] name failslab, interval 1, probability 0, space 0, times 0 [ 772.574000][T11858] CPU: 0 PID: 11858 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 772.582684][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 772.587408][T11693] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 772.592728][T11858] Call Trace: [ 772.592751][T11858] dump_stack+0x1fb/0x318 [ 772.592771][T11858] should_fail+0x555/0x770 [ 772.592793][T11858] __should_failslab+0x11a/0x160 [ 772.617909][T11858] ? getname_flags+0xba/0x640 [ 772.622586][T11858] should_failslab+0x9/0x20 [ 772.627091][T11858] kmem_cache_alloc+0x56/0x2e0 [ 772.631848][T11858] ? __kasan_check_write+0x14/0x20 [ 772.636958][T11858] getname_flags+0xba/0x640 [ 772.641459][T11858] do_mkdirat+0x3c/0x320 [ 772.645699][T11858] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 772.651416][T11858] ? do_syscall_64+0x1d/0x1c0 [ 772.656091][T11858] __x64_sys_mkdir+0x60/0x70 [ 772.660690][T11858] do_syscall_64+0xf7/0x1c0 [ 772.665194][T11858] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 772.671080][T11858] RIP: 0033:0x459a57 [ 772.674966][T11858] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 772.684360][T11693] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 772.694559][T11858] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 772.694569][T11858] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 772.694574][T11858] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 772.694579][T11858] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 772.694584][T11858] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 772.694590][T11858] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 772.780339][T11693] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 772.800614][T11693] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:14 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:14 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000600000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:14 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000003f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:14 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xe000000, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:14 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000003000100070c10000000000000000000", 0x58}], 0x1) 16:51:14 executing program 0 (fault-call:0 fault-nth:36): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 773.279794][T11937] FAULT_INJECTION: forcing a failure. [ 773.279794][T11937] name failslab, interval 1, probability 0, space 0, times 0 [ 773.321944][T11937] CPU: 1 PID: 11937 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 773.330651][T11937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 773.340707][T11937] Call Trace: [ 773.344010][T11937] dump_stack+0x1fb/0x318 [ 773.348348][T11937] should_fail+0x555/0x770 [ 773.352764][T11937] __should_failslab+0x11a/0x160 [ 773.357692][T11937] ? skb_clone+0x1cc/0x380 [ 773.362096][T11937] should_failslab+0x9/0x20 [ 773.366586][T11937] kmem_cache_alloc+0x56/0x2e0 [ 773.371342][T11937] skb_clone+0x1cc/0x380 [ 773.375577][T11937] netlink_broadcast_filtered+0x619/0x1080 [ 773.381385][T11937] netlink_broadcast+0x3a/0x50 [ 773.386138][T11937] kobject_uevent_env+0xcf1/0x1260 [ 773.391259][T11937] kobject_uevent+0x1f/0x30 [ 773.395752][T11937] loop_set_fd+0xfc3/0x1470 [ 773.400253][T11937] lo_ioctl+0xd5/0x2200 [ 773.404398][T11937] ? __kasan_slab_free+0x12a/0x1e0 [ 773.409493][T11937] ? kasan_slab_free+0xe/0x10 [ 773.414158][T11937] ? kfree+0x115/0x200 [ 773.418214][T11937] ? tomoyo_path_number_perm+0x4e1/0x640 [ 773.423833][T11937] ? tomoyo_file_ioctl+0x23/0x30 [ 773.428756][T11937] ? security_file_ioctl+0x6d/0xd0 [ 773.433855][T11937] ? __x64_sys_ioctl+0xa3/0x120 [ 773.438690][T11937] ? do_syscall_64+0xf7/0x1c0 [ 773.443357][T11937] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 773.449588][T11937] ? debug_check_no_obj_freed+0x505/0x5b0 [ 773.455311][T11937] ? rcu_lock_release+0x9/0x30 [ 773.460067][T11937] ? rcu_lock_release+0x9/0x30 [ 773.464814][T11937] ? lo_release+0x1f0/0x1f0 [ 773.469304][T11937] blkdev_ioctl+0x807/0x2980 [ 773.473885][T11937] ? tomoyo_path_number_perm+0x53e/0x640 [ 773.479542][T11937] block_ioctl+0xbd/0x100 [ 773.483863][T11937] ? blkdev_iopoll+0x100/0x100 [ 773.488628][T11937] do_vfs_ioctl+0x744/0x1730 [ 773.493230][T11937] ? __fget+0x4d1/0x510 [ 773.497396][T11937] ? tomoyo_file_ioctl+0x23/0x30 [ 773.502328][T11937] ? security_file_ioctl+0xa1/0xd0 [ 773.507445][T11937] __x64_sys_ioctl+0xe3/0x120 [ 773.512120][T11937] do_syscall_64+0xf7/0x1c0 [ 773.516621][T11937] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 773.522503][T11937] RIP: 0033:0x45a4a7 [ 773.526386][T11937] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 773.545976][T11937] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 773.554384][T11937] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 000000000045a4a7 [ 773.562344][T11937] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 16:51:14 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000007000100070c10000000000000000000", 0x58}], 0x1) [ 773.570319][T11937] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 773.578274][T11937] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 773.586257][T11937] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:14 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000067660000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:14 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000000a000100070c10000000000000000000", 0x58}], 0x1) 16:51:14 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:14 executing program 0 (fault-call:0 fault-nth:37): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:14 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x40000000, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 773.874030][T12060] FAULT_INJECTION: forcing a failure. [ 773.874030][T12060] name failslab, interval 1, probability 0, space 0, times 0 [ 773.913066][T12060] CPU: 0 PID: 12060 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 773.921768][T12060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 773.931822][T12060] Call Trace: [ 773.935118][T12060] dump_stack+0x1fb/0x318 [ 773.939460][T12060] should_fail+0x555/0x770 [ 773.943890][T12060] __should_failslab+0x11a/0x160 [ 773.948833][T12060] ? __d_alloc+0x2d/0x6e0 [ 773.953163][T12060] should_failslab+0x9/0x20 [ 773.957668][T12060] kmem_cache_alloc+0x56/0x2e0 [ 773.962424][T12060] __d_alloc+0x2d/0x6e0 [ 773.966565][T12060] d_alloc+0x4e/0x1d0 [ 773.966599][T12060] __lookup_hash+0xe5/0x290 [ 773.966610][T12060] filename_create+0x14f/0x670 [ 773.966620][T12060] ? getname_flags+0x214/0x640 [ 773.966632][T12060] do_mkdirat+0x5a/0x320 [ 773.966645][T12060] __x64_sys_mkdir+0x60/0x70 [ 773.966659][T12060] do_syscall_64+0xf7/0x1c0 [ 773.966674][T12060] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 773.966685][T12060] RIP: 0033:0x459a57 [ 773.966696][T12060] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 773.966700][T12060] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 773.966715][T12060] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 773.966720][T12060] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 773.966724][T12060] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 773.966729][T12060] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 773.966733][T12060] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 773.974949][T12064] device nr0 entered promiscuous mode [ 774.046161][T11973] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 774.061542][T11973] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 774.161299][T11973] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 774.177868][T11973] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:15 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:15 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000000c000100070c10000000000000000000", 0x58}], 0x1) 16:51:15 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000014000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:15 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000066670000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:15 executing program 0 (fault-call:0 fault-nth:38): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:15 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xa0008000, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:15 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000dc4900008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 774.839272][T12172] FAULT_INJECTION: forcing a failure. [ 774.839272][T12172] name failslab, interval 1, probability 0, space 0, times 0 16:51:15 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000210000100070c10000000000000000000", 0x58}], 0x1) [ 774.891330][T12172] CPU: 0 PID: 12172 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 774.900163][T12172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 774.910230][T12172] Call Trace: [ 774.913547][T12172] dump_stack+0x1fb/0x318 [ 774.917915][T12172] should_fail+0x555/0x770 [ 774.922343][T12172] __should_failslab+0x11a/0x160 [ 774.927288][T12172] ? smack_inode_init_security+0x3cf/0x490 [ 774.933092][T12172] should_failslab+0x9/0x20 [ 774.937591][T12172] __kmalloc_track_caller+0x79/0x340 [ 774.942875][T12172] kstrdup+0x34/0x70 [ 774.946772][T12172] smack_inode_init_security+0x3cf/0x490 [ 774.952412][T12172] security_inode_init_security+0xfe/0x310 [ 774.958289][T12172] ? ext4_init_security+0x40/0x40 [ 774.963332][T12172] ext4_init_security+0x34/0x40 [ 774.968246][T12172] __ext4_new_inode+0x446c/0x5650 [ 774.973392][T12172] ? smk_curacc+0xa3/0xe0 [ 774.977796][T12172] ext4_mkdir+0x3f5/0x1450 [ 774.982237][T12172] ? security_inode_permission+0xdd/0x120 [ 774.987960][T12172] vfs_mkdir+0x43f/0x610 [ 774.992203][T12172] do_mkdirat+0x1d7/0x320 [ 774.996535][T12172] __x64_sys_mkdir+0x60/0x70 [ 775.001126][T12172] do_syscall_64+0xf7/0x1c0 [ 775.005642][T12172] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 775.011526][T12172] RIP: 0033:0x459a57 [ 775.015417][T12172] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:51:16 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xfeffffff, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:16 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000006a5000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:16 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000506a0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 775.035135][T12172] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 775.035148][T12172] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 775.035152][T12172] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 775.035156][T12172] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 775.035161][T12172] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 775.035166][T12172] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:16 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000410000100070c10000000000000000000", 0x58}], 0x1) [ 775.471647][T12233] device nr0 entered promiscuous mode [ 775.551294][T12233] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 775.565369][T12233] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 775.591921][T12233] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 775.606561][T12233] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:17 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x0) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:17 executing program 0 (fault-call:0 fault-nth:39): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:17 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:17 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000ec00000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:17 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000a10000100070c10000000000000000000", 0x58}], 0x1) 16:51:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xfffffffe, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 776.196858][T12400] FAULT_INJECTION: forcing a failure. [ 776.196858][T12400] name failslab, interval 1, probability 0, space 0, times 0 [ 776.268298][T12400] CPU: 0 PID: 12400 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 776.277016][T12400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 776.287078][T12400] Call Trace: [ 776.290382][T12400] dump_stack+0x1fb/0x318 [ 776.294723][T12400] should_fail+0x555/0x770 [ 776.299154][T12400] __should_failslab+0x11a/0x160 [ 776.304107][T12400] ? tomoyo_encode2+0x273/0x5a0 [ 776.308959][T12400] should_failslab+0x9/0x20 [ 776.313451][T12400] __kmalloc+0x7a/0x340 [ 776.317602][T12400] tomoyo_encode2+0x273/0x5a0 [ 776.322275][T12400] tomoyo_realpath_from_path+0x769/0x7c0 [ 776.327900][T12400] tomoyo_path_number_perm+0x166/0x640 [ 776.333372][T12400] ? rcu_read_lock_sched_held+0x10b/0x170 [ 776.339085][T12400] ? trace_kmem_cache_free+0xb2/0x110 [ 776.344452][T12400] tomoyo_path_mkdir+0x9c/0xc0 [ 776.349204][T12400] security_path_mkdir+0xed/0x170 [ 776.354220][T12400] do_mkdirat+0x15c/0x320 [ 776.358540][T12400] __x64_sys_mkdir+0x60/0x70 [ 776.363122][T12400] do_syscall_64+0xf7/0x1c0 [ 776.367618][T12400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 776.373500][T12400] RIP: 0033:0x459a57 [ 776.377385][T12400] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 776.396985][T12400] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 776.405387][T12400] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 16:51:17 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000f10000100070c10000000000000000000", 0x58}], 0x1) 16:51:17 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000049dc0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:17 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000676600008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 776.413346][T12400] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 776.421306][T12400] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 776.429265][T12400] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 776.437252][T12400] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 776.459814][T12400] ERROR: Out of memory at tomoyo_realpath_from_path. 16:51:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0xffffffff, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:17 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00006010000100070c10000000000000000000", 0x58}], 0x1) 16:51:17 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000666700008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 776.639458][T12464] device nr0 entered promiscuous mode [ 776.853826][T12459] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 776.862411][T12459] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 776.892701][T12459] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 776.907923][T12459] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:18 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000"], 0xb5) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:18 executing program 0 (fault-call:0 fault-nth:40): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:18 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400300008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000506a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:18 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000040000100070c10000000000000000000", 0x58}], 0x1) [ 777.648556][T12633] FAULT_INJECTION: forcing a failure. [ 777.648556][T12633] name failslab, interval 1, probability 0, space 0, times 0 [ 777.704224][T12633] CPU: 0 PID: 12633 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 777.712940][T12633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 777.723004][T12633] Call Trace: [ 777.726312][T12633] dump_stack+0x1fb/0x318 [ 777.730662][T12633] should_fail+0x555/0x770 [ 777.735095][T12633] __should_failslab+0x11a/0x160 [ 777.740043][T12633] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 777.745760][T12633] should_failslab+0x9/0x20 [ 777.750262][T12633] __kmalloc+0x7a/0x340 [ 777.754411][T12633] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 777.760122][T12633] tomoyo_realpath_from_path+0xdc/0x7c0 [ 777.765666][T12633] tomoyo_path_number_perm+0x166/0x640 [ 777.771135][T12633] ? rcu_read_lock_sched_held+0x10b/0x170 [ 777.776846][T12633] ? trace_kmem_cache_free+0xb2/0x110 [ 777.782211][T12633] tomoyo_path_mkdir+0x9c/0xc0 [ 777.786984][T12633] security_path_mkdir+0xed/0x170 [ 777.792040][T12633] do_mkdirat+0x15c/0x320 [ 777.796378][T12633] __x64_sys_mkdir+0x60/0x70 [ 777.800996][T12633] do_syscall_64+0xf7/0x1c0 [ 777.805515][T12633] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 777.811403][T12633] RIP: 0033:0x459a57 [ 777.815288][T12633] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 777.834893][T12633] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 777.843293][T12633] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 16:51:18 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000002000100070c10000000000000000000", 0x58}], 0x1) 16:51:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000e28500008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:18 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000034000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 777.851247][T12633] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 777.859207][T12633] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 777.867161][T12633] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 777.875124][T12633] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 777.908899][T12633] ERROR: Out of memory at tomoyo_realpath_from_path. 16:51:19 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x2, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:19 executing program 0 (fault-call:0 fault-nth:41): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:19 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000003000100070c10000000000000000000", 0x58}], 0x1) [ 778.212532][T12748] device nr0 entered promiscuous mode [ 778.238823][T12759] FAULT_INJECTION: forcing a failure. [ 778.238823][T12759] name failslab, interval 1, probability 0, space 0, times 0 [ 778.251940][T12759] CPU: 0 PID: 12759 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 778.260616][T12759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 778.270671][T12759] Call Trace: [ 778.273975][T12759] dump_stack+0x1fb/0x318 [ 778.278307][T12759] should_fail+0x555/0x770 [ 778.282726][T12759] __should_failslab+0x11a/0x160 [ 778.287655][T12759] ? __es_insert_extent+0x7ba/0x17c0 [ 778.292930][T12759] should_failslab+0x9/0x20 [ 778.297420][T12759] kmem_cache_alloc+0x56/0x2e0 [ 778.302175][T12759] __es_insert_extent+0x7ba/0x17c0 [ 778.307292][T12759] ext4_es_insert_extent+0x250/0x2ea0 [ 778.312668][T12759] ext4_map_blocks+0xe1c/0x1e30 [ 778.317523][T12759] ? __kasan_check_write+0x14/0x20 [ 778.322627][T12759] ext4_getblk+0xae/0x460 [ 778.326956][T12759] ext4_bread+0x4a/0x340 [ 778.331196][T12759] ext4_append+0x175/0x310 [ 778.335611][T12759] ext4_mkdir+0x7ad/0x1450 [ 778.340037][T12759] vfs_mkdir+0x43f/0x610 [ 778.344277][T12759] do_mkdirat+0x1d7/0x320 [ 778.348604][T12759] __x64_sys_mkdir+0x60/0x70 [ 778.353185][T12759] do_syscall_64+0xf7/0x1c0 [ 778.357680][T12759] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 778.363562][T12759] RIP: 0033:0x459a57 [ 778.367452][T12759] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 778.387046][T12759] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 778.402651][T12759] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 778.410612][T12759] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 778.418572][T12759] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 778.426530][T12759] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 778.434490][T12759] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 778.449557][T12857] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 778.458343][T12857] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 778.486886][T12748] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 778.495646][T12748] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:20 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000"], 0xb5) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:20 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000001008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000ec000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xe, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:20 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000004000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 0 (fault-call:0 fault-nth:42): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 779.132862][T12867] FAULT_INJECTION: forcing a failure. [ 779.132862][T12867] name failslab, interval 1, probability 0, space 0, times 0 [ 779.183174][T12867] CPU: 0 PID: 12867 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 779.191897][T12867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 779.201958][T12867] Call Trace: [ 779.205260][T12867] dump_stack+0x1fb/0x318 [ 779.209601][T12867] should_fail+0x555/0x770 [ 779.214027][T12867] __should_failslab+0x11a/0x160 [ 779.218969][T12867] ? ext4_alloc_inode+0x1f/0x560 [ 779.223906][T12867] should_failslab+0x9/0x20 [ 779.228416][T12867] kmem_cache_alloc+0x56/0x2e0 [ 779.233184][T12867] ? set_qf_name+0x3c0/0x3c0 [ 779.237767][T12867] ext4_alloc_inode+0x1f/0x560 [ 779.242519][T12867] ? set_qf_name+0x3c0/0x3c0 [ 779.247104][T12867] new_inode_pseudo+0x68/0x240 [ 779.251867][T12867] new_inode+0x28/0x1c0 [ 779.256019][T12867] ? trace_ext4_request_inode+0x28b/0x2d0 [ 779.261731][T12867] __ext4_new_inode+0x43d/0x5650 [ 779.266668][T12867] ? memset+0x31/0x40 [ 779.270667][T12867] ? smk_curacc+0xa3/0xe0 [ 779.274996][T12867] ext4_mkdir+0x3f5/0x1450 [ 779.279421][T12867] ? security_inode_permission+0xdd/0x120 [ 779.285144][T12867] vfs_mkdir+0x43f/0x610 [ 779.289385][T12867] do_mkdirat+0x1d7/0x320 [ 779.293716][T12867] __x64_sys_mkdir+0x60/0x70 [ 779.298302][T12867] do_syscall_64+0xf7/0x1c0 [ 779.302804][T12867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 779.308688][T12867] RIP: 0033:0x459a57 [ 779.312574][T12867] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:51:20 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004001008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000007000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000049dc00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 779.332187][T12867] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 779.340631][T12867] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 779.348606][T12867] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 779.356579][T12867] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 779.364542][T12867] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 779.372513][T12867] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:20 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000002008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000000a000100070c10000000000000000000", 0x58}], 0x1) 16:51:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000085e200008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 779.872531][T12904] device nr0 entered promiscuous mode [ 779.957019][T12904] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 779.971414][T12904] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 779.998573][T12904] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 780.012742][T12904] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:21 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000"], 0xb5) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xe00, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:21 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000000c000100070c10000000000000000000", 0x58}], 0x1) 16:51:21 executing program 0 (fault-call:0 fault-nth:43): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:21 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000004008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004003008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 780.573259][T13001] FAULT_INJECTION: forcing a failure. [ 780.573259][T13001] name failslab, interval 1, probability 0, space 0, times 0 [ 780.586110][T13001] CPU: 0 PID: 13001 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 780.594885][T13001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 780.604951][T13001] Call Trace: [ 780.608254][T13001] dump_stack+0x1fb/0x318 [ 780.612597][T13001] should_fail+0x555/0x770 [ 780.617027][T13001] __should_failslab+0x11a/0x160 [ 780.621958][T13001] ? __es_insert_extent+0x7ba/0x17c0 [ 780.627231][T13001] should_failslab+0x9/0x20 [ 780.631720][T13001] kmem_cache_alloc+0x56/0x2e0 [ 780.636479][T13001] __es_insert_extent+0x7ba/0x17c0 [ 780.641600][T13001] ext4_es_insert_extent+0x250/0x2ea0 [ 780.646983][T13001] ext4_map_blocks+0xe1c/0x1e30 [ 780.651838][T13001] ? __kasan_check_write+0x14/0x20 [ 780.656946][T13001] ext4_getblk+0xae/0x460 [ 780.661270][T13001] ext4_bread+0x4a/0x340 [ 780.665508][T13001] ext4_append+0x175/0x310 [ 780.669917][T13001] ext4_mkdir+0x7ad/0x1450 [ 780.674345][T13001] vfs_mkdir+0x43f/0x610 [ 780.678584][T13001] do_mkdirat+0x1d7/0x320 [ 780.682904][T13001] __x64_sys_mkdir+0x60/0x70 [ 780.687479][T13001] do_syscall_64+0xf7/0x1c0 [ 780.691973][T13001] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 780.697855][T13001] RIP: 0033:0x459a57 [ 780.701742][T13001] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:51:21 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010030000070c10000000000000000000", 0x58}], 0x1) 16:51:21 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 780.721332][T13001] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 780.729728][T13001] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 780.737684][T13001] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 780.745639][T13001] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 780.753597][T13001] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 780.761549][T13001] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000340008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:22 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:22 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010040000070c10000000000000000000", 0x58}], 0x1) 16:51:22 executing program 0 (fault-call:0 fault-nth:44): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 781.070776][T13130] FAULT_INJECTION: forcing a failure. [ 781.070776][T13130] name failslab, interval 1, probability 0, space 0, times 0 [ 781.083847][T13130] CPU: 1 PID: 13130 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 781.092530][T13130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 781.102582][T13130] Call Trace: [ 781.105874][T13130] dump_stack+0x1fb/0x318 [ 781.110200][T13130] should_fail+0x555/0x770 [ 781.114630][T13130] __should_failslab+0x11a/0x160 [ 781.119569][T13130] ? __es_insert_extent+0x7ba/0x17c0 [ 781.124853][T13130] should_failslab+0x9/0x20 [ 781.129352][T13130] kmem_cache_alloc+0x56/0x2e0 [ 781.134121][T13130] __es_insert_extent+0x7ba/0x17c0 [ 781.139243][T13130] ext4_es_insert_extent+0x250/0x2ea0 [ 781.144627][T13130] ext4_map_blocks+0xe1c/0x1e30 [ 781.149480][T13130] ? __kasan_check_write+0x14/0x20 [ 781.154605][T13130] ext4_getblk+0xae/0x460 [ 781.158943][T13130] ext4_bread+0x4a/0x340 [ 781.163202][T13130] ext4_append+0x175/0x310 [ 781.167623][T13130] ext4_mkdir+0x7ad/0x1450 [ 781.172057][T13130] vfs_mkdir+0x43f/0x610 [ 781.176308][T13130] do_mkdirat+0x1d7/0x320 [ 781.176326][T13130] __x64_sys_mkdir+0x60/0x70 [ 781.176341][T13130] do_syscall_64+0xf7/0x1c0 [ 781.176358][T13130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 781.195587][T13130] RIP: 0033:0x459a57 [ 781.195599][T13130] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 781.195604][T13130] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 781.195615][T13130] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 781.195620][T13130] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 781.195625][T13130] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 781.195630][T13130] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 781.195635][T13130] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 781.319326][T13076] device nr0 entered promiscuous mode [ 781.329638][T13076] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 781.338500][T13076] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 781.349486][T13076] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 781.358306][T13076] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:22 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f568"], 0x110) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000018000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:22 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x4000, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:22 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010020100070c10000000000000000000", 0x58}], 0x1) 16:51:22 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000001f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:22 executing program 0 (fault-call:0 fault-nth:45): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 782.002866][T13144] FAULT_INJECTION: forcing a failure. [ 782.002866][T13144] name failslab, interval 1, probability 0, space 0, times 0 [ 782.051633][T13144] CPU: 1 PID: 13144 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 782.060340][T13144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 782.070395][T13144] Call Trace: [ 782.073697][T13144] dump_stack+0x1fb/0x318 [ 782.078043][T13144] should_fail+0x555/0x770 [ 782.082476][T13144] __should_failslab+0x11a/0x160 [ 782.087420][T13144] ? ext4_alloc_inode+0x1f/0x560 [ 782.092361][T13144] should_failslab+0x9/0x20 [ 782.096872][T13144] kmem_cache_alloc+0x56/0x2e0 [ 782.101640][T13144] ? set_qf_name+0x3c0/0x3c0 [ 782.106236][T13144] ext4_alloc_inode+0x1f/0x560 [ 782.110996][T13144] ? set_qf_name+0x3c0/0x3c0 [ 782.115585][T13144] new_inode_pseudo+0x68/0x240 [ 782.120348][T13144] new_inode+0x28/0x1c0 [ 782.124506][T13144] ? trace_ext4_request_inode+0x28b/0x2d0 [ 782.130228][T13144] __ext4_new_inode+0x43d/0x5650 [ 782.135164][T13144] ? memset+0x31/0x40 [ 782.135189][T13144] ? smk_curacc+0xa3/0xe0 [ 782.135207][T13144] ext4_mkdir+0x3f5/0x1450 [ 782.143493][T13144] ? security_inode_permission+0xdd/0x120 [ 782.143511][T13144] vfs_mkdir+0x43f/0x610 [ 782.143528][T13144] do_mkdirat+0x1d7/0x320 [ 782.143541][T13144] __x64_sys_mkdir+0x60/0x70 [ 782.143556][T13144] do_syscall_64+0xf7/0x1c0 [ 782.143576][T13144] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 782.171455][T13144] RIP: 0033:0x459a57 [ 782.171467][T13144] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:51:23 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x8000a0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:23 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010040100070c10000000000000000000", 0x58}], 0x1) 16:51:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000040018000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:23 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000020008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000028000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 782.171473][T13144] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 782.171483][T13144] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 782.171488][T13144] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 782.171496][T13144] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 782.182297][T13144] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 782.182302][T13144] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:23 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100a0100070c10000000000000000000", 0x58}], 0x1) [ 782.680441][T13150] device nr0 entered promiscuous mode [ 782.773489][T13150] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 782.781956][T13150] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 782.813142][T13150] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 782.821651][T13150] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:24 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f568"], 0x110) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:24 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000048000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:24 executing program 0 (fault-call:0 fault-nth:46): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:24 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000003f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:24 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100f0100070c10000000000000000000", 0x58}], 0x1) 16:51:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 783.468770][T13380] FAULT_INJECTION: forcing a failure. [ 783.468770][T13380] name failslab, interval 1, probability 0, space 0, times 0 16:51:24 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000040008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:24 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010600100070c10000000000000000000", 0x58}], 0x1) 16:51:24 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000000a8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 783.616189][T13380] CPU: 1 PID: 13380 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 783.624914][T13380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 783.634967][T13380] Call Trace: [ 783.638263][T13380] dump_stack+0x1fb/0x318 [ 783.642596][T13380] should_fail+0x555/0x770 [ 783.647015][T13380] __should_failslab+0x11a/0x160 [ 783.651947][T13380] ? smack_inode_init_security+0x3cf/0x490 [ 783.657743][T13380] should_failslab+0x9/0x20 [ 783.662236][T13380] __kmalloc_track_caller+0x79/0x340 [ 783.667519][T13380] kstrdup+0x34/0x70 [ 783.671412][T13380] smack_inode_init_security+0x3cf/0x490 [ 783.677047][T13380] security_inode_init_security+0xfe/0x310 [ 783.682845][T13380] ? ext4_init_security+0x40/0x40 [ 783.687877][T13380] ext4_init_security+0x34/0x40 [ 783.692722][T13380] __ext4_new_inode+0x446c/0x5650 [ 783.697760][T13380] ? smk_curacc+0xa3/0xe0 [ 783.702087][T13380] ext4_mkdir+0x3f5/0x1450 [ 783.706507][T13380] ? security_inode_permission+0xdd/0x120 [ 783.712234][T13380] vfs_mkdir+0x43f/0x610 16:51:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x2000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 783.716481][T13380] do_mkdirat+0x1d7/0x320 [ 783.720810][T13380] __x64_sys_mkdir+0x60/0x70 [ 783.725400][T13380] do_syscall_64+0xf7/0x1c0 [ 783.729903][T13380] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 783.735787][T13380] RIP: 0033:0x459a57 [ 783.739674][T13380] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 783.759273][T13380] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 783.767694][T13380] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 783.775671][T13380] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 783.783638][T13380] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 783.783645][T13380] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 783.783651][T13380] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:24 executing program 0 (fault-call:0 fault-nth:47): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:25 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000000f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 783.985754][T13493] device nr0 entered promiscuous mode [ 784.059523][T13608] FAULT_INJECTION: forcing a failure. [ 784.059523][T13608] name failslab, interval 1, probability 0, space 0, times 0 [ 784.111204][T13378] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 784.121060][T13608] CPU: 0 PID: 13608 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 784.129744][T13608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 784.139903][T13608] Call Trace: [ 784.143198][T13608] dump_stack+0x1fb/0x318 [ 784.147532][T13608] should_fail+0x555/0x770 [ 784.151949][T13608] __should_failslab+0x11a/0x160 [ 784.156898][T13608] should_failslab+0x9/0x20 [ 784.161400][T13608] kmem_cache_alloc_trace+0x5d/0x2f0 [ 784.166678][T13608] ? smack_d_instantiate+0xabf/0xd70 [ 784.171958][T13608] smack_d_instantiate+0xabf/0xd70 [ 784.177071][T13608] ? lockdep_init_map+0x2a/0x680 [ 784.182007][T13608] security_d_instantiate+0xa5/0x100 [ 784.187292][T13608] d_instantiate_new+0x65/0x120 [ 784.192145][T13608] ext4_mkdir+0xfa9/0x1450 [ 784.196583][T13608] vfs_mkdir+0x43f/0x610 [ 784.200842][T13608] do_mkdirat+0x1d7/0x320 [ 784.205178][T13608] __x64_sys_mkdir+0x60/0x70 [ 784.209762][T13608] do_syscall_64+0xf7/0x1c0 [ 784.214262][T13608] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 784.220150][T13608] RIP: 0033:0x459a57 [ 784.224039][T13608] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 784.243637][T13608] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 784.252046][T13608] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 784.260015][T13608] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 784.267981][T13608] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 784.275942][T13608] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 784.283909][T13608] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 784.292572][T13378] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 784.307156][T13378] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 784.316010][T13378] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:25 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f568"], 0x110) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:25 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000140008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:25 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xe000000, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:25 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010003f00070c10000000000000000000", 0x58}], 0x1) 16:51:25 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000022148000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:25 executing program 0 (fault-call:0 fault-nth:48): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 784.947095][T13617] FAULT_INJECTION: forcing a failure. [ 784.947095][T13617] name failslab, interval 1, probability 0, space 0, times 0 [ 784.959850][T13617] CPU: 0 PID: 13617 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 784.968523][T13617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 784.978591][T13617] Call Trace: [ 784.981881][T13617] dump_stack+0x1fb/0x318 [ 784.986210][T13617] should_fail+0x555/0x770 [ 784.990637][T13617] __should_failslab+0x11a/0x160 [ 784.995578][T13617] ? __es_insert_extent+0x7ba/0x17c0 [ 785.000858][T13617] should_failslab+0x9/0x20 [ 785.005356][T13617] kmem_cache_alloc+0x56/0x2e0 [ 785.010119][T13617] __es_insert_extent+0x7ba/0x17c0 [ 785.015233][T13617] ? __kasan_check_write+0x14/0x20 [ 785.020336][T13617] ? do_raw_write_lock+0xf3/0x460 [ 785.025359][T13617] ext4_es_insert_extent+0x250/0x2ea0 [ 785.030737][T13617] ext4_ext_map_blocks+0x1806/0x7170 [ 785.036043][T13617] ? __down_read+0x14b/0x360 [ 785.040628][T13617] ext4_map_blocks+0x424/0x1e30 [ 785.045479][T13617] ? __kasan_check_write+0x14/0x20 [ 785.050580][T13617] ext4_getblk+0xae/0x460 [ 785.054902][T13617] ext4_bread+0x4a/0x340 [ 785.059135][T13617] ext4_append+0x175/0x310 [ 785.063540][T13617] ext4_mkdir+0x7ad/0x1450 [ 785.067960][T13617] vfs_mkdir+0x43f/0x610 [ 785.072194][T13617] do_mkdirat+0x1d7/0x320 [ 785.076514][T13617] __x64_sys_mkdir+0x60/0x70 [ 785.081089][T13617] do_syscall_64+0xf7/0x1c0 [ 785.085584][T13617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 785.091461][T13617] RIP: 0033:0x459a57 [ 785.095343][T13617] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 785.114934][T13617] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 785.123331][T13617] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 785.131285][T13617] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 785.139248][T13617] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 785.147285][T13617] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 785.155296][T13617] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:26 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010004000070c10000000000000000000", 0x58}], 0x1) 16:51:26 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000034c008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000001f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:26 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200070c10000000000000000000", 0x58}], 0x1) 16:51:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x40000000, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:26 executing program 0 (fault-call:0 fault-nth:49): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 785.489220][T13764] FAULT_INJECTION: forcing a failure. [ 785.489220][T13764] name failslab, interval 1, probability 0, space 0, times 0 [ 785.504678][T13764] CPU: 1 PID: 13764 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 785.513369][T13764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 785.523422][T13764] Call Trace: [ 785.526725][T13764] dump_stack+0x1fb/0x318 [ 785.531063][T13764] should_fail+0x555/0x770 [ 785.535487][T13764] __should_failslab+0x11a/0x160 [ 785.540427][T13764] ? kcalloc+0x2f/0x50 [ 785.544494][T13764] should_failslab+0x9/0x20 [ 785.549002][T13764] __kmalloc+0x7a/0x340 [ 785.553158][T13764] kcalloc+0x2f/0x50 [ 785.557052][T13764] ext4_find_extent+0x216/0xaa0 [ 785.562071][T13764] ? trace_ext4_ext_map_blocks_enter+0x2ca/0x310 [ 785.568395][T13764] ext4_ext_map_blocks+0x170/0x7170 [ 785.573607][T13764] ? trace_lock_acquire+0x159/0x1d0 [ 785.578815][T13764] ? __kasan_check_write+0x14/0x20 [ 785.583923][T13764] ext4_map_blocks+0x8f4/0x1e30 [ 785.588788][T13764] ? __kasan_check_write+0x14/0x20 [ 785.593910][T13764] ext4_getblk+0xae/0x460 [ 785.598249][T13764] ext4_bread+0x4a/0x340 [ 785.602488][T13764] ext4_append+0x175/0x310 [ 785.606912][T13764] ext4_mkdir+0x7ad/0x1450 [ 785.611345][T13764] vfs_mkdir+0x43f/0x610 [ 785.615594][T13764] do_mkdirat+0x1d7/0x320 [ 785.619926][T13764] __x64_sys_mkdir+0x60/0x70 [ 785.624518][T13764] do_syscall_64+0xf7/0x1c0 [ 785.629026][T13764] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 785.634917][T13764] RIP: 0033:0x459a57 [ 785.638813][T13764] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 785.658420][T13764] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 785.666830][T13764] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 785.674797][T13764] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 785.682758][T13764] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 785.690720][T13764] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 785.698687][T13764] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 785.970938][T13625] device nr0 entered promiscuous mode [ 786.033596][T13625] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 786.042249][T13625] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 786.064536][T13625] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 786.072934][T13625] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:27 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2"], 0x13d) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:27 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000800070c10000000000000000000", 0x58}], 0x1) 16:51:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000208000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:27 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000060008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:27 executing program 0 (fault-call:0 fault-nth:50): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:27 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xa0008000, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000003f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 786.666515][T13854] FAULT_INJECTION: forcing a failure. [ 786.666515][T13854] name failslab, interval 1, probability 0, space 0, times 0 16:51:27 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000003070c10000000000000000000", 0x58}], 0x1) [ 786.764459][T13854] CPU: 1 PID: 13854 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 786.773172][T13854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 786.783232][T13854] Call Trace: [ 786.786534][T13854] dump_stack+0x1fb/0x318 [ 786.790876][T13854] should_fail+0x555/0x770 [ 786.795298][T13854] __should_failslab+0x11a/0x160 [ 786.800242][T13854] ? kzalloc+0x1f/0x40 [ 786.804311][T13854] should_failslab+0x9/0x20 [ 786.808810][T13854] __kmalloc+0x7a/0x340 [ 786.812967][T13854] kzalloc+0x1f/0x40 [ 786.816864][T13854] smk_parse_smack+0x197/0x230 [ 786.821622][T13854] smk_import_entry+0x27/0x590 [ 786.826385][T13854] smack_d_instantiate+0x78f/0xd70 [ 786.831497][T13854] ? lockdep_init_map+0x2a/0x680 [ 786.836471][T13854] security_d_instantiate+0xa5/0x100 [ 786.841749][T13854] d_instantiate_new+0x65/0x120 [ 786.846604][T13854] ext4_mkdir+0xfa9/0x1450 [ 786.851033][T13854] vfs_mkdir+0x43f/0x610 [ 786.855279][T13854] do_mkdirat+0x1d7/0x320 [ 786.859606][T13854] __x64_sys_mkdir+0x60/0x70 [ 786.864194][T13854] do_syscall_64+0xf7/0x1c0 [ 786.868692][T13854] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 786.874599][T13854] RIP: 0033:0x459a57 [ 786.878484][T13854] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 786.878490][T13854] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 786.878501][T13854] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 16:51:27 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006766008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000408000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:27 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xfeffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 786.878507][T13854] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 786.878512][T13854] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 786.878523][T13854] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 786.906513][T13854] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:28 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c10000000000000000000", 0x58}], 0x1) [ 787.316011][T13920] device nr0 entered promiscuous mode [ 787.396902][T13920] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 787.413494][T13920] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 787.451612][T13920] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 787.461147][T13920] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:29 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2"], 0x13d) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:29 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000506a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000001408000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:29 executing program 0 (fault-call:0 fault-nth:51): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:29 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xfffffffe, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:29 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100050c10000000000000000000", 0x58}], 0x1) [ 788.066290][T14091] FAULT_INJECTION: forcing a failure. [ 788.066290][T14091] name failslab, interval 1, probability 0, space 0, times 0 16:51:29 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100060c10000000000000000000", 0x58}], 0x1) 16:51:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000608000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 788.153157][T14091] CPU: 0 PID: 14091 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 788.162310][T14091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 788.172367][T14091] Call Trace: [ 788.175660][T14091] dump_stack+0x1fb/0x318 [ 788.179993][T14091] should_fail+0x555/0x770 [ 788.184405][T14091] __should_failslab+0x11a/0x160 [ 788.189330][T14091] ? ext4_mb_new_blocks+0x2ac/0x2cc0 [ 788.194602][T14091] should_failslab+0x9/0x20 [ 788.199093][T14091] kmem_cache_alloc+0x56/0x2e0 [ 788.203857][T14091] ext4_mb_new_blocks+0x2ac/0x2cc0 [ 788.208968][T14091] ? trace_kmalloc+0xcd/0x130 [ 788.213635][T14091] ? kcalloc+0x2f/0x50 [ 788.217690][T14091] ? __kmalloc+0x26c/0x340 [ 788.222089][T14091] ? kcalloc+0x2f/0x50 [ 788.226150][T14091] ? ext4_ext_search_right+0x4cb/0x940 [ 788.231593][T14091] ? ext4_find_extent+0x8e0/0xaa0 [ 788.236679][T14091] ? ext4_inode_to_goal_block+0x27b/0x3b0 [ 788.242391][T14091] ext4_ext_map_blocks+0x4b8c/0x7170 [ 788.247694][T14091] ext4_map_blocks+0x8f4/0x1e30 [ 788.252543][T14091] ? __kasan_check_write+0x14/0x20 [ 788.257642][T14091] ext4_getblk+0xae/0x460 [ 788.261966][T14091] ext4_bread+0x4a/0x340 [ 788.266197][T14091] ext4_append+0x175/0x310 [ 788.270602][T14091] ext4_mkdir+0x7ad/0x1450 [ 788.275021][T14091] vfs_mkdir+0x43f/0x610 [ 788.279254][T14091] do_mkdirat+0x1d7/0x320 [ 788.283576][T14091] __x64_sys_mkdir+0x60/0x70 [ 788.288150][T14091] do_syscall_64+0xf7/0x1c0 [ 788.292642][T14091] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 788.298517][T14091] RIP: 0033:0x459a57 [ 788.302399][T14091] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 788.321988][T14091] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 788.330381][T14091] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 788.338349][T14091] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 788.346307][T14091] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 788.354261][T14091] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 788.362215][T14091] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:29 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000ffffff9e008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:29 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000102070c10000000000000000000", 0x58}], 0x1) 16:51:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000067668000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:29 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000104070c10000000000000000000", 0x58}], 0x1) [ 789.060539][T14129] device nr0 entered promiscuous mode [ 789.146496][T14129] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 789.156766][T14129] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 789.187607][T14129] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 789.196121][T14129] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:30 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2"], 0x13d) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000506a8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:30 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000ec0008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:30 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000001000010a070c10000000000000000000", 0x58}], 0x1) 16:51:30 executing program 0 (fault-call:0 fault-nth:52): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000e2858000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 789.760867][T14228] FAULT_INJECTION: forcing a failure. [ 789.760867][T14228] name failslab, interval 1, probability 0, space 0, times 0 [ 789.805083][T14228] CPU: 0 PID: 14228 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 789.813799][T14228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 789.823857][T14228] Call Trace: [ 789.827157][T14228] dump_stack+0x1fb/0x318 [ 789.831491][T14228] should_fail+0x555/0x770 [ 789.835912][T14228] __should_failslab+0x11a/0x160 [ 789.840856][T14228] should_failslab+0x9/0x20 [ 789.845369][T14228] kmem_cache_alloc_trace+0x5d/0x2f0 [ 789.850650][T14228] ? smack_d_instantiate+0x732/0xd70 [ 789.855944][T14228] smack_d_instantiate+0x732/0xd70 [ 789.861056][T14228] ? lockdep_init_map+0x2a/0x680 [ 789.865985][T14228] security_d_instantiate+0xa5/0x100 [ 789.871277][T14228] d_instantiate_new+0x65/0x120 [ 789.876126][T14228] ext4_mkdir+0xfa9/0x1450 [ 789.880561][T14228] vfs_mkdir+0x43f/0x610 [ 789.884803][T14228] do_mkdirat+0x1d7/0x320 [ 789.889120][T14228] __x64_sys_mkdir+0x60/0x70 [ 789.893712][T14228] do_syscall_64+0xf7/0x1c0 [ 789.898213][T14228] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 789.904092][T14228] RIP: 0033:0x459a57 [ 789.907978][T14228] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 789.927587][T14228] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 789.935994][T14228] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 789.943965][T14228] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 16:51:31 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000001000010f070c10000000000000000000", 0x58}], 0x1) [ 789.951934][T14228] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 789.959898][T14228] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 789.967881][T14228] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:31 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000049dc008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:31 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000ffffff9e8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:31 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000160070c10000000000000000000", 0x58}], 0x1) 16:51:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 790.501513][T14257] device nr0 entered promiscuous mode [ 790.598517][T14257] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 790.612681][T14257] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 790.651541][T14257] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 790.666172][T14257] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:32 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0"], 0x154) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:32 executing program 0 (fault-call:0 fault-nth:53): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:32 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c10000000000000000000", 0x58}], 0x1) 16:51:32 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000ffffffef008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000ec08000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x2, 0x0, 0x0, 0x0}, 0x40) [ 791.234467][T14471] FAULT_INJECTION: forcing a failure. [ 791.234467][T14471] name failslab, interval 1, probability 0, space 0, times 0 16:51:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000049dc8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:32 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000fffffff0008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 791.336532][T14471] CPU: 0 PID: 14471 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 791.345249][T14471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 791.355309][T14471] Call Trace: [ 791.358608][T14471] dump_stack+0x1fb/0x318 [ 791.362953][T14471] should_fail+0x555/0x770 [ 791.367384][T14471] __should_failslab+0x11a/0x160 [ 791.372348][T14471] should_failslab+0x9/0x20 [ 791.376849][T14471] kmem_cache_alloc_trace+0x5d/0x2f0 [ 791.382137][T14471] ? smack_d_instantiate+0x732/0xd70 [ 791.387439][T14471] smack_d_instantiate+0x732/0xd70 [ 791.392578][T14471] ? lockdep_init_map+0x2a/0x680 [ 791.397516][T14471] security_d_instantiate+0xa5/0x100 [ 791.402806][T14471] d_instantiate_new+0x65/0x120 [ 791.407664][T14471] ext4_mkdir+0xfa9/0x1450 [ 791.412093][T14471] vfs_mkdir+0x43f/0x610 [ 791.416340][T14471] do_mkdirat+0x1d7/0x320 [ 791.420673][T14471] __x64_sys_mkdir+0x60/0x70 [ 791.425256][T14471] do_syscall_64+0xf7/0x1c0 [ 791.429758][T14471] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 791.435644][T14471] RIP: 0033:0x459a57 [ 791.439547][T14471] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 791.459143][T14471] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 791.467546][T14471] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 791.475509][T14471] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 16:51:32 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000a0c10000000000000000000", 0x58}], 0x1) 16:51:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000ffffffef8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xe, 0x0, 0x0, 0x0}, 0x40) [ 791.483476][T14471] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 791.491438][T14471] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 791.499406][T14471] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000fffffff08000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 791.868457][T14473] device nr0 entered promiscuous mode [ 791.936506][T14473] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 791.945429][T14473] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 791.967196][T14473] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 791.976023][T14473] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:33 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0"], 0x154) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:33 executing program 0 (fault-call:0 fault-nth:54): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:33 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000ffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:33 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000b0c10000000000000000000", 0x58}], 0x1) 16:51:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000ffff8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xe00, 0x0, 0x0, 0x0}, 0x40) 16:51:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000009effffff8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 792.358023][T14711] FAULT_INJECTION: forcing a failure. [ 792.358023][T14711] name failslab, interval 1, probability 0, space 0, times 0 [ 792.479882][T14711] CPU: 1 PID: 14711 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 792.488602][T14711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 792.498658][T14711] Call Trace: [ 792.501952][T14711] dump_stack+0x1fb/0x318 [ 792.506283][T14711] should_fail+0x555/0x770 [ 792.510713][T14711] __should_failslab+0x11a/0x160 [ 792.515659][T14711] ? getname_flags+0xba/0x640 [ 792.520337][T14711] should_failslab+0x9/0x20 [ 792.524835][T14711] kmem_cache_alloc+0x56/0x2e0 [ 792.524854][T14711] getname_flags+0xba/0x640 [ 792.524871][T14711] user_path_at_empty+0x2d/0x50 [ 792.534104][T14711] do_mount+0xd7/0x2510 [ 792.534115][T14711] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 792.534122][T14711] ? copy_mount_options+0x5f/0x3c0 [ 792.534134][T14711] ? __kasan_check_read+0x11/0x20 [ 792.534142][T14711] ? copy_mount_options+0x308/0x3c0 [ 792.534156][T14711] ksys_mount+0xcc/0x100 [ 792.568144][T14711] __x64_sys_mount+0xbf/0xd0 [ 792.572738][T14711] do_syscall_64+0xf7/0x1c0 16:51:33 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c10000000000000000000", 0x58}], 0x1) 16:51:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000efffffff8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 792.577257][T14711] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 792.583142][T14711] RIP: 0033:0x45d08a [ 792.587029][T14711] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 792.606626][T14711] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 792.615028][T14711] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a 16:51:33 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00009effffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x4000, 0x0, 0x0, 0x0}, 0x40) [ 792.622999][T14711] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 792.630960][T14711] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 792.638921][T14711] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 792.638927][T14711] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:33 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100400c10000000000000000000", 0x58}], 0x1) [ 792.862188][T14814] device nr0 entered promiscuous mode [ 792.944173][T14814] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 792.959299][T14814] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 793.007931][T14814] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 793.023525][T14814] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:34 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0"], 0x154) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:34 executing program 0 (fault-call:0 fault-nth:55): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:34 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x8000a0, 0x0, 0x0, 0x0}, 0x40) 16:51:34 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000f0ffffff8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:34 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000efffffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:34 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100020c10000000000000000000", 0x58}], 0x1) [ 793.594944][T14956] FAULT_INJECTION: forcing a failure. [ 793.594944][T14956] name failslab, interval 1, probability 0, space 0, times 0 [ 793.622170][T14956] CPU: 1 PID: 14956 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 793.630882][T14956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 793.640941][T14956] Call Trace: [ 793.644246][T14956] dump_stack+0x1fb/0x318 [ 793.648592][T14956] should_fail+0x555/0x770 [ 793.653010][T14956] __should_failslab+0x11a/0x160 [ 793.653027][T14956] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 793.653043][T14956] should_failslab+0x9/0x20 [ 793.653056][T14956] __kmalloc+0x7a/0x340 [ 793.663686][T14956] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 793.663698][T14956] tomoyo_realpath_from_path+0xdc/0x7c0 [ 793.663715][T14956] tomoyo_mount_permission+0x294/0xa30 [ 793.663729][T14956] ? filename_lookup+0x4b0/0x690 [ 793.663746][T14956] ? kmem_cache_free+0xd8/0xf0 [ 793.663770][T14956] tomoyo_sb_mount+0x35/0x40 [ 793.663782][T14956] security_sb_mount+0x84/0xe0 [ 793.663797][T14956] do_mount+0x10a/0x2510 [ 793.712258][T14956] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 793.717799][T14956] ? copy_mount_options+0x5f/0x3c0 [ 793.722911][T14956] ? copy_mount_options+0x308/0x3c0 [ 793.728105][T14956] ksys_mount+0xcc/0x100 [ 793.732339][T14956] __x64_sys_mount+0xbf/0xd0 [ 793.736934][T14956] do_syscall_64+0xf7/0x1c0 [ 793.741438][T14956] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 793.747320][T14956] RIP: 0033:0x45d08a [ 793.751207][T14956] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 793.770801][T14956] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 793.779205][T14956] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 793.787165][T14956] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 16:51:34 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000700000000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:34 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000f0ffffff008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:34 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c10000000000000000000", 0x58}], 0x1) [ 793.795125][T14956] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 793.803084][T14956] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 793.811050][T14956] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 793.843517][T14956] ERROR: Out of memory at tomoyo_realpath_from_path. 16:51:35 executing program 0 (fault-call:0 fault-nth:56): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:35 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000000000000000", 0x58}], 0x1) 16:51:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000200008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 794.132529][T15033] device nr0 entered promiscuous mode [ 794.140705][T15078] FAULT_INJECTION: forcing a failure. [ 794.140705][T15078] name failslab, interval 1, probability 0, space 0, times 0 [ 794.169939][T15078] CPU: 0 PID: 15078 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 794.178642][T15078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 794.178649][T15078] Call Trace: [ 794.178671][T15078] dump_stack+0x1fb/0x318 [ 794.178692][T15078] should_fail+0x555/0x770 [ 794.178712][T15078] __should_failslab+0x11a/0x160 [ 794.178727][T15078] ? ksys_mount+0x38/0x100 [ 794.196366][T15078] should_failslab+0x9/0x20 [ 794.196377][T15078] __kmalloc_track_caller+0x79/0x340 [ 794.196390][T15078] strndup_user+0x76/0x130 [ 794.196403][T15078] ksys_mount+0x38/0x100 [ 794.196415][T15078] __x64_sys_mount+0xbf/0xd0 [ 794.196430][T15078] do_syscall_64+0xf7/0x1c0 [ 794.196446][T15078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 794.219911][T15078] RIP: 0033:0x45d08a [ 794.219922][T15078] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 794.219927][T15078] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 794.228548][T15078] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 794.228555][T15078] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 794.228560][T15078] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 794.228566][T15078] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 794.228571][T15078] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 794.240518][T14982] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 794.332043][T14982] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 794.380027][T14982] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 794.402308][T14982] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:35 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd"], 0x15f) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:35 executing program 0 (fault-call:0 fault-nth:57): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:35 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000020000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x1000000, 0x0, 0x0, 0x0}, 0x40) 16:51:35 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100050c10000000000000000000", 0x58}], 0x1) 16:51:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000400008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 794.825983][T15091] FAULT_INJECTION: forcing a failure. [ 794.825983][T15091] name failslab, interval 1, probability 0, space 0, times 0 16:51:35 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000040000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 794.909131][T15091] CPU: 1 PID: 15091 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 794.917847][T15091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 794.927901][T15091] Call Trace: [ 794.931191][T15091] dump_stack+0x1fb/0x318 [ 794.935521][T15091] should_fail+0x555/0x770 [ 794.939930][T15091] __should_failslab+0x11a/0x160 [ 794.944856][T15091] should_failslab+0x9/0x20 [ 794.949348][T15091] kmem_cache_alloc_trace+0x5d/0x2f0 [ 794.954617][T15091] ? smack_d_instantiate+0x962/0xd70 [ 794.959886][T15091] smack_d_instantiate+0x962/0xd70 [ 794.964990][T15091] ? lockdep_init_map+0x2a/0x680 [ 794.969915][T15091] security_d_instantiate+0xa5/0x100 [ 794.975187][T15091] d_instantiate_new+0x65/0x120 [ 794.980028][T15091] ext4_mkdir+0xfa9/0x1450 [ 794.984493][T15091] vfs_mkdir+0x43f/0x610 [ 794.988779][T15091] do_mkdirat+0x1d7/0x320 [ 794.993116][T15091] __x64_sys_mkdir+0x60/0x70 [ 794.997728][T15091] do_syscall_64+0xf7/0x1c0 [ 795.002220][T15091] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 795.008112][T15091] RIP: 0033:0x459a57 [ 795.011996][T15091] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 795.031587][T15091] RSP: 002b:00007f96751f0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 795.039989][T15091] RAX: ffffffffffffffda RBX: 00000000200001d8 RCX: 0000000000459a57 [ 795.047952][T15091] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 16:51:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:36 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100060c10000000000000000000", 0x58}], 0x1) [ 795.055913][T15091] RBP: 000000000000000b R08: 0000000000000000 R09: 000000000000000a [ 795.063871][T15091] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 795.071831][T15091] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x2000000, 0x0, 0x0, 0x0}, 0x40) 16:51:36 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000a0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:36 executing program 0 (fault-call:0 fault-nth:58): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 795.334232][T15089] device nr0 entered promiscuous mode [ 795.425487][T15089] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 795.454215][T15089] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 795.457895][T15321] FAULT_INJECTION: forcing a failure. [ 795.457895][T15321] name failslab, interval 1, probability 0, space 0, times 0 [ 795.485908][T15089] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 795.495036][T15089] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 795.516200][T15321] CPU: 1 PID: 15321 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 795.524904][T15321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.535048][T15321] Call Trace: [ 795.538347][T15321] dump_stack+0x1fb/0x318 [ 795.542680][T15321] should_fail+0x555/0x770 [ 795.547101][T15321] __should_failslab+0x11a/0x160 [ 795.552035][T15321] ? getname_kernel+0x59/0x2f0 [ 795.556795][T15321] should_failslab+0x9/0x20 [ 795.561289][T15321] kmem_cache_alloc+0x56/0x2e0 [ 795.566050][T15321] getname_kernel+0x59/0x2f0 [ 795.570636][T15321] kern_path+0x1f/0x40 [ 795.574699][T15321] tomoyo_mount_permission+0x7f1/0xa30 [ 795.580166][T15321] ? kmem_cache_free+0xd8/0xf0 [ 795.584943][T15321] tomoyo_sb_mount+0x35/0x40 [ 795.589535][T15321] security_sb_mount+0x84/0xe0 [ 795.594300][T15321] do_mount+0x10a/0x2510 [ 795.598535][T15321] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 795.604074][T15321] ? copy_mount_options+0x5f/0x3c0 [ 795.609184][T15321] ? copy_mount_options+0x308/0x3c0 [ 795.614375][T15321] ksys_mount+0xcc/0x100 [ 795.618615][T15321] __x64_sys_mount+0xbf/0xd0 [ 795.623204][T15321] do_syscall_64+0xf7/0x1c0 [ 795.627703][T15321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 795.633587][T15321] RIP: 0033:0x45d08a [ 795.637472][T15321] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 795.657065][T15321] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 795.665473][T15321] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 795.673437][T15321] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 795.681398][T15321] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 795.689385][T15321] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 795.697349][T15321] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:37 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd"], 0x15f) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:37 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 16:51:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xe000000, 0x0, 0x0, 0x0}, 0x40) 16:51:37 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000f0000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:37 executing program 0 (fault-call:0 fault-nth:59): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 796.084007][T15334] FAULT_INJECTION: forcing a failure. [ 796.084007][T15334] name failslab, interval 1, probability 0, space 0, times 0 16:51:37 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000600000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 796.178528][T15334] CPU: 0 PID: 15334 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 796.187241][T15334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 796.197294][T15334] Call Trace: [ 796.200591][T15334] dump_stack+0x1fb/0x318 [ 796.204942][T15334] should_fail+0x555/0x770 [ 796.209375][T15334] __should_failslab+0x11a/0x160 [ 796.214328][T15334] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 796.220051][T15334] should_failslab+0x9/0x20 [ 796.224548][T15334] __kmalloc+0x7a/0x340 [ 796.228685][T15334] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 796.234380][T15334] tomoyo_realpath_from_path+0xdc/0x7c0 [ 796.239906][T15334] tomoyo_mount_permission+0x923/0xa30 [ 796.245348][T15334] ? kmem_cache_free+0xd8/0xf0 [ 796.250104][T15334] tomoyo_sb_mount+0x35/0x40 [ 796.254672][T15334] security_sb_mount+0x84/0xe0 [ 796.259413][T15334] do_mount+0x10a/0x2510 [ 796.263642][T15334] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 796.269163][T15334] ? copy_mount_options+0x5f/0x3c0 [ 796.274292][T15334] ? copy_mount_options+0x308/0x3c0 [ 796.279466][T15334] ksys_mount+0xcc/0x100 [ 796.283685][T15334] __x64_sys_mount+0xbf/0xd0 [ 796.288263][T15334] do_syscall_64+0xf7/0x1c0 [ 796.295055][T15334] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 796.301620][T15334] RIP: 0033:0x45d08a [ 796.305490][T15334] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 16:51:37 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c10000000000000000000", 0x58}], 0x1) [ 796.325077][T15334] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 796.333475][T15334] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 796.341421][T15334] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 796.349415][T15334] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 796.357361][T15334] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 796.365309][T15334] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 796.393756][T15334] ERROR: Out of memory at tomoyo_realpath_from_path. 16:51:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x40000000, 0x0, 0x0, 0x0}, 0x40) 16:51:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004001008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:37 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000400100008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 796.802691][T15436] device nr0 entered promiscuous mode [ 796.902272][T15374] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 796.914676][T15374] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 796.955512][T15374] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 796.971489][T15374] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:38 executing program 0 (fault-call:0 fault-nth:60): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:38 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd"], 0x15f) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:38 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000004c0300008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:38 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000a0c10000000000000000000", 0x58}], 0x1) 16:51:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xa0008000, 0x0, 0x0, 0x0}, 0x40) [ 797.421961][T15592] FAULT_INJECTION: forcing a failure. [ 797.421961][T15592] name failslab, interval 1, probability 0, space 0, times 0 [ 797.453154][T15592] CPU: 0 PID: 15592 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 797.461854][T15592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 16:51:38 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000b0c10000000000000000000", 0x58}], 0x1) [ 797.471907][T15592] Call Trace: [ 797.475198][T15592] dump_stack+0x1fb/0x318 [ 797.479538][T15592] should_fail+0x555/0x770 [ 797.483962][T15592] __should_failslab+0x11a/0x160 [ 797.488901][T15592] ? ksys_mount+0x6a/0x100 [ 797.493328][T15592] should_failslab+0x9/0x20 [ 797.497839][T15592] __kmalloc_track_caller+0x79/0x340 [ 797.503122][T15592] strndup_user+0x76/0x130 [ 797.503137][T15592] ksys_mount+0x6a/0x100 [ 797.503150][T15592] __x64_sys_mount+0xbf/0xd0 [ 797.503171][T15592] do_syscall_64+0xf7/0x1c0 16:51:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000c00e008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:38 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 797.503188][T15592] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 797.503198][T15592] RIP: 0033:0x45d08a [ 797.503206][T15592] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 797.503215][T15592] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 797.511828][T15592] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 797.511835][T15592] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 797.511840][T15592] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 797.511846][T15592] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 797.511852][T15592] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:38 executing program 0 (fault-call:0 fault-nth:61): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xfeffffff, 0x0, 0x0, 0x0}, 0x40) 16:51:38 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000c00e00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 797.908115][T15710] FAULT_INJECTION: forcing a failure. [ 797.908115][T15710] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 797.921368][T15710] CPU: 0 PID: 15710 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 797.921376][T15710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 797.921380][T15710] Call Trace: [ 797.921402][T15710] dump_stack+0x1fb/0x318 [ 797.921419][T15710] should_fail+0x555/0x770 [ 797.921437][T15710] should_fail_alloc_page+0x55/0x60 [ 797.921447][T15710] prepare_alloc_pages+0x283/0x460 [ 797.921462][T15710] __alloc_pages_nodemask+0xb2/0x5d0 [ 797.921483][T15710] kmem_getpages+0x4d/0xa00 [ 797.952181][T15710] cache_grow_begin+0x7e/0x2c0 [ 797.952196][T15710] cache_alloc_refill+0x311/0x3f0 [ 797.952213][T15710] ? check_preemption_disabled+0xb7/0x2a0 [ 797.972212][T15710] kmem_cache_alloc+0x2b9/0x2e0 [ 797.972223][T15710] ? getname_flags+0xba/0x640 [ 797.972234][T15710] getname_flags+0xba/0x640 [ 797.972248][T15710] user_path_at_empty+0x2d/0x50 [ 797.987729][T15710] do_mount+0xd7/0x2510 [ 797.987742][T15710] ? copy_mount_options+0x278/0x3c0 [ 798.001713][T15710] ? copy_mount_options+0x25e/0x3c0 [ 798.001725][T15710] ? copy_mount_options+0x267/0x3c0 [ 798.001735][T15710] ? copy_mount_options+0x308/0x3c0 [ 798.001751][T15710] ksys_mount+0xcc/0x100 [ 798.001764][T15710] __x64_sys_mount+0xbf/0xd0 [ 798.001781][T15710] do_syscall_64+0xf7/0x1c0 [ 798.001801][T15710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 798.021115][T15710] RIP: 0033:0x45d08a [ 798.021125][T15710] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 798.021131][T15710] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 798.021141][T15710] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 798.021146][T15710] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 798.021152][T15710] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 798.021160][T15710] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 798.040300][T15710] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 798.243857][T15682] device nr0 entered promiscuous mode [ 798.288153][T15613] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 798.296769][T15613] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 798.318951][T15613] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 798.327813][T15613] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:39 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd956542090000"], 0x165) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:39 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:39 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:39 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c10000000000000000000", 0x58}], 0x1) 16:51:39 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xfffffffe, 0x0, 0x0, 0x0}, 0x40) 16:51:39 executing program 0 (fault-call:0 fault-nth:62): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 798.702404][T15819] FAULT_INJECTION: forcing a failure. [ 798.702404][T15819] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 798.715642][T15819] CPU: 1 PID: 15819 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 798.724307][T15819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 798.734355][T15819] Call Trace: [ 798.737651][T15819] dump_stack+0x1fb/0x318 [ 798.741986][T15819] should_fail+0x555/0x770 [ 798.746407][T15819] should_fail_alloc_page+0x55/0x60 [ 798.751598][T15819] prepare_alloc_pages+0x283/0x460 [ 798.756709][T15819] __alloc_pages_nodemask+0xb2/0x5d0 [ 798.761999][T15819] kmem_getpages+0x4d/0xa00 [ 798.766490][T15819] cache_grow_begin+0x7e/0x2c0 [ 798.771247][T15819] cache_alloc_refill+0x311/0x3f0 [ 798.776260][T15819] ? check_preemption_disabled+0xb7/0x2a0 [ 798.781970][T15819] __kmalloc+0x318/0x340 [ 798.786199][T15819] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 798.791910][T15819] tomoyo_realpath_from_path+0xdc/0x7c0 [ 798.797446][T15819] tomoyo_mount_permission+0x294/0xa30 [ 798.802894][T15819] ? filename_lookup+0x4b0/0x690 [ 798.807825][T15819] ? kmem_cache_free+0xd8/0xf0 [ 798.812588][T15819] tomoyo_sb_mount+0x35/0x40 [ 798.817166][T15819] security_sb_mount+0x84/0xe0 [ 798.821918][T15819] do_mount+0x10a/0x2510 [ 798.826146][T15819] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 798.831672][T15819] ? copy_mount_options+0x5f/0x3c0 [ 798.836772][T15819] ? copy_mount_options+0x308/0x3c0 [ 798.841956][T15819] ksys_mount+0xcc/0x100 [ 798.846187][T15819] __x64_sys_mount+0xbf/0xd0 [ 798.850776][T15819] do_syscall_64+0xf7/0x1c0 [ 798.855273][T15819] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 798.861155][T15819] RIP: 0033:0x45d08a [ 798.865037][T15819] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 798.884631][T15819] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 798.893024][T15819] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a 16:51:40 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100100c10000000000000000000", 0x58}], 0x1) 16:51:40 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000001f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 798.900981][T15819] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 798.908935][T15819] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 798.916893][T15819] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 798.924851][T15819] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000002214008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0xffffffff, 0x0, 0x0, 0x0}, 0x40) 16:51:40 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070410000000000000000000", 0x58}], 0x1) 16:51:40 executing program 0 (fault-call:0 fault-nth:63): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 799.289795][T15983] FAULT_INJECTION: forcing a failure. [ 799.289795][T15983] name failslab, interval 1, probability 0, space 0, times 0 [ 799.317071][T15983] CPU: 0 PID: 15983 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 799.325777][T15983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 799.335826][T15983] Call Trace: [ 799.339116][T15983] dump_stack+0x1fb/0x318 [ 799.343447][T15983] should_fail+0x555/0x770 [ 799.347876][T15983] __should_failslab+0x11a/0x160 [ 799.352814][T15983] should_failslab+0x9/0x20 [ 799.357313][T15983] kmem_cache_alloc_trace+0x5d/0x2f0 [ 799.362587][T15983] ? alloc_fs_context+0x65/0x640 [ 799.367516][T15983] alloc_fs_context+0x65/0x640 [ 799.372275][T15983] ? _raw_read_unlock+0x2c/0x50 [ 799.377116][T15983] ? get_fs_type+0x47f/0x500 [ 799.381703][T15983] fs_context_for_mount+0x24/0x30 [ 799.386715][T15983] do_mount+0x10a7/0x2510 [ 799.391039][T15983] ? copy_mount_options+0x308/0x3c0 [ 799.396228][T15983] ksys_mount+0xcc/0x100 [ 799.400464][T15983] __x64_sys_mount+0xbf/0xd0 [ 799.400481][T15983] do_syscall_64+0xf7/0x1c0 [ 799.400499][T15983] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 799.415414][T15983] RIP: 0033:0x45d08a [ 799.419297][T15983] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 799.438888][T15983] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 799.438898][T15983] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 799.438903][T15983] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 799.438909][T15983] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 799.438914][T15983] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 799.438919][T15983] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 799.720486][T15930] device nr0 entered promiscuous mode [ 799.781699][T15930] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 799.790352][T15930] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 799.812498][T15930] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 799.820965][T15930] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:41 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd956542090000"], 0x165) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:41 executing program 0 (fault-call:0 fault-nth:64): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:41 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070710000000000000000000", 0x58}], 0x1) 16:51:41 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000002000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000001f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:41 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 16:51:41 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070810000000000000000000", 0x58}], 0x1) [ 800.237569][T16056] FAULT_INJECTION: forcing a failure. [ 800.237569][T16056] name failslab, interval 1, probability 0, space 0, times 0 16:51:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000020008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 800.296263][T16056] CPU: 1 PID: 16056 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 800.304981][T16056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 800.315131][T16056] Call Trace: [ 800.315155][T16056] dump_stack+0x1fb/0x318 [ 800.315176][T16056] should_fail+0x555/0x770 [ 800.315199][T16056] __should_failslab+0x11a/0x160 [ 800.315214][T16056] ? tomoyo_encode2+0x273/0x5a0 [ 800.315224][T16056] should_failslab+0x9/0x20 [ 800.315234][T16056] __kmalloc+0x7a/0x340 16:51:41 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x2, 0x0, 0x0}, 0x40) [ 800.315248][T16056] tomoyo_encode2+0x273/0x5a0 [ 800.341504][T16056] tomoyo_encode+0x29/0x40 [ 800.341515][T16056] tomoyo_mount_permission+0x216/0xa30 [ 800.341531][T16056] ? filename_lookup+0x4b0/0x690 [ 800.365091][T16056] ? kmem_cache_free+0xd8/0xf0 [ 800.369949][T16056] tomoyo_sb_mount+0x35/0x40 [ 800.374561][T16056] security_sb_mount+0x84/0xe0 [ 800.379323][T16056] do_mount+0x10a/0x2510 [ 800.379336][T16056] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 800.379343][T16056] ? copy_mount_options+0x5f/0x3c0 [ 800.379356][T16056] ? copy_mount_options+0x308/0x3c0 [ 800.399415][T16056] ksys_mount+0xcc/0x100 [ 800.403669][T16056] __x64_sys_mount+0xbf/0xd0 [ 800.403689][T16056] do_syscall_64+0xf7/0x1c0 [ 800.403704][T16056] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 800.403715][T16056] RIP: 0033:0x45d08a [ 800.403728][T16056] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 16:51:41 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000003f00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 800.442578][T16056] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 800.450997][T16056] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 800.458965][T16056] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 800.466930][T16056] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 800.474889][T16056] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 800.482847][T16056] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000001422008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:41 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100071010000000000000000000", 0x58}], 0x1) [ 800.654142][T16134] device nr0 entered promiscuous mode [ 800.724694][T16134] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 800.750110][T16134] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 800.776619][T16134] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 800.787723][T16134] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:42 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd956542090000"], 0x165) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:42 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100072510000000000000000000", 0x58}], 0x1) 16:51:42 executing program 0 (fault-call:0 fault-nth:65): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xe, 0x0, 0x0}, 0x40) 16:51:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000003f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:42 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 801.168265][T16287] FAULT_INJECTION: forcing a failure. [ 801.168265][T16287] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 801.181535][T16287] CPU: 1 PID: 16287 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 801.190208][T16287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.200261][T16287] Call Trace: [ 801.203558][T16287] dump_stack+0x1fb/0x318 [ 801.207898][T16287] should_fail+0x555/0x770 [ 801.212326][T16287] should_fail_alloc_page+0x55/0x60 16:51:42 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000014000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 801.217526][T16287] prepare_alloc_pages+0x283/0x460 [ 801.222645][T16287] __alloc_pages_nodemask+0xb2/0x5d0 [ 801.227929][T16287] ? __kasan_kmalloc+0x178/0x1b0 [ 801.232863][T16287] kmem_getpages+0x4d/0xa00 [ 801.237363][T16287] cache_grow_begin+0x7e/0x2c0 [ 801.242122][T16287] cache_alloc_refill+0x311/0x3f0 [ 801.247146][T16287] ? check_preemption_disabled+0xb7/0x2a0 [ 801.252865][T16287] kmem_cache_alloc+0x2b9/0x2e0 [ 801.257706][T16287] ? getname_flags+0xba/0x640 [ 801.257720][T16287] getname_flags+0xba/0x640 16:51:42 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c02000000000000000000", 0x58}], 0x1) [ 801.257737][T16287] user_path_at_empty+0x2d/0x50 [ 801.257749][T16287] do_mount+0xd7/0x2510 [ 801.257763][T16287] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 801.271733][T16287] ? copy_mount_options+0x5f/0x3c0 [ 801.271749][T16287] ? __kasan_check_read+0x11/0x20 [ 801.271762][T16287] ? copy_mount_options+0x308/0x3c0 [ 801.271777][T16287] ksys_mount+0xcc/0x100 [ 801.300961][T16287] __x64_sys_mount+0xbf/0xd0 [ 801.305562][T16287] do_syscall_64+0xf7/0x1c0 [ 801.310079][T16287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 801.315969][T16287] RIP: 0033:0x45d08a [ 801.319863][T16287] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 801.339459][T16287] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 801.339469][T16287] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 801.339474][T16287] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 16:51:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000040008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 801.339480][T16287] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 801.339485][T16287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 801.339491][T16287] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 801.418487][T16394] device nr0 entered promiscuous mode [ 801.441806][T16394] netlink: 'syz-executor.5': attribute type 153 has an invalid length. 16:51:42 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000dc4900008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:42 executing program 0 (fault-call:0 fault-nth:66): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:42 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c03000000000000000000", 0x58}], 0x1) [ 801.542832][T16394] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 801.624000][T16311] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 801.659298][T16311] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 801.694258][T16408] FAULT_INJECTION: forcing a failure. [ 801.694258][T16408] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 801.707494][T16408] CPU: 1 PID: 16408 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 801.716161][T16408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.726210][T16408] Call Trace: [ 801.729507][T16408] dump_stack+0x1fb/0x318 [ 801.733845][T16408] should_fail+0x555/0x770 [ 801.738260][T16408] should_fail_alloc_page+0x55/0x60 [ 801.743456][T16408] prepare_alloc_pages+0x283/0x460 [ 801.748573][T16408] __alloc_pages_nodemask+0xb2/0x5d0 [ 801.753868][T16408] kmem_getpages+0x4d/0xa00 [ 801.758371][T16408] cache_grow_begin+0x7e/0x2c0 [ 801.763130][T16408] cache_alloc_refill+0x311/0x3f0 [ 801.768146][T16408] ? check_preemption_disabled+0xb7/0x2a0 [ 801.773862][T16408] __kmalloc+0x318/0x340 [ 801.778098][T16408] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 801.783814][T16408] tomoyo_realpath_from_path+0xdc/0x7c0 [ 801.789360][T16408] tomoyo_mount_permission+0x923/0xa30 [ 801.794827][T16408] ? kmem_cache_free+0xd8/0xf0 [ 801.799780][T16408] tomoyo_sb_mount+0x35/0x40 [ 801.804364][T16408] security_sb_mount+0x84/0xe0 [ 801.809126][T16408] do_mount+0x10a/0x2510 [ 801.813363][T16408] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 801.818898][T16408] ? copy_mount_options+0x5f/0x3c0 [ 801.824007][T16408] ? copy_mount_options+0x308/0x3c0 [ 801.829195][T16408] ksys_mount+0xcc/0x100 [ 801.833442][T16408] __x64_sys_mount+0xbf/0xd0 [ 801.838030][T16408] do_syscall_64+0xf7/0x1c0 [ 801.842536][T16408] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 801.848418][T16408] RIP: 0033:0x45d08a [ 801.852309][T16408] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 801.871916][T16408] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 801.880333][T16408] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 801.888304][T16408] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 801.896272][T16408] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 801.904236][T16408] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 801.912202][T16408] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:43 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd956542090000000000"], 0x168) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:43 executing program 0 (fault-call:0 fault-nth:67): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:43 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000140008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:43 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xe00, 0x0, 0x0}, 0x40) 16:51:43 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c04000000000000000000", 0x58}], 0x1) 16:51:43 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000034c00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 802.294287][T16420] FAULT_INJECTION: forcing a failure. [ 802.294287][T16420] name failslab, interval 1, probability 0, space 0, times 0 [ 802.341926][T16420] CPU: 0 PID: 16420 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 802.350658][T16420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 802.350664][T16420] Call Trace: [ 802.350688][T16420] dump_stack+0x1fb/0x318 [ 802.350712][T16420] should_fail+0x555/0x770 [ 802.372769][T16420] __should_failslab+0x11a/0x160 [ 802.377715][T16420] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 802.383435][T16420] should_failslab+0x9/0x20 [ 802.387942][T16420] __kmalloc+0x7a/0x340 [ 802.392103][T16420] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 802.397824][T16420] tomoyo_realpath_from_path+0xdc/0x7c0 [ 802.403376][T16420] tomoyo_mount_permission+0x294/0xa30 [ 802.403392][T16420] ? filename_lookup+0x4b0/0x690 [ 802.403407][T16420] ? kmem_cache_free+0xd8/0xf0 [ 802.403432][T16420] tomoyo_sb_mount+0x35/0x40 [ 802.413781][T16420] security_sb_mount+0x84/0xe0 [ 802.413797][T16420] do_mount+0x10a/0x2510 [ 802.413809][T16420] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 802.413820][T16420] ? copy_mount_options+0x5f/0x3c0 [ 802.442709][T16420] ? copy_mount_options+0x308/0x3c0 [ 802.447900][T16420] ksys_mount+0xcc/0x100 [ 802.452136][T16420] __x64_sys_mount+0xbf/0xd0 [ 802.456725][T16420] do_syscall_64+0xf7/0x1c0 [ 802.461240][T16420] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 802.467125][T16420] RIP: 0033:0x45d08a [ 802.471022][T16420] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 16:51:43 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x4000, 0x0, 0x0}, 0x40) 16:51:43 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000dc49008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:43 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000006a5000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 802.490620][T16420] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 802.499024][T16420] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 802.506985][T16420] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 802.515062][T16420] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 802.523046][T16420] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 802.531027][T16420] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:43 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c07000000000000000000", 0x58}], 0x1) [ 802.611798][T16420] ERROR: Out of memory at tomoyo_realpath_from_path. 16:51:43 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006a50008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:43 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 802.841592][T16597] device nr0 entered promiscuous mode [ 802.911867][T16525] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 802.923860][T16525] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 802.943857][T16525] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 802.952226][T16525] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:44 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd956542090000000000"], 0x168) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:44 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000060008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:44 executing program 0 (fault-call:0 fault-nth:68): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:44 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c0a000000000000000000", 0x58}], 0x1) 16:51:44 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x8000a0, 0x0, 0x0}, 0x40) 16:51:44 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000676600008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 803.280503][T16647] FAULT_INJECTION: forcing a failure. [ 803.280503][T16647] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 803.293745][T16647] CPU: 1 PID: 16647 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 803.302414][T16647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 803.312464][T16647] Call Trace: [ 803.315755][T16647] dump_stack+0x1fb/0x318 [ 803.320096][T16647] should_fail+0x555/0x770 [ 803.324519][T16647] should_fail_alloc_page+0x55/0x60 [ 803.329715][T16647] prepare_alloc_pages+0x283/0x460 [ 803.334836][T16647] __alloc_pages_nodemask+0xb2/0x5d0 [ 803.340125][T16647] kmem_getpages+0x4d/0xa00 [ 803.344621][T16647] cache_grow_begin+0x7e/0x2c0 [ 803.349375][T16647] cache_alloc_refill+0x311/0x3f0 [ 803.354380][T16647] ? check_preemption_disabled+0xb7/0x2a0 [ 803.360090][T16647] kmem_cache_alloc+0x2b9/0x2e0 [ 803.364926][T16647] ? getname_kernel+0x59/0x2f0 [ 803.369675][T16647] getname_kernel+0x59/0x2f0 [ 803.374257][T16647] kern_path+0x1f/0x40 [ 803.378316][T16647] tomoyo_mount_permission+0x7f1/0xa30 [ 803.383775][T16647] ? kmem_cache_free+0xd8/0xf0 [ 803.388543][T16647] tomoyo_sb_mount+0x35/0x40 [ 803.393122][T16647] security_sb_mount+0x84/0xe0 [ 803.397879][T16647] do_mount+0x10a/0x2510 [ 803.402110][T16647] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 803.407641][T16647] ? copy_mount_options+0x5f/0x3c0 [ 803.412739][T16647] ? copy_mount_options+0x308/0x3c0 [ 803.417925][T16647] ksys_mount+0xcc/0x100 [ 803.422153][T16647] __x64_sys_mount+0xbf/0xd0 [ 803.426732][T16647] do_syscall_64+0xf7/0x1c0 [ 803.431220][T16647] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 803.437101][T16647] RIP: 0033:0x45d08a [ 803.440984][T16647] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 803.460580][T16647] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 803.468978][T16647] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a 16:51:44 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006766008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 803.476934][T16647] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 803.484890][T16647] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 803.492846][T16647] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 803.500800][T16647] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:44 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000666700008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:44 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c0c000000000000000000", 0x58}], 0x1) 16:51:44 executing program 0 (fault-call:0 fault-nth:69): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:44 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000006667008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:44 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000506a00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 803.787237][T16767] FAULT_INJECTION: forcing a failure. [ 803.787237][T16767] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 803.800495][T16767] CPU: 0 PID: 16767 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 803.809142][T16767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 803.819174][T16767] Call Trace: [ 803.822450][T16767] dump_stack+0x1fb/0x318 [ 803.826763][T16767] should_fail+0x555/0x770 [ 803.831158][T16767] should_fail_alloc_page+0x55/0x60 [ 803.836330][T16767] prepare_alloc_pages+0x283/0x460 [ 803.841417][T16767] __alloc_pages_nodemask+0xb2/0x5d0 [ 803.846693][T16767] kmem_getpages+0x4d/0xa00 [ 803.851182][T16767] cache_grow_begin+0x7e/0x2c0 [ 803.855927][T16767] cache_alloc_refill+0x311/0x3f0 [ 803.860930][T16767] ? check_preemption_disabled+0xb7/0x2a0 [ 803.866635][T16767] kmem_cache_alloc+0x2b9/0x2e0 [ 803.871462][T16767] ? getname_kernel+0x59/0x2f0 [ 803.876200][T16767] getname_kernel+0x59/0x2f0 [ 803.880766][T16767] kern_path+0x1f/0x40 [ 803.884813][T16767] tomoyo_mount_permission+0x7f1/0xa30 [ 803.890252][T16767] ? kmem_cache_free+0xd8/0xf0 [ 803.895005][T16767] tomoyo_sb_mount+0x35/0x40 [ 803.899573][T16767] security_sb_mount+0x84/0xe0 [ 803.904314][T16767] do_mount+0x10a/0x2510 [ 803.908539][T16767] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 803.914055][T16767] ? copy_mount_options+0x5f/0x3c0 [ 803.919185][T16767] ? copy_mount_options+0x308/0x3c0 [ 803.924361][T16767] ksys_mount+0xcc/0x100 [ 803.928615][T16767] __x64_sys_mount+0xbf/0xd0 [ 803.933183][T16767] do_syscall_64+0xf7/0x1c0 [ 803.937664][T16767] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 803.943531][T16767] RIP: 0033:0x45d08a [ 803.947405][T16767] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 803.966998][T16767] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 803.975392][T16767] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 803.983348][T16767] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 803.991297][T16767] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 803.999244][T16767] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 804.007191][T16767] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 804.470024][T16654] device nr0 entered promiscuous mode [ 804.533270][T16661] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 804.541668][T16661] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 804.568663][T16654] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 804.582663][T16654] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:45 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd956542090000000000"], 0x168) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:45 executing program 0 (fault-call:0 fault-nth:70): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:45 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c50010020000000000000", 0x58}], 0x1) 16:51:45 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x1000000, 0x0, 0x0}, 0x40) 16:51:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000506a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:45 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000ec000008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 804.947307][T16783] FAULT_INJECTION: forcing a failure. [ 804.947307][T16783] name failslab, interval 1, probability 0, space 0, times 0 16:51:46 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10020000000000000000", 0x58}], 0x1) [ 805.022393][T16783] CPU: 1 PID: 16783 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 805.031227][T16783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 805.041560][T16783] Call Trace: [ 805.044867][T16783] dump_stack+0x1fb/0x318 [ 805.049211][T16783] should_fail+0x555/0x770 [ 805.053649][T16783] __should_failslab+0x11a/0x160 [ 805.058592][T16783] should_failslab+0x9/0x20 [ 805.063106][T16783] kmem_cache_alloc_trace+0x5d/0x2f0 [ 805.068395][T16783] ? legacy_init_fs_context+0x51/0xc0 [ 805.073781][T16783] legacy_init_fs_context+0x51/0xc0 [ 805.080112][T16783] alloc_fs_context+0x53a/0x640 [ 805.084981][T16783] fs_context_for_mount+0x24/0x30 [ 805.090015][T16783] vfs_kern_mount+0x2c/0x160 [ 805.094674][T16783] btrfs_mount+0x34f/0x18e0 [ 805.099196][T16783] ? check_preemption_disabled+0x47/0x2a0 [ 805.104923][T16783] ? vfs_parse_fs_string+0x13b/0x1a0 [ 805.110288][T16783] ? cap_capable+0x250/0x290 [ 805.114947][T16783] ? safesetid_security_capable+0x89/0xf0 [ 805.120686][T16783] legacy_get_tree+0xf9/0x1a0 [ 805.125370][T16783] ? btrfs_resize_thread_pool+0x290/0x290 [ 805.131095][T16783] vfs_get_tree+0x8b/0x2a0 [ 805.135546][T16783] do_mount+0x16c0/0x2510 [ 805.139893][T16783] ? copy_mount_options+0x308/0x3c0 [ 805.145097][T16783] ksys_mount+0xcc/0x100 [ 805.149340][T16783] __x64_sys_mount+0xbf/0xd0 [ 805.153949][T16783] do_syscall_64+0xf7/0x1c0 [ 805.158465][T16783] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 805.164364][T16783] RIP: 0033:0x45d08a [ 805.168261][T16783] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 805.187866][T16783] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 805.196274][T16783] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 805.204242][T16783] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 805.212210][T16783] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 16:51:46 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000049dc00008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:46 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x2000000, 0x0, 0x0}, 0x40) 16:51:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000e285008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 805.220175][T16783] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 805.228156][T16783] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:46 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10040000000000000000", 0x58}], 0x1) 16:51:46 executing program 0 (fault-call:0 fault-nth:71): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 805.431117][T16969] FAULT_INJECTION: forcing a failure. [ 805.431117][T16969] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 805.444354][T16969] CPU: 1 PID: 16969 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 805.444364][T16969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 805.444368][T16969] Call Trace: [ 805.444389][T16969] dump_stack+0x1fb/0x318 [ 805.444409][T16969] should_fail+0x555/0x770 [ 805.444432][T16969] should_fail_alloc_page+0x55/0x60 [ 805.444444][T16969] prepare_alloc_pages+0x283/0x460 [ 805.444457][T16969] __alloc_pages_nodemask+0xb2/0x5d0 [ 805.444477][T16969] kmem_getpages+0x4d/0xa00 [ 805.444490][T16969] cache_grow_begin+0x7e/0x2c0 [ 805.444502][T16969] cache_alloc_refill+0x311/0x3f0 [ 805.444512][T16969] ? check_preemption_disabled+0xb7/0x2a0 [ 805.444524][T16969] kmem_cache_alloc+0x2b9/0x2e0 [ 805.444533][T16969] ? getname_kernel+0x59/0x2f0 [ 805.444543][T16969] getname_kernel+0x59/0x2f0 [ 805.444555][T16969] kern_path+0x1f/0x40 [ 805.444567][T16969] tomoyo_mount_permission+0x7f1/0xa30 [ 805.444588][T16969] ? kmem_cache_free+0xd8/0xf0 [ 805.444616][T16969] tomoyo_sb_mount+0x35/0x40 [ 805.444628][T16969] security_sb_mount+0x84/0xe0 [ 805.444643][T16969] do_mount+0x10a/0x2510 [ 805.444653][T16969] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 805.444660][T16969] ? copy_mount_options+0x5f/0x3c0 [ 805.444676][T16969] ? copy_mount_options+0x308/0x3c0 [ 805.500215][T16969] ksys_mount+0xcc/0x100 [ 805.500230][T16969] __x64_sys_mount+0xbf/0xd0 [ 805.500250][T16969] do_syscall_64+0xf7/0x1c0 [ 805.534574][T16969] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 805.534587][T16969] RIP: 0033:0x45d08a [ 805.548645][T16969] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 805.572853][T16969] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 805.572864][T16969] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 805.572870][T16969] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 805.572877][T16969] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 805.572882][T16969] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 805.572891][T16969] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 805.825395][T16787] device nr0 entered promiscuous mode [ 805.906692][T16787] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 805.915425][T16787] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 805.939835][T16787] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 805.948660][T16787] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:47 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f"], 0x169) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:47 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000004003008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000ec0008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:47 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100a0000000000000000", 0x58}], 0x1) 16:51:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xe000000, 0x0, 0x0}, 0x40) 16:51:47 executing program 0 (fault-call:0 fault-nth:72): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 806.287812][T17013] FAULT_INJECTION: forcing a failure. [ 806.287812][T17013] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 806.301079][T17013] CPU: 0 PID: 17013 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 806.309759][T17013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 806.319812][T17013] Call Trace: [ 806.323101][T17013] dump_stack+0x1fb/0x318 [ 806.327435][T17013] should_fail+0x555/0x770 [ 806.331853][T17013] should_fail_alloc_page+0x55/0x60 [ 806.337039][T17013] prepare_alloc_pages+0x283/0x460 [ 806.342143][T17013] __alloc_pages_nodemask+0xb2/0x5d0 [ 806.347427][T17013] kmem_getpages+0x4d/0xa00 [ 806.351922][T17013] cache_grow_begin+0x7e/0x2c0 [ 806.356676][T17013] cache_alloc_refill+0x311/0x3f0 [ 806.361688][T17013] ? check_preemption_disabled+0xb7/0x2a0 [ 806.367392][T17013] __kmalloc+0x318/0x340 [ 806.371622][T17013] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 806.377329][T17013] tomoyo_realpath_from_path+0xdc/0x7c0 [ 806.382865][T17013] tomoyo_mount_permission+0x923/0xa30 [ 806.388321][T17013] ? kmem_cache_free+0xd8/0xf0 [ 806.393091][T17013] tomoyo_sb_mount+0x35/0x40 [ 806.397669][T17013] security_sb_mount+0x84/0xe0 [ 806.402426][T17013] do_mount+0x10a/0x2510 [ 806.406655][T17013] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 806.412186][T17013] ? copy_mount_options+0x5f/0x3c0 [ 806.417288][T17013] ? copy_mount_options+0x308/0x3c0 [ 806.422494][T17013] ksys_mount+0xcc/0x100 [ 806.426730][T17013] __x64_sys_mount+0xbf/0xd0 [ 806.431319][T17013] do_syscall_64+0xf7/0x1c0 [ 806.435816][T17013] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 806.441692][T17013] RIP: 0033:0x45d08a [ 806.445572][T17013] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 806.465161][T17013] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 806.473665][T17013] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 806.481627][T17013] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 806.489582][T17013] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 806.497538][T17013] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 806.505495][T17013] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:47 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100f0000000000000000", 0x58}], 0x1) 16:51:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000049dc008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:47 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000340008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x40000000, 0x0, 0x0}, 0x40) 16:51:47 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10600000000000000000", 0x58}], 0x1) 16:51:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000085e2008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 806.848253][T17131] device nr0 entered promiscuous mode [ 806.968343][T17019] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 806.980015][T17019] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 806.996901][T17019] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 807.005756][T17019] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:48 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f"], 0x169) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:48 executing program 0 (fault-call:0 fault-nth:73): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000002008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:48 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000018000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:48 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10400100000000000000", 0x58}], 0x1) 16:51:48 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xa0008000, 0x0, 0x0}, 0x40) [ 807.351209][T17240] FAULT_INJECTION: forcing a failure. [ 807.351209][T17240] name failslab, interval 1, probability 0, space 0, times 0 16:51:48 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10d40200000000000000", 0x58}], 0x1) [ 807.431667][T17240] CPU: 1 PID: 17240 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 807.440390][T17240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 807.440397][T17240] Call Trace: [ 807.440420][T17240] dump_stack+0x1fb/0x318 [ 807.440442][T17240] should_fail+0x555/0x770 [ 807.440462][T17240] __should_failslab+0x11a/0x160 [ 807.467411][T17240] should_failslab+0x9/0x20 [ 807.471917][T17240] kmem_cache_alloc_trace+0x5d/0x2f0 [ 807.477201][T17240] ? btrfs_mount_root+0x1b2/0x1040 [ 807.482312][T17240] btrfs_mount_root+0x1b2/0x1040 [ 807.487260][T17240] ? vfs_parse_fs_string+0x13b/0x1a0 [ 807.492547][T17240] ? rcu_read_lock_sched_held+0x10b/0x170 [ 807.498263][T17240] ? trace_kfree+0xb2/0x110 [ 807.502774][T17240] legacy_get_tree+0xf9/0x1a0 [ 807.507446][T17240] ? btrfs_control_open+0x40/0x40 [ 807.512466][T17240] vfs_get_tree+0x8b/0x2a0 [ 807.516877][T17240] vfs_kern_mount+0xc2/0x160 [ 807.521468][T17240] btrfs_mount+0x34f/0x18e0 [ 807.525976][T17240] ? check_preemption_disabled+0x47/0x2a0 16:51:48 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10000a00000000000000", 0x58}], 0x1) [ 807.531696][T17240] ? vfs_parse_fs_string+0x13b/0x1a0 [ 807.536975][T17240] ? cap_capable+0x250/0x290 [ 807.541565][T17240] ? safesetid_security_capable+0x89/0xf0 [ 807.547286][T17240] legacy_get_tree+0xf9/0x1a0 [ 807.551967][T17240] ? btrfs_resize_thread_pool+0x290/0x290 [ 807.557698][T17240] vfs_get_tree+0x8b/0x2a0 [ 807.562113][T17240] do_mount+0x16c0/0x2510 [ 807.566446][T17240] ? copy_mount_options+0x308/0x3c0 [ 807.571642][T17240] ksys_mount+0xcc/0x100 [ 807.575886][T17240] __x64_sys_mount+0xbf/0xd0 [ 807.580478][T17240] do_syscall_64+0xf7/0x1c0 [ 807.584980][T17240] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 807.590865][T17240] RIP: 0033:0x45d08a [ 807.594780][T17240] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 807.614631][T17240] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 807.614642][T17240] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a 16:51:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000004008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:48 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000040018000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 807.614647][T17240] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 807.614653][T17240] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 807.614659][T17240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 807.614665][T17240] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:48 executing program 0 (fault-call:0 fault-nth:74): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:48 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xfeffffff, 0x0, 0x0}, 0x40) [ 807.858105][T17289] device nr0 entered promiscuous mode [ 807.886423][T17365] FAULT_INJECTION: forcing a failure. [ 807.886423][T17365] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 807.899781][T17365] CPU: 0 PID: 17365 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 807.908459][T17365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 807.913686][T17289] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 807.918517][T17365] Call Trace: [ 807.918543][T17365] dump_stack+0x1fb/0x318 [ 807.918568][T17365] should_fail+0x555/0x770 [ 807.938822][T17365] should_fail_alloc_page+0x55/0x60 [ 807.944020][T17365] prepare_alloc_pages+0x283/0x460 [ 807.949129][T17365] __alloc_pages_nodemask+0xb2/0x5d0 [ 807.954420][T17365] kmem_getpages+0x4d/0xa00 [ 807.958914][T17365] cache_grow_begin+0x7e/0x2c0 [ 807.963684][T17365] cache_alloc_refill+0x311/0x3f0 [ 807.968701][T17365] ? check_preemption_disabled+0xb7/0x2a0 [ 807.974416][T17365] kmem_cache_alloc_node_trace+0x2a3/0x2d0 [ 807.980215][T17365] ? __kmalloc_node+0x3c/0x60 [ 807.984880][T17365] ? smack_sb_eat_lsm_opts+0x867/0xa20 [ 807.990331][T17365] __kmalloc_node+0x3c/0x60 [ 807.994826][T17365] kvmalloc_node+0xcc/0x130 [ 807.999321][T17365] btrfs_mount_root+0xe3/0x1040 [ 808.004169][T17365] ? vfs_parse_fs_string+0x13b/0x1a0 [ 808.009443][T17365] ? rcu_read_lock_sched_held+0x10b/0x170 [ 808.015153][T17365] ? trace_kfree+0xb2/0x110 [ 808.019646][T17365] legacy_get_tree+0xf9/0x1a0 [ 808.024319][T17365] ? btrfs_control_open+0x40/0x40 [ 808.029334][T17365] vfs_get_tree+0x8b/0x2a0 [ 808.033739][T17365] vfs_kern_mount+0xc2/0x160 [ 808.038314][T17365] btrfs_mount+0x34f/0x18e0 [ 808.042808][T17365] ? check_preemption_disabled+0x47/0x2a0 [ 808.048518][T17365] ? vfs_parse_fs_string+0x13b/0x1a0 [ 808.053786][T17365] ? cap_capable+0x250/0x290 [ 808.058363][T17365] ? safesetid_security_capable+0x89/0xf0 [ 808.064068][T17365] legacy_get_tree+0xf9/0x1a0 [ 808.068752][T17365] ? btrfs_resize_thread_pool+0x290/0x290 [ 808.074459][T17365] vfs_get_tree+0x8b/0x2a0 [ 808.078861][T17365] do_mount+0x16c0/0x2510 [ 808.083179][T17365] ? copy_mount_options+0x308/0x3c0 [ 808.088362][T17365] ksys_mount+0xcc/0x100 [ 808.092590][T17365] __x64_sys_mount+0xbf/0xd0 [ 808.097167][T17365] do_syscall_64+0xf7/0x1c0 [ 808.101663][T17365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 808.107537][T17365] RIP: 0033:0x45d08a [ 808.111422][T17365] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 808.131029][T17365] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 808.139438][T17365] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 808.147392][T17365] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 808.155352][T17365] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 808.163319][T17365] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 808.171288][T17365] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 808.194253][T17289] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 808.219624][T17289] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 808.234243][T17289] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:49 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f"], 0x169) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10c00e00000000000000", 0x58}], 0x1) 16:51:49 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000a008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:49 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000028000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:49 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xfffffffe, 0x0, 0x0}, 0x40) 16:51:49 executing program 0 (fault-call:0 fault-nth:75): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:49 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000f008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:49 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000048000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 808.699270][T17479] FAULT_INJECTION: forcing a failure. [ 808.699270][T17479] name failslab, interval 1, probability 0, space 0, times 0 16:51:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10000f00000000000000", 0x58}], 0x1) [ 808.775139][T17479] CPU: 1 PID: 17479 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 808.783850][T17479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 808.793898][T17479] Call Trace: [ 808.797193][T17479] dump_stack+0x1fb/0x318 [ 808.801523][T17479] should_fail+0x555/0x770 [ 808.805939][T17479] __should_failslab+0x11a/0x160 [ 808.810870][T17479] should_failslab+0x9/0x20 [ 808.815371][T17479] kmem_cache_alloc_trace+0x5d/0x2f0 [ 808.820655][T17479] ? alloc_fs_context+0x65/0x640 [ 808.825591][T17479] alloc_fs_context+0x65/0x640 [ 808.830357][T17479] ? kfree+0x194/0x200 [ 808.834422][T17479] fs_context_for_mount+0x24/0x30 [ 808.839437][T17479] vfs_kern_mount+0x2c/0x160 [ 808.844021][T17479] btrfs_mount+0x34f/0x18e0 [ 808.848525][T17479] ? check_preemption_disabled+0x47/0x2a0 [ 808.854242][T17479] ? vfs_parse_fs_string+0x13b/0x1a0 [ 808.859529][T17479] ? cap_capable+0x250/0x290 [ 808.864117][T17479] ? safesetid_security_capable+0x89/0xf0 [ 808.869832][T17479] legacy_get_tree+0xf9/0x1a0 [ 808.874501][T17479] ? btrfs_resize_thread_pool+0x290/0x290 [ 808.880212][T17479] vfs_get_tree+0x8b/0x2a0 [ 808.884628][T17479] do_mount+0x16c0/0x2510 [ 808.888953][T17479] ? copy_mount_options+0x308/0x3c0 [ 808.894141][T17479] ksys_mount+0xcc/0x100 [ 808.898378][T17479] __x64_sys_mount+0xbf/0xd0 [ 808.902961][T17479] do_syscall_64+0xf7/0x1c0 [ 808.907465][T17479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 808.913366][T17479] RIP: 0033:0x45d08a [ 808.917269][T17479] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 808.936881][T17479] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 808.945298][T17479] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 808.953270][T17479] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 808.961239][T17479] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 808.969209][T17479] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 808.977182][T17479] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:50 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xffffffff, 0x0, 0x0}, 0x40) 16:51:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000060008000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:50 executing program 0 (fault-call:0 fault-nth:76): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 809.251281][T17547] device nr0 entered promiscuous mode [ 809.329401][T17649] FAULT_INJECTION: forcing a failure. [ 809.329401][T17649] name failslab, interval 1, probability 0, space 0, times 0 [ 809.342401][T17649] CPU: 1 PID: 17649 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 809.342439][T17649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 809.342445][T17649] Call Trace: [ 809.342470][T17649] dump_stack+0x1fb/0x318 [ 809.342490][T17649] should_fail+0x555/0x770 [ 809.342509][T17649] __should_failslab+0x11a/0x160 [ 809.342522][T17649] ? xas_create+0x1197/0x1910 [ 809.342534][T17649] should_failslab+0x9/0x20 [ 809.342544][T17649] kmem_cache_alloc+0x56/0x2e0 [ 809.342557][T17649] xas_create+0x1197/0x1910 [ 809.342570][T17649] ? rcu_lock_release+0x4/0x20 [ 809.342597][T17649] xas_store+0x95/0x1440 [ 809.342611][T17649] ? xas_load+0x434/0x450 [ 809.342631][T17649] __add_to_page_cache_locked+0x5f0/0xbf0 [ 809.342728][T17649] ? workingset_activation+0x2b0/0x2b0 [ 809.342743][T17649] add_to_page_cache_lru+0x156/0x4a0 [ 809.342761][T17649] do_read_cache_page+0x216/0xcb0 [ 809.342780][T17649] read_cache_page_gfp+0x29/0x30 [ 809.342840][T17649] btrfs_scan_one_device+0x16a/0x450 [ 809.361523][T17649] ? trace_hardirqs_on+0x74/0x80 [ 809.361541][T17649] btrfs_mount_root+0x4af/0x1040 [ 809.361562][T17649] ? trace_kfree+0xb2/0x110 [ 809.361578][T17649] legacy_get_tree+0xf9/0x1a0 [ 809.361586][T17649] ? btrfs_control_open+0x40/0x40 [ 809.361601][T17649] vfs_get_tree+0x8b/0x2a0 [ 809.361613][T17649] vfs_kern_mount+0xc2/0x160 [ 809.361624][T17649] btrfs_mount+0x34f/0x18e0 [ 809.361644][T17649] ? check_preemption_disabled+0x47/0x2a0 [ 809.422530][T17505] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 809.426736][T17649] ? vfs_parse_fs_string+0x13b/0x1a0 [ 809.426750][T17649] ? cap_capable+0x250/0x290 [ 809.426762][T17649] ? safesetid_security_capable+0x89/0xf0 [ 809.426777][T17649] legacy_get_tree+0xf9/0x1a0 [ 809.426788][T17649] ? btrfs_resize_thread_pool+0x290/0x290 [ 809.426803][T17649] vfs_get_tree+0x8b/0x2a0 [ 809.426814][T17649] do_mount+0x16c0/0x2510 [ 809.426828][T17649] ? copy_mount_options+0x308/0x3c0 [ 809.426840][T17649] ksys_mount+0xcc/0x100 [ 809.426853][T17649] __x64_sys_mount+0xbf/0xd0 [ 809.426869][T17649] do_syscall_64+0xf7/0x1c0 [ 809.426887][T17649] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 809.459757][T17505] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 809.461244][T17649] RIP: 0033:0x45d08a [ 809.461256][T17649] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 809.461261][T17649] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 809.461270][T17649] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 809.461275][T17649] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 809.461281][T17649] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 809.461287][T17649] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 809.461293][T17649] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 809.600045][T17505] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 809.616679][T17505] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:51 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x0, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10001f00000000000000", 0x58}], 0x1) 16:51:51 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000000a8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000040018000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2) 16:51:51 executing program 0 (fault-call:0 fault-nth:77): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000000a8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10002000000000000000", 0x58}], 0x1) [ 810.030809][T17708] FAULT_INJECTION: forcing a failure. [ 810.030809][T17708] name failslab, interval 1, probability 0, space 0, times 0 [ 810.141461][T17708] CPU: 0 PID: 17708 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 810.150187][T17708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 810.160245][T17708] Call Trace: [ 810.163552][T17708] dump_stack+0x1fb/0x318 [ 810.167895][T17708] should_fail+0x555/0x770 [ 810.172345][T17708] __should_failslab+0x11a/0x160 [ 810.177294][T17708] ? mempool_alloc_slab+0x4d/0x70 [ 810.182319][T17708] should_failslab+0x9/0x20 [ 810.186815][T17708] kmem_cache_alloc+0x56/0x2e0 [ 810.186845][T17708] mempool_alloc_slab+0x4d/0x70 [ 810.186856][T17708] ? mempool_free+0x350/0x350 [ 810.196441][T17708] mempool_alloc+0x104/0x5e0 [ 810.196544][T17708] bio_alloc_bioset+0x1c0/0x5e0 [ 810.210542][T17708] submit_bh_wbc+0x1d5/0x700 [ 810.215141][T17708] block_read_full_page+0x9de/0xbd0 [ 810.220344][T17708] ? blkdev_direct_IO+0xd0/0xd0 [ 810.225189][T17708] ? lru_cache_add+0x2db/0x3b0 [ 810.229953][T17708] ? add_to_page_cache_lru+0x2d4/0x4a0 [ 810.235407][T17708] blkdev_readpage+0x1c/0x20 [ 810.239985][T17708] do_read_cache_page+0x798/0xcb0 [ 810.245008][T17708] read_cache_page_gfp+0x29/0x30 [ 810.249935][T17708] btrfs_scan_one_device+0x16a/0x450 [ 810.255211][T17708] ? trace_hardirqs_on+0x74/0x80 [ 810.260145][T17708] btrfs_mount_root+0x4af/0x1040 [ 810.265087][T17708] ? trace_kfree+0xb2/0x110 [ 810.269586][T17708] legacy_get_tree+0xf9/0x1a0 [ 810.274252][T17708] ? btrfs_control_open+0x40/0x40 [ 810.279270][T17708] vfs_get_tree+0x8b/0x2a0 [ 810.283858][T17708] vfs_kern_mount+0xc2/0x160 [ 810.288443][T17708] btrfs_mount+0x34f/0x18e0 [ 810.292944][T17708] ? check_preemption_disabled+0x47/0x2a0 [ 810.298661][T17708] ? vfs_parse_fs_string+0x13b/0x1a0 [ 810.303936][T17708] ? cap_capable+0x250/0x290 [ 810.308518][T17708] ? safesetid_security_capable+0x89/0xf0 [ 810.314240][T17708] legacy_get_tree+0xf9/0x1a0 [ 810.318908][T17708] ? btrfs_resize_thread_pool+0x290/0x290 [ 810.324622][T17708] vfs_get_tree+0x8b/0x2a0 [ 810.329032][T17708] do_mount+0x16c0/0x2510 [ 810.333364][T17708] ? copy_mount_options+0x308/0x3c0 [ 810.338560][T17708] ksys_mount+0xcc/0x100 [ 810.342793][T17708] __x64_sys_mount+0xbf/0xd0 [ 810.347390][T17708] do_syscall_64+0xf7/0x1c0 [ 810.351891][T17708] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 810.357774][T17708] RIP: 0033:0x45d08a [ 810.361659][T17708] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 810.381252][T17708] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 16:51:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000c00e8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:51 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x3) 16:51:51 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000000f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:51 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10004000000000000000", 0x58}], 0x1) [ 810.389651][T17708] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 810.397611][T17708] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 810.405572][T17708] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 810.413540][T17708] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 810.421500][T17708] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 810.783991][T17714] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 810.792406][T17714] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 810.813889][T17714] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 810.823429][T17714] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:52 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x0, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000000f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:52 executing program 0 (fault-call:0 fault-nth:78): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:52 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000001f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:52 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10014000000000000000", 0x58}], 0x1) 16:51:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4) [ 811.189457][T17936] FAULT_INJECTION: forcing a failure. [ 811.189457][T17936] name failslab, interval 1, probability 0, space 0, times 0 16:51:52 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10dc4900000000000000", 0x58}], 0x1) [ 811.233345][T17936] CPU: 0 PID: 17936 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 811.242666][T17936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 811.252722][T17936] Call Trace: [ 811.256024][T17936] dump_stack+0x1fb/0x318 [ 811.260364][T17936] should_fail+0x555/0x770 [ 811.264796][T17936] __should_failslab+0x11a/0x160 [ 811.269747][T17936] should_failslab+0x9/0x20 [ 811.274253][T17936] kmem_cache_alloc_node_trace+0x6e/0x2d0 16:51:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000022148000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:52 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000208000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 811.279971][T17936] ? __kmalloc_node+0x3c/0x60 [ 811.284749][T17936] ? smack_sb_eat_lsm_opts+0x867/0xa20 [ 811.290205][T17936] __kmalloc_node+0x3c/0x60 [ 811.294707][T17936] kvmalloc_node+0xcc/0x130 [ 811.299211][T17936] btrfs_mount_root+0xe3/0x1040 [ 811.304066][T17936] ? vfs_parse_fs_string+0x13b/0x1a0 [ 811.309347][T17936] ? rcu_read_lock_sched_held+0x10b/0x170 [ 811.315068][T17936] ? trace_kfree+0xb2/0x110 [ 811.319576][T17936] legacy_get_tree+0xf9/0x1a0 [ 811.324252][T17936] ? btrfs_control_open+0x40/0x40 [ 811.329278][T17936] vfs_get_tree+0x8b/0x2a0 [ 811.333692][T17936] vfs_kern_mount+0xc2/0x160 [ 811.338285][T17936] btrfs_mount+0x34f/0x18e0 [ 811.342794][T17936] ? check_preemption_disabled+0x47/0x2a0 [ 811.348516][T17936] ? vfs_parse_fs_string+0x13b/0x1a0 [ 811.353799][T17936] ? cap_capable+0x250/0x290 [ 811.358390][T17936] ? safesetid_security_capable+0x89/0xf0 [ 811.364112][T17936] legacy_get_tree+0xf9/0x1a0 [ 811.368788][T17936] ? btrfs_resize_thread_pool+0x290/0x290 [ 811.374507][T17936] vfs_get_tree+0x8b/0x2a0 [ 811.378925][T17936] do_mount+0x16c0/0x2510 16:51:52 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000003f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000001f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 811.383268][T17936] ? copy_mount_options+0x308/0x3c0 [ 811.388462][T17936] ksys_mount+0xcc/0x100 [ 811.393220][T17936] __x64_sys_mount+0xbf/0xd0 [ 811.397808][T17936] do_syscall_64+0xf7/0x1c0 [ 811.402317][T17936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 811.408200][T17936] RIP: 0033:0x45d08a [ 811.412088][T17936] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 16:51:52 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000408000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 811.431687][T17936] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 811.440093][T17936] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 811.448053][T17936] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 811.456019][T17936] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 811.463986][T17936] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 811.471956][T17936] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 811.509036][T17960] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 811.517893][T17960] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 811.528806][T17960] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 811.537545][T17960] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:52 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x0, 0x0) ioctl$TUNSETVNETHDRSZ(r11, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:52 executing program 0 (fault-call:0 fault-nth:79): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x5) 16:51:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000208000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:52 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c106a5000000000000000", 0x58}], 0x1) 16:51:52 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000001408000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 811.960919][T18075] FAULT_INJECTION: forcing a failure. [ 811.960919][T18075] name failslab, interval 1, probability 0, space 0, times 0 16:51:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000014228000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10006000000000000000", 0x58}], 0x1) [ 812.057552][T18075] CPU: 0 PID: 18075 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 812.066267][T18075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 812.076330][T18075] Call Trace: [ 812.076357][T18075] dump_stack+0x1fb/0x318 [ 812.076379][T18075] should_fail+0x555/0x770 [ 812.076400][T18075] __should_failslab+0x11a/0x160 [ 812.076411][T18075] should_failslab+0x9/0x20 [ 812.076422][T18075] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 812.076431][T18075] ? __kmalloc_node+0x3c/0x60 [ 812.076446][T18075] ? smack_sb_eat_lsm_opts+0x867/0xa20 [ 812.084031][T18075] __kmalloc_node+0x3c/0x60 [ 812.084047][T18075] kvmalloc_node+0xcc/0x130 [ 812.084063][T18075] btrfs_mount_root+0xe3/0x1040 [ 812.084081][T18075] ? vfs_parse_fs_string+0x13b/0x1a0 [ 812.084093][T18075] ? rcu_read_lock_sched_held+0x10b/0x170 [ 812.084106][T18075] ? trace_kfree+0xb2/0x110 [ 812.143021][T18075] legacy_get_tree+0xf9/0x1a0 [ 812.147742][T18075] ? btrfs_control_open+0x40/0x40 [ 812.152770][T18075] vfs_get_tree+0x8b/0x2a0 [ 812.157186][T18075] vfs_kern_mount+0xc2/0x160 [ 812.161777][T18075] btrfs_mount+0x34f/0x18e0 [ 812.166287][T18075] ? check_preemption_disabled+0x47/0x2a0 [ 812.172008][T18075] ? vfs_parse_fs_string+0x13b/0x1a0 [ 812.177295][T18075] ? cap_capable+0x250/0x290 [ 812.181898][T18075] ? safesetid_security_capable+0x89/0xf0 [ 812.187626][T18075] legacy_get_tree+0xf9/0x1a0 [ 812.192304][T18075] ? btrfs_resize_thread_pool+0x290/0x290 [ 812.198026][T18075] vfs_get_tree+0x8b/0x2a0 [ 812.202437][T18075] do_mount+0x16c0/0x2510 [ 812.206766][T18075] ? copy_mount_options+0x308/0x3c0 [ 812.211961][T18075] ksys_mount+0xcc/0x100 [ 812.216202][T18075] __x64_sys_mount+0xbf/0xd0 [ 812.220792][T18075] do_syscall_64+0xf7/0x1c0 [ 812.225298][T18075] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 812.231187][T18075] RIP: 0033:0x45d08a [ 812.235078][T18075] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 812.254676][T18075] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 812.263090][T18075] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 812.271071][T18075] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 812.279033][T18075] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 812.286992][T18075] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 812.294957][T18075] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:53 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x6) 16:51:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000003f8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:53 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000034c8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10676600000000000000", 0x58}], 0x1) [ 812.680512][T18078] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 812.695925][T18078] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 812.715151][T18078] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 812.723905][T18078] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000408000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:54 executing program 0 (fault-call:0 fault-nth:80): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10666700000000000000", 0x58}], 0x1) 16:51:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000608000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7) 16:51:54 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) 16:51:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10506a00000000000000", 0x58}], 0x1) [ 813.087371][T18305] FAULT_INJECTION: forcing a failure. [ 813.087371][T18305] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 813.100637][T18305] CPU: 0 PID: 18305 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 813.109328][T18305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 813.119391][T18305] Call Trace: [ 813.122693][T18305] dump_stack+0x1fb/0x318 [ 813.127038][T18305] should_fail+0x555/0x770 [ 813.131465][T18305] should_fail_alloc_page+0x55/0x60 [ 813.136669][T18305] prepare_alloc_pages+0x283/0x460 [ 813.141784][T18305] __alloc_pages_nodemask+0xb2/0x5d0 [ 813.147087][T18305] kmem_getpages+0x4d/0xa00 [ 813.151590][T18305] cache_grow_begin+0x7e/0x2c0 [ 813.156353][T18305] cache_alloc_refill+0x311/0x3f0 [ 813.161394][T18305] ? check_preemption_disabled+0xb7/0x2a0 [ 813.167121][T18305] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 813.172490][T18305] ? btrfs_mount_root+0x1b2/0x1040 [ 813.177600][T18305] btrfs_mount_root+0x1b2/0x1040 [ 813.182541][T18305] ? vfs_parse_fs_string+0x13b/0x1a0 [ 813.187825][T18305] ? rcu_read_lock_sched_held+0x10b/0x170 [ 813.193541][T18305] ? trace_kfree+0xb2/0x110 [ 813.198048][T18305] legacy_get_tree+0xf9/0x1a0 [ 813.202716][T18305] ? btrfs_control_open+0x40/0x40 [ 813.207741][T18305] vfs_get_tree+0x8b/0x2a0 [ 813.207755][T18305] vfs_kern_mount+0xc2/0x160 [ 813.207768][T18305] btrfs_mount+0x34f/0x18e0 [ 813.207787][T18305] ? check_preemption_disabled+0x47/0x2a0 [ 813.216765][T18305] ? vfs_parse_fs_string+0x13b/0x1a0 [ 813.216783][T18305] ? cap_capable+0x250/0x290 [ 813.226958][T18305] ? safesetid_security_capable+0x89/0xf0 [ 813.226975][T18305] legacy_get_tree+0xf9/0x1a0 [ 813.226986][T18305] ? btrfs_resize_thread_pool+0x290/0x290 [ 813.227002][T18305] vfs_get_tree+0x8b/0x2a0 [ 813.236830][T18305] do_mount+0x16c0/0x2510 [ 813.236846][T18305] ? copy_mount_options+0x308/0x3c0 [ 813.236858][T18305] ksys_mount+0xcc/0x100 [ 813.236871][T18305] __x64_sys_mount+0xbf/0xd0 [ 813.236889][T18305] do_syscall_64+0xf7/0x1c0 [ 813.236904][T18305] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 813.257354][T18305] RIP: 0033:0x45d08a [ 813.257365][T18305] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 813.257371][T18305] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 813.257381][T18305] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 813.257387][T18305] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 16:51:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10e28500000000000000", 0x58}], 0x1) 16:51:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000001408000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x8) 16:51:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000067668000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 813.257391][T18305] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 813.257400][T18305] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 813.266904][T18305] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 813.403220][T18316] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 813.411666][T18316] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000506a8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc0000000000dc498000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:54 executing program 0 (fault-call:0 fault-nth:81): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100ec000000000000000", 0x58}], 0x1) 16:51:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x9) [ 813.595889][T18417] device nr0 entered promiscuous mode [ 813.631013][T18313] netlink: 'syz-executor.5': attribute type 153 has an invalid length. 16:51:54 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000ffffff9e8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 813.653842][T18313] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 813.676460][T18537] FAULT_INJECTION: forcing a failure. [ 813.676460][T18537] name failslab, interval 1, probability 0, space 0, times 0 [ 813.689081][T18537] CPU: 0 PID: 18537 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 813.697752][T18537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 813.697759][T18537] Call Trace: [ 813.697784][T18537] dump_stack+0x1fb/0x318 [ 813.697803][T18537] should_fail+0x555/0x770 [ 813.697824][T18537] __should_failslab+0x11a/0x160 [ 813.711138][T18537] ? xas_create+0x1197/0x1910 [ 813.711149][T18537] should_failslab+0x9/0x20 [ 813.711161][T18537] kmem_cache_alloc+0x56/0x2e0 [ 813.738662][T18537] xas_create+0x1197/0x1910 [ 813.743162][T18537] ? rcu_lock_release+0x4/0x20 [ 813.747930][T18537] xas_store+0x95/0x1440 [ 813.752165][T18537] ? xas_load+0x434/0x450 [ 813.756490][T18537] __add_to_page_cache_locked+0x5f0/0xbf0 [ 813.762212][T18537] ? workingset_activation+0x2b0/0x2b0 [ 813.767663][T18537] add_to_page_cache_lru+0x156/0x4a0 [ 813.772943][T18537] do_read_cache_page+0x216/0xcb0 [ 813.777964][T18537] read_cache_page_gfp+0x29/0x30 [ 813.782893][T18537] btrfs_scan_one_device+0x16a/0x450 [ 813.788167][T18537] ? trace_hardirqs_on+0x74/0x80 [ 813.793098][T18537] btrfs_mount_root+0x4af/0x1040 [ 813.798035][T18537] ? trace_kfree+0xb2/0x110 [ 813.802532][T18537] legacy_get_tree+0xf9/0x1a0 [ 813.807196][T18537] ? btrfs_control_open+0x40/0x40 [ 813.812215][T18537] vfs_get_tree+0x8b/0x2a0 [ 813.816627][T18537] vfs_kern_mount+0xc2/0x160 [ 813.821211][T18537] btrfs_mount+0x34f/0x18e0 [ 813.825720][T18537] ? check_preemption_disabled+0x47/0x2a0 [ 813.831434][T18537] ? vfs_parse_fs_string+0x13b/0x1a0 [ 813.836730][T18537] ? cap_capable+0x250/0x290 [ 813.841320][T18537] ? safesetid_security_capable+0x89/0xf0 [ 813.847034][T18537] legacy_get_tree+0xf9/0x1a0 [ 813.851702][T18537] ? btrfs_resize_thread_pool+0x290/0x290 [ 813.857412][T18537] vfs_get_tree+0x8b/0x2a0 [ 813.861842][T18537] do_mount+0x16c0/0x2510 [ 813.866169][T18537] ? copy_mount_options+0x308/0x3c0 [ 813.871369][T18537] ksys_mount+0xcc/0x100 [ 813.875603][T18537] __x64_sys_mount+0xbf/0xd0 [ 813.880189][T18537] do_syscall_64+0xf7/0x1c0 [ 813.884684][T18537] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 813.890692][T18537] RIP: 0033:0x45d08a [ 813.894588][T18537] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 813.914190][T18537] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 813.922583][T18537] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 813.930539][T18537] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 813.938488][T18537] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 813.946439][T18537] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 813.954400][T18537] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:55 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c1002d400000000000000", 0x58}], 0x1) 16:51:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000006a508000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:55 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc00000000000ec08000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa) 16:51:55 executing program 0 (fault-call:0 fault-nth:82): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) 16:51:55 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) r1 = syz_open_dev$swradio(0x0, 0x1, 0x2) epoll_create1(0x80000) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000940)={0xffffffffffffffff}) accept4$vsock_stream(r3, &(0x7f0000000740), 0x10, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_QUERYBUF(r4, 0xc0585609, &(0x7f00000002c0)={0x26, 0x0, 0x4, 0x20, {0x0, 0x0}, {0x5, 0x2, 0xd, 0x0, 0xffff, 0x3, "f2f2a35d"}, 0x0, 0x1, @fd=r4, 0x4}) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x501000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu//.z1\x8c', 0x1ff) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x4, [0x4d0, 0x0, 0x4b564d05], [0x3a]}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="cc2d2cd38d4033042729f55cb6d2e475ed1ba8fba0c5a257a310eef876bc0b42c3b8fc7aa74bb8e038f5850077a774f81149d1ab3ac3dbe37b958e6060c846880f9a8425387105e0e60c56f10bfdeee3040f558e51478f3d68fc4e6864a4a0274693599caa5d6690d8f151c0c22042bea2cf492f46e4f6a86bb910db5bb86508dc31e9e189c749ba95", @ANYRES64, @ANYRES16=0x0, @ANYRES16=r10, @ANYBLOB="403ae976418da4073d43549351a057a06a688baa9fb5964092ef79043f405418c944015b7d0090d3c26bc876e48cb937d1494a78352449e00d9e60061433d9a088074ff2876ad7645acff981f4e931e3b2921df6a62116ac7bbcc3bc39acda447ecddf714f333141170201387a6db0af53eeb433d4268507883c0c6f0d0f11416725531bf28bc1bc64b069524aff19819b9ccad966b1b8444d64282af53c0c575a65fb72c9e63f4f421096771ac6284d5562ed284ae7d8fa9a427f522d1d20176c1af005a3811ce95ae5"], 0xfffffffffffffe41) r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x80080, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) prctl$PR_SET_MM(0x23, 0xc12f356e2b198f51, &(0x7f0000ffb000/0x3000)=nil) r12 = add_key$user(&(0x7f0000000240)='user\x00', 0x0, &(0x7f00000003c0)="f1d6275ef617a6431d89429288e0ac455d00867174541165cd16bb6d1e0c518e99686266942a368982062f14bf14b371f7c145615ce8b80270dfb3cfb2b3ba99b194f601cb40eb1d7d5a61c930794e97bbf467400a2607be65ddd8e7d0e6e8ad3dbe1a058f0bfa935f8e000cfc89ab0a680ce1995c79c96d75ffed5fa0c3ea145c05b486edff5720e527ffa7fb16edc136bc8f270eeed4ad3842ae9f912c747bdbd65923ce3ffd193d15d09649f199b4a3133e8b44b04c2f554be4fc296fca5132726b13685477328045", 0xca, 0xfffffffffffffffd) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000004c0)={r12, 0x0, 0xe}, 0x0, 0xffffffffffffffff, &(0x7f0000000500)="088237799872f22c7b66ac336315") r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000700)=0x8001, 0xfffffffffffffc5e) write$binfmt_script(r13, &(0x7f0000000c80)=ANY=[@ANYBLOB="2321202e2f66696c6530200000200a8d7800da80e9c697ea8c67c83c600062d5e6abf3bdfe67183c93d3ede4e0d97734630f72d2d31d7d567651ab67d8b87a2e891392eb3b2a46be5b33d4d910143c43360d11399cc9e53c0523ff7377f28931899667b3ad8d084938fe8f7ae823f5813b62ad73274d002a56f060ede63ffaba904cbcc8f373cec0f407597d5f808a1f6331a310d75063ea796579117be6cda8cc01e4936df71402ece51429d694a7000000000000000000000000000000806b336f16b671c1748a308eb05425f421aa83af5a74c250126645250d6b45419257b993c563f4acac8db13738dd00e5c3553d48a968be60fc2ad3ffe7964bc2ec9f00929c80a8ba4e01c3f931b28635f56864f5aff731aa233151e3b1b9c13f4ba5706a63a08bef16e4d56452f3c0326264fbac62879b56de839675d95ad2320afdfc5c465deed91e4b4dcc65afa14979519cfd8cc0cae1801d7eb06a27d015cd9565420900000000000f74"], 0xbe) r14 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000200)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000540)={{0x10000b, 0x6}, 'port0\x00', 0x41, 0x11020, 0x7f, 0x3, 0x7fff, 0x3, 0x6f25, 0x0, 0x2, 0x8001}) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r15, 0x10e, 0x1, &(0x7f0000000840)=0x20b, 0x4) r16 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r16, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0xee499dd7534c38ac) r17 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @dev, 0x0, 0x0, 'lblc\x00', 0x0, 0x0, 0xffffffff}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r17, 0x0, 0x482, &(0x7f0000000100)={0x84, @local, 0x8000, 0x0, 'sh\x00', 0x4, 0x2, 0x74}, 0x2c) r18 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r18, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) r19 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r19, &(0x7f0000000240)={0x0, 0xffffffffffffffe5, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e0000001e00052aed0080637e6394f26700d2000500fcb711407f480f0099000300000001000000f88000f01700", 0x2e}], 0x1}, 0x0) write$cgroup_subtree(r11, &(0x7f0000000340)=ANY=[@ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR=&(0x7f0000000980)=ANY=[@ANYPTR, @ANYRES32=0x0, @ANYRES64=r19, @ANYBLOB="5564eb8b870ab7cd954cdacf18654e8109a1c94f38a67506bffd47a25082a960aa2a36a3ba1e2a542f15a2ff2d66cb4585c79d552ca18b54507a58ca90d600404e88e59d3e8a7f13462209ab168636bacc37fc0ce2b9637895de8ce585ca1ddeb8d982354b324c22ae4f3453b2694ec9c6c08b23c9763c98ef062a63a85d10c7", @ANYRESOCT=r16], @ANYRESDEC=r18, @ANYRESDEC=r17, @ANYRESDEC=r5, @ANYRES16, @ANYRES64, @ANYRESOCT=r6], @ANYRESOCT], 0x1f) syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0x5, 0x4000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) [ 814.423530][T18653] FAULT_INJECTION: forcing a failure. [ 814.423530][T18653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 814.436767][T18653] CPU: 0 PID: 18653 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 814.445439][T18653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 814.455488][T18653] Call Trace: [ 814.458785][T18653] dump_stack+0x1fb/0x318 [ 814.463131][T18653] should_fail+0x555/0x770 [ 814.467560][T18653] should_fail_alloc_page+0x55/0x60 [ 814.472762][T18653] prepare_alloc_pages+0x283/0x460 [ 814.477880][T18653] __alloc_pages_nodemask+0xb2/0x5d0 [ 814.483179][T18653] kmem_getpages+0x4d/0xa00 [ 814.487685][T18653] cache_grow_begin+0x7e/0x2c0 [ 814.492451][T18653] cache_alloc_refill+0x311/0x3f0 [ 814.497470][T18653] ? check_preemption_disabled+0xb7/0x2a0 [ 814.503190][T18653] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 814.508558][T18653] ? btrfs_mount_root+0x12c/0x1040 [ 814.513674][T18653] btrfs_mount_root+0x12c/0x1040 [ 814.518609][T18653] ? vfs_parse_fs_string+0x13b/0x1a0 [ 814.518624][T18653] ? rcu_read_lock_sched_held+0x10b/0x170 [ 814.529584][T18653] ? trace_kfree+0xb2/0x110 [ 814.529599][T18653] legacy_get_tree+0xf9/0x1a0 [ 814.529612][T18653] ? btrfs_control_open+0x40/0x40 [ 814.538742][T18653] vfs_get_tree+0x8b/0x2a0 [ 814.538755][T18653] vfs_kern_mount+0xc2/0x160 [ 814.538767][T18653] btrfs_mount+0x34f/0x18e0 [ 814.538789][T18653] ? check_preemption_disabled+0x47/0x2a0 [ 814.548188][T18653] ? vfs_parse_fs_string+0x13b/0x1a0 [ 814.548201][T18653] ? cap_capable+0x250/0x290 [ 814.548214][T18653] ? safesetid_security_capable+0x89/0xf0 [ 814.557273][T18653] legacy_get_tree+0xf9/0x1a0 [ 814.557285][T18653] ? btrfs_resize_thread_pool+0x290/0x290 [ 814.557300][T18653] vfs_get_tree+0x8b/0x2a0 [ 814.568256][T18653] do_mount+0x16c0/0x2510 [ 814.568265][T18653] ? copy_mount_options+0x278/0x3c0 [ 814.568271][T18653] ? copy_mount_options+0x25e/0x3c0 [ 814.568357][T18653] ? __sanitizer_cov_trace_pc+0x45/0x50 [ 814.593294][T18653] ? copy_mount_options+0x308/0x3c0 [ 814.593308][T18653] ksys_mount+0xcc/0x100 [ 814.593320][T18653] __x64_sys_mount+0xbf/0xd0 [ 814.593341][T18653] do_syscall_64+0xf7/0x1c0 [ 814.602835][T18653] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 814.602846][T18653] RIP: 0033:0x45d08a [ 814.602861][T18653] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 814.627522][T18653] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 16:51:55 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000049dc8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:55 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c1049dc00000000000000", 0x58}], 0x1) 16:51:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000608000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000000e1ff95000000000000002ba7fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fbfefc41d86bd817487960717142fe9ea41d8123741c0a0e168c1886d0d4d94f2f4e345c652fbc16260671b47835806150ae0209e62f51ee988e6e06c8cedf3ceb9fc474cfa100c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e5a3449abe802f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f000000000000000001000000000000000000b007309329170ee5b56780260ed606a10f58fa645335000000000000003100000000000000002d677c88c4596d6a91debf76589492ec630719a03c478ed9594ee2a656a4c8bbbab0b4208c77d0d52b1f09d819b5450f92b473208f68a9600c1da065565a3dbed009a32ec3e3ca735df71879"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb) 16:51:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000067668000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) [ 814.627533][T18653] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 814.627538][T18653] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 814.627544][T18653] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 814.627549][T18653] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 814.627561][T18653] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 16:51:55 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c1085e200000000000000", 0x58}], 0x1) [ 814.793529][T18663] device nr0 entered promiscuous mode 16:51:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000066678000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:55 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000ffffffef8000f0fffeffe809005300fff5dd00000010000100070c10000000000000000000", 0x58}], 0x1) 16:51:55 executing program 0 (fault-call:0 fault-nth:83): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000180000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da72aca94d883e2ff29e1f446b573d4d53cf93079a48da1a1c5567b7ada164cdaee35e2625a386cddb707f54ffefc19be68b6331da2aeb208e521a3dde5939ab25a932fae347233a6d5b7e4c2965ef5590b75b2a4e57b36ef708f7d12a805000000054b250cb14bf6575a000000000000007e7525e557", 0xbe, 0x10000}], 0x0, 0x0) [ 814.884334][T18779] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 814.892733][T18779] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. 16:51:56 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c10004003000000000000", 0x58}], 0x1) [ 815.076949][T18890] FAULT_INJECTION: forcing a failure. [ 815.076949][T18890] name failslab, interval 1, probability 0, space 0, times 0 [ 815.106847][T18661] netlink: 'syz-executor.5': attribute type 153 has an invalid length. [ 815.115811][T18661] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.5'. [ 815.118545][T18890] CPU: 1 PID: 18890 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 815.133699][T18890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 815.143733][T18890] Call Trace: [ 815.147013][T18890] dump_stack+0x1fb/0x318 [ 815.151327][T18890] should_fail+0x555/0x770 [ 815.155839][T18890] __should_failslab+0x11a/0x160 [ 815.160766][T18890] ? kzalloc+0x26/0x40 [ 815.164817][T18890] should_failslab+0x9/0x20 [ 815.169315][T18890] __kmalloc+0x7a/0x340 [ 815.173457][T18890] kzalloc+0x26/0x40 [ 815.177346][T18890] close_fs_devices+0x504/0x8d0 [ 815.182184][T18890] btrfs_close_devices+0x33/0x130 [ 815.187189][T18890] btrfs_mount_root+0xa9d/0x1040 [ 815.192123][T18890] ? trace_kfree+0xb2/0x110 [ 815.196617][T18890] legacy_get_tree+0xf9/0x1a0 [ 815.201274][T18890] ? btrfs_control_open+0x40/0x40 [ 815.206277][T18890] vfs_get_tree+0x8b/0x2a0 [ 815.210676][T18890] vfs_kern_mount+0xc2/0x160 [ 815.215247][T18890] btrfs_mount+0x34f/0x18e0 [ 815.219751][T18890] ? check_preemption_disabled+0x47/0x2a0 [ 815.225450][T18890] ? vfs_parse_fs_string+0x13b/0x1a0 [ 815.230713][T18890] ? cap_capable+0x250/0x290 [ 815.235288][T18890] ? safesetid_security_capable+0x89/0xf0 [ 815.240993][T18890] legacy_get_tree+0xf9/0x1a0 [ 815.245645][T18890] ? btrfs_resize_thread_pool+0x290/0x290 [ 815.251343][T18890] vfs_get_tree+0x8b/0x2a0 [ 815.255733][T18890] do_mount+0x16c0/0x2510 [ 815.260039][T18890] ? copy_mount_options+0x308/0x3c0 [ 815.265214][T18890] ksys_mount+0xcc/0x100 [ 815.269430][T18890] __x64_sys_mount+0xbf/0xd0 [ 815.274010][T18890] do_syscall_64+0xf7/0x1c0 [ 815.278495][T18890] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 815.284365][T18890] RIP: 0033:0x45d08a [ 815.288245][T18890] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 815.307826][T18890] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 815.316212][T18890] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 815.324161][T18890] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 815.332122][T18890] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 815.340068][T18890] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 815.348015][T18890] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 815.411742][T18890] ------------[ cut here ]------------ [ 815.417241][T18890] kernel BUG at fs/btrfs/volumes.c:1271! [ 815.440876][T18890] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 815.446978][T18890] CPU: 1 PID: 18890 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 815.455631][T18890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 815.465692][T18890] RIP: 0010:close_fs_devices+0x8c8/0x8d0 [ 815.471320][T18890] Code: e9 73 ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 7c 87 48 89 df e8 59 70 f9 fe e9 7a ff ff ff e8 3f 2d c0 fe 0f 0b e8 38 2d c0 fe <0f> 0b 66 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 [ 815.490909][T18890] RSP: 0018:ffff88804de3f9a0 EFLAGS: 00010246 [ 815.496969][T18890] RAX: ffffffff82b34a18 RBX: ffff8880a4a31b90 RCX: 0000000000040000 [ 815.504932][T18890] RDX: ffffc90005f3d000 RSI: 000000000003ffff RDI: 0000000000040000 [ 815.512894][T18890] RBP: ffff88804de3fa30 R08: ffffffff82b4c4d5 R09: ffffed1015d66b05 [ 815.520852][T18890] R10: ffffed1015d66b05 R11: 0000000000000000 R12: dffffc0000000000 [ 815.528814][T18890] R13: ffff888059803800 R14: 000000000000000a R15: ffff888097e85400 [ 815.536779][T18890] FS: 00007f96751f1700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 815.545694][T18890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 815.552271][T18890] CR2: 0000000000712158 CR3: 0000000094a6d000 CR4: 00000000001426e0 [ 815.560233][T18890] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 815.568193][T18890] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 815.576149][T18890] Call Trace: [ 815.579443][T18890] btrfs_close_devices+0x33/0x130 [ 815.584457][T18890] btrfs_mount_root+0xa9d/0x1040 [ 815.589392][T18890] ? trace_kfree+0xb2/0x110 [ 815.593884][T18890] legacy_get_tree+0xf9/0x1a0 [ 815.598550][T18890] ? btrfs_control_open+0x40/0x40 [ 815.603565][T18890] vfs_get_tree+0x8b/0x2a0 [ 815.607969][T18890] vfs_kern_mount+0xc2/0x160 [ 815.612545][T18890] btrfs_mount+0x34f/0x18e0 [ 815.617040][T18890] ? check_preemption_disabled+0x47/0x2a0 [ 815.622748][T18890] ? vfs_parse_fs_string+0x13b/0x1a0 [ 815.628020][T18890] ? cap_capable+0x250/0x290 [ 815.632602][T18890] ? safesetid_security_capable+0x89/0xf0 [ 815.638313][T18890] legacy_get_tree+0xf9/0x1a0 [ 815.642977][T18890] ? btrfs_resize_thread_pool+0x290/0x290 [ 815.648683][T18890] vfs_get_tree+0x8b/0x2a0 [ 815.653094][T18890] do_mount+0x16c0/0x2510 [ 815.657418][T18890] ? copy_mount_options+0x308/0x3c0 [ 815.662604][T18890] ksys_mount+0xcc/0x100 [ 815.666836][T18890] __x64_sys_mount+0xbf/0xd0 [ 815.671416][T18890] do_syscall_64+0xf7/0x1c0 [ 815.675915][T18890] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 815.681798][T18890] RIP: 0033:0x45d08a [ 815.685686][T18890] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 815.705280][T18890] RSP: 002b:00007f96751f0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 815.713676][T18890] RAX: ffffffffffffffda RBX: 00007f96751f0b40 RCX: 000000000045d08a [ 815.721639][T18890] RDX: 00007f96751f0ae0 RSI: 0000000020000100 RDI: 00007f96751f0b00 [ 815.729598][T18890] RBP: 000000000000000b R08: 00007f96751f0b40 R09: 00007f96751f0ae0 [ 815.737558][T18890] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 815.745602][T18890] R13: 00000000004ca013 R14: 00000000004e1f98 R15: 0000000000000003 [ 815.753567][T18890] Modules linked in: [ 815.763951][T18890] ---[ end trace cce2e0582859a440 ]--- [ 815.769500][T18890] RIP: 0010:close_fs_devices+0x8c8/0x8d0 [ 815.779945][T18890] Code: e9 73 ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 7c 87 48 89 df e8 59 70 f9 fe e9 7a ff ff ff e8 3f 2d c0 fe 0f 0b e8 38 2d c0 fe <0f> 0b 66 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 [ 815.780722][ T3906] kobject: 'loop0' (0000000048a8b1e2): kobject_uevent_env [ 815.799758][T18890] RSP: 0018:ffff88804de3f9a0 EFLAGS: 00010246 [ 815.810985][ T3906] kobject: 'loop0' (0000000048a8b1e2): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 815.813137][T18890] RAX: ffffffff82b34a18 RBX: ffff8880a4a31b90 RCX: 0000000000040000 [ 815.831187][T18890] RDX: ffffc90005f3d000 RSI: 000000000003ffff RDI: 0000000000040000 [ 815.839347][T18890] RBP: ffff88804de3fa30 R08: ffffffff82b4c4d5 R09: ffffed1015d66b05 [ 815.847510][T18890] R10: ffffed1015d66b05 R11: 0000000000000000 R12: dffffc0000000000 [ 815.856087][T18890] R13: ffff888059803800 R14: 000000000000000a R15: ffff888097e85400 [ 815.864261][T18890] FS: 00007f96751f1700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 815.873429][T18890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 815.880045][T18890] CR2: 0000000000738000 CR3: 0000000094a6d000 CR4: 00000000001426e0 [ 815.888498][T18890] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 815.896657][T18890] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 815.904744][T18890] Kernel panic - not syncing: Fatal exception [ 815.912107][T18890] Kernel Offset: disabled [ 815.916440][T18890] Rebooting in 86400 seconds..