) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xa00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:27 executing program 4: syz_read_part_table(0x25000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:27 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200"/60, 0x3c, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xe00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:27 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x44800, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f00000000c0), 0x4) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 783.785873][T22369] Dev loop3: unable to read RDB block 2 [ 783.832289][T22368] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 783.836362][T22369] loop3: unable to read partition table 15:07:27 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) userfaultfd(0x800) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}}) 15:07:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xf00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 783.873296][T22368] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 783.886060][T22368] loop4: p1 < > p2 [ 783.901799][T22368] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:27 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x400, 0x0) ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000000180)=""/114) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x80000001, 0x400100) getsockopt$ax25_int(r2, 0x101, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 783.938291][T22369] loop3: partition table beyond EOD, truncated [ 783.978335][T22369] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:27 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) chmod(&(0x7f0000000080)='./file0\x00', 0x4) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:27 executing program 4: syz_read_part_table(0x3f000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:27 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200"/60, 0x3c, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xfffffffffffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:27 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x40) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f00000000c0)={{0x8, 0x5}, {0xfffffffffffffff9, 0x4}, 0x0, 0x2, 0x5}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x2}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x1100000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:27 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1, 0x220080) ioctl$VT_ACTIVATE(r1, 0x5606, 0xec9) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) 15:07:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x1f00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 784.272676][T22433] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 784.307357][T22433] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:07:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280), 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 784.328011][T22433] loop4: p1 < > p2 [ 784.339960][T22453] Dev loop3: unable to read RDB block 2 [ 784.363263][T22433] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:27 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x1, 0x0) r1 = accept$packet(0xffffffffffffffff, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000480)=0x14) sendmsg$can_raw(r0, &(0x7f0000000580)={&(0x7f00000004c0)={0x1d, r2}, 0x10, &(0x7f0000000540)={&(0x7f0000000500)=@can={{0x4, 0x7fffffff, 0x5, 0x3}, 0x0, 0xc747d3ff963f594d, 0x0, 0x0, "7d92ade23e510f63"}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) fcntl$setstatus(r1, 0x4, 0x40000) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f00000000c0)={{&(0x7f0000013000/0x3000)=nil, 0x3000}, 0x2}) openat$cgroup_type(r0, &(0x7f0000000140)='cgroup.type\x00', 0x2, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000100)=0x78f, 0x4) r4 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x6, 0x10000) ioctl$NBD_SET_SIZE_BLOCKS(r4, 0xab07, 0x0) [ 784.386036][T22453] loop3: unable to read partition table [ 784.404730][T22453] loop3: partition table beyond EOD, truncated [ 784.449666][T22453] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:28 executing program 4: syz_read_part_table(0x40000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:28 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200"/62, 0x3e, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280), 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x1fffffffffffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:28 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:28 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x12, 0x800) getsockopt(r1, 0x1ff, 0x800, &(0x7f00000000c0)=""/86, &(0x7f0000000140)=0x56) [ 784.545214][T22433] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 784.555934][T22433] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 784.563166][T22433] loop4: p1 < > p2 [ 784.567739][T22433] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280), 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x2000000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:28 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) link(&(0x7f0000000340)='./file0\x00', &(0x7f0000000540)='./file0\x00') recvmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000100)=""/206, 0xce}, {&(0x7f0000000200)=""/43, 0x2b}, {&(0x7f0000000240)=""/45, 0x2d}, {&(0x7f0000000280)=""/120, 0x78}], 0x4, &(0x7f0000000340)}, 0x40000060) getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f0000000400)={'mangle\x00', 0xbb, "e28fd5f2be8f21abdda1dc222cc7ce8af1c2ba43af48606bbc6c20736cd0151c0fefe9e94622f20cd95ebf5b1371cf777152d05892f3d154c015d69ddbe3c388002a1267d79e173207eb7ea5002a534c7a149e4104aed223c0c5baf12583337621f1ea061e82c0e789d73bbb01e758b7d94399aeebdf8f318ec8b216e85463f0b1a0689f797844569008843d17c1f19f5cbb7bcd7580b4771552d94ece3aab500ccc939b4a2576c96991bf0f678b9736eda2300f1b47ffd292dba7"}, &(0x7f0000000500)=0xdf) [ 784.759770][T22506] Dev loop3: unable to read RDB block 2 15:07:28 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x2c01000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 784.802624][T22506] loop3: unable to read partition table [ 784.831262][T22506] loop3: partition table beyond EOD, truncated [ 784.862931][T22506] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 784.905284][T22526] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 784.943341][T22526] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 784.951671][T22526] loop4: p1 < > p2 [ 784.962424][T22526] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:28 executing program 4: syz_read_part_table(0x41a9e50b, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:28 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_percpu\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RM_MAP(r1, 0x4028641b, &(0x7f00000000c0)={&(0x7f0000014000/0x4000)=nil, 0x2, 0x0, 0xab, &(0x7f0000014000/0x3000)=nil, 0x3f6}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) epoll_create(0x81) 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:28 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200"/62, 0x3e, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:28 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x3f00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 785.139877][T22526] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 785.152090][T22526] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 785.158744][T22526] loop4: p1 < > p2 [ 785.163559][T22526] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x3fffffffffffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:28 executing program 1: syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x3ff, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f00000000c0)={0x4, 0x20, 0x1}) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x3000005, 0x30, r0, 0x2b) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:28 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 785.309797][T22563] Dev loop3: unable to read RDB block 2 [ 785.311431][T22568] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 785.315855][T22569] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 785.340945][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 785.358606][T22563] loop3: unable to read partition table 15:07:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 785.404028][T22563] loop3: partition table beyond EOD, truncated [ 785.408041][ T2511] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 785.422768][ T2511] Buffer I/O error on dev loop4p2, logical block 33008, async page read [ 785.433386][T22568] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 785.438371][T22563] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 785.456717][ T2510] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 785.467653][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 785.479587][ T2510] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 785.490496][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 785.503468][ T2510] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 785.514864][ T2510] Buffer I/O error on dev loop4p2, logical block 33022, async page read [ 785.523600][ T2510] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 785.534510][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 785.542685][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 785.549379][T22568] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 785.553616][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 785.573298][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 785.581767][ T2510] Buffer I/O error on dev loop4p2, logical block 1, async page read [ 785.589944][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 785.597961][ T2510] Buffer I/O error on dev loop4p2, logical block 33023, async page read [ 785.669784][T22595] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 15:07:29 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x40) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f00000001c0)=0x80000000, 0x4) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x402, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @random="e64413a0043c", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @remote={0xac, 0x24}, @local}, @dccp={{0x0, 0x0, 0x4, 0x60, 0x0, 0x0, 0x3, 0xa, 0x0, "e57044", 0x0, "cd98e8"}}}}}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f00000000c0)) r2 = userfaultfd(0x800) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0xa020000}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)={0x3b8, r3, 0x300, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x6c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5d10}]}]}, @TIPC_NLA_BEARER={0x2c, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xe0}]}]}, @TIPC_NLA_BEARER={0xc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffffffffffffc}]}, @TIPC_NLA_BEARER={0x94, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xda16, @ipv4={[], [], @loopback}, 0x2}}, {0x14, 0x2, @in={0x2, 0x4e21, @broadcast}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x6, 0x8, @loopback, 0x6}}, {0x14, 0x2, @in={0x2, 0x4e20}}}}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth0_to_bridge\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_NET={0x48, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x10001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x40}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfc}]}, @TIPC_NLA_MEDIA={0x44, 0x5, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xed}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}]}, @TIPC_NLA_MEDIA={0x3c, 0x5, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}]}, @TIPC_NLA_BEARER={0xc8, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x17, @remote, 0x6}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, [], 0x19}, 0x6}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}]}, @TIPC_NLA_MEDIA={0xb8, 0x5, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5e0f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6036}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4674}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3a2f}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x3b8}, 0x1, 0x0, 0x0, 0x20000000}, 0x709b2e52e91ce297) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x4100, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x4000000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:29 executing program 4: syz_read_part_table(0x420f0000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:29 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200"/62, 0x3e, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 785.770622][T22595] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 785.780723][T22595] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 785.787337][T22595] loop4: p1 < > p2 [ 785.792102][T22595] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 785.826319][T22619] dccp_invalid_packet: invalid packet type 15:07:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x4400000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 785.883311][T22629] dccp_invalid_packet: invalid packet type 15:07:29 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 785.968516][T22621] Dev loop3: unable to read RDB block 2 [ 785.975424][T22621] loop3: unable to read partition table [ 786.002349][T22621] loop3: partition table beyond EOD, truncated 15:07:29 executing program 1: r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x8, 0x8000) ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x4) ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f0000000100)={0x6, 0x5}) mmap(&(0x7f0000013000/0x2000)=nil, 0x2000, 0x0, 0x10032, r0, 0x0) r1 = userfaultfd(0x0) write$nbd(r0, &(0x7f0000000140)={0x67446698, 0x1, 0x1, 0x4, 0x4, "c038229140e6f2e520bed5c7f5a7649204e3c26c1de0f0fec77c101b831189eccee88014f784ae5ed858a0afbaed75cdd9605a773a482c697d7f4cd18e92af8d001cc3807879fb1c22d4b056356f32ebf3913635b5de7715a4853994b9d604bb76391e7a20859673b7d68d5742057a464325f66762595821f1410748aa96c862d746620b8311deb42cb0003ce2b05f806ce90f74029227a8b19d53aaa627eb9505498d141cfca77e7239710d40549b8ab288f14fb4a3d15bab81985ab6d878"}, 0xcf) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) connect$rose(r0, &(0x7f00000000c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x6fd55f757f770000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 786.083362][T22621] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 786.235047][T22650] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 786.275256][T22650] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 786.282307][T22650] loop4: p1 < > p2 [ 786.286973][T22650] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:30 executing program 4: syz_read_part_table(0x48000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x7f00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:30 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x80000, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x101) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x1) [ 786.400560][T22650] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 786.411951][T22650] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 786.418859][T22650] loop4: p1 < > p2 [ 786.423552][T22650] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:30 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055", 0x3f, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:30 executing program 1: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x4) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x9401000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 786.539805][T22685] Dev loop3: unable to read RDB block 2 [ 786.546968][T22685] loop3: unable to read partition table 15:07:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:30 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}, 0x1}) [ 786.610688][T22685] loop3: partition table beyond EOD, truncated [ 786.636825][T22685] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xb8ff000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 786.770223][T22697] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 786.824066][T22697] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 786.865972][T22697] loop4: p1 < > p2 [ 786.874145][T22697] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:30 executing program 4: syz_read_part_table(0x4c000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:30 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055", 0x3f, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xe0ffffff00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:30 executing program 1: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x448002, 0x0) r1 = syz_open_pts(r0, 0x0) mmap(&(0x7f0000012000/0x1000)=nil, 0x1000, 0x863bebe953bf029d, 0x10032, r1, 0x0) r2 = userfaultfd(0x0) truncate(&(0x7f00000000c0)='./file0\x00', 0x2000000007fff) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) [ 786.990447][T22697] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 787.000618][T22697] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 787.007323][T22697] loop4: p1 < > p2 [ 787.012197][T22697] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:30 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x1, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f00000000c0)) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xe803000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 787.162097][T22748] Dev loop3: unable to read RDB block 2 [ 787.199673][T22748] loop3: unable to read partition table 15:07:30 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mixer\x00', 0x10000, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000002c0), 0x4) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 787.238909][T22748] loop3: partition table beyond EOD, truncated [ 787.266420][T22748] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xf401000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 787.390695][T22770] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 787.449344][T22770] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 787.465286][T22770] loop4: p1 < > p2 [ 787.471024][T22770] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:31 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:31 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055", 0x3f, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:31 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xfc00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:31 executing program 4: syz_read_part_table(0x5c000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) unshare(0x4020400) fcntl$setflags(r0, 0x2, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x2, 0x10032, r0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=0x0) syz_open_procfs$namespace(r1, &(0x7f0000000100)='ns/net\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000140)={0x10001, 0x0, 0x100000, 0x2000, &(0x7f0000014000/0x2000)=nil}) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x40180, 0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000011000/0x1000)=nil, 0x1000}}) 15:07:31 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xfcff000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 787.621281][T22770] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 787.631446][T22770] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 787.638196][T22770] loop4: p1 < > p2 [ 787.642948][T22770] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:31 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000100)=0x10, 0x4) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r2 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x0, 0x40000) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f00000000c0)={0x8e0ba3d1eb783881, 0x0, {0xdf1, 0x2, 0x32978aef, 0x8}}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x8000, 0x0) [ 787.800362][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 787.818604][T22807] Dev loop3: unable to read RDB block 2 15:07:31 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xaf3, 0x48400) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000000c0)={0x0, 0x40, "b53ccd3dcd696b14254ad1b01a58b6f4d46df48c8f6f16a6ce771204296425b9ff80a8d8ccaa95909824ecc212943299250385b23cdd8068370544a8fb112e09"}, &(0x7f0000000140)=0x48) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={r2, 0xd4, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x0, @local, 0x8399}, @in6={0xa, 0x4e20, 0x5, @loopback, 0x3}, @in6={0xa, 0x4e20, 0x7, @mcast2, 0x6}, @in6={0xa, 0x4e24, 0xc0000000000, @loopback, 0x3f}, @in6={0xa, 0x4e22, 0x6, @mcast2, 0x9}, @in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e23, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x4}, @in6={0xa, 0x4e20, 0x0, @ipv4={[], [], @rand_addr=0x101}, 0x6}]}, &(0x7f00000002c0)=0x10) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 787.849547][T22807] loop3: unable to read partition table [ 787.856659][T22807] loop3: partition table beyond EOD, truncated [ 787.874369][T22807] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 787.980205][T22831] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 787.998673][T22831] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 788.005725][T22831] loop4: p1 < > p2 [ 788.023180][T22831] loop4: p2 size 327680 extends beyond EOD, truncated [ 788.139757][T22831] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 788.152066][T22831] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 788.158812][T22831] loop4: p1 < > p2 [ 788.163651][T22831] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xfe80ffff00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:33 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:33 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r1 = socket(0x13, 0x800, 0x9) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 15:07:33 executing program 4: syz_read_part_table(0x60000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xfec0ffff00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:33 executing program 1: munlock(&(0x7f0000014000/0x2000)=nil, 0x2000) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:33 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f0000000240)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x80104592, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x3, "0000e1d1ea0000000000000000afa68a69da0000000000000000000800"}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 790.315096][T22885] Dev loop3: unable to read RDB block 2 [ 790.348098][T22885] loop3: unable to read partition table [ 790.349863][T22884] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:07:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xfeffffff00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 790.392516][T22884] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 790.400280][T22885] loop3: partition table beyond EOD, truncated [ 790.404235][T22884] loop4: p1 < > p2 [ 790.425681][T22884] loop4: p2 size 327680 extends beyond EOD, truncated [ 790.440223][T22885] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:34 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff00000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:34 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x800, 0x0) write$FUSE_LSEEK(r1, &(0x7f00000000c0)={0x18, 0x8909e9b0526bb4b, 0x2, {0x100000001}}, 0x18) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:34 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 790.620699][T22884] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 790.631009][T22884] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 790.637803][T22884] loop4: p1 < > p2 [ 790.670494][T22884] loop4: p2 size 327680 extends beyond EOD, truncated [ 790.681854][T22938] Dev loop3: unable to read RDB block 2 [ 790.696437][T22938] loop3: unable to read partition table [ 790.709068][T22938] loop3: partition table beyond EOD, truncated [ 790.722096][T22938] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff01000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:36 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$bt_rfcomm(0x1f, 0x1, 0x3) ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000080)={'ip6tnl0\x00', {0x2, 0x4e23, @remote}}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:36 executing program 4: syz_read_part_table(0x68000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:36 executing program 3: syz_read_part_table(0x402, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff03000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:36 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000080)={{0xa, 0x4e23, 0x100, @remote, 0x2}, {0xa, 0x4e23, 0x9, @local, 0x7}, 0x80000001, [0x0, 0x4, 0x4, 0x4, 0xea, 0x1f, 0x400, 0x5]}, 0x5c) 15:07:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 793.414157][T22964] Dev loop3: unable to read RDB block 2 15:07:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff07000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 793.469318][T22964] loop3: unable to read partition table [ 793.476052][T22964] loop3: partition table beyond EOD, truncated [ 793.507106][T22964] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 15:07:37 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e24, 0x8b, @dev={0xfe, 0x80, [], 0x17}, 0x226e}}, 0x1, 0x101, 0x7, 0xfffffffffffffffb, 0xa}, &(0x7f0000000300)=0x98) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000340)={r2, 0x2}, &(0x7f00000003c0)=0x8) ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000140)=0x20000004) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0xfffffffffffffc00, 0x4) syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x39, 0x2040) r3 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x3, 0x2) getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f00000001c0), &(0x7f0000000200)=0xc) fanotify_mark(r1, 0x18, 0x10, r3, &(0x7f0000000100)='./file0\x00') ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000012000/0x3000)=nil, 0x3000}}) 15:07:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff0f000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:37 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 793.556511][T22965] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:07:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff1f000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:37 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_proto_private(r1, 0x89e8, &(0x7f0000000080)="99d732b1daa8") [ 793.682517][T22965] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 793.713768][T22965] loop4: p1 < > p2 [ 793.721900][T22965] loop4: p2 size 327680 extends beyond EOD, truncated [ 793.769578][T23010] ldm_validate_privheads(): Disk read failed. [ 793.794576][T23010] loop3: p1 < > p2 [ 793.807453][T23010] loop3: partition table partially beyond EOD, truncated [ 793.857939][T23010] loop3: p1 size 2 extends beyond EOD, truncated [ 793.879525][T23010] loop3: p2 size 327680 extends beyond EOD, truncated 15:07:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() dup(r1) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:39 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x20000, 0x0) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f00000000c0)={0x8, 0x5, 0x9, 0x401, 0x8, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:39 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff3f000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:39 executing program 4: syz_read_part_table(0x6c000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:39 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:40 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xff7f000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:40 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x80) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000000100)=""/64) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1}) [ 796.527016][T23046] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:07:40 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) poll(&(0x7f0000000080)=[{r0, 0x40a0}, {r0, 0x2000}], 0x2, 0x3f) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:40 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff000000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 796.571256][T23043] ldm_validate_privheads(): Disk read failed. [ 796.579889][T23046] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 796.586322][T23043] loop3: p1 < > p2 [ 796.597223][T23046] loop4: p1 < > p2 [ 796.613855][T23043] loop3: partition table partially beyond EOD, truncated 15:07:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() dup(r1) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 796.645111][T23046] loop4: p2 size 327680 extends beyond EOD, truncated [ 796.673477][T23043] loop3: p1 size 2 extends beyond EOD, truncated 15:07:40 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) mmap(&(0x7f0000015000/0x2000)=nil, 0x2000, 0x1, 0x2010, r0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x8000, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x2000, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000100)=r2, 0x1) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x90bb61e780a75fc9}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000fddbdf250600000008000600010100000c000300080007004e2100001c000200080006000900000008000b0002000000080006000700000040000300080004000000000014000600ff02000000000000000000000000000108000100020000000800080002000000080001000100000008000500e0000001"], 0x84}, 0x1, 0x0, 0x0, 0x80}, 0x4000) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 796.712440][T23043] loop3: p2 size 327680 extends beyond EOD, truncated 15:07:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:42 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff010000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:42 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x51}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x20000, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000180)=""/191) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000013000/0x1000)=nil, 0x1000}, 0x1}) r2 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x2, 0x2) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f00000000c0)={0x2002}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() dup(r1) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:42 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:42 executing program 4: syz_read_part_table(0x74000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:43 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x800) rt_sigaction(0x0, &(0x7f0000000140)={&(0x7f0000000080)="c442093f730f660fc5d03236460f43a47509000000c4413573fba2c4218df4abb80000000fea2946da4dd536430f72e4cdc4e1a17d580044c19593970000e8", {0x1ff}, 0x10000002, &(0x7f00000000c0)="6641d9ffc4623545f82e3e3666f0418145000000363e660f6d12c4c2b1dfdf400f299900800000660f38dcaa88d07c36c4c285979200000000c4e39d7c76b40244e300"}, &(0x7f0000000200)={&(0x7f0000000180)="c4e13d5efb66420f3829c33e3ef20f1019470f18d1c44119e3dc460f72d02ef245a7f046295700f24b0faef5450f00a5b52c1a2a", {}, 0x0, &(0x7f00000001c0)="41de318fc9f8017683c443056cc90e8fc978c39910000000c4c27db9b241bda120d24600c4e2c93af1430fbab9000001007bc463516df80566460fec1b"}, 0x8, &(0x7f0000000240)) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000014000/0x3000)=nil, 0x3000}, 0x7}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x800, 0x0) ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f00000013c0)=@generic={0x2, 0x7, 0x9}) ioctl$IMGETCOUNT(r1, 0x80044943, &(0x7f0000001400)) write$vnet(r1, &(0x7f0000001340)={0x1, {&(0x7f0000000300)=""/58, 0x3a, &(0x7f0000000340)=""/4096, 0x3, 0x4}}, 0x68) 15:07:43 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff030000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 799.596858][T23113] ldm_validate_privheads(): Disk read failed. [ 799.629288][T23113] loop3: p1 < > p2 15:07:43 executing program 1: r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000200)=0x60, 0xe6df8f0170ae9a1) mmap(&(0x7f0000011000/0x1000)=nil, 0x1000, 0x2000000, 0x810, r0, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000080)="83bc42a60daef9f4467f11e4ebf6643d72b01e39740ebabce9ce7838417b56996e4de965d8bcda30e538a96680c935e746a66263cc23a222c2bef61faa5fb886a6597a7c2304294da3e97379ca4768dee93c2e0235cb31a91174e91b6d37a4eb4089291de515a454390643e5359708e33d14beff9481e2fc9d2c1ed92fce4d98c4aaad41505636f94e9d7fa5454859cd6f3afbd77af260e9854a56bdc07328e9d6fc60e285e1aac09486a8eb611d6d4719da353b5b8248dfca9d2eff37129b33d940963a545bb3632ab4b48f7bc8752e5b53249a77c6165573684e344f1ff4bd6aa77141eea6813f4e08333776bc0fdbb2b9d40a12467fb1634293afd68deca2") 15:07:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 799.645150][T23110] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 799.646731][T23113] loop3: partition table partially beyond EOD, truncated [ 799.673385][T23113] loop3: p1 size 2 extends beyond EOD, truncated [ 799.684527][T23110] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:07:43 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff070000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:43 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = dup2(r0, r0) write$rfkill(r1, &(0x7f0000000080)={0xfa6, 0x6, 0x0, 0x1}, 0x8) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) ioctl$KDSETMODE(r1, 0x4b3a, 0x80000000) [ 799.713956][T23113] loop3: p2 size 327680 extends beyond EOD, truncated [ 799.722336][T23110] loop4: p1 < > p2 [ 799.740341][T23110] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:46 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff0f0000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:46 executing program 1: r0 = socket(0x5, 0xa, 0x1) sendmsg$kcm(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@caif=@rfm={0x25, 0x2, "215ffe57399d11c5e907c45adb591c3b"}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000100)="d7c8c550ea211ea85b3608decfb0c9b67d6719ecfd84b11f66575a476f5d2b75f1fb4097f20cf8ac89454c51a7b624a783f982cfca3ed185f1d8ae5ace53682b8fb07bc4b647e2f1e980755be58c5716c0c6eac889a79c9504a927fea16a74eaa14857c2cb0ca3878b29", 0x6a}], 0x1}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) close(r0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:46 executing program 4: syz_read_part_table(0x7a000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff1f0000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:46 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/ip6_flowlabel\x00') r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000003640)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000003740)={&(0x7f0000003600)={0x10, 0x0, 0x0, 0x1000800}, 0xc, &(0x7f0000003700)={&(0x7f0000003680)={0x70, r1, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x30, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK={0x18, 0x4, [@TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, &(0x7f00000000c0)={0x1}) write$eventfd(r0, &(0x7f0000000100)=0x7, 0x8) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 802.661329][T23174] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 802.671827][T23176] ldm_validate_privheads(): Disk read failed. [ 802.682271][T23176] loop3: p1 < > p2 [ 802.693767][T23176] loop3: partition table partially beyond EOD, truncated 15:07:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff3f0000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:46 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}, 0x2}) r1 = getpgid(0xffffffffffffffff) ptrace$getsig(0x4202, r1, 0x0, &(0x7f0000000080)) [ 802.720584][T23176] loop3: p1 size 2 extends beyond EOD, truncated [ 802.731837][T23174] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 802.745929][T23176] loop3: p2 size 327680 extends beyond EOD, truncated [ 802.752434][T23174] loop4: p1 < > p2 [ 802.760537][T23174] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffff7f0000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:46 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffe000/0x1000)=nil, 0x1000}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:49 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:49 executing program 4: syz_read_part_table(0x80ffffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:49 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f00000000c0)={0x7, 0x6, 0x4, 0x5, 0x3, 0x7}) 15:07:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff0000000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff0100000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:49 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r1 = dup3(r0, r0, 0x80000) ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f0000000080)=0x50) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000140)={0x2}) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f00000000c0)={@initdev, @initdev}, &(0x7f0000000100)=0xc) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) 15:07:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff0300000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 805.744499][T23238] ldm_validate_privheads(): Disk read failed. [ 805.753477][T23240] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:07:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:49 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000015000/0x3000)=nil, 0x3000}) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$VIDIOC_G_INPUT(r1, 0x80045626, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) prctl$PR_SET_FPEMU(0xa, 0x1) [ 805.785327][T23238] loop3: p1 < > p2 [ 805.789725][T23238] loop3: partition table partially beyond EOD, truncated [ 805.797395][T23238] loop3: p1 size 2 extends beyond EOD, truncated [ 805.809035][T23240] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 805.816665][T23240] loop4: p1 < > p2 [ 805.823688][T23240] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff0700000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 805.831606][T23238] loop3: p2 size 327680 extends beyond EOD, truncated 15:07:49 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xd8000, 0x1c) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f00000000c0)=0x4, 0x4) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000013000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x3, 0x2) 15:07:49 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:49 executing program 4: syz_read_part_table(0x97ffffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff0f00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:49 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000000c0)=0x1c) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000100), 0x4) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$TIPC_IMPORTANCE(r2, 0x10f, 0x7f, &(0x7f0000000340), &(0x7f00000003c0)=0x4) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r3 = syz_open_dev$video4linux(&(0x7f0000000140)='/dev/v4l-subdev#\x00', 0x7, 0x10000) r4 = accept4(r1, &(0x7f0000000200)=@in={0x2, 0x0, @loopback}, &(0x7f0000000280)=0x80, 0x80800) setsockopt$ax25_int(r4, 0x101, 0x8, &(0x7f00000002c0)=0x3ff, 0x4) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f00000001c0)={0x9f0000, 0x2, 0x7, [], &(0x7f0000000180)={0x9b090d, 0x7fff, [], @value=0x3f}}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) [ 806.133444][T23299] ldm_validate_privheads(): Disk read failed. [ 806.143883][T23299] loop3: p1 < > p2 [ 806.152221][T23299] loop3: partition table partially beyond EOD, truncated [ 806.185472][T23299] loop3: p1 size 2 extends beyond EOD, truncated [ 806.199951][T23299] loop3: p2 size 327680 extends beyond EOD, truncated [ 806.271068][T23309] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 806.292654][T23309] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 806.300641][T23309] loop4: p1 < > p2 [ 806.308115][T23309] loop4: p2 size 327680 extends beyond EOD, truncated [ 806.470187][T23309] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 806.489055][T23309] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 806.498499][T23309] loop4: p1 < > p2 [ 806.503935][T23309] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:52 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x3, 0x200) ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0x3f) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x74}) 15:07:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff1f00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:52 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) [ 808.684946][T23338] ldm_validate_privheads(): Disk read failed. [ 808.697639][T23338] loop3: p1 < > p2 [ 808.701545][T23338] loop3: partition table partially beyond EOD, truncated [ 808.722418][T23338] loop3: p1 size 2 extends beyond EOD, truncated [ 808.730009][T23338] loop3: p2 size 327680 extends beyond EOD, truncated 15:07:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:52 executing program 4: syz_read_part_table(0xc9ffffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:52 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x7e18ec93a56a227c, 0x0) getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=0x4) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) getsockopt$inet_tcp_buf(r0, 0x6, 0x0, &(0x7f00000003c0)=""/215, &(0x7f0000000340)=0xd7) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r2 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0xa1, 0x141400) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="ed44cd45e333fc2826183ab07cfa53e1bd1e08f907a2208e1433c3ddb1d966f0adfffe34c768cacc0a2d46ef1b2fe6b3abc0ca1f51cfcb05db9e9f1b2dae8ef783ba0a23ea551fbd8c5c4a", @ANYRES16=r3, @ANYBLOB="200026bd7000fbdbdf250c000000080005000180000008000400ff000000080004000000000008000400070000000800050000020000"], 0x3c}, 0x1, 0x0, 0x0, 0x40805}, 0x20000000) 15:07:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff3f00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:52 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) 15:07:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffff7f00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:52 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000140)=0x3) prctl$PR_GET_TSC(0x19, &(0x7f0000000080)) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000014000/0x2000)=nil, 0x2000}}) r1 = dup(r0) setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000100)=0x10000, 0x4) 15:07:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 808.947452][T23363] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 808.958658][T23363] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 808.994253][T23363] loop4: p1 < > p2 [ 809.000540][T23362] ldm_validate_privheads(): Disk read failed. [ 809.006695][T23362] loop3: p1 < > p2 [ 809.010861][T23363] loop4: p2 size 327680 extends beyond EOD, truncated [ 809.029648][T23362] loop3: partition table partially beyond EOD, truncated [ 809.065336][T23362] loop3: p1 size 2 extends beyond EOD, truncated [ 809.082725][T23362] loop3: p2 size 327680 extends beyond EOD, truncated 15:07:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff00000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:07:55 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) 15:07:55 executing program 4: syz_read_part_table(0xeeffffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff01000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 811.687751][T23412] BTRFS error (device loop1): superblock checksum mismatch [ 811.756710][T23411] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 811.783361][T23411] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 811.791411][T23412] BTRFS error (device loop1): open_ctree failed [ 811.795534][T23414] ldm_validate_privheads(): Disk read failed. 15:07:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff03000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 811.810793][T23411] loop4: p1 < > p2 [ 811.815298][T23414] loop3: p1 < > p2 [ 811.820651][T23414] loop3: partition table partially beyond EOD, truncated [ 811.828127][T23411] loop4: p2 size 327680 extends beyond EOD, truncated [ 811.835426][T23414] loop3: p1 size 2 extends beyond EOD, truncated [ 811.848353][T23414] loop3: p2 size 327680 extends beyond EOD, truncated 15:07:55 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) 15:07:55 executing program 4: syz_read_part_table(0xfdffffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff07000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 812.016003][T23440] BTRFS error (device loop1): superblock checksum mismatch 15:07:55 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 812.079623][T23440] BTRFS error (device loop1): open_ctree failed [ 812.252657][T23449] ldm_validate_privheads(): Disk read failed. [ 812.262381][T23460] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 812.303095][T23449] loop3: p1 < > p2 [ 812.307274][T23460] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 812.316947][T23449] loop3: partition table partially beyond EOD, truncated [ 812.328698][T23460] loop4: p1 < > p2 [ 812.333580][T23449] loop3: p1 size 2 extends beyond EOD, truncated [ 812.340573][T23460] loop4: p2 size 327680 extends beyond EOD, truncated [ 812.347901][T23449] loop3: p2 size 327680 extends beyond EOD, truncated [ 812.580475][T23460] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 812.590775][T23460] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 812.597506][T23460] loop4: p1 < > p2 [ 812.602084][T23460] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:58 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:07:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff0f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:07:58 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) 15:07:58 executing program 4: syz_read_part_table(0xff0f0000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:07:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff1f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 814.729431][T23494] BTRFS error (device loop1): superblock checksum mismatch [ 814.792800][T23495] ldm_validate_privheads(): Disk read failed. [ 814.812345][T23495] loop3: p1 < > p2 [ 814.819859][T23494] BTRFS error (device loop1): open_ctree failed 15:07:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff3f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 814.838768][T23493] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 814.844740][T23495] loop3: partition table partially beyond EOD, truncated [ 814.856775][T23495] loop3: p1 size 2 extends beyond EOD, truncated [ 814.863856][T23493] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 814.871249][T23495] loop3: p2 size 327680 extends beyond EOD, truncated [ 814.878294][T23493] loop4: p1 < > p2 15:07:58 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 814.892607][T23493] loop4: p2 size 327680 extends beyond EOD, truncated 15:07:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffff7f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:07:58 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) 15:07:58 executing program 4: syz_read_part_table(0xffefffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 815.082626][T23528] BTRFS error (device loop1): superblock checksum mismatch 15:07:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:07:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 815.169403][T23528] BTRFS error (device loop1): open_ctree failed 15:07:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff010000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 815.224130][T23536] ldm_validate_privheads(): Disk read failed. [ 815.230675][T23536] loop3: p1 < > p2 [ 815.234696][T23536] loop3: partition table partially beyond EOD, truncated [ 815.252876][T23536] loop3: p1 size 2 extends beyond EOD, truncated [ 815.260139][T23536] loop3: p2 size 327680 extends beyond EOD, truncated [ 815.319964][T23541] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 815.364285][T23541] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 815.392662][T23541] loop4: p1 < > p2 [ 815.406757][T23541] loop4: p2 size 327680 extends beyond EOD, truncated [ 815.561859][T23541] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 815.575081][T23541] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 815.582247][T23541] loop4: p1 < > p2 [ 815.587438][T23541] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff030000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:01 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0b") 15:08:01 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:01 executing program 4: syz_read_part_table(0xffffefff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff070000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 817.829810][T23591] ldm_validate_privheads(): Disk read failed. [ 817.838694][T23591] loop3: p1 < > p2 [ 817.851585][T23591] loop3: partition table partially beyond EOD, truncated [ 817.864540][T23585] BTRFS error (device loop1): superblock checksum mismatch [ 817.873643][T23591] loop3: p1 size 2 extends beyond EOD, truncated [ 817.881777][T23591] loop3: p2 size 327680 extends beyond EOD, truncated [ 817.898788][T23588] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff0f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 817.929403][T23585] BTRFS error (device loop1): open_ctree failed [ 817.937189][T23588] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 817.947264][T23588] loop4: p1 < > p2 [ 817.965864][T23588] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:01 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff1f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:01 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0b") 15:08:01 executing program 4: syz_read_part_table(0xffffff80, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:01 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff3f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffff7f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 818.407666][T23640] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 818.423505][T23640] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 818.430653][T23640] loop4: p1 < > p2 [ 818.436583][T23640] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:02 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 818.481568][T23645] ldm_validate_privheads(): Disk read failed. [ 818.498091][T23645] loop3: p1 < > p2 [ 818.502541][T23645] loop3: partition table partially beyond EOD, truncated [ 818.511189][T23645] loop3: p1 size 2 extends beyond EOD, truncated 15:08:02 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 818.526698][T23645] loop3: p2 size 327680 extends beyond EOD, truncated 15:08:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:04 executing program 4: syz_read_part_table(0xffffff97, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:04 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0b") [ 821.191116][T23690] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 821.201959][T23691] ldm_validate_privheads(): Disk read failed. [ 821.208230][T23691] loop3: p1 < > p2 [ 821.229454][T23690] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 821.229503][T23691] loop3: partition table partially beyond EOD, truncated [ 821.229559][T23690] loop4: p1 < > p2 [ 821.248698][T23691] loop3: p1 size 2 extends beyond EOD, truncated [ 821.255434][T23690] loop4: p2 size 327680 extends beyond EOD, truncated [ 821.264638][T23691] loop3: p2 size 327680 extends beyond EOD, truncated 15:08:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff0100], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:04 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff0300], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:05 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:05 executing program 4: syz_read_part_table(0xffffffc9, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:05 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47b") 15:08:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff0700], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 821.669699][T23739] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 821.681064][T23739] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:08:05 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff0f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 821.710012][T23739] loop4: p1 < > p2 [ 821.715442][T23739] loop4: p2 size 327680 extends beyond EOD, truncated [ 821.730082][T23743] ldm_validate_privheads(): Disk read failed. [ 821.748240][T23743] loop3: p1 < > p2 [ 821.771262][T23743] loop3: partition table partially beyond EOD, truncated [ 821.780195][T23743] loop3: p1 size 2 extends beyond EOD, truncated [ 821.787751][T23743] loop3: p2 size 327680 extends beyond EOD, truncated 15:08:05 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xf43, 0x0) 15:08:07 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:07 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff1f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:07 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47b") 15:08:07 executing program 4: syz_read_part_table(0xffffffee, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:07 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xf43, 0x0) 15:08:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:07 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff3f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xf43, 0x0) [ 824.569074][T23785] ldm_validate_privheads(): Disk read failed. [ 824.569564][T23791] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 824.576217][T23785] loop3: p1 < > p2 [ 824.590335][T23785] loop3: partition table partially beyond EOD, truncated [ 824.602164][T23785] loop3: p1 size 2 extends beyond EOD, truncated 15:08:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffff7f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 824.622690][T23791] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 824.634882][T23785] loop3: p2 size 327680 extends beyond EOD, truncated [ 824.639361][T23791] loop4: p1 < > p2 [ 824.649464][T23791] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0xf43, 0x0) 15:08:08 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47b") 15:08:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:08 executing program 4: syz_read_part_table(0xfffffffd, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff01], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0xf43, 0x0) [ 824.943798][T23828] ldm_validate_privheads(): Disk read failed. [ 824.957490][T23828] loop3: p1 < > p2 [ 824.987757][T23828] loop3: partition table partially beyond EOD, truncated [ 825.025151][T23828] loop3: p1 size 2 extends beyond EOD, truncated [ 825.035458][T23828] loop3: p2 size 327680 extends beyond EOD, truncated 15:08:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0xf43, 0x0) [ 825.142129][T23851] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 825.176186][T23851] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 825.184932][T23851] loop4: p1 < > p2 [ 825.193543][T23851] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:10 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:10 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0") 15:08:10 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x10000}], 0xf43, 0x0) 15:08:10 executing program 4: syz_read_part_table(0x1000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 827.583725][T23888] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 827.599124][T23890] ldm_validate_privheads(): Disk read failed. [ 827.616428][T23888] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 827.624498][T23888] loop4: p1 < > p2 [ 827.631629][T23890] loop3: p1 < > p2 [ 827.637969][T23890] loop3: partition table partially beyond EOD, truncated [ 827.646186][T23890] loop3: p1 size 2 extends beyond EOD, truncated [ 827.653256][T23888] loop4: p2 size 327680 extends beyond EOD, truncated [ 827.663641][T23890] loop3: p2 size 327680 extends beyond EOD, truncated 15:08:11 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff03], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x10000}], 0xf43, 0x0) 15:08:11 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0") 15:08:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x10000}], 0xf43, 0x0) 15:08:11 executing program 4: syz_read_part_table(0x1000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 828.019986][T23930] ldm_validate_privheads(): Disk read failed. [ 828.037644][T23930] loop3: p1 < > p2 [ 828.052169][T23930] loop3: partition table partially beyond EOD, truncated [ 828.060318][T23930] loop3: p1 size 2 extends beyond EOD, truncated [ 828.068888][T23930] loop3: p2 size 327680 extends beyond EOD, truncated [ 828.079314][T23938] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 828.090163][T23938] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 828.098705][T23938] loop4: p1 < > p2 [ 828.107409][T23938] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0xf43, 0x0) 15:08:11 executing program 3: syz_read_part_table(0x402, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0") 15:08:11 executing program 4: syz_read_part_table(0x10000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0xf43, 0x0) [ 828.479038][T23962] ldm_validate_privheads(): Disk read failed. [ 828.486102][T23962] loop3: p1 < > p2 [ 828.490526][T23962] loop3: partition table partially beyond EOD, truncated [ 828.498024][T23962] loop3: p1 size 2 extends beyond EOD, truncated [ 828.505189][T23962] loop3: p2 size 327680 extends beyond EOD, truncated 15:08:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff07], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 828.531407][T23966] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 828.547963][T23966] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 828.562601][T23966] loop4: p1 < > p2 [ 828.567231][T23966] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:14 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0xf43, 0x0) 15:08:14 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x8000000001}, 0x2c) r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x21a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0}, 0x2c) 15:08:14 executing program 4: syz_read_part_table(0x50200000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:14 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff0f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:14 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 830.929654][T24008] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0xf43, 0x0) [ 831.024296][T24008] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 831.068395][T24008] loop4: p1 < > p2 15:08:14 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 831.090554][T24008] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:14 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0xf43, 0x0) 15:08:14 executing program 4: syz_read_part_table(0x90000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 831.404379][T24056] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 831.416189][T24056] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 831.423217][T24056] loop4: p1 < > p2 [ 831.427690][T24056] loop4: p2 size 327680 extends beyond EOD, truncated [ 831.541188][T24056] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 831.551358][T24056] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 831.558083][T24056] loop4: p1 < > p2 [ 831.562778][T24056] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:17 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:17 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0xf43, 0x0) 15:08:17 executing program 4: syz_read_part_table(0x100000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:17 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:17 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff1f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:17 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0xf43, 0x0) 15:08:17 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0xf43, 0x0) [ 834.090654][T24081] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:17 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:17 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 834.137038][T24081] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 834.159350][T24081] loop4: p1 < > p2 [ 834.177618][T24081] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0xf43, 0x0) 15:08:17 executing program 3: bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:17 executing program 4: syz_read_part_table(0x200000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:17 executing program 3: bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 834.535577][T24141] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 834.565832][T24141] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 834.572967][T24141] loop4: p1 < > p2 [ 834.577479][T24141] loop4: p2 size 327680 extends beyond EOD, truncated [ 834.660001][T24141] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 834.670523][T24141] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 834.677312][T24141] loop4: p1 < > p2 [ 834.682218][T24141] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:20 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:20 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0xf43, 0x0) 15:08:20 executing program 3: bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:20 executing program 4: syz_read_part_table(0x204000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0xffffffffffffff3f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:20 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:20 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 837.160019][T24167] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:20 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0xf43, 0x0) 15:08:20 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 837.213133][T24167] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 837.227331][T24167] loop4: p1 < > p2 [ 837.248488][T24167] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:20 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:20 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0xf43, 0x0) 15:08:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:20 executing program 3: socketpair$unix(0x1, 0x2, 0x0, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:21 executing program 4: syz_read_part_table(0x300000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:21 executing program 3: socketpair$unix(0x1, 0x2, 0x0, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 837.651133][T24221] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 837.669318][T24221] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 837.677222][T24221] loop4: p1 < > p2 [ 837.682366][T24221] loop4: p2 size 327680 extends beyond EOD, truncated [ 837.789798][T24221] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 837.799927][T24221] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 837.806578][T24221] loop4: p1 < > p2 [ 837.811433][T24221] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:21 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x2], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:21 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0xf43, 0x0) 15:08:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:23 executing program 3: socketpair$unix(0x1, 0x2, 0x0, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:23 executing program 4: syz_read_part_table(0x400000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:23 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0xf43, 0x0) 15:08:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:23 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 840.315465][T24262] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 840.335228][T24262] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 840.343467][T24262] loop4: p1 < > p2 [ 840.357501][T24262] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:24 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:24 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0xf43, 0x0) 15:08:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:24 executing program 4: syz_read_part_table(0x44c000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 840.471024][T24262] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 840.482480][T24262] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 840.489485][T24262] loop4: p1 < > p2 [ 840.496552][T24262] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(0xffffffffffffffff, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, 0x0, 0x0) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 840.766008][T24305] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 840.776461][T24305] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 840.787932][T24305] loop4: p1 < > p2 [ 840.795929][T24305] loop4: p2 size 327680 extends beyond EOD, truncated [ 840.891328][T24305] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 840.901614][T24305] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 840.908464][T24305] loop4: p1 < > p2 [ 840.913150][T24305] loop4: p2 size 327680 extends beyond EOD, truncated [ 841.010089][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 841.011356][T24321] print_req_error: 27 callbacks suppressed [ 841.011368][T24321] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 841.023893][ T2511] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.047782][ T2511] buffer_io_error: 22 callbacks suppressed [ 841.047787][ T2511] Buffer I/O error on dev loop4p2, logical block 33008, async page read [ 841.062556][T24321] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 841.074805][ T2511] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.086239][ T2511] Buffer I/O error on dev loop4p2, logical block 33022, async page read [ 841.094891][T24321] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 841.106514][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.117539][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 841.126002][ T2510] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.136949][ T2510] Buffer I/O error on dev loop4p2, logical block 1, async page read [ 841.145297][ T2511] blk_update_request: I/O error, dev loop4, sector 264184 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.156727][ T2511] Buffer I/O error on dev loop4p2, logical block 33023, async page read [ 841.166079][ T2510] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.177189][ T2510] Buffer I/O error on dev loop4p2, logical block 1, async page read [ 841.185416][ T2510] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 841.196328][ T2510] Buffer I/O error on dev loop4p2, logical block 1, async page read [ 841.204493][ T2510] Buffer I/O error on dev loop4p2, logical block 33023, async page read [ 841.212956][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 841.221191][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:08:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:26 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0xf43, 0x0) 15:08:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, 0x0, 0x0) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:26 executing program 4: syz_read_part_table(0x500000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x4], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, 0x0, 0x0) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 843.376682][T24338] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 843.413877][T24338] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 843.420989][T24338] loop4: p1 < > p2 [ 843.425665][T24338] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:27 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x0, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:27 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0xf43, 0x0) 15:08:27 executing program 4: syz_read_part_table(0x600000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 843.530026][T24338] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 843.540546][T24338] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 843.547267][T24338] loop4: p1 < > p2 [ 843.552177][T24338] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:27 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x0, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:27 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0xf43, 0x0) [ 843.772492][T24375] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 843.790749][T24375] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 843.815710][T24375] loop4: p1 < > p2 [ 843.827508][T24375] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:29 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x0, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:29 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0xf43, 0x0) 15:08:29 executing program 4: syz_read_part_table(0x604000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x6], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:29 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:29 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0xf43, 0x0) 15:08:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 846.461228][T24412] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 846.483647][T24412] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 846.494731][T24412] loop4: p1 < > p2 15:08:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) [ 846.511932][T24412] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0xf43, 0x0) 15:08:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 15:08:30 executing program 4: syz_read_part_table(0x700000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0xf43, 0x0) 15:08:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, 0x0, 0x0) 15:08:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, 0x0, 0x0) [ 846.862896][T24464] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 846.874476][T24464] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 846.883281][T24464] loop4: p1 < > p2 [ 846.888287][T24464] loop4: p2 size 327680 extends beyond EOD, truncated [ 847.059793][T24464] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 847.072688][T24464] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 847.079570][T24464] loop4: p1 < > p2 [ 847.084152][T24464] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0xf43, 0x0) 15:08:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, 0x0, 0x0) 15:08:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:33 executing program 4: syz_read_part_table(0x800000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) [ 849.610499][T24507] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 849.629052][T24507] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 849.650454][T24507] loop4: p1 < > p2 15:08:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:33 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0xf43, 0x0) 15:08:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x8], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) 15:08:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 849.656051][T24507] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000968ff6)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) 15:08:33 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:08:33 executing program 4: syz_read_part_table(0x900000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:33 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/null\x00', 0x20000, 0x0) r1 = socket$packet(0x11, 0x0, 0x300) socket$packet(0x11, 0x0, 0x300) r2 = open(&(0x7f0000002000)='./bus\x00', 0x800000000141042, 0x0) waitid(0x0, 0x0, 0x0, 0x0, 0x0) pwritev(r2, &(0x7f0000001380)=[{&(0x7f0000003040)="02", 0x1}], 0x1, 0x0) ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f00000000c0)='veth1\x00') fallocate(r2, 0x20, 0x0, 0xfffffeff000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x9c89, 0x1, 0x1, 0x4, 0x5}, 0x0) pwritev(0xffffffffffffffff, 0x0, 0xffffffffffffff3a, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCMBIS(r0, 0x5416, 0x0) eventfd2(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000240)={r3, r4/1000+10000}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x10000101) 15:08:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:33 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 850.112170][T24554] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:33 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000380)='./file0\x00') setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000080)=""/13}, 0x18) r0 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$UHID_INPUT(r0, &(0x7f0000001cc0)={0x8, "5f5539ae7383df635d7eb9f00cde999ef4e1d4fbae589edcbcd64ae9781d89f20a7c347bd734db9d80a3e9ee0d0f04fe5305dacf9e656dc623d0d8abb05b81ebf7fa83533ebfe364612ee7d5571be6e3af5eccf0e26370ff66a26e95f4b7b1206b9d9a70fe612b356ec5074716b0e71eb9f60ac1c5e653c9a7de0de9a5f8c8047f77ece27201fc36e2ca04338864356e123b3b96be97afa5d6698e6f08a657f7ad07b42df05dfca83247581434b575e2d4419e52f1103e9e3ddc440a98f9caeace71f8affb3cfc62e4b428403787ff063d2923a50c0410f191c7923b77c51fea54cc7f2b8adcd2a5e1f53495c168736a160f28435b70f6e40df8523c2deaef8b70f13bc408d1d6eb05dbcae35f0c12cb00b8d589c0dda912acf9315852e1cbb85857f9421cd623fc5046448db22eec3c07358c4778c73a2495bf3452b18d8e904ed88ae250a99edb20b78fc923ccc841847a4f6d514320309afe2f0a075e50096c7a8cd4da2d88791d01a10cea10a97d32e8bb05a5e2bf52be5fffa3fb26953a0fadac598644cf0297d01d5c1ed9f2123ba789fa650b0d140a478903cc23a5b5c2a2a52f19bdd40039ac0291f648f1f991e272c52669f7843e73b3be22103fe0a88d5d405b9ecea5d602be0b5466d18d8a971b69a8e80e48621103a6bc6ee3a7b70b199005241779f22fa2cc159988eaf2d53c858ec06ab56acc232b587ffee3a5cb29f5641b2189fb1617d1a652e42511fe2e447a2636f18ceabc261126200193eb9f309f80aa204a93883bf6fb247ade866685f300295f8735e18d1d81365dbd2bddfa1779c59effed803bbe0a68302b1ab0f0d00892138ad24d52d653d92897bd28c2f031a77eae54ef3ce9a1fc44ea41763b2d780a454f68ea1a297302b4fa6664923a818040f5a74e0db3ff24e940e97d4abff40af2d36f7bceb8a0c5e90dbefbc8ba496f6e42f11ce11fb20655138f9387938abc3aa3a742f749a8695d972c537127519f654945bac96f0a2ef9d6b24f2226ae677684e3eb63041d6b5105777a8e6aa41ff11366448c0af1ddf5e3f2a1d828b4c9ede3809eab736c9035f2a7032ce38b699dfdc3e158e1ce62d325441e1b05a3ba5f663f20b0cb703cb2960aad298177881aa6b52bf4ae112c5d2bb691ac34b0723be7ddcfff0015e578475db1f062c5a50b54bbcba2f591eb4d6de66f386b0d5dd3975229ad25ae95d82266dfb9c1a6f497ef54b6ac5ee81edae16c47e89f9a435377dfac411db459559ce483921251745b8b94f69d4815b009ea86aedc5a75a516ff2afaff9a418f73c2cacbcdf45dd02ba962399f9b81e149635c2b4c0bda790a6d72fc243f6fbc73d0a0636db51c03d93b44b42c07f2269b465231f953e6a45dc549e9b5ef05443da7820cd667f5b0ff47a13f0a3df630a6f98f72e09978b829389d6a11afb0a7a0988822bb95fcb50399e51295f464662118646d2996da0fa710b082036820ae0a60828479bad4489061244b74179cfec74ab273551190c0eb2ca95be86391b8e469454796d04b29646b8aaae49889ffd84e83e33fb0cd7b10d778e72422f474911897dbd4548d9658e9af23cfff0ad4a7d750ab59e0f8988082ab7ac8d27eeab1c5809de6694aba8ee6ff1ba23d422f38dc026a77933cb0fc916d22131f7f736e35c881c5551f13a5037f65b9090372bb8e73bb9cd686715afef6b40ff275a978078c1e1c7db358285e5caee5c53cb4a7b446db91e5c0615342265edd9f09a72002aae56c7ad4269a0513569db514ee852724cdcccb72e8836fc270f7aa03e03e65f4572c2909e6fb1b557e89c3b505ba2f2b10b545513758abdbdc5b3e5ec1fe4d6bd5947b354058eccb79f10e971a85bdafa5aa27224acc734d884f9282ed033fc540defa3181d451713565d940879cd70a1d704b9a390de509351d5129bff18051b0c7ca196a78d3b8d0c8f384c79ad637b2e1770fecfc980960ef403cbc6bb284792cd169133f35aea028d9ffdc1668572dd197db86a26cb6fe1bb822bb76968ef2cd3c384704b75d0f17a50bcce054a400edd3b2f2abf72d2d8a679fdc94216d2d7d43ca1e60aeb5a313f8104f8ae54e75beb6c106cf080b9ecc9a1f91508b37d9ede25a1bede738c3a7f3501391a7b1863fe120ea26c4ff13f1de4588b150f3f2c12a9b9d92e6a8610c788c4d449a91416307a313536e1779bef88028d65a9398c5d1492b729d5f08e34e64fa07507f64297a1f9305a2d68169f653d5c107c9860ca0d822916eb357c646c229e792b1a5da56b35ab971bb82e41581e11f24f9c6b26c019dd2f2f89f2a82b74bd856ed7b46a2d9c07b2856bc39e9a28f271c5bb06db5bfa04d21e37e778b3e03071d25da8bbc91543fe8909603ba92e3455cb0edfe1dc040f12c169a97a5b8fb09f97acda29ab8491e7c9f81320b1a9de5773078557a6a0bdc5a1bfd2d953c47b3e5ccc70d76dc4ba10c297d7591e2c2150b8235de09714fedcf23aedb0ec9586e52f6af6c299256ad5a0a4ce22666be48592977dc5ff5c5eea529b81df4510016240b8fc8489bf59c899bb75481220554d0b9aebf1660cb72b01dfc3ffaac27dc1d36247e86339c6d99fc3ca8edf585fdb236ecdffda1b99819f873367ee5d8fde5d596517f895c9154deab01ca26008edbeadecfe33cae750ff044469a1b3b104b35af0c04a35a48aecf54dd8844b598432b81f67ce232ad46a247cad103274cd7c206d890008b149aaa3310f9794243cc5e04d4bd3e66a5b01ef67044412eba507a20399856cd26fb6233ebc064aa7b5ba94198bc05301dd74d6875b6d3b4731c2a11f0656767a3e6ba0a3d6951a7f9385ff99876891b8150ac5257756ef92a6c3854ccba8f13bca3cd3e66fdc93feefc44c3eba570970e0a6921f1eef24713ed5a174b8e52a0bc1bd3b420bdd0e521835289d29267fca4512caeaf64d1adeba2457864801d30d37e4eea965f8cfdb314f62307d8a12084a65da330f800862cae3876cdffe8c77d982ce9527b069628f0d796c0ec1c1b423ab6eb248e176a9b201d4de572f7901d8d88ae3dc6c3f196a4e3fb81552f16f7a7b7b3a242824b0618a855fc150fe8d484c80b3e1ea6c42f165dcfa7b0b292f9c7f27179d32260d4f472385a8818f7d76133030cf1256153b4162c8c3a3629c01e9b8cb5a30b3d0068d7f0e3727d8159739386511746fad1cfcc98c7af05b489876432957c6d59c51f12ebb62acac90311e6b00cea58b355db5a36718dfb8140d23e64e41ef9d33969cae75ea3ef8f14ad8c9b2d0c8bd7bf4366b091b5992ffbd71800495c0484cbee4b5fffaede0808cdcfa2409227e6b96dd82481d6d00bfff72c29f860b7fa4fa9c3634d9a2e4f7a8ef240c997b749e0562514d5c2c5d66da75149dea37b1cbb347fa0df5be2b9a5ddf20a6d47936b3b55cedc64453e69413a89c8a9eaeda00fccc96281b4f29db0f3e45fa098c77ffe3c0488529ecfa801cdf7fe8a23f6a3aa04acaf4e300c44e6d873f43b9fd4b13cbed2411c97378e07c7a6799d272d36ac8964233130947ed88f727915fa58a4812ceacd6cc6a52bc7fcba5e57543e93d293d5a428c73b194f33ba752b0ebeb0262423e7a8f490707a220857f44e191304cffb93cfc75b217ca306292549c8742fe3aa62a464d40c666115015201c0fef3e9555615f91c3d15b6e1556a9b04febc2ae7e3d689ca5f58b51f2717ae8c5153f2c2a4df11ea8cafcc369327c2a0a6f7946daf09be323d59e4b0e42ebcdeca373a6d70a3286382f1405b7107af899da00dbd52324657870bd18ca26f3ef47e0e81cd335c827512e88f24202836e7a1b505f0d03a23d577430d971458a11ff42e36b2d2883b664d402eb7497a90ba1f94829b6d9c6b4c4f7e9dc49882520a6fd2590cb8b41328541b9076e43f6019c3da9084e57960478c268f4215bb98455fbd2981e7e37caf7aaf9008f87cfe196da930637c55da5a34e142a433494e6f92a5985d7e6fc0ec68d2ad25144919af6dc81afc88cd05f01b401730bccc3086c9dd06d38ed522e52e7ffae7671898fb91cec0821c061aaea6c47ae877d2d7f5ca1ecf159e0ea152ce713f652c116f62e12cad293331db922a5fed311ab22096d90fc17ccc53f84d46eae680def0b9949e0d9debff263d575e590941a5ce0b33548beb6dbc01104f6054da73cc349625adece6a54e092d8d740915b91d81df30374a78693d6b69724f05354d61ac0febff4a544b88954d11d3f4927895edf6ad755313227ac87f24f12d70a831df16bd45c4a03570fdf27d698fa5581fce2d002890a3f2059a6bfdf77f0aeee3ad8318449bc1b2d486b225b148a78e921c73a2c37256dfb1ad611e410d5436e0d31d00ab5177da7915a74ef3307927c23c764f5cf62c3e2db86284c9abb39045b625d507f5c8d440557b4dad2a39593fbb572cce25a364aae44134fdd97ef0148690881bee42b6bd929f12cdf07996597a2a8366b12841f8fb8dfc0ece651756637b95c6bdb92320302805b4a700e7d3dfb0b8878862f400f8437a6c153b5fab40d30af07e73cf4345cb6fa81574018a7bc0e8789fae8b8560f4b93d413fa8e0e0218527ccb82873fc9da6cc34b6197c1d8bd9223ab7c4efb1f8cf021450037f4576934d83116655c120062fc3b912176fd395ccc792d492f2730465f8b4c68155b6ceb52e80742d2970e24004171f4685cd78467a4e943a0fecff66dffff10922d69236460dc37c1df9b19dded1ecb932dd8dd2045d2f8e8d3dfb6a83a65d6623553a2aed7a12b78effeeaa58eec84cdefc84923177afb7bd04f6fc3d3332d63ed5c5d6fe8820b9853e7615407eb23962f5232db44bc0267e7f07e47b158de0732a974b80aeb00ffeeca83d26fe21e487ea4472cd9048f942155784af8f68006cdb4286480a7ffa1ba6e93fe7fdb33283359d28bf9311dee59899e0e77aa113fadda21526c8e2bd60f21e182b735a5b0177fb95e948857c6c4ae391b2b4950a35b129e7bf25b7eb2c0857290c55f5d28b78ca1f39f0cd676610805b0a378647ae958182b26de1ddbf80e80d7ab1d2476086ed192e98bee0969bc0e8765278cb5570ccc29ac6d7298821bff4f85895deffcf4ce54a69878cfb41eade0d8703cbcff02352733ace2d800ba68b0fdcc52b94247ecacddf80ad228cf76eb547d276d0f6402054e34c3569e2b53ea3cbc54e49e099372cde3acd1ba47f836a765f855763a175a58ec4d6cecc72375da2d8c956c2868e77bfdb697182b554f0b743d7095cf13a3ba1d19e7590c281bd09ce235898a9682aacb5633b4fa4c3bdd71139c20c518b6a7651a47df7658a5a7ed41b3e7e43543d68c1dd4a5d01ec7e42cabdd6963db84f0d69b5a471ff8b929a8774baee39b14ab325af2ea7756c656c0135a59568499208341333d6b896cf0cc10108970e20313df241d179bd2a4d2392b269e6aeb9d2570bba7e3c67f49e90cf95562f93077a5fb588225724d444fcd8da55921dcff7b0be49ac0171ae98209e729f65bcebe447ccc0a185719f3fd55d1ae263daac4a420da91d05cdfc85d48e5743483dbb6fe81e5c216948953d95d5e725db17df44f05a57c6cc425e55572f9163e536a6d2d51d5213c937f6ddba08fc1f90ec73088a766a685f2c0d43b80422d48eef23b2ea588ea26b8dffb4f0df0cf91d6ea8f14a663ba2b165e4427010742fe63905d62b9dcf2385dce09fe75e4746d5c9c402ee77bfc9f39a28eb9f2751a81b090a499706accafbf5ae1afa9af350fd7481bb", 0x1000}, 0x1006) sendfile(r0, r0, &(0x7f0000000240), 0x2008000fffffffe) creat(&(0x7f0000000000)='./file0\x00', 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0xfffffffffffffff3) syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x0, 0x224200) socket$inet(0x2, 0x0, 0x0) [ 850.160174][T24554] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 850.171574][T24554] loop4: p1 < > p2 [ 850.179683][T24554] loop4: p2 size 327680 extends beyond EOD, truncated [ 850.186718][ T26] audit: type=1800 audit(1567436913.699:43): pid=24558 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=17163 res=0 [ 850.241911][ T26] audit: type=1800 audit(1567436913.699:44): pid=24569 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=17163 res=0 15:08:34 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xa], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:34 executing program 4: syz_read_part_table(0xa00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:34 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:08:34 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:34 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 850.731591][T24603] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:34 executing program 1: openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 850.794148][T24603] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 850.818269][T24603] loop4: p1 < > p2 [ 850.855455][T24603] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:34 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:34 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) sendmsg(r0, &(0x7f0000000240)={&(0x7f0000000100)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x80, 0x0}, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, 0x0, 0x0) [ 851.043906][T24603] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 851.060878][T24603] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 851.073348][T24603] loop4: p1 < > p2 [ 851.091529][T24603] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x7) ioctl$TCFLSH(r1, 0x5412, 0x715c00) 15:08:36 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000380)='./file0\x00') setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000080)=""/13}, 0x18) r0 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$UHID_INPUT(r0, &(0x7f0000001cc0)={0x8, "5f5539ae7383df635d7eb9f00cde999ef4e1d4fbae589edcbcd64ae9781d89f20a7c347bd734db9d80a3e9ee0d0f04fe5305dacf9e656dc623d0d8abb05b81ebf7fa83533ebfe364612ee7d5571be6e3af5eccf0e26370ff66a26e95f4b7b1206b9d9a70fe612b356ec5074716b0e71eb9f60ac1c5e653c9a7de0de9a5f8c8047f77ece27201fc36e2ca04338864356e123b3b96be97afa5d6698e6f08a657f7ad07b42df05dfca83247581434b575e2d4419e52f1103e9e3ddc440a98f9caeace71f8affb3cfc62e4b428403787ff063d2923a50c0410f191c7923b77c51fea54cc7f2b8adcd2a5e1f53495c168736a160f28435b70f6e40df8523c2deaef8b70f13bc408d1d6eb05dbcae35f0c12cb00b8d589c0dda912acf9315852e1cbb85857f9421cd623fc5046448db22eec3c07358c4778c73a2495bf3452b18d8e904ed88ae250a99edb20b78fc923ccc841847a4f6d514320309afe2f0a075e50096c7a8cd4da2d88791d01a10cea10a97d32e8bb05a5e2bf52be5fffa3fb26953a0fadac598644cf0297d01d5c1ed9f2123ba789fa650b0d140a478903cc23a5b5c2a2a52f19bdd40039ac0291f648f1f991e272c52669f7843e73b3be22103fe0a88d5d405b9ecea5d602be0b5466d18d8a971b69a8e80e48621103a6bc6ee3a7b70b199005241779f22fa2cc159988eaf2d53c858ec06ab56acc232b587ffee3a5cb29f5641b2189fb1617d1a652e42511fe2e447a2636f18ceabc261126200193eb9f309f80aa204a93883bf6fb247ade866685f300295f8735e18d1d81365dbd2bddfa1779c59effed803bbe0a68302b1ab0f0d00892138ad24d52d653d92897bd28c2f031a77eae54ef3ce9a1fc44ea41763b2d780a454f68ea1a297302b4fa6664923a818040f5a74e0db3ff24e940e97d4abff40af2d36f7bceb8a0c5e90dbefbc8ba496f6e42f11ce11fb20655138f9387938abc3aa3a742f749a8695d972c537127519f654945bac96f0a2ef9d6b24f2226ae677684e3eb63041d6b5105777a8e6aa41ff11366448c0af1ddf5e3f2a1d828b4c9ede3809eab736c9035f2a7032ce38b699dfdc3e158e1ce62d325441e1b05a3ba5f663f20b0cb703cb2960aad298177881aa6b52bf4ae112c5d2bb691ac34b0723be7ddcfff0015e578475db1f062c5a50b54bbcba2f591eb4d6de66f386b0d5dd3975229ad25ae95d82266dfb9c1a6f497ef54b6ac5ee81edae16c47e89f9a435377dfac411db459559ce483921251745b8b94f69d4815b009ea86aedc5a75a516ff2afaff9a418f73c2cacbcdf45dd02ba962399f9b81e149635c2b4c0bda790a6d72fc243f6fbc73d0a0636db51c03d93b44b42c07f2269b465231f953e6a45dc549e9b5ef05443da7820cd667f5b0ff47a13f0a3df630a6f98f72e09978b829389d6a11afb0a7a0988822bb95fcb50399e51295f464662118646d2996da0fa710b082036820ae0a60828479bad4489061244b74179cfec74ab273551190c0eb2ca95be86391b8e469454796d04b29646b8aaae49889ffd84e83e33fb0cd7b10d778e72422f474911897dbd4548d9658e9af23cfff0ad4a7d750ab59e0f8988082ab7ac8d27eeab1c5809de6694aba8ee6ff1ba23d422f38dc026a77933cb0fc916d22131f7f736e35c881c5551f13a5037f65b9090372bb8e73bb9cd686715afef6b40ff275a978078c1e1c7db358285e5caee5c53cb4a7b446db91e5c0615342265edd9f09a72002aae56c7ad4269a0513569db514ee852724cdcccb72e8836fc270f7aa03e03e65f4572c2909e6fb1b557e89c3b505ba2f2b10b545513758abdbdc5b3e5ec1fe4d6bd5947b354058eccb79f10e971a85bdafa5aa27224acc734d884f9282ed033fc540defa3181d451713565d940879cd70a1d704b9a390de509351d5129bff18051b0c7ca196a78d3b8d0c8f384c79ad637b2e1770fecfc980960ef403cbc6bb284792cd169133f35aea028d9ffdc1668572dd197db86a26cb6fe1bb822bb76968ef2cd3c384704b75d0f17a50bcce054a400edd3b2f2abf72d2d8a679fdc94216d2d7d43ca1e60aeb5a313f8104f8ae54e75beb6c106cf080b9ecc9a1f91508b37d9ede25a1bede738c3a7f3501391a7b1863fe120ea26c4ff13f1de4588b150f3f2c12a9b9d92e6a8610c788c4d449a91416307a313536e1779bef88028d65a9398c5d1492b729d5f08e34e64fa07507f64297a1f9305a2d68169f653d5c107c9860ca0d822916eb357c646c229e792b1a5da56b35ab971bb82e41581e11f24f9c6b26c019dd2f2f89f2a82b74bd856ed7b46a2d9c07b2856bc39e9a28f271c5bb06db5bfa04d21e37e778b3e03071d25da8bbc91543fe8909603ba92e3455cb0edfe1dc040f12c169a97a5b8fb09f97acda29ab8491e7c9f81320b1a9de5773078557a6a0bdc5a1bfd2d953c47b3e5ccc70d76dc4ba10c297d7591e2c2150b8235de09714fedcf23aedb0ec9586e52f6af6c299256ad5a0a4ce22666be48592977dc5ff5c5eea529b81df4510016240b8fc8489bf59c899bb75481220554d0b9aebf1660cb72b01dfc3ffaac27dc1d36247e86339c6d99fc3ca8edf585fdb236ecdffda1b99819f873367ee5d8fde5d596517f895c9154deab01ca26008edbeadecfe33cae750ff044469a1b3b104b35af0c04a35a48aecf54dd8844b598432b81f67ce232ad46a247cad103274cd7c206d890008b149aaa3310f9794243cc5e04d4bd3e66a5b01ef67044412eba507a20399856cd26fb6233ebc064aa7b5ba94198bc05301dd74d6875b6d3b4731c2a11f0656767a3e6ba0a3d6951a7f9385ff99876891b8150ac5257756ef92a6c3854ccba8f13bca3cd3e66fdc93feefc44c3eba570970e0a6921f1eef24713ed5a174b8e52a0bc1bd3b420bdd0e521835289d29267fca4512caeaf64d1adeba2457864801d30d37e4eea965f8cfdb314f62307d8a12084a65da330f800862cae3876cdffe8c77d982ce9527b069628f0d796c0ec1c1b423ab6eb248e176a9b201d4de572f7901d8d88ae3dc6c3f196a4e3fb81552f16f7a7b7b3a242824b0618a855fc150fe8d484c80b3e1ea6c42f165dcfa7b0b292f9c7f27179d32260d4f472385a8818f7d76133030cf1256153b4162c8c3a3629c01e9b8cb5a30b3d0068d7f0e3727d8159739386511746fad1cfcc98c7af05b489876432957c6d59c51f12ebb62acac90311e6b00cea58b355db5a36718dfb8140d23e64e41ef9d33969cae75ea3ef8f14ad8c9b2d0c8bd7bf4366b091b5992ffbd71800495c0484cbee4b5fffaede0808cdcfa2409227e6b96dd82481d6d00bfff72c29f860b7fa4fa9c3634d9a2e4f7a8ef240c997b749e0562514d5c2c5d66da75149dea37b1cbb347fa0df5be2b9a5ddf20a6d47936b3b55cedc64453e69413a89c8a9eaeda00fccc96281b4f29db0f3e45fa098c77ffe3c0488529ecfa801cdf7fe8a23f6a3aa04acaf4e300c44e6d873f43b9fd4b13cbed2411c97378e07c7a6799d272d36ac8964233130947ed88f727915fa58a4812ceacd6cc6a52bc7fcba5e57543e93d293d5a428c73b194f33ba752b0ebeb0262423e7a8f490707a220857f44e191304cffb93cfc75b217ca306292549c8742fe3aa62a464d40c666115015201c0fef3e9555615f91c3d15b6e1556a9b04febc2ae7e3d689ca5f58b51f2717ae8c5153f2c2a4df11ea8cafcc369327c2a0a6f7946daf09be323d59e4b0e42ebcdeca373a6d70a3286382f1405b7107af899da00dbd52324657870bd18ca26f3ef47e0e81cd335c827512e88f24202836e7a1b505f0d03a23d577430d971458a11ff42e36b2d2883b664d402eb7497a90ba1f94829b6d9c6b4c4f7e9dc49882520a6fd2590cb8b41328541b9076e43f6019c3da9084e57960478c268f4215bb98455fbd2981e7e37caf7aaf9008f87cfe196da930637c55da5a34e142a433494e6f92a5985d7e6fc0ec68d2ad25144919af6dc81afc88cd05f01b401730bccc3086c9dd06d38ed522e52e7ffae7671898fb91cec0821c061aaea6c47ae877d2d7f5ca1ecf159e0ea152ce713f652c116f62e12cad293331db922a5fed311ab22096d90fc17ccc53f84d46eae680def0b9949e0d9debff263d575e590941a5ce0b33548beb6dbc01104f6054da73cc349625adece6a54e092d8d740915b91d81df30374a78693d6b69724f05354d61ac0febff4a544b88954d11d3f4927895edf6ad755313227ac87f24f12d70a831df16bd45c4a03570fdf27d698fa5581fce2d002890a3f2059a6bfdf77f0aeee3ad8318449bc1b2d486b225b148a78e921c73a2c37256dfb1ad611e410d5436e0d31d00ab5177da7915a74ef3307927c23c764f5cf62c3e2db86284c9abb39045b625d507f5c8d440557b4dad2a39593fbb572cce25a364aae44134fdd97ef0148690881bee42b6bd929f12cdf07996597a2a8366b12841f8fb8dfc0ece651756637b95c6bdb92320302805b4a700e7d3dfb0b8878862f400f8437a6c153b5fab40d30af07e73cf4345cb6fa81574018a7bc0e8789fae8b8560f4b93d413fa8e0e0218527ccb82873fc9da6cc34b6197c1d8bd9223ab7c4efb1f8cf021450037f4576934d83116655c120062fc3b912176fd395ccc792d492f2730465f8b4c68155b6ceb52e80742d2970e24004171f4685cd78467a4e943a0fecff66dffff10922d69236460dc37c1df9b19dded1ecb932dd8dd2045d2f8e8d3dfb6a83a65d6623553a2aed7a12b78effeeaa58eec84cdefc84923177afb7bd04f6fc3d3332d63ed5c5d6fe8820b9853e7615407eb23962f5232db44bc0267e7f07e47b158de0732a974b80aeb00ffeeca83d26fe21e487ea4472cd9048f942155784af8f68006cdb4286480a7ffa1ba6e93fe7fdb33283359d28bf9311dee59899e0e77aa113fadda21526c8e2bd60f21e182b735a5b0177fb95e948857c6c4ae391b2b4950a35b129e7bf25b7eb2c0857290c55f5d28b78ca1f39f0cd676610805b0a378647ae958182b26de1ddbf80e80d7ab1d2476086ed192e98bee0969bc0e8765278cb5570ccc29ac6d7298821bff4f85895deffcf4ce54a69878cfb41eade0d8703cbcff02352733ace2d800ba68b0fdcc52b94247ecacddf80ad228cf76eb547d276d0f6402054e34c3569e2b53ea3cbc54e49e099372cde3acd1ba47f836a765f855763a175a58ec4d6cecc72375da2d8c956c2868e77bfdb697182b554f0b743d7095cf13a3ba1d19e7590c281bd09ce235898a9682aacb5633b4fa4c3bdd71139c20c518b6a7651a47df7658a5a7ed41b3e7e43543d68c1dd4a5d01ec7e42cabdd6963db84f0d69b5a471ff8b929a8774baee39b14ab325af2ea7756c656c0135a59568499208341333d6b896cf0cc10108970e20313df241d179bd2a4d2392b269e6aeb9d2570bba7e3c67f49e90cf95562f93077a5fb588225724d444fcd8da55921dcff7b0be49ac0171ae98209e729f65bcebe447ccc0a185719f3fd55d1ae263daac4a420da91d05cdfc85d48e5743483dbb6fe81e5c216948953d95d5e725db17df44f05a57c6cc425e55572f9163e536a6d2d51d5213c937f6ddba08fc1f90ec73088a766a685f2c0d43b80422d48eef23b2ea588ea26b8dffb4f0df0cf91d6ea8f14a663ba2b165e4427010742fe63905d62b9dcf2385dce09fe75e4746d5c9c402ee77bfc9f39a28eb9f2751a81b090a499706accafbf5ae1afa9af350fd7481bb", 0x1000}, 0x1006) sendfile(r0, r0, &(0x7f0000000240), 0x2008000fffffffe) creat(&(0x7f0000000000)='./file0\x00', 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0xfffffffffffffff3) syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x0, 0x224200) socket$inet(0x2, 0x0, 0x0) 15:08:36 executing program 4: syz_read_part_table(0xb00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xe], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 853.121252][T24663] sp0: Synchronizing with TNC [ 853.189705][T24662] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:08:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x7) ioctl$TCFLSH(r1, 0x5412, 0x715c00) [ 853.232980][T24662] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:08:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) fcntl$dupfd(0xffffffffffffffff, 0x0, r0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x11) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)) [ 853.305972][T24662] loop4: p1 < > p2 [ 853.320624][T24662] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 853.366473][T24691] sp0: Synchronizing with TNC 15:08:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000480)) 15:08:37 executing program 4: syz_read_part_table(0xc00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x7) ioctl$TCFLSH(r1, 0x5412, 0x715c00) [ 853.783201][T24740] sp0: Synchronizing with TNC [ 853.842472][T24741] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 853.899343][T24741] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 853.969322][T24741] loop4: p1 < > p2 [ 854.069545][T24741] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:39 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xf], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:39 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x7) ioctl$TCFLSH(r1, 0x5412, 0x715c00) 15:08:39 executing program 3: 15:08:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:39 executing program 4: syz_read_part_table(0xd00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:39 executing program 3: [ 856.172009][T24784] sp0: Synchronizing with TNC 15:08:39 executing program 3: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:08:39 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 856.230089][T24785] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 856.263173][T24785] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 856.284499][T24785] loop4: p1 < > p2 [ 856.325642][T24785] loop4: p2 size 327680 extends beyond EOD, truncated [ 856.360394][T24813] BTRFS warning (device ): duplicate device fsid:devid for fff6f2a2-2997-48ae-b81e-1b00920efd9a:0 old:/dev/loop1 new:/dev/loop3 [ 856.375284][T24814] BTRFS error (device loop1): superblock checksum mismatch 15:08:40 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:40 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:40 executing program 4: syz_read_part_table(0xe00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 856.570282][T24814] BTRFS error (device loop1): open_ctree failed [ 856.760489][T24834] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 856.798607][T24834] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 856.824491][T24834] loop4: p1 < > p2 [ 856.845388][T24834] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:42 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:42 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:42 executing program 4: syz_read_part_table(0x1000000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:42 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x10], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 859.234073][T24862] BTRFS error (device loop1): superblock checksum mismatch 15:08:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) [ 859.294888][T24860] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 859.329689][T24862] BTRFS error (device loop1): open_ctree failed 15:08:42 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 859.342695][T24860] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 859.361699][T24860] loop4: p1 < > p2 [ 859.366522][T24860] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) [ 859.534471][T24860] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 859.561063][T24860] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 859.569923][T24860] loop4: p1 < > p2 [ 859.575361][T24860] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:43 executing program 4: syz_read_part_table(0x1100000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 859.603112][T24886] BTRFS error (device loop1): superblock checksum mismatch [ 859.689555][T24886] BTRFS error (device loop1): open_ctree failed 15:08:43 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 859.840181][T24907] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 859.856376][T24907] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 859.863498][T24907] loop4: p1 < > p2 [ 859.868037][T24907] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:43 executing program 4: syz_read_part_table(0x1200000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 860.132073][T24927] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 860.142317][T24927] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 860.149119][T24927] loop4: p1 < > p2 [ 860.155367][T24927] loop4: p2 size 327680 extends beyond EOD, truncated [ 860.252584][T24927] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 860.262935][T24927] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 860.271740][T24927] loop4: p1 < > p2 [ 860.276405][T24927] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:45 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x11], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:45 executing program 4: syz_read_part_table(0x1f00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:45 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:45 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 862.350792][T24952] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 862.375768][T24952] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 862.386951][T24952] loop4: p1 < > p2 15:08:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:45 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) [ 862.402652][T24952] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:08:46 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:46 executing program 4: syz_read_part_table(0x2000000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:46 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:46 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) [ 862.781763][T24996] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 862.817347][T24996] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 862.837553][T24996] loop4: p1 < > p2 [ 862.854788][T24996] loop4: p2 size 327680 extends beyond EOD, truncated [ 863.051747][T24996] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 863.062411][T24996] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 863.071263][T24996] loop4: p1 < > p2 [ 863.075960][T24996] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x44], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:46 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xf43, 0x0) 15:08:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:46 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:46 executing program 4: syz_read_part_table(0x2500000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:46 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xf43, 0x0) [ 863.346594][T25049] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 863.362228][T25049] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 863.372002][T25049] loop4: p1 < > p2 [ 863.378906][T25049] loop4: p2 size 327680 extends beyond EOD, truncated [ 863.589759][T25049] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 863.600261][T25049] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 863.606923][T25049] loop4: p1 < > p2 [ 863.611886][T25049] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x0) 15:08:49 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:49 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xf43, 0x0) 15:08:49 executing program 4: syz_read_part_table(0x3f00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfc], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:49 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xf43, 0x0) 15:08:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 865.732782][T25086] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 865.772662][T25086] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:08:49 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 865.791713][T25086] loop4: p1 < > p2 [ 865.808026][T25086] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:49 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0xf43, 0x0) 15:08:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:49 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x0) 15:08:52 executing program 4: syz_read_part_table(0x4000000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0xf43, 0x0) 15:08:52 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x12c], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0xf43, 0x0) 15:08:52 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 868.856321][T25164] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 868.886172][T25164] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:08:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 868.913284][T25164] loop4: p1 < > p2 15:08:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x10000}], 0xf43, 0x0) [ 868.950312][T25164] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:52 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x10000}], 0xf43, 0x0) 15:08:55 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x0) 15:08:55 executing program 4: syz_read_part_table(0x41a9e50b00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x10000}], 0xf43, 0x0) 15:08:55 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x194], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0xf43, 0x0) [ 871.880721][T25228] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 871.905516][T25228] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 871.913776][T25228] loop4: p1 < > p2 15:08:55 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 871.927878][T25228] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:55 executing program 0: syz_read_part_table(0x4c, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) fcntl$setstatus(r1, 0x4, 0x2000) 15:08:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0xf43, 0x0) 15:08:55 executing program 4: syz_read_part_table(0x420f000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0xf43, 0x0) [ 872.209750][T25255] ldm_validate_privheads(): Disk read failed. [ 872.229369][T25255] loop0: p1 < > p2 [ 872.235458][T25255] loop0: partition table partially beyond EOD, truncated 15:08:55 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) fcntl$setstatus(r1, 0x4, 0x2000) [ 872.262896][T25255] loop0: p1 start 1 is beyond EOD, truncated [ 872.280568][T25255] loop0: p2 size 327680 extends beyond EOD, truncated 15:08:55 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 872.353180][T25276] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 872.363646][T25276] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 872.370635][T25276] loop4: p1 < > p2 [ 872.376130][T25276] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0xf43, 0x0) 15:08:56 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1f4], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:56 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) sendfile(r1, r2, 0x0, 0x3fe) 15:08:56 executing program 4: syz_read_part_table(0x4800000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0xf43, 0x0) 15:08:56 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x9, &(0x7f0000000080)=0x1957, 0x4) 15:08:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:08:56 executing program 0 (fault-call:11 fault-nth:0): prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:56 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 872.780083][T25321] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 872.793613][T25321] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 872.816194][T25321] loop4: p1 < > p2 [ 872.835759][T25321] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0xf43, 0x0) [ 873.052789][T25321] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 873.065071][T25356] FAULT_INJECTION: forcing a failure. [ 873.065071][T25356] name failslab, interval 1, probability 0, space 0, times 0 [ 873.069756][T25321] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 873.081353][T25356] CPU: 1 PID: 25356 Comm: syz-executor.0 Not tainted 5.3.0-rc6+ #96 [ 873.092344][T25356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 15:08:56 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 873.096174][T25321] loop4: p1 < > p2 [ 873.102393][T25356] Call Trace: [ 873.102414][T25356] dump_stack+0x1d8/0x2f8 [ 873.102427][T25356] should_fail+0x555/0x770 [ 873.102441][T25356] __should_failslab+0x11a/0x160 [ 873.102451][T25356] ? fasync_helper+0x39/0xb0 [ 873.102460][T25356] should_failslab+0x9/0x20 [ 873.102469][T25356] kmem_cache_alloc+0x56/0x2e0 [ 873.102477][T25356] fasync_helper+0x39/0xb0 [ 873.102487][T25356] sock_fasync+0x8a/0x100 [ 873.102499][T25356] do_fcntl+0xd16/0x1190 15:08:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0xf43, 0x0) [ 873.109581][T25356] ? security_file_fcntl+0xa1/0xd0 [ 873.109592][T25356] __se_sys_fcntl+0xde/0x1b0 [ 873.109602][T25356] __x64_sys_fcntl+0x7b/0x90 [ 873.109614][T25356] do_syscall_64+0xfe/0x140 [ 873.109625][T25356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 873.109634][T25356] RIP: 0033:0x459879 [ 873.109642][T25356] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 873.109650][T25356] RSP: 002b:00007ff3587c7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 873.118429][T25356] RAX: ffffffffffffffda RBX: 00007ff3587c7c90 RCX: 0000000000459879 [ 873.118434][T25356] RDX: 0000000000002000 RSI: 0000000000000004 RDI: 0000000000000003 [ 873.118439][T25356] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 873.118444][T25356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff3587c86d4 [ 873.118449][T25356] R13: 00000000004c0117 R14: 00000000004d2218 R15: 0000000000000004 [ 873.249397][T25321] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:56 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x300], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:57 executing program 4: syz_read_part_table(0x4c00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0xf43, 0x0) 15:08:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3e8], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 873.694848][T25386] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 873.741906][T25386] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 873.754224][T25386] loop4: p1 < > p2 [ 873.759023][T25386] loop4: p2 size 327680 extends beyond EOD, truncated [ 873.890198][T25386] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 873.900721][T25386] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 873.907600][T25386] loop4: p1 < > p2 [ 873.912458][T25386] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:08:59 executing program 0 (fault-call:11 fault-nth:1): prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:59 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:08:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0xf43, 0x0) 15:08:59 executing program 4: syz_read_part_table(0x5c00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:08:59 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x600], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:08:59 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x700], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0xf43, 0x0) [ 875.952180][T25430] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 875.987227][T25430] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 876.005872][T25430] loop4: p1 < > p2 [ 876.022562][T25430] loop4: p2 size 327680 extends beyond EOD, truncated 15:08:59 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xa00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0xf43, 0x0) 15:08:59 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xe00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:08:59 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:02 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:02 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x0) 15:09:02 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xf00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:02 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:02 executing program 4: syz_read_part_table(0x6000000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:02 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0xf43, 0x0) 15:09:02 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:02 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0xf43, 0x0) 15:09:02 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1100], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:02 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 879.095187][T25492] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 879.148092][T25492] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 879.184814][T25492] loop4: p1 < > p2 15:09:02 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 879.196805][T25492] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:02 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 879.398816][T25492] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 879.412577][T25492] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 879.419955][T25492] loop4: p1 < > p2 [ 879.430173][T25492] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:05 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0xf43, 0x0) 15:09:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1fff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:05 executing program 4: syz_read_part_table(0x6800000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:05 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x0) 15:09:05 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090006000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:05 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0xf43, 0x0) 15:09:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 882.171644][T25560] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 882.205839][T25560] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 882.218867][T25560] loop4: p1 < > p2 [ 882.227822][T25560] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:05 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000080)=[@mss={0x2, 0xc0000000}, @timestamp], 0x2) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e24, 0x4, @loopback, 0x9}}, 0x1f, 0x0, 0x7, 0x33, 0x4}, 0x98) ioctl$sock_ax25_SIOCDELRT(r2, 0x890c, &(0x7f0000000340)={@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, [@default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="66696c74657200000000000000000000001000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000690300006803000068030002687da74dce5ef26e9888cc2d25deac5e981cbfca92bb6ea165150baa992d1f00af18d63b7af60f72ae972b75589bebfd833f5ea4f10c85efbbc8bddd4f171bb4e9eacc"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x0, 0x2) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000003c0)={r3, 0x4}, &(0x7f0000000400)=0x8) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000200)={0x6, &(0x7f00000001c0)=[{0x3, 0x2, 0x9, 0x2}, {0x100000001, 0x1, 0x3f, 0x4}, {0x4, 0x75fc, 0x1, 0xf6b}, {0x0, 0x5, 0xc4e, 0x8}, {0xfff, 0x535a, 0x80000000, 0x8}, {0x6, 0x7, 0xd8b, 0x8}]}, 0x10) ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f0000000240)={{0x7, 0xffffffffffffff80, 0x4, 0x1, 0xd, 0x705c}, 0x2}) 15:09:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:09:05 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0xf43, 0x0) 15:09:05 executing program 0: r0 = socket(0x9, 0xa, 0xffffffff) getsockopt$netlink(r0, 0x10e, 0xb, &(0x7f0000000000)=""/28, &(0x7f00000000c0)=0x1c) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:06 executing program 4: syz_read_part_table(0x6c00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:06 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) [ 883.005568][T25625] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 883.022493][T25625] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 883.029451][T25625] loop4: p1 < > p2 [ 883.034012][T25625] loop4: p2 size 327680 extends beyond EOD, truncated [ 883.129914][T25625] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 883.140519][T25625] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 883.147247][T25625] loop4: p1 < > p2 [ 883.152062][T25625] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:08 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x0) 15:09:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0xf43, 0x0) 15:09:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x2000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) futimesat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={{}, {0x77359400}}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:08 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:09:08 executing program 4: syz_read_part_table(0x7400000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0xf43, 0x0) 15:09:08 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x2c01], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 885.207254][T25650] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:09:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000100035) fcntl$setstatus(r0, 0x4, 0x2000) [ 885.275920][T25650] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 885.286549][T25650] loop4: p1 < > p2 [ 885.292777][T25650] loop4: p2 size 327680 extends beyond EOD, truncated [ 885.292924][T25679] ptrace attach of "/root/syz-executor.3"[25678] was attempted by "/root/syz-executor.3"[25679] 15:09:08 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0xf43, 0x0) [ 885.539599][T25696] ptrace attach of "/root/syz-executor.3"[25694] was attempted by "/root/syz-executor.3"[25696] 15:09:11 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:11 executing program 4: syz_read_part_table(0x7a00000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:11 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0xf43, 0x0) 15:09:11 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0xfffffffffffffffa, 0x4000) io_setup(0x0, &(0x7f0000000240)) io_cancel(0x0, 0x0, &(0x7f0000000680)) modify_ldt$write2(0x11, &(0x7f00000000c0)={0x4, 0x20000800, 0x2000, 0xfffffffffffffffe, 0x6, 0x0, 0x100, 0x0, 0x3}, 0x10) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x101000, 0x0) prctl$PR_GET_NAME(0x10, 0x0) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2, 0x50001) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@empty, @in=@multicast1}}, {{@in=@empty}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) gettid() recvmmsg(0xffffffffffffffff, &(0x7f0000003140), 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') dup(0xffffffffffffffff) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 15:09:11 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3fff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0xf43, 0x0) [ 888.250702][T25733] ptrace attach of "/root/syz-executor.3"[25726] was attempted by "/root/syz-executor.3"[25733] [ 888.263301][T25717] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:09:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 888.303149][T25717] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 888.320730][T25717] loop4: p1 < > p2 [ 888.325796][T25717] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:12 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0xfffffffffffffffa, 0x4000) io_setup(0x0, &(0x7f0000000240)) io_cancel(0x0, 0x0, &(0x7f0000000680)) modify_ldt$write2(0x11, &(0x7f00000000c0)={0x4, 0x20000800, 0x2000, 0xfffffffffffffffe, 0x6, 0x0, 0x100, 0x0, 0x3}, 0x10) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x101000, 0x0) prctl$PR_GET_NAME(0x10, 0x0) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2, 0x50001) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@empty, @in=@multicast1}}, {{@in=@empty}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) gettid() recvmmsg(0xffffffffffffffff, &(0x7f0000003140), 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') dup(0xffffffffffffffff) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 888.468547][T25717] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. 15:09:12 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0xf43, 0x0) 15:09:12 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 888.527754][T25717] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 888.541262][T25717] loop4: p1 < > p2 [ 888.561502][T25717] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:12 executing program 4: syz_read_part_table(0x8000000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 888.836365][T25775] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 888.848106][T25775] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 888.856763][T25775] loop4: p1 < > p2 [ 888.862816][T25775] loop4: p2 size 327680 extends beyond EOD, truncated [ 888.989709][T25775] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 889.000072][T25775] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 889.006827][T25775] loop4: p1 < > p2 [ 889.012038][T25775] loop4: p2 size 327680 extends beyond EOD, truncated [ 889.130149][T25785] print_req_error: 273 callbacks suppressed [ 889.130159][T25785] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 889.135566][T25786] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 889.136121][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 889.148240][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 889.166186][ T2511] buffer_io_error: 266 callbacks suppressed [ 889.166193][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 889.184393][ T2511] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 889.202816][ T2511] Buffer I/O error on dev loop4p2, logical block 33008, async page read [ 889.211338][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 889.211493][T25785] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 889.222280][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 889.242030][ T2511] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 889.253499][ T2511] Buffer I/O error on dev loop4p2, logical block 33022, async page read [ 889.261996][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 889.262686][T25785] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 889.272992][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 889.292512][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 889.303509][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 889.311659][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 889.320160][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 889.328206][ T2510] Buffer I/O error on dev loop4p2, logical block 1, async page read [ 889.328345][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read 15:09:14 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0x100000000) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0xf43, 0x0) 15:09:14 executing program 5: 15:09:14 executing program 4: syz_read_part_table(0x80ffffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x4000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:14 executing program 5: 15:09:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x4400], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0xf43, 0x0) 15:09:14 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1d027d91a3670000000100000100010900"/32], 0x20) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) [ 891.335301][T25810] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 891.372264][T25810] ldm_validate_privheads(): Cannot find PRIVHEAD 1. 15:09:14 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) fadvise64(r0, 0x0, 0x7a5, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000100)={0x0, @broadcast}, &(0x7f0000000140)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000180)={'team0\x00', r3}) sync() tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) timerfd_create(0x8, 0x80000) accept4$tipc(r2, &(0x7f0000000040)=@id, &(0x7f00000000c0)=0x10, 0x80000) ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000000)={0x6, 0x4, 0x3}) 15:09:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 891.399339][T25810] loop4: p1 < > p2 [ 891.406130][T25810] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:15 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:15 executing program 4: syz_read_part_table(0x97ffffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:15 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:15 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x9401], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:15 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file0\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x208200) r1 = open(&(0x7f00000009c0)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602209, 0x5, 0x4002011, r1, 0x0) 15:09:15 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:15 executing program 1: openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) [ 891.826067][ T26] audit: type=1804 audit(1567436955.339:45): pid=25887 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2535/file0/bus" dev="ramfs" ino=213270 res=1 15:09:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @remote, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @remote={0xac, 0x14, 0x223}, {[@rr={0xffffff94, 0x3}]}}, @icmp=@timestamp_reply}}}}, 0x0) [ 891.904007][T25883] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 891.921240][ T26] audit: type=1804 audit(1567436955.339:46): pid=25887 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2535/file0/bus" dev="ramfs" ino=213270 res=1 [ 891.929376][T25883] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 892.005758][T25883] loop4: p1 < > p2 15:09:15 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280), 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 892.030590][T25883] loop4: p2 size 327680 extends beyond EOD, truncated [ 892.037724][ T26] audit: type=1804 audit(1567436955.339:47): pid=25887 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2535/file0/bus" dev="ramfs" ino=213270 res=1 15:09:18 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xa4ccf4d, 0x40) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10) 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280), 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:18 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file0\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x208200) r1 = open(&(0x7f00000009c0)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602209, 0x5, 0x4002011, r1, 0x0) 15:09:18 executing program 4: syz_read_part_table(0xc9ffffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:18 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xb8ff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280), 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:18 executing program 1 (fault-call:0 fault-nth:0): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 894.563092][ T26] audit: type=1804 audit(1567436958.079:48): pid=25933 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2536/file0/bus" dev="ramfs" ino=212323 res=1 [ 894.620562][ T26] audit: type=1804 audit(1567436958.089:49): pid=25933 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2536/file0/bus" dev="ramfs" ino=212323 res=1 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 894.669700][T25932] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 894.692491][ T26] audit: type=1804 audit(1567436958.089:50): pid=25933 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2536/file0/bus" dev="ramfs" ino=212323 res=1 [ 894.734285][T25932] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 894.748376][T25951] FAULT_INJECTION: forcing a failure. [ 894.748376][T25951] name failslab, interval 1, probability 0, space 0, times 0 [ 894.768566][T25932] loop4: p1 < > p2 [ 894.776387][T25932] loop4: p2 size 327680 extends beyond EOD, truncated [ 894.785001][T25951] CPU: 0 PID: 25951 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 894.793031][T25951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 894.803178][T25951] Call Trace: [ 894.806473][T25951] dump_stack+0x1d8/0x2f8 [ 894.810807][T25951] should_fail+0x555/0x770 [ 894.815223][T25951] __should_failslab+0x11a/0x160 [ 894.820159][T25951] ? __se_sys_memfd_create+0x10a/0x4b0 [ 894.825614][T25951] should_failslab+0x9/0x20 [ 894.830116][T25951] __kmalloc+0x7a/0x340 [ 894.834278][T25951] __se_sys_memfd_create+0x10a/0x4b0 [ 894.839561][T25951] ? do_syscall_64+0x1d/0x140 [ 894.844245][T25951] __x64_sys_memfd_create+0x5b/0x70 [ 894.849442][T25951] do_syscall_64+0xfe/0x140 [ 894.853945][T25951] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 894.859833][T25951] RIP: 0033:0x459879 [ 894.863721][T25951] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:09:18 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) ioctl$SIOCX25SDTEFACILITIES(r2, 0x89eb, &(0x7f00000000c0)={0x401, 0x80000001, 0xffffffff, 0x293d, 0x8, 0xb, 0x9, "25cfe10ca010752b8f4a8df7bda0e066d7690941", "45c1200390d642a4cf3742cd764f1237faa43d72"}) r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000500)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000007000000f60d0000000400000900030000300100003001000078863f000000000000a10933546078148f3a4f00000068030000680300006803000068030000687215133df764205d029079b64a800fcf5491a6b916df5ddb1af72829796f246de44cb757afb26c877131229f7651bafc7de200000000000000009d33f1faa204126f9b7af41e89f6d0076c6cce73b8a95fbe40067dd08d9a29007f623d2f32b977bf49111f01814ebf309e9f3bd2417c212ee5b5ab044d35eadc06ce53b3b078575800fde1ec3e89fbcb5214297452d010a3ff8923f4eada0ce5ad55fcb65c7c1900da5f4c86915ef17010585b84e106fd7c72a33ff194d2ecf20ea7a71391ba69dbecc5b9d22da3847a99f5f8ea8aa7e07b42ca87a86c0bbc4e5b2731c72387bafd52a14c0a418896934f1d5e5956cd1e8ce99ff665083e1f685011d886f5503a714a8d63b21cd5a3e7a81dac1f75305e2f1e8cb26e2dfa61ed97e66d1ca2a9b8385705590701aa2b7571eba7a13b182b6077efa41fea14f60e7fd08db6441692aedfe06e639d861903268ea16ef03e15bd266eaf91502595bd29311219261fa7b5c19938106974266d8cda584907b6a9689c576a4d981b1b9d80b968f80d6e0d6dbc6e86443cf420ea3e06c9ffa8ea956e1c9f498f8deea31440a7267de0ad48c2d44bcbb9aedfd3e1da2cc0258ed54571ec6f572758"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1ff, 0x0, &(0x7f0000ffb000/0x3000)=nil}) 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 894.883409][T25951] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 894.891815][T25951] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459879 [ 894.899811][T25951] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 894.907782][T25951] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 894.915754][T25951] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f08bc38e6d4 [ 894.923723][T25951] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:18 executing program 4: syz_read_part_table(0xeeffffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:18 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file0\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x208200) r1 = open(&(0x7f00000009c0)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602209, 0x5, 0x4002011, r1, 0x0) 15:09:18 executing program 0: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='[nodev\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f00000000c0)='cgroup\x00'}, 0x30) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000140)=ANY=[@ANYBLOB="66696c74657200000002000000000000000000400000000000000000000000f60d000000040000b5fbd4eba03228090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000681875d8f2efde767ad98ae23fee9bb261f1bbd6579ad2eb15d159cf7b3404adec2616da995da4c935746094b5cbcee0f6cd995d9e3cdd03d1eb80e2f43927f7438fb93ac90439f6f8a8f36e1b140a39cfb0d3a11cb5d3a404b92f9d8b666cdb139bffe167c6a3d76c3639abd82a28eb8458cc96a3afdc7c56bfa8fa5f7881dafa8cff8a4e0d8bfee13123166a745ffe0da6be9f"], 0x1) wait4(r0, &(0x7f0000000240), 0x1, &(0x7f00000002c0)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 895.257601][T25974] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 895.297998][T25974] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 895.308570][T25974] loop4: p1 < > p2 15:09:18 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xe803], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:18 executing program 1 (fault-call:0 fault-nth:1): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 895.326613][ T26] audit: type=1804 audit(1567436958.839:51): pid=25991 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2537/file0/bus" dev="ramfs" ino=212388 res=1 [ 895.365960][T25974] loop4: p2 size 327680 extends beyond EOD, truncated [ 895.388121][T25999] FAULT_INJECTION: forcing a failure. [ 895.388121][T25999] name failslab, interval 1, probability 0, space 0, times 0 15:09:19 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 895.447934][ T26] audit: type=1804 audit(1567436958.849:52): pid=25991 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2537/file0/bus" dev="ramfs" ino=212388 res=1 [ 895.482230][T25999] CPU: 0 PID: 25999 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 895.490245][T25999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 895.500478][T25999] Call Trace: [ 895.503771][T25999] dump_stack+0x1d8/0x2f8 [ 895.508099][T25999] should_fail+0x555/0x770 [ 895.512518][T25999] __should_failslab+0x11a/0x160 [ 895.517452][T25999] ? shmem_alloc_inode+0x1b/0x40 [ 895.522384][T25999] should_failslab+0x9/0x20 [ 895.526886][T25999] kmem_cache_alloc+0x56/0x2e0 [ 895.531654][T25999] ? shmem_fallocate+0xc90/0xc90 [ 895.536588][T25999] shmem_alloc_inode+0x1b/0x40 [ 895.541345][T25999] ? shmem_fallocate+0xc90/0xc90 [ 895.546274][T25999] new_inode_pseudo+0x68/0x240 [ 895.551036][T25999] new_inode+0x28/0x1c0 [ 895.555188][T25999] ? __kasan_check_read+0x11/0x20 [ 895.560208][T25999] shmem_get_inode+0x11b/0x700 [ 895.564968][T25999] ? __alloc_fd+0x58f/0x630 [ 895.569475][T25999] __shmem_file_setup+0x129/0x280 [ 895.574493][T25999] shmem_file_setup+0x2f/0x40 [ 895.579160][T25999] __se_sys_memfd_create+0x28e/0x4b0 [ 895.584480][T25999] ? do_syscall_64+0x1d/0x140 [ 895.589153][T25999] __x64_sys_memfd_create+0x5b/0x70 [ 895.594370][T25999] do_syscall_64+0xfe/0x140 [ 895.598875][T25999] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 895.604758][T25999] RIP: 0033:0x459879 [ 895.608656][T25999] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 895.628264][T25999] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 895.636760][T25999] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459879 [ 895.644729][T25999] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 895.652696][T25999] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 895.660665][T25999] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f08bc38e6d4 [ 895.668638][T25999] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:19 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:19 executing program 4: syz_read_part_table(0xfdffffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:19 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:19 executing program 5 (fault-call:13 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:19 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:19 executing program 1 (fault-call:0 fault-nth:2): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 895.849263][ T26] audit: type=1804 audit(1567436958.859:53): pid=25991 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir020283189/syzkaller.XvhSvm/2537/file0/bus" dev="ramfs" ino=212388 res=1 15:09:19 executing program 0: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r0) rt_sigpending(&(0x7f0000000180), 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0xf2e16) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000000)={0xca79, 0x2000000000000, 0x7, 0x8}, 0x10) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000fcff00f60d00000004000009000300003001000030013e00780200000000000000607814803a4f0000006803000168030000680300006803000068922ac796af8f118481ea1fa0dec1d71e392f01b804598bcead71fd29f23b6dd125e264146e3144df585b3657f8a152a5e9db02a83564fffd407f05f859e1"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:19 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 895.974878][T26024] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 896.003113][T26024] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 896.023852][T26047] FAULT_INJECTION: forcing a failure. [ 896.023852][T26047] name failslab, interval 1, probability 0, space 0, times 0 [ 896.027158][T26024] loop4: p1 < > p2 [ 896.055266][T26049] ptrace attach of "/root/syz-executor.0"[26048] was attempted by "/root/syz-executor.0"[26049] [ 896.072113][T26024] loop4: p2 size 327680 extends beyond EOD, truncated [ 896.079347][T26047] CPU: 0 PID: 26047 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 896.087335][T26047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 896.097480][T26047] Call Trace: [ 896.097498][T26047] dump_stack+0x1d8/0x2f8 [ 896.097510][T26047] should_fail+0x555/0x770 [ 896.097524][T26047] __should_failslab+0x11a/0x160 [ 896.097535][T26047] ? security_inode_alloc+0x36/0x1e0 [ 896.097545][T26047] should_failslab+0x9/0x20 [ 896.097555][T26047] kmem_cache_alloc+0x56/0x2e0 [ 896.097563][T26047] security_inode_alloc+0x36/0x1e0 [ 896.097573][T26047] inode_init_always+0x3b5/0x8d0 [ 896.097588][T26047] ? shmem_fallocate+0xc90/0xc90 [ 896.119892][T26047] new_inode_pseudo+0x7f/0x240 [ 896.119901][T26047] new_inode+0x28/0x1c0 [ 896.119911][T26047] ? __kasan_check_read+0x11/0x20 [ 896.119921][T26047] shmem_get_inode+0x11b/0x700 [ 896.119929][T26047] ? __alloc_fd+0x58f/0x630 [ 896.119941][T26047] __shmem_file_setup+0x129/0x280 [ 896.129168][T26047] shmem_file_setup+0x2f/0x40 [ 896.129178][T26047] __se_sys_memfd_create+0x28e/0x4b0 [ 896.129187][T26047] ? do_syscall_64+0x1d/0x140 [ 896.129196][T26047] __x64_sys_memfd_create+0x5b/0x70 [ 896.129203][T26047] do_syscall_64+0xfe/0x140 [ 896.129213][T26047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 896.129221][T26047] RIP: 0033:0x459879 [ 896.129232][T26047] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 896.139481][T26047] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 896.139489][T26047] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459879 [ 896.139494][T26047] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 896.139500][T26047] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 896.139505][T26047] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f08bc38e6d4 [ 896.139509][T26047] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 896.195410][T26046] FAULT_INJECTION: forcing a failure. [ 896.195410][T26046] name failslab, interval 1, probability 0, space 0, times 0 [ 896.208988][T26046] CPU: 0 PID: 26046 Comm: syz-executor.5 Not tainted 5.3.0-rc6+ #96 [ 896.235623][T26046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 896.235628][T26046] Call Trace: [ 896.235645][T26046] dump_stack+0x1d8/0x2f8 [ 896.235659][T26046] should_fail+0x555/0x770 [ 896.235673][T26046] __should_failslab+0x11a/0x160 15:09:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xf401], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:19 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:19 executing program 1 (fault-call:0 fault-nth:3): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x5d, 0x8000) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000000c0)={0x10001, 0x0, 0x10001, 0xff}) ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000100)={r3, 0x7}) r4 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c746572000000000000000062f4fb5ed8f4d0010000000000000000ae09283464ba1792b399211baf1dea00f60d000000040000090003000030010000300100007802002000000000009e1f74ea06b325b1e848c93e5b570fae7eabec069f1473001656ff3651b6de552dc23250d334eb3cb19807abbbd3f186140795e9b679441e98d5a225cc5a27a75ae81df592762893aa6452c9863227c1624b839cd491d9bd6fc906f341344b16790e2701000000000000001975c4eda2c2288240eb97f4b97ab27b4ff9ade4b3ab08892f0d572a158776ca8a4bf841c5cae24c1cb3555a42b20c467f7cb6cdd33065ade1e2aeb9c77edbcae0"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) write$eventfd(r4, &(0x7f0000000000)=0x800, 0x8) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 896.235682][T26046] ? fasync_helper+0x39/0xb0 [ 896.235692][T26046] should_failslab+0x9/0x20 [ 896.235701][T26046] kmem_cache_alloc+0x56/0x2e0 [ 896.235712][T26046] fasync_helper+0x39/0xb0 [ 896.235728][T26046] sock_fasync+0x8a/0x100 [ 896.259809][T26046] do_fcntl+0xd16/0x1190 [ 896.259820][T26046] ? security_file_fcntl+0xa1/0xd0 [ 896.259828][T26046] __se_sys_fcntl+0xde/0x1b0 [ 896.259837][T26046] __x64_sys_fcntl+0x7b/0x90 [ 896.259846][T26046] do_syscall_64+0xfe/0x140 [ 896.259858][T26046] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 896.259873][T26046] RIP: 0033:0x459879 [ 896.275807][T26046] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 896.275812][T26046] RSP: 002b:00007f56dc226c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 896.275820][T26046] RAX: ffffffffffffffda RBX: 00007f56dc226c90 RCX: 0000000000459879 [ 896.275824][T26046] RDX: 0000000000002000 RSI: 0000000000000004 RDI: 0000000000000004 [ 896.275828][T26046] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 896.275833][T26046] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f56dc2276d4 [ 896.275838][T26046] R13: 00000000004c0117 R14: 00000000004d2218 R15: 0000000000000005 [ 896.466155][T26058] FAULT_INJECTION: forcing a failure. 15:09:20 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 896.466155][T26058] name failslab, interval 1, probability 0, space 0, times 0 [ 896.501648][T26058] CPU: 0 PID: 26058 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 896.509662][T26058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 896.519720][T26058] Call Trace: [ 896.523017][T26058] dump_stack+0x1d8/0x2f8 [ 896.527362][T26058] should_fail+0x555/0x770 [ 896.531795][T26058] __should_failslab+0x11a/0x160 [ 896.536742][T26058] ? __d_alloc+0x2d/0x6e0 [ 896.541080][T26058] should_failslab+0x9/0x20 [ 896.545595][T26058] kmem_cache_alloc+0x56/0x2e0 [ 896.550366][T26058] __d_alloc+0x2d/0x6e0 [ 896.554535][T26058] ? lockdep_init_map+0x2a/0x680 [ 896.559504][T26058] d_alloc_pseudo+0x1d/0x70 [ 896.564011][T26058] alloc_file_pseudo+0xc3/0x260 [ 896.568853][T26058] __shmem_file_setup+0x1a2/0x280 [ 896.573901][T26058] shmem_file_setup+0x2f/0x40 [ 896.578634][T26058] __se_sys_memfd_create+0x28e/0x4b0 [ 896.583914][T26058] ? do_syscall_64+0x1d/0x140 [ 896.588583][T26058] __x64_sys_memfd_create+0x5b/0x70 [ 896.593776][T26058] do_syscall_64+0xfe/0x140 [ 896.598280][T26058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 896.604176][T26058] RIP: 0033:0x459879 [ 896.608074][T26058] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 896.627674][T26058] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 896.627683][T26058] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459879 [ 896.627688][T26058] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 896.627692][T26058] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 896.627696][T26058] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f08bc38e6d4 [ 896.627700][T26058] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:20 executing program 4: syz_read_part_table(0xff0f000000000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:20 executing program 1 (fault-call:0 fault-nth:4): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 896.732148][T26077] FAULT_INJECTION: forcing a failure. [ 896.732148][T26077] name failslab, interval 1, probability 0, space 0, times 0 [ 896.745039][T26077] CPU: 1 PID: 26077 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 896.753023][T26077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 896.763089][T26077] Call Trace: [ 896.766385][T26077] dump_stack+0x1d8/0x2f8 [ 896.770716][T26077] should_fail+0x555/0x770 [ 896.775128][T26077] __should_failslab+0x11a/0x160 [ 896.780068][T26077] ? __alloc_file+0x2c/0x390 [ 896.784659][T26077] should_failslab+0x9/0x20 [ 896.789173][T26077] kmem_cache_alloc+0x56/0x2e0 [ 896.793951][T26077] ? trace_lock_release+0x135/0x1a0 [ 896.799139][T26077] __alloc_file+0x2c/0x390 [ 896.803546][T26077] alloc_empty_file+0xac/0x1b0 [ 896.808290][T26077] alloc_file+0x60/0x4c0 [ 896.812508][T26077] alloc_file_pseudo+0x1d4/0x260 [ 896.817459][T26077] __shmem_file_setup+0x1a2/0x280 [ 896.822472][T26077] shmem_file_setup+0x2f/0x40 [ 896.827130][T26077] __se_sys_memfd_create+0x28e/0x4b0 [ 896.832393][T26077] ? do_syscall_64+0x1d/0x140 [ 896.837043][T26077] __x64_sys_memfd_create+0x5b/0x70 [ 896.842225][T26077] do_syscall_64+0xfe/0x140 [ 896.846708][T26077] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 896.852591][T26077] RIP: 0033:0x459879 [ 896.856463][T26077] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 896.876153][T26077] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 896.884635][T26077] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459879 [ 896.892613][T26077] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 896.900671][T26077] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 896.908633][T26077] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f08bc38e6d4 [ 896.916605][T26077] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 897.045126][T26086] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 897.057573][T26086] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 897.064607][T26086] loop4: p1 < > p2 [ 897.070839][T26086] loop4: p2 size 327680 extends beyond EOD, truncated [ 897.179970][T26086] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 897.190393][T26086] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 897.197170][T26086] loop4: p1 < > p2 [ 897.203739][T26086] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:22 executing program 5 (fault-call:13 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000)) r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:22 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:22 executing program 1 (fault-call:0 fault-nth:5): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:22 executing program 4: syz_read_part_table(0xffefffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfc00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 898.975343][T26115] FAULT_INJECTION: forcing a failure. [ 898.975343][T26115] name failslab, interval 1, probability 0, space 0, times 0 [ 898.989083][T26115] CPU: 1 PID: 26115 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 898.997071][T26115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 898.997076][T26115] Call Trace: [ 898.997091][T26115] dump_stack+0x1d8/0x2f8 [ 898.997109][T26115] should_fail+0x555/0x770 [ 899.019129][T26115] __should_failslab+0x11a/0x160 15:09:22 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 899.024059][T26115] ? security_file_alloc+0x36/0x200 [ 899.029246][T26115] should_failslab+0x9/0x20 [ 899.029255][T26115] kmem_cache_alloc+0x56/0x2e0 [ 899.029265][T26115] security_file_alloc+0x36/0x200 [ 899.029276][T26115] __alloc_file+0xde/0x390 [ 899.029288][T26115] alloc_empty_file+0xac/0x1b0 [ 899.052694][T26115] alloc_file+0x60/0x4c0 [ 899.056933][T26115] alloc_file_pseudo+0x1d4/0x260 [ 899.061871][T26115] __shmem_file_setup+0x1a2/0x280 [ 899.066908][T26115] shmem_file_setup+0x2f/0x40 15:09:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x20000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300006800"/87], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000001c0)={0x6, 0x8005, 0x0, 0x7, 0x0}, &(0x7f0000000200)=0x10) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000340)={'filter\x00'}, &(0x7f0000000240)=0x78) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [], 0x1e}, 0x389}}, 0x9, 0x3, 0x40000000000, 0x200, 0x40}, &(0x7f0000000000)=0x98) get_thread_area(&(0x7f0000000180)={0x7, 0x100000, 0x400, 0x8, 0x6, 0x8, 0x6, 0x4, 0x1, 0x6019}) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000040)={r4, 0x5}, 0x8) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfcff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 899.071582][T26115] __se_sys_memfd_create+0x28e/0x4b0 [ 899.076867][T26115] ? do_syscall_64+0x1d/0x140 [ 899.081550][T26115] __x64_sys_memfd_create+0x5b/0x70 [ 899.086753][T26115] do_syscall_64+0xfe/0x140 [ 899.091268][T26115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 899.097162][T26115] RIP: 0033:0x459879 [ 899.101060][T26115] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:09:22 executing program 1 (fault-call:0 fault-nth:6): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 899.120741][T26115] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 899.129129][T26115] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459879 [ 899.137132][T26115] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 899.145090][T26115] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 899.153039][T26115] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f08bc38e6d4 [ 899.161001][T26115] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 899.243719][T26111] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 899.265371][T26139] FAULT_INJECTION: forcing a failure. [ 899.265371][T26139] name failslab, interval 1, probability 0, space 0, times 0 [ 899.311272][T26139] CPU: 1 PID: 26139 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 899.311795][T26111] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 899.319280][T26139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 899.319284][T26139] Call Trace: [ 899.319303][T26139] dump_stack+0x1d8/0x2f8 [ 899.319316][T26139] should_fail+0x555/0x770 [ 899.319328][T26139] __should_failslab+0x11a/0x160 [ 899.319362][T26139] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 899.319380][T26139] should_failslab+0x9/0x20 [ 899.348081][T26111] loop4: p1 < > p2 [ 899.352905][T26139] __kmalloc+0x7a/0x340 [ 899.352917][T26139] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 899.352926][T26139] tomoyo_realpath_from_path+0xdc/0x7c0 [ 899.352942][T26139] tomoyo_path_perm+0x192/0x850 [ 899.366917][T26139] ? trace_lock_release+0x135/0x1a0 [ 899.376752][T26139] tomoyo_path_truncate+0x1c/0x20 [ 899.376764][T26139] security_path_truncate+0xd5/0x150 [ 899.397375][T26139] do_sys_ftruncate+0x493/0x710 [ 899.397386][T26139] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 899.397399][T26139] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 899.418626][T26139] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 899.424339][T26139] ? trace_hardirqs_off_caller+0x58/0x80 [ 899.429970][T26139] ? do_syscall_64+0x1d/0x140 [ 899.434639][T26139] __x64_sys_ftruncate+0x60/0x70 [ 899.439573][T26139] do_syscall_64+0xfe/0x140 [ 899.444072][T26139] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 899.449951][T26139] RIP: 0033:0x459847 15:09:23 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 899.453848][T26139] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 899.473554][T26139] RSP: 002b:00007f08bc38da88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 899.481968][T26139] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459847 [ 899.489939][T26139] RDX: 0000000020000028 RSI: 0000000000020000 RDI: 0000000000000004 [ 899.497905][T26139] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 899.497911][T26139] R10: 0000000000010000 R11: 0000000000000217 R12: 0000000000000004 [ 899.497916][T26139] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 899.500221][T26139] ERROR: Out of memory at tomoyo_realpath_from_path. [ 899.559620][T26111] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:23 executing program 1 (fault-call:0 fault-nth:7): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 899.688978][T26162] FAULT_INJECTION: forcing a failure. [ 899.688978][T26162] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 899.702207][T26162] CPU: 0 PID: 26162 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 899.710181][T26162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 899.720271][T26162] Call Trace: [ 899.723561][T26162] dump_stack+0x1d8/0x2f8 [ 899.723576][T26162] should_fail+0x555/0x770 [ 899.723594][T26162] should_fail_alloc_page+0x55/0x60 [ 899.732346][T26162] prepare_alloc_pages+0x283/0x470 [ 899.732366][T26162] __alloc_pages_nodemask+0xb2/0x5d0 [ 899.732379][T26162] kmem_getpages+0x56/0xa20 [ 899.732389][T26162] cache_grow_begin+0x7e/0x2c0 [ 899.732399][T26162] cache_alloc_refill+0x311/0x3f0 [ 899.732407][T26162] ? check_preemption_disabled+0xb7/0x2a0 [ 899.732417][T26162] __kmalloc+0x318/0x340 [ 899.732425][T26162] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 899.732435][T26162] tomoyo_realpath_from_path+0xdc/0x7c0 [ 899.732447][T26162] tomoyo_path_perm+0x192/0x850 [ 899.732457][T26162] ? trace_lock_release+0x135/0x1a0 [ 899.732476][T26162] tomoyo_path_truncate+0x1c/0x20 [ 899.778026][T26162] security_path_truncate+0xd5/0x150 [ 899.803828][T26162] do_sys_ftruncate+0x493/0x710 [ 899.808687][T26162] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 899.814423][T26162] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 899.819891][T26162] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 899.825606][T26162] ? trace_hardirqs_off_caller+0x58/0x80 [ 899.831230][T26162] ? do_syscall_64+0x1d/0x140 [ 899.835888][T26162] __x64_sys_ftruncate+0x60/0x70 [ 899.840808][T26162] do_syscall_64+0xfe/0x140 [ 899.845290][T26162] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 899.852326][T26162] RIP: 0033:0x459847 [ 899.856204][T26162] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 899.875793][T26162] RSP: 002b:00007f08bc38da88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 899.884208][T26162] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459847 [ 899.892164][T26162] RDX: 0000000020000028 RSI: 0000000000020000 RDI: 0000000000000004 [ 899.900124][T26162] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 899.908872][T26162] R10: 0000000000010000 R11: 0000000000000217 R12: 0000000000000004 [ 899.916827][T26162] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:25 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:25 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:25 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={0xffffffffffffffff}, 0x7bc4c38a97639b66, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000040)=0x2, r2, 0x0, 0x0, 0x1}}, 0x20) r3 = gettid() r4 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:25 executing program 4: syz_read_part_table(0xffffffff00000000, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:25 executing program 1 (fault-call:0 fault-nth:8): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:25 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 902.237735][T26187] FAULT_INJECTION: forcing a failure. [ 902.237735][T26187] name failslab, interval 1, probability 0, space 0, times 0 [ 902.269224][T26187] CPU: 0 PID: 26187 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 902.277234][T26187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 15:09:25 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff01], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 902.287294][T26187] Call Trace: [ 902.290585][T26187] dump_stack+0x1d8/0x2f8 [ 902.294922][T26187] should_fail+0x555/0x770 [ 902.299339][T26187] __should_failslab+0x11a/0x160 [ 902.304275][T26187] ? tomoyo_encode2+0x273/0x5a0 [ 902.309122][T26187] should_failslab+0x9/0x20 [ 902.313625][T26187] __kmalloc+0x7a/0x340 [ 902.317787][T26187] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 902.323523][T26187] tomoyo_encode2+0x273/0x5a0 [ 902.328214][T26187] ? dynamic_dname+0xf0/0xf0 15:09:25 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:25 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 902.332814][T26187] tomoyo_realpath_from_path+0x769/0x7c0 [ 902.338451][T26187] tomoyo_path_perm+0x192/0x850 [ 902.343305][T26187] ? trace_lock_release+0x135/0x1a0 [ 902.348508][T26187] tomoyo_path_truncate+0x1c/0x20 [ 902.353523][T26187] security_path_truncate+0xd5/0x150 [ 902.358807][T26187] do_sys_ftruncate+0x493/0x710 [ 902.363659][T26187] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 902.369395][T26187] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 902.374963][T26187] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 902.380672][T26187] ? trace_hardirqs_off_caller+0x58/0x80 [ 902.386286][T26187] ? do_syscall_64+0x1d/0x140 [ 902.390945][T26187] __x64_sys_ftruncate+0x60/0x70 [ 902.395858][T26187] do_syscall_64+0xfe/0x140 [ 902.400345][T26187] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 902.406223][T26187] RIP: 0033:0x459847 [ 902.410126][T26187] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 902.429817][T26187] RSP: 002b:00007f08bc38da88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 902.438232][T26187] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000459847 [ 902.446192][T26187] RDX: 0000000020000028 RSI: 0000000000020000 RDI: 0000000000000004 [ 902.454158][T26187] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 902.462134][T26187] R10: 0000000000010000 R11: 0000000000000217 R12: 0000000000000004 [ 902.470088][T26187] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 902.478895][T26187] ERROR: Out of memory at tomoyo_realpath_from_path. [ 902.506771][T26182] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 902.539369][T26182] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 902.550187][T26182] loop4: p1 < > p2 15:09:26 executing program 1 (fault-call:0 fault-nth:9): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 902.587517][T26182] loop4: p2 size 327680 extends beyond EOD, truncated [ 902.691099][T26219] FAULT_INJECTION: forcing a failure. [ 902.691099][T26219] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 902.733237][T26219] CPU: 0 PID: 26219 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 902.741284][T26219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 902.751341][T26219] Call Trace: [ 902.754642][T26219] dump_stack+0x1d8/0x2f8 [ 902.758991][T26219] should_fail+0x555/0x770 [ 902.763418][T26219] should_fail_alloc_page+0x55/0x60 [ 902.768629][T26219] prepare_alloc_pages+0x283/0x470 [ 902.773757][T26219] __alloc_pages_nodemask+0xb2/0x5d0 [ 902.779045][T26219] ? percpu_counter_add_batch+0x153/0x170 [ 902.784773][T26219] alloc_pages_vma+0x4e7/0x8b0 [ 902.789539][T26219] shmem_alloc_and_acct_page+0x429/0xbb0 [ 902.795197][T26219] shmem_getpage_gfp+0x1270/0x2c00 [ 902.800327][T26219] shmem_write_begin+0xcb/0x1b0 [ 902.805180][T26219] generic_perform_write+0x25d/0x4e0 [ 902.810480][T26219] __generic_file_write_iter+0x24b/0x520 [ 902.816121][T26219] generic_file_write_iter+0x445/0x5d0 [ 902.821599][T26219] __vfs_write+0x5a1/0x740 [ 902.826029][T26219] vfs_write+0x275/0x590 [ 902.830283][T26219] __x64_sys_pwrite64+0x162/0x1d0 [ 902.835312][T26219] do_syscall_64+0xfe/0x140 [ 902.835325][T26219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 902.835338][T26219] RIP: 0033:0x4137c7 [ 902.845695][T26219] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 902.845701][T26219] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 15:09:26 executing program 4: syz_read_part_table(0xffffffffffffffff, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:26 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 902.845710][T26219] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 00000000004137c7 [ 902.845715][T26219] RDX: 0000000000000048 RSI: 00000000200008c0 RDI: 0000000000000004 [ 902.845724][T26219] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 902.869735][T26219] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004 [ 902.869741][T26219] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 903.023413][T26231] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 903.034074][T26231] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 903.043994][T26231] loop4: p1 < > p2 [ 903.053108][T26231] loop4: p2 size 327680 extends beyond EOD, truncated [ 903.190101][T26231] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 903.200459][T26231] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 903.207277][T26231] loop4: p1 < > p2 [ 903.212334][T26231] loop4: p2 size 327680 extends beyond EOD, truncated [ 903.320210][T26244] print_req_error: 431 callbacks suppressed [ 903.320222][T26244] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 903.322293][T26245] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 903.326199][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 903.338000][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.367237][ T2511] buffer_io_error: 419 callbacks suppressed [ 903.367244][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 903.381391][ T2511] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.392865][ T2511] Buffer I/O error on dev loop4p2, logical block 33008, async page read [ 903.401346][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.401494][T26244] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 903.412261][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 903.432112][ T2511] blk_update_request: I/O error, dev loop4, sector 264176 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.443533][ T2511] Buffer I/O error on dev loop4p2, logical block 33022, async page read [ 903.452367][ T2511] blk_update_request: I/O error, dev loop4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.454487][T26244] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 903.463334][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 903.482967][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.494058][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 903.502492][ T2511] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 903.510889][ T2511] Buffer I/O error on dev loop4p2, logical block 1, async page read [ 903.519000][ T2510] Buffer I/O error on dev loop4p2, logical block 33023, async page read [ 903.528156][ T2510] Buffer I/O error on dev loop4p1, logical block 0, async page read 15:09:29 executing program 1 (fault-call:0 fault-nth:10): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup(r0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x93bb31f1446defb7, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) ioctl$TUNGETVNETHDRSZ(r3, 0x800454d7, &(0x7f0000000000)) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:29 executing program 5: r0 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000340)=ANY=[@ANYBLOB="5d0000008ebd11f356d06b502cf215efdbe3c33e15517bb87a486680f3da804ce6e42852693b3c1277c8217452d17d7f8928262559058521913fb60fc1e78bf145c39b9b43232f3b16967f3da3fc4b76f2b88399e6691f48cc090025c3b908df0ca2c41748dc1365aec6c2a0d8b7b469abc4496599eaaad5d71a7e1a7a7ef987d4d59a8058220f7c08c28402e03caab7f0f8e711ac414aac6a01800000850fbda092f48043a174ee4fbb1a9c4cf3a353ae5f4e3a61d623515a5f5f1e3b87f2721de2348ea31ea01f5a0100c2c521acc62535682291bde4eff0b2504a0e7261ffe9aedf457c651917724a1dcb99b6706172967a"]) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r2, 0x4, 0x2000) 15:09:29 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:29 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="03000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff03], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 905.524977][T26264] FAULT_INJECTION: forcing a failure. [ 905.524977][T26264] name failslab, interval 1, probability 0, space 0, times 0 [ 905.537604][T26264] CPU: 0 PID: 26264 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 905.545584][T26264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 905.555649][T26264] Call Trace: [ 905.558969][T26264] dump_stack+0x1d8/0x2f8 [ 905.563294][T26264] should_fail+0x555/0x770 [ 905.567705][T26264] __should_failslab+0x11a/0x160 15:09:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) ptrace$setopts(0x4206, r2, 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r2, r2, 0x7, r1, &(0x7f0000000040)={r3, r3, 0xfffffffffffffff7}) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) syz_init_net_socket$rose(0xb, 0x5, 0x0) [ 905.572640][T26264] ? xas_create+0x1197/0x1910 [ 905.577320][T26264] should_failslab+0x9/0x20 [ 905.581841][T26264] kmem_cache_alloc+0x56/0x2e0 [ 905.586607][T26264] xas_create+0x1197/0x1910 [ 905.591136][T26264] xas_create_range+0x142/0x700 [ 905.596001][T26264] shmem_add_to_page_cache+0x8e1/0x1230 [ 905.601556][T26264] shmem_getpage_gfp+0x184b/0x2c00 [ 905.606682][T26264] shmem_write_begin+0xcb/0x1b0 [ 905.611537][T26264] generic_perform_write+0x25d/0x4e0 [ 905.616837][T26264] __generic_file_write_iter+0x24b/0x520 [ 905.622479][T26264] generic_file_write_iter+0x445/0x5d0 [ 905.627961][T26264] __vfs_write+0x5a1/0x740 [ 905.632390][T26264] vfs_write+0x275/0x590 [ 905.636629][T26264] __x64_sys_pwrite64+0x162/0x1d0 [ 905.641672][T26264] do_syscall_64+0xfe/0x140 [ 905.641683][T26264] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 905.641692][T26264] RIP: 0033:0x4137c7 [ 905.641702][T26264] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 15:09:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff07], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 905.641707][T26264] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 905.641714][T26264] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 00000000004137c7 [ 905.641718][T26264] RDX: 0000000000000048 RSI: 00000000200008c0 RDI: 0000000000000004 [ 905.641722][T26264] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 905.641727][T26264] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004 [ 905.641731][T26264] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 905.769992][T26274] IPVS: ftp: loaded support on port[0] = 21 15:09:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f0000000140)=0xc) r2 = dup2(r0, r0) ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000400)=0xc34) r3 = geteuid() mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x80000, &(0x7f0000000180)={'trans=unix,', {[{@msize={'msize', 0x3d, 0x5}}, {@uname={'uname', 0x3d, '.bdev.proc'}}, {@fscache='fscache'}, {@debug={'debug', 0x3d, 0x5}}, {@cache_mmap='cache=mmap'}, {@loose='loose'}, {@cache_none='cache=none'}, {@debug={'debug', 0x3d, 0x8}}], [{@euid_eq={'euid', 0x3d, r1}}, {@subj_type={'subj_type', 0x3d, '\\-eth1.'}}, {@appraise='appraise'}, {@dont_measure='dont_measure'}, {@euid_gt={'euid>', r3}}]}}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000340), 0x4) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = gettid() ioctl$IOC_PR_REGISTER(r2, 0x401870c8, &(0x7f0000000440)={0x7, 0x8}) r5 = dup(r0) ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f00000003c0)={0x4, 0x6}) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) tkill(r4, 0x10010000000035) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000380)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:29 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() dup(r0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x2c, 0x2000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100e97802000000000000006078148f3a4f00000068030000680300006802000068030000683311e23d"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 905.839789][T26262] ldm_validate_privheads(): Disk read failed. [ 905.846406][T26262] loop4: p1 < > p2 [ 905.851719][T26262] loop4: partition table partially beyond EOD, truncated [ 905.859753][T26262] loop4: p1 start 1 is beyond EOD, truncated [ 905.865860][T26262] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:29 executing program 1 (fault-call:0 fault-nth:11): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:29 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="04000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 906.069043][T26313] FAULT_INJECTION: forcing a failure. [ 906.069043][T26313] name failslab, interval 1, probability 0, space 0, times 0 [ 906.131365][T26313] CPU: 1 PID: 26313 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 906.139387][T26313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 906.149453][T26313] Call Trace: [ 906.152741][T26313] dump_stack+0x1d8/0x2f8 [ 906.157073][T26313] should_fail+0x555/0x770 [ 906.161492][T26313] __should_failslab+0x11a/0x160 [ 906.166429][T26313] ? getname_flags+0xba/0x640 [ 906.171099][T26313] should_failslab+0x9/0x20 [ 906.175592][T26313] kmem_cache_alloc+0x56/0x2e0 15:09:29 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000040)=0x7) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000100)) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r3, 0x110, 0x3) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x1f, 0x20040) [ 906.180351][T26313] ? check_preemption_disabled+0xb7/0x2a0 [ 906.186085][T26313] getname_flags+0xba/0x640 [ 906.190587][T26313] getname+0x19/0x20 [ 906.194518][T26313] do_sys_open+0x261/0x560 [ 906.198989][T26313] __x64_sys_open+0x87/0x90 [ 906.203583][T26313] do_syscall_64+0xfe/0x140 [ 906.208099][T26313] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 906.213991][T26313] RIP: 0033:0x413761 [ 906.217867][T26313] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 906.217873][T26313] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 906.217885][T26313] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000413761 [ 906.245972][T26313] RDX: 00007f08bc38db0a RSI: 0000000000000002 RDI: 00007f08bc38db00 [ 906.245977][T26313] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 906.245982][T26313] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 15:09:29 executing program 1 (fault-call:0 fault-nth:12): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 906.245987][T26313] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 906.340222][T26319] ldm_validate_privheads(): Disk read failed. [ 906.346394][T26319] loop4: p1 < > p2 [ 906.356535][T26333] FAULT_INJECTION: forcing a failure. [ 906.356535][T26333] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 906.369755][T26333] CPU: 1 PID: 26333 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 906.377728][T26333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 906.383198][T26319] loop4: partition table partially beyond EOD, truncated [ 906.387775][T26333] Call Trace: [ 906.387794][T26333] dump_stack+0x1d8/0x2f8 [ 906.387807][T26333] should_fail+0x555/0x770 [ 906.387822][T26333] should_fail_alloc_page+0x55/0x60 [ 906.407036][T26333] prepare_alloc_pages+0x283/0x470 [ 906.407050][T26333] __alloc_pages_nodemask+0xb2/0x5d0 [ 906.422638][T26333] kmem_getpages+0x56/0xa20 [ 906.427135][T26333] ? trace_lock_release+0x135/0x1a0 [ 906.432422][T26333] cache_grow_begin+0x7e/0x2c0 [ 906.432526][T26319] loop4: p1 start 1 is beyond EOD, truncated [ 906.437176][T26333] cache_alloc_refill+0x311/0x3f0 [ 906.437185][T26333] ? check_preemption_disabled+0xb7/0x2a0 [ 906.437195][T26333] kmem_cache_alloc+0x2b9/0x2e0 [ 906.437205][T26333] ? getname_flags+0xba/0x640 [ 906.437216][T26333] getname_flags+0xba/0x640 [ 906.463189][T26319] loop4: p2 size 327680 extends beyond EOD, truncated [ 906.463472][T26333] getname+0x19/0x20 [ 906.474777][T26333] do_sys_open+0x261/0x560 [ 906.474789][T26333] __x64_sys_open+0x87/0x90 15:09:30 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) socket$caif_stream(0x25, 0x1, 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 906.474802][T26333] do_syscall_64+0xfe/0x140 [ 906.492044][T26333] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 906.497939][T26333] RIP: 0033:0x413761 [ 906.501825][T26333] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 906.501831][T26333] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 906.501841][T26333] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000413761 [ 906.501846][T26333] RDX: 00007f08bc38db0a RSI: 0000000000000002 RDI: 00007f08bc38db00 [ 906.501851][T26333] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 906.501856][T26333] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 906.501865][T26333] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:30 executing program 1 (fault-call:0 fault-nth:13): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff0f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:30 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="05000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 906.742246][T26360] FAULT_INJECTION: forcing a failure. [ 906.742246][T26360] name failslab, interval 1, probability 0, space 0, times 0 [ 906.812530][T26360] CPU: 0 PID: 26360 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 906.820544][T26360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 906.830634][T26360] Call Trace: [ 906.830653][T26360] dump_stack+0x1d8/0x2f8 [ 906.830668][T26360] should_fail+0x555/0x770 [ 906.830681][T26360] __should_failslab+0x11a/0x160 [ 906.830696][T26360] ? __alloc_file+0x2c/0x390 [ 906.838288][T26360] should_failslab+0x9/0x20 [ 906.838299][T26360] kmem_cache_alloc+0x56/0x2e0 15:09:30 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="06000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 906.838314][T26360] __alloc_file+0x2c/0x390 [ 906.865896][T26360] alloc_empty_file+0xac/0x1b0 [ 906.870671][T26360] path_openat+0x9e/0x4460 [ 906.875094][T26360] ? __kasan_kmalloc+0x178/0x1b0 [ 906.880040][T26360] ? __kasan_kmalloc+0x11c/0x1b0 [ 906.884988][T26360] ? kasan_slab_alloc+0xf/0x20 [ 906.889756][T26360] ? kmem_cache_alloc+0x1f5/0x2e0 [ 906.894780][T26360] ? getname+0x19/0x20 [ 906.894794][T26360] ? do_sys_open+0x261/0x560 [ 906.903446][T26360] ? do_syscall_64+0xfe/0x140 [ 906.903458][T26360] ? trace_mm_page_alloc+0x17a/0x1f0 [ 906.903467][T26360] ? cache_grow_end+0x143/0x170 [ 906.903477][T26360] ? trace_lock_release+0x135/0x1a0 [ 906.903484][T26360] ? cache_grow_end+0x143/0x170 [ 906.903496][T26360] ? trace_lock_release+0x135/0x1a0 [ 906.933470][T26360] ? __alloc_fd+0x58f/0x630 [ 906.937992][T26360] do_filp_open+0x192/0x3d0 [ 906.942498][T26360] ? _raw_spin_unlock+0x2c/0x50 [ 906.947367][T26360] do_sys_open+0x29f/0x560 [ 906.951800][T26360] __x64_sys_open+0x87/0x90 [ 906.956324][T26360] do_syscall_64+0xfe/0x140 [ 906.960836][T26360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 906.966749][T26360] RIP: 0033:0x413761 [ 906.970646][T26360] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 906.990372][T26360] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 906.998783][T26360] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000413761 [ 907.006852][T26360] RDX: 00007f08bc38db0a RSI: 0000000000000002 RDI: 00007f08bc38db00 [ 907.014828][T26360] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 907.022778][T26360] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 907.030732][T26360] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000689ba325e7011e46bce95d188c83b3bf0d66ecb0036d10004a51b0e1ab0a1be0b096a6995018bb7f76b6203beac85f688db6080a40b18489b702dd03acb02e87d04eac6e3f422d08fb4e285ac56852933596866e6ca0f9f962e9ecee3daa7bb97cb4609db6d5605a1ac660e504a1989ce6b89ffc226b572a724bb477b017f181d4154bee3ff1d7cc6e945fa7054b73adbd00"/241], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x4000) 15:09:32 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:32 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="07000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:32 executing program 1 (fault-call:0 fault-nth:14): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) tkill(r1, 0x2a) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:32 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff1f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4) ptrace$setopts(0x4206, r1, 0x0, 0x10010001e) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) setsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f0000000040)=0x3, 0x4) [ 909.044245][T26393] FAULT_INJECTION: forcing a failure. [ 909.044245][T26393] name failslab, interval 1, probability 0, space 0, times 0 [ 909.080889][T26393] CPU: 1 PID: 26393 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 909.088892][T26393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 909.098948][T26393] Call Trace: [ 909.102256][T26393] dump_stack+0x1d8/0x2f8 [ 909.106591][T26393] should_fail+0x555/0x770 [ 909.111091][T26393] __should_failslab+0x11a/0x160 [ 909.116024][T26393] ? security_file_alloc+0x36/0x200 [ 909.121223][T26393] should_failslab+0x9/0x20 [ 909.125718][T26393] kmem_cache_alloc+0x56/0x2e0 [ 909.130483][T26393] security_file_alloc+0x36/0x200 [ 909.135636][T26393] __alloc_file+0xde/0x390 [ 909.135651][T26393] alloc_empty_file+0xac/0x1b0 [ 909.144876][T26393] path_openat+0x9e/0x4460 [ 909.144885][T26393] ? __kasan_kmalloc+0x178/0x1b0 [ 909.144895][T26393] ? __kasan_kmalloc+0x11c/0x1b0 [ 909.159138][T26393] ? kasan_slab_alloc+0xf/0x20 [ 909.163901][T26393] ? kmem_cache_alloc+0x1f5/0x2e0 [ 909.168916][T26393] ? getname+0x19/0x20 [ 909.168923][T26393] ? do_sys_open+0x261/0x560 [ 909.168933][T26393] ? do_syscall_64+0xfe/0x140 [ 909.168947][T26393] ? trace_mm_page_alloc+0x17a/0x1f0 [ 909.187485][T26393] ? cache_grow_end+0x143/0x170 [ 909.187498][T26393] ? trace_lock_release+0x135/0x1a0 [ 909.187510][T26393] ? cache_grow_end+0x143/0x170 [ 909.202365][T26393] ? trace_lock_release+0x135/0x1a0 [ 909.207566][T26393] ? __alloc_fd+0x58f/0x630 [ 909.212075][T26393] do_filp_open+0x192/0x3d0 [ 909.216585][T26393] ? _raw_spin_unlock+0x2c/0x50 [ 909.221526][T26393] do_sys_open+0x29f/0x560 [ 909.225943][T26393] __x64_sys_open+0x87/0x90 [ 909.230445][T26393] do_syscall_64+0xfe/0x140 [ 909.234938][T26393] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 909.240822][T26393] RIP: 0033:0x413761 [ 909.244711][T26393] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 909.264390][T26393] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 909.272780][T26393] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000413761 [ 909.280739][T26393] RDX: 00007f08bc38db0a RSI: 0000000000000002 RDI: 00007f08bc38db00 15:09:32 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:32 executing program 1 (fault-call:0 fault-nth:15): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 909.288696][T26393] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 909.296821][T26393] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 909.304857][T26393] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 909.335169][T26387] ldm_validate_privheads(): Disk read failed. [ 909.356622][T26387] loop4: p1 < > p2 [ 909.369253][T26387] loop4: partition table partially beyond EOD, truncated [ 909.380888][T26414] FAULT_INJECTION: forcing a failure. [ 909.380888][T26414] name failslab, interval 1, probability 0, space 0, times 0 [ 909.402672][T26387] loop4: p1 start 1 is beyond EOD, truncated [ 909.408924][T26387] loop4: p2 size 327680 extends beyond EOD, truncated [ 909.425840][T26414] CPU: 0 PID: 26414 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 909.433860][T26414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 909.443912][T26414] Call Trace: [ 909.447207][T26414] dump_stack+0x1d8/0x2f8 [ 909.454666][T26414] should_fail+0x555/0x770 [ 909.459098][T26414] __should_failslab+0x11a/0x160 [ 909.464042][T26414] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 909.469759][T26414] should_failslab+0x9/0x20 [ 909.474258][T26414] __kmalloc+0x7a/0x340 [ 909.478404][T26414] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 909.484182][T26414] tomoyo_realpath_from_path+0xdc/0x7c0 [ 909.489719][T26414] tomoyo_path_number_perm+0x166/0x640 [ 909.495184][T26414] ? smack_file_ioctl+0x226/0x2e0 [ 909.500232][T26414] ? __fget+0x401/0x510 [ 909.504422][T26414] tomoyo_file_ioctl+0x23/0x30 [ 909.509671][T26414] security_file_ioctl+0x6d/0xd0 [ 909.514621][T26414] __x64_sys_ioctl+0xa3/0x120 [ 909.519278][T26414] do_syscall_64+0xfe/0x140 [ 909.523759][T26414] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 909.529627][T26414] RIP: 0033:0x4596e7 [ 909.533500][T26414] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:09:33 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000100)='team\x00') getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000140)={{{@in=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@remote}}, &(0x7f0000000240)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in6=@mcast2, @in6=@initdev}}, {{@in=@empty}}}, &(0x7f0000000280)=0xe8) getpeername$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000500)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000540)={'vcan0\x00'}) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000640)=0x0) ptrace$getregset(0x4204, r4, 0xceefde9d9eb4b13a, &(0x7f00000006c0)={&(0x7f0000000680)=""/39, 0x27}) getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f0000001940)={@remote, 0x0}, &(0x7f0000001980)=0x14) accept(r0, &(0x7f00000019c0)=@hci={0x1f, 0x0}, &(0x7f0000001a40)=0x80) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001a80)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001ac0)={'ip6_vti0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000002300)={{{@in6=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@loopback}}, &(0x7f0000002400)=0xe8) r10 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x100, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@newqdisc={0x34, 0x24, 0x200, 0x70bd28, 0x25dfdbfc, {0x0, r6, {0x9, 0xffe0}, {0xb}, {0xfff2, 0xa}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x1f}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x40) accept$packet(0xffffffffffffffff, &(0x7f0000002480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000024c0)=0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000002940)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80018000}, 0xc, &(0x7f0000002900)={&(0x7f0000000700)=ANY=[@ANYBLOB="70020000", @ANYRES16=r2, @ANYBLOB="000366bd7000fddbdf250300000008000100", @ANYRES32=r3, @ANYBLOB="0400020008000100", @ANYRES32=r5, @ANYBLOB="7001020040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040040000000080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400ff000000400001002400010071756575655f6964000000000000000000000000000000000000000000000000080003000300000008000400ff00000008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000ed0000080003000300000008000400ad0b00003c00010024000100757365725f6c696e6b75705f656e61626c656400000000000000000000000000080003000600000004000400080006007404bec590f739de22e252", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000000000008000600", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="d00002003c000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000000c00040072616e646f6d000054000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000002400040009000cff050000008a76fb00000000000500000301000000c3bd01e7020000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11], 0x270}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000040)=0xf5ba, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000)={0x6, 0x1, 0xfffffffffffffff9, 0xe13, 0x1000}, 0x14) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r12 = gettid() r13 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r13, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d00000004000009000300002fe80000300100007818000000000000006078148f3a4f0000006803000068030100000000000000000068"], 0x1) ptrace$setopts(0x4206, r12, 0x0, 0x0) tkill(r12, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 909.553091][T26414] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 909.561499][T26414] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 909.569450][T26414] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 909.577405][T26414] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 909.585355][T26414] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 909.593302][T26414] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 909.618280][T26414] ERROR: Out of memory at tomoyo_realpath_from_path. 15:09:33 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="08000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 909.892158][T26440] ldm_validate_privheads(): Disk read failed. [ 909.902250][T26440] loop4: p1 < > p2 [ 909.906089][T26440] loop4: partition table partially beyond EOD, truncated [ 909.915783][T26440] loop4: p1 start 1 is beyond EOD, truncated [ 909.922718][T26440] loop4: p2 size 327680 extends beyond EOD, truncated [ 910.059858][T26440] ldm_validate_privheads(): Disk read failed. [ 910.066054][T26440] loop4: p1 < > p2 [ 910.069927][T26440] loop4: partition table partially beyond EOD, truncated [ 910.078978][T26440] loop4: p1 start 1 is beyond EOD, truncated [ 910.085003][T26440] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) r2 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x0, 0x2) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000700000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000020000000000000000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCGETNODEID(r1, 0x89e1, &(0x7f00000000c0)) r3 = gettid() r4 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000effffffffffff50d000000040000090003000030010000300100007802000000008000006078148f3a19eca78a4ac64f000000681e00004d030000000000"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) clock_gettime(0x7, &(0x7f0000000000)) tkill(r3, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) kcmp(r3, r3, 0x3, r2, r4) eventfd(0x1) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r6 = add_key(&(0x7f0000000180)='cifs.idmap\x00', &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$negate(0xd, r5, 0x101, r6) ptrace$setopts(0x4206, r3, 0x3ff, 0x0) 15:09:35 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:35 executing program 1 (fault-call:0 fault-nth:16): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:35 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="09000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:35 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff3f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 912.072849][T26467] FAULT_INJECTION: forcing a failure. [ 912.072849][T26467] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 912.086098][T26467] CPU: 1 PID: 26467 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 912.094067][T26467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 912.104123][T26467] Call Trace: [ 912.107502][T26467] dump_stack+0x1d8/0x2f8 [ 912.111835][T26467] should_fail+0x555/0x770 [ 912.116259][T26467] should_fail_alloc_page+0x55/0x60 [ 912.121459][T26467] prepare_alloc_pages+0x283/0x470 [ 912.126580][T26467] __alloc_pages_nodemask+0xb2/0x5d0 [ 912.131882][T26467] kmem_getpages+0x56/0xa20 [ 912.136396][T26467] ? unwind_get_return_address+0x4c/0x90 [ 912.142042][T26467] cache_grow_begin+0x7e/0x2c0 [ 912.146814][T26467] cache_alloc_refill+0x311/0x3f0 [ 912.151848][T26467] ? check_preemption_disabled+0xb7/0x2a0 [ 912.157558][T26467] __kmalloc+0x318/0x340 [ 912.161787][T26467] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 912.167499][T26467] tomoyo_realpath_from_path+0xdc/0x7c0 [ 912.173047][T26467] tomoyo_check_open_permission+0x1ce/0x9d0 [ 912.178955][T26467] tomoyo_file_open+0x141/0x190 [ 912.183805][T26467] security_file_open+0x65/0x2f0 [ 912.188740][T26467] do_dentry_open+0x34e/0xf90 [ 912.193421][T26467] vfs_open+0x73/0x80 [ 912.197403][T26467] path_openat+0x1397/0x4460 [ 912.201994][T26467] ? getname+0x19/0x20 [ 912.206090][T26467] ? cache_grow_end+0x143/0x170 [ 912.206108][T26467] ? trace_lock_release+0x135/0x1a0 [ 912.216135][T26467] ? __alloc_fd+0x58f/0x630 15:09:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x1, @local, 0x5}, 0x1c, &(0x7f0000000840)=[{&(0x7f00000000c0)="1261ebfdcdb9f93cad8aaa86edd958ca47fa54bac8ac29f701b774affcda2689aae145f44b7ce580242525552f7ba8d529d11fbc18bfbe437067b39a8c92aa704b2c20f01ac6812ea33cc1554295d6eee7aeeff55f93af0791838b6313ddfc914de2c3d57f55105b1374190e9cfcc56ded25b429a5f5dab132f5b6f1e774862628a42121391cf27eb8a34c1ef4", 0x8d}, {&(0x7f0000000180)="9c8b1e9532be211a4e8f4bff2ab04c5c21af08a7819a6cd740c77b23dc4bb2fa56a0c073eb844505d0f734d1da20ac9d2e7137ad9e4c69e9a07a163b4522ef9b8e69c8f8a9aa1e677012632db280a88326ff24", 0x53}, {&(0x7f0000000040)="f0447f38633d4e", 0x7}, {&(0x7f0000000340)="8f559dd08c477c6025c3cc0680c8012425398e87878148de467799d1b71b89681eae34c9abe004b124c47cc396f00942fe673aa4d031b877d5663d76d5739f10a4384fc414e964ab41be4cb4bc39c7f36e7ea9d96391fc33482e2d4492c571cc539d832d312a209e654bf469bd639f0a819ac637a1bec60c2f67ea8d96e4efe8e310bc9cb0c7c070fd588bc1daebff4d29aee87611d9febcbd1d1eafa93ec03ae41c9d884d318a7067664df97e4e0b87f7215df84f9827c0b76ab7ce1dc421c0930c5014cb6ce7a595b88de09661c1e2fd1f", 0xd2}, {&(0x7f0000000200)="1fb9d13f5eace934150cdf5f124f6b45208ce64a6e79f15ddd52f1890d3d589e5045d045875e3e02d1247d3f204dddbefa42aa9e195463881a1f8d9f641294d1fefdd5c00d7e3ed8f80cecc77df730df", 0x50}, {&(0x7f0000000440)="c7e39be897494ff3cbb9b1976c75a71e37fea6f02e8297938dc54e70de741470d534db79b712a36ed74469c064eb044547d5d5a98c51b4c54cc2a91844f93d7e4ddf18e3f8e453842d3f9a50e72a66ce280fd2e143152de705d6548fe4cbb6c8c4a416e668bc6e99c9280507189648e49522adbb3c83c1281e496a0036cf1d6e2471b7aa4253ae0b67040db84ece602ead29bc8f8f553df235e716bc8cffa0b94343cecaac19566ea357e1cf6adbc8fa1aafc729dc5bceaf08b1489c122ad1ebc7f650945dba3b358480348987389f448a978d6e07a031ee7da7a26f16bf6b945f918689ef4f2e452c47c8ce772bd282721a3c30af3a14752e5fd8fd191604", 0xff}, {&(0x7f0000000540)="df585f85963a5dfe2b967c4916ac7add1ee10b86e5dd5d94b25a418bdd18309b2c5971d706be93b13ac477cfb894a939722a255ae432c37515f508e04c290813dc55718d75dafeda49309a8cd783f6e7b1cffe814d723262084631ecdc8b93a4d368d14c582c4e407a24c19c428b2e021aec5a07cd12d119ec1af17d4289a3e2d66af404762fa7c823ce913203659d51b54970b31f01a9eb313ee26f6cc57aa2927af22f60be8dfc1eb87b520bcf202dd064af9b02397f5ff392972b4cc552a570a114dba8f85df028597610e78e08e5a5fad21ef52052210881bb12a907abd7900bbc1227280fdaa0f2073e8023fe1760a44d1110", 0xf5}, {&(0x7f0000000640)="5c933b5ed0673bfffad292701d1195257c281dd2e7432c79df136e6c64f54dad6a70b60930601bf4cf7cbe5d776eea9aec51ab875b239f8ed92f2a955445dee08ff8bfb97a57adfd9cfa4444e88397d60ae6f405b60d378652b44e7e7a3d58f60b295da68c9f6692cf48194e75192ce4f974bcd90a148a399501eb69", 0x7c}, {&(0x7f00000006c0)="9db05998d50d18bf0a7bd1fefe76a4563bd95006f5c2895e788b63bba9cac3f150e067c7cfb15044b535ad2ec3374d41443b1968493d95d44c83d59020166695e18b0383311ad074371338211d35cc6185670c28df0fe1e80060ad24d503c742c8f15e29937f0cffc090e74d802a5c245fda57501b40573067661f61fa055d0f26972cf1a7f7c366cce10dbea37fb319334cc66f0458ea170228d62e612026c3dec28e53eebeaf3a7c0e3dcdaaa1e9758137f2a8554dbaf7a862d61cef4cf5158d0a0311171bbbb52618c87e59da818da7af0623913cec71ea2e4b3558ba17e36fd323fdf9d2830216dfb23ae4b8d73b83", 0xf1}, {&(0x7f00000007c0)="7453067d8573dacffe2cd3adde3f3b0099f13bafb79306d9f12773972c612829516ab6513134a02ce331391a6b31e131521fcb9d3acefcf13183c89e3b817bf49f53a738f585342e7b366aaf498a6d0545d4d03aa8b55522e84d65a60f054ca0c6bc49d28e236e40ee2f07e54d9f58896a69", 0x72}], 0xa, &(0x7f0000000900)=[@dstopts_2292={{0xf8, 0x29, 0x4, {0x6c, 0x1b, [], [@enc_lim={0x4, 0x1, 0xf702}, @generic={0x73, 0xbc, "c6bce1baf9c2e1594ec2b9935a2ede127efd7718f0363191a9c1dcff130cc6e3f1bbc9ab9087a33cb1d75a7e16ec38399f3a7dc795df77e05bc3caf30a7d02f205525cf99187b41ee944185ccfb5801241913a1ad215cb65d98e1b2cfee93bea65f4f977ec6cbdc0bc526a4f3d5f98f1f6e53dfffce1294e1e9ed90685a6f34290a2d46efa4c013138466d176e9a30eac35cbd91c988e6be9b2e370553262421e1a3a818b3ed2c79e51566c80f245226e7e75f5651f0ef1c7a6b6edc"}, @hao={0xc9, 0x10, @empty}, @enc_lim={0x4, 0x1, 0x6}, @pad1, @enc_lim={0x4, 0x1, 0xffffffffffffffff}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x9}}, @rthdr={{0x68, 0x29, 0x39, {0xbe, 0xa, 0x1, 0x3ff, 0x0, [@local, @dev={0xfe, 0x80, [], 0x2a}, @mcast1, @mcast1, @mcast2]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x1, 0x0, [], [@ra={0x5, 0x2, 0x1}]}}}], 0x198}}], 0x1, 0x40081) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 912.216146][T26467] do_filp_open+0x192/0x3d0 [ 912.216166][T26467] do_sys_open+0x29f/0x560 [ 912.229546][T26467] __x64_sys_open+0x87/0x90 [ 912.234055][T26467] do_syscall_64+0xfe/0x140 [ 912.238559][T26467] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 912.244447][T26467] RIP: 0033:0x413761 [ 912.248343][T26467] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 15:09:35 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff7f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:35 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 912.268025][T26467] RSP: 002b:00007f08bc38da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 912.276441][T26467] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000413761 [ 912.284405][T26467] RDX: 00007f08bc38db0a RSI: 0000000000000002 RDI: 00007f08bc38db00 [ 912.292354][T26467] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 912.300315][T26467] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 912.308264][T26467] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 912.350166][T26468] ldm_validate_privheads(): Disk read failed. [ 912.356370][T26468] loop4: p1 < > p2 [ 912.362905][T26468] loop4: partition table partially beyond EOD, truncated [ 912.400135][T26468] loop4: p1 start 1 is beyond EOD, truncated 15:09:35 executing program 1 (fault-call:0 fault-nth:17): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 912.450684][T26468] loop4: p2 size 327680 extends beyond EOD, truncated [ 912.530067][T26502] FAULT_INJECTION: forcing a failure. [ 912.530067][T26502] name failslab, interval 1, probability 0, space 0, times 0 [ 912.565309][T26502] CPU: 0 PID: 26502 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 912.573319][T26502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 912.583372][T26502] Call Trace: [ 912.586661][T26502] dump_stack+0x1d8/0x2f8 [ 912.590989][T26502] should_fail+0x555/0x770 [ 912.595402][T26502] __should_failslab+0x11a/0x160 [ 912.600346][T26502] ? tomoyo_encode2+0x273/0x5a0 [ 912.605202][T26502] should_failslab+0x9/0x20 [ 912.609712][T26502] __kmalloc+0x7a/0x340 [ 912.613879][T26502] tomoyo_encode2+0x273/0x5a0 [ 912.618558][T26502] tomoyo_realpath_from_path+0x769/0x7c0 [ 912.624221][T26502] tomoyo_path_number_perm+0x166/0x640 [ 912.629696][T26502] ? smack_file_ioctl+0x226/0x2e0 [ 912.634715][T26502] ? __fget+0x401/0x510 [ 912.634730][T26502] tomoyo_file_ioctl+0x23/0x30 [ 912.634744][T26502] security_file_ioctl+0x6d/0xd0 [ 912.643624][T26502] __x64_sys_ioctl+0xa3/0x120 [ 912.643635][T26502] do_syscall_64+0xfe/0x140 [ 912.643648][T26502] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 912.663677][T26502] RIP: 0033:0x4596e7 [ 912.667566][T26502] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 912.687611][T26502] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 912.696016][T26502] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 912.704074][T26502] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 912.712047][T26502] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 912.720022][T26502] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 15:09:36 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="0a000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:36 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x9346f7c96eeeb27d) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 912.728000][T26502] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 912.742796][T26502] ERROR: Out of memory at tomoyo_realpath_from_path. 15:09:36 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:36 executing program 1 (fault-call:0 fault-nth:18): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 912.935840][T26517] ldm_validate_privheads(): Disk read failed. [ 912.949813][T26517] loop4: p1 < > p2 [ 912.966140][T26517] loop4: partition table partially beyond EOD, truncated [ 912.997260][T26517] loop4: p1 start 1 is beyond EOD, truncated [ 913.001468][T26538] FAULT_INJECTION: forcing a failure. [ 913.001468][T26538] name failslab, interval 1, probability 0, space 0, times 0 [ 913.010026][T26517] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:36 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) [ 913.054909][T26538] CPU: 0 PID: 26538 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 913.062942][T26538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 913.073053][T26538] Call Trace: [ 913.076348][T26538] dump_stack+0x1d8/0x2f8 [ 913.080680][T26538] should_fail+0x555/0x770 [ 913.085139][T26538] __should_failslab+0x11a/0x160 [ 913.090076][T26538] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 913.095795][T26538] should_failslab+0x9/0x20 [ 913.100294][T26538] __kmalloc+0x7a/0x340 [ 913.104433][T26538] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 913.110189][T26538] tomoyo_realpath_from_path+0xdc/0x7c0 [ 913.115750][T26538] tomoyo_path_number_perm+0x166/0x640 [ 913.121202][T26538] ? smack_file_ioctl+0x226/0x2e0 [ 913.126208][T26538] ? __fget+0x401/0x510 [ 913.130361][T26538] tomoyo_file_ioctl+0x23/0x30 [ 913.135298][T26538] security_file_ioctl+0x6d/0xd0 [ 913.140222][T26538] __x64_sys_ioctl+0xa3/0x120 [ 913.144885][T26538] do_syscall_64+0xfe/0x140 [ 913.149396][T26538] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 913.155284][T26538] RIP: 0033:0x4596e7 [ 913.159167][T26538] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 913.178766][T26538] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 913.187167][T26538] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 913.195139][T26538] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 913.203198][T26538] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 913.211157][T26538] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 913.219126][T26538] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 913.228096][T26538] ERROR: Out of memory at tomoyo_realpath_from_path. [ 913.236013][T26542] print_req_error: 284 callbacks suppressed [ 913.236024][T26542] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 913.245840][T26517] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 913.266622][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.277937][ T2511] buffer_io_error: 276 callbacks suppressed [ 913.277947][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.292279][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 15:09:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffb8], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 913.303344][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.311642][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.325436][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.334022][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.345162][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.355599][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.366644][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.374965][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.386008][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.394391][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.405378][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.413703][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.424650][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.433066][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 913.443996][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:09:37 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="0f000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 913.454693][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 913.660667][T26562] ldm_validate_privheads(): Disk read failed. [ 913.666959][T26562] loop4: p1 < > p2 [ 913.671226][T26562] loop4: partition table partially beyond EOD, truncated [ 913.678522][T26562] loop4: p1 start 1 is beyond EOD, truncated [ 913.684795][T26562] loop4: p2 size 327680 extends beyond EOD, truncated [ 913.790575][T26562] ldm_validate_privheads(): Disk read failed. [ 913.796783][T26562] loop4: p1 < > p2 [ 913.800641][T26562] loop4: partition table partially beyond EOD, truncated [ 913.807971][T26562] loop4: p1 start 1 is beyond EOD, truncated [ 913.814079][T26562] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:38 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:38 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:38 executing program 1 (fault-call:0 fault-nth:19): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:38 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="10000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:38 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfffc], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 915.411264][T26587] FAULT_INJECTION: forcing a failure. [ 915.411264][T26587] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 915.424522][T26587] CPU: 1 PID: 26587 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 915.432503][T26587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 915.442557][T26587] Call Trace: [ 915.445849][T26587] dump_stack+0x1d8/0x2f8 [ 915.450189][T26587] should_fail+0x555/0x770 [ 915.454610][T26587] should_fail_alloc_page+0x55/0x60 [ 915.459811][T26587] prepare_alloc_pages+0x283/0x470 [ 915.464930][T26587] __alloc_pages_nodemask+0xb2/0x5d0 [ 915.470317][T26587] ? stack_trace_save+0x150/0x150 [ 915.475356][T26587] kmem_getpages+0x56/0xa20 [ 915.479853][T26587] cache_grow_begin+0x7e/0x2c0 [ 915.479864][T26587] cache_alloc_refill+0x311/0x3f0 [ 915.479873][T26587] ? check_preemption_disabled+0xb7/0x2a0 [ 915.479883][T26587] __kmalloc+0x318/0x340 [ 915.479895][T26587] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 915.489641][T26587] tomoyo_realpath_from_path+0xdc/0x7c0 15:09:39 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) [ 915.489655][T26587] tomoyo_path_number_perm+0x166/0x640 [ 915.489679][T26587] ? smack_file_ioctl+0x226/0x2e0 [ 915.505317][T26587] ? __fget+0x401/0x510 [ 915.505330][T26587] tomoyo_file_ioctl+0x23/0x30 [ 915.505339][T26587] security_file_ioctl+0x6d/0xd0 [ 915.505351][T26587] __x64_sys_ioctl+0xa3/0x120 [ 915.516320][T26587] do_syscall_64+0xfe/0x140 [ 915.544327][T26587] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 915.550220][T26587] RIP: 0033:0x4596e7 [ 915.554096][T26587] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 915.573682][T26587] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 915.582181][T26587] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 915.590152][T26587] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 915.598128][T26587] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 915.606177][T26587] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 915.614130][T26587] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 915.660140][T26584] ldm_validate_privheads(): Disk read failed. [ 915.668520][T26584] loop4: p1 < > p2 [ 915.673198][T26584] loop4: partition table partially beyond EOD, truncated [ 915.699099][T26584] loop4: p1 start 1 is beyond EOD, truncated [ 915.706341][T26604] ptrace attach of "/root/syz-executor.0"[26601] was attempted by "/root/syz-executor.0"[26604] [ 915.715388][T26584] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000076078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4200, r1, 0x3, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:39 executing program 1 (fault-call:0 fault-nth:20): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:39 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) [ 915.912239][T26619] FAULT_INJECTION: forcing a failure. [ 915.912239][T26619] name failslab, interval 1, probability 0, space 0, times 0 [ 915.925507][T26584] ldm_validate_privheads(): Disk read failed. [ 915.939835][T26584] loop4: p1 < > p2 [ 915.943569][T26619] CPU: 0 PID: 26619 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 915.948311][T26584] loop4: partition table partially beyond EOD, truncated [ 915.951639][T26619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 915.951645][T26619] Call Trace: [ 915.951666][T26619] dump_stack+0x1d8/0x2f8 [ 915.951681][T26619] should_fail+0x555/0x770 [ 915.951695][T26619] __should_failslab+0x11a/0x160 [ 915.951707][T26619] ? tomoyo_encode2+0x273/0x5a0 [ 915.951717][T26619] should_failslab+0x9/0x20 [ 915.951724][T26619] __kmalloc+0x7a/0x340 [ 915.951733][T26619] tomoyo_encode2+0x273/0x5a0 [ 915.951744][T26619] tomoyo_realpath_from_path+0x769/0x7c0 [ 915.951756][T26619] tomoyo_path_number_perm+0x166/0x640 [ 915.951780][T26619] ? smack_file_ioctl+0x226/0x2e0 [ 915.968995][T26619] ? __fget+0x401/0x510 [ 915.969012][T26619] tomoyo_file_ioctl+0x23/0x30 [ 915.969023][T26619] security_file_ioctl+0x6d/0xd0 [ 915.969032][T26619] __x64_sys_ioctl+0xa3/0x120 [ 915.969043][T26619] do_syscall_64+0xfe/0x140 [ 915.969054][T26619] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 915.969064][T26619] RIP: 0033:0x4596e7 [ 915.969073][T26619] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 915.969077][T26619] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 915.986023][T26619] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 915.986029][T26619] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 915.986034][T26619] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 15:09:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x3af00, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 915.986039][T26619] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 915.986044][T26619] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 916.027967][T26619] ERROR: Out of memory at tomoyo_realpath_from_path. [ 916.160121][T26584] loop4: p1 start 1 is beyond EOD, truncated [ 916.166559][T26584] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:39 executing program 1 (fault-call:0 fault-nth:21): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:39 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="12000500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:39 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1ffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 916.299714][T26644] FAULT_INJECTION: forcing a failure. [ 916.299714][T26644] name failslab, interval 1, probability 0, space 0, times 0 [ 916.315561][T26644] CPU: 0 PID: 26644 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 916.323582][T26644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 916.333723][T26644] Call Trace: [ 916.337022][T26644] dump_stack+0x1d8/0x2f8 [ 916.341376][T26644] should_fail+0x555/0x770 [ 916.345823][T26644] __should_failslab+0x11a/0x160 [ 916.350772][T26644] ? loop_set_fd+0x1180/0x1180 [ 916.355528][T26644] should_failslab+0x9/0x20 [ 916.360038][T26644] kmem_cache_alloc_trace+0x5d/0x2f0 [ 916.365310][T26644] ? __kthread_create_on_node+0xb2/0x3b0 [ 916.370932][T26644] ? loop_set_fd+0x1180/0x1180 [ 916.375683][T26644] __kthread_create_on_node+0xb2/0x3b0 [ 916.381131][T26644] ? loop_set_fd+0x1180/0x1180 [ 916.385890][T26644] kthread_create_on_node+0x72/0xa0 [ 916.391076][T26644] ? lockdep_init_map+0x2a/0x680 [ 916.396001][T26644] ? __kthread_init_worker+0x5a/0xe0 [ 916.401263][T26644] loop_set_fd+0x6a8/0x1180 [ 916.405744][T26644] ? check_preemption_disabled+0xb7/0x2a0 [ 916.411452][T26644] ? tomoyo_path_number_perm+0x4e1/0x640 [ 916.417111][T26644] lo_ioctl+0xd5/0x2200 [ 916.421259][T26644] ? __kasan_slab_free+0x12a/0x1e0 [ 916.426347][T26644] ? kasan_slab_free+0xe/0x10 [ 916.431021][T26644] ? kfree+0x115/0x200 [ 916.435076][T26644] ? tomoyo_path_number_perm+0x4e1/0x640 [ 916.440686][T26644] ? tomoyo_file_ioctl+0x23/0x30 [ 916.445630][T26644] ? security_file_ioctl+0x6d/0xd0 [ 916.450730][T26644] ? __x64_sys_ioctl+0xa3/0x120 [ 916.455855][T26644] ? do_syscall_64+0xfe/0x140 [ 916.460542][T26644] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 916.466800][T26644] ? debug_check_no_obj_freed+0x505/0x5b0 [ 916.472504][T26644] ? trace_lock_release+0x135/0x1a0 [ 916.477682][T26644] ? debug_check_no_obj_freed+0x505/0x5b0 [ 916.483473][T26644] ? rcu_lock_release+0x9/0x30 [ 916.488230][T26644] ? trace_lock_release+0x135/0x1a0 [ 916.493405][T26644] ? rcu_lock_release+0x9/0x30 [ 916.498153][T26644] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 916.503785][T26644] ? lo_release+0x1f0/0x1f0 [ 916.508280][T26644] blkdev_ioctl+0x807/0x2990 [ 916.512871][T26644] ? tomoyo_path_number_perm+0x53e/0x640 [ 916.518487][T26644] block_ioctl+0xbd/0x100 [ 916.522797][T26644] ? blkdev_iopoll+0x100/0x100 [ 916.527537][T26644] do_vfs_ioctl+0x744/0x1730 [ 916.532104][T26644] ? __fget+0x401/0x510 [ 916.536256][T26644] ? tomoyo_file_ioctl+0x23/0x30 [ 916.541186][T26644] ? security_file_ioctl+0xa1/0xd0 [ 916.546316][T26644] __x64_sys_ioctl+0xe3/0x120 [ 916.550984][T26644] do_syscall_64+0xfe/0x140 [ 916.555484][T26644] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 916.561365][T26644] RIP: 0033:0x4596e7 [ 916.565336][T26644] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 916.584956][T26644] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 916.593357][T26644] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 916.601316][T26644] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 916.609640][T26644] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 916.617625][T26644] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 916.625586][T26644] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:40 executing program 1 (fault-call:0 fault-nth:22): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 916.754390][T26651] ldm_validate_privheads(): Disk read failed. [ 916.768751][T26651] loop4: p1 < > p2 [ 916.772959][T26651] loop4: partition table partially beyond EOD, truncated [ 916.780481][T26651] loop4: p1 start 1 is beyond EOD, truncated [ 916.782378][T26659] FAULT_INJECTION: forcing a failure. [ 916.782378][T26659] name failslab, interval 1, probability 0, space 0, times 0 [ 916.786767][T26651] loop4: p2 size 327680 extends beyond EOD, truncated [ 916.801719][T26659] CPU: 0 PID: 26659 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 916.813985][T26659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 916.813990][T26659] Call Trace: [ 916.814008][T26659] dump_stack+0x1d8/0x2f8 [ 916.814023][T26659] should_fail+0x555/0x770 [ 916.814037][T26659] __should_failslab+0x11a/0x160 [ 916.814046][T26659] ? __kernfs_new_node+0x97/0x6b0 [ 916.814057][T26659] should_failslab+0x9/0x20 [ 916.814066][T26659] kmem_cache_alloc+0x56/0x2e0 [ 916.814074][T26659] __kernfs_new_node+0x97/0x6b0 [ 916.814081][T26659] ? __kasan_check_write+0x14/0x20 [ 916.814087][T26659] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 916.814096][T26659] ? mutex_unlock+0xd/0x10 [ 916.814103][T26659] ? kernfs_activate+0x213/0x230 [ 916.814111][T26659] kernfs_new_node+0x97/0x180 [ 916.814119][T26659] __kernfs_create_file+0x4a/0x2f0 [ 916.814129][T26659] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 916.814140][T26659] internal_create_group+0x4be/0xd90 [ 916.814154][T26659] sysfs_create_group+0x1f/0x30 [ 916.827487][T26659] loop_set_fd+0xcb2/0x1180 [ 916.827501][T26659] lo_ioctl+0xd5/0x2200 [ 916.827508][T26659] ? __kasan_slab_free+0x12a/0x1e0 [ 916.827514][T26659] ? kasan_slab_free+0xe/0x10 [ 916.827523][T26659] ? kfree+0x115/0x200 [ 916.827532][T26659] ? tomoyo_path_number_perm+0x4e1/0x640 [ 916.827540][T26659] ? tomoyo_file_ioctl+0x23/0x30 [ 916.827547][T26659] ? security_file_ioctl+0x6d/0xd0 [ 916.827559][T26659] ? __x64_sys_ioctl+0xa3/0x120 [ 916.836264][T26659] ? do_syscall_64+0xfe/0x140 [ 916.836274][T26659] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 916.836286][T26659] ? debug_check_no_obj_freed+0x505/0x5b0 [ 916.836297][T26659] ? trace_lock_release+0x135/0x1a0 [ 916.836304][T26659] ? debug_check_no_obj_freed+0x505/0x5b0 [ 916.836317][T26659] ? rcu_lock_release+0x9/0x30 [ 916.836326][T26659] ? trace_lock_release+0x135/0x1a0 [ 916.836333][T26659] ? rcu_lock_release+0x9/0x30 [ 916.836344][T26659] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 916.836355][T26659] ? lo_release+0x1f0/0x1f0 [ 916.836363][T26659] blkdev_ioctl+0x807/0x2990 [ 916.836375][T26659] ? tomoyo_path_number_perm+0x53e/0x640 [ 916.846329][T26659] block_ioctl+0xbd/0x100 [ 916.846338][T26659] ? blkdev_iopoll+0x100/0x100 [ 916.846347][T26659] do_vfs_ioctl+0x744/0x1730 [ 916.846355][T26659] ? __fget+0x401/0x510 [ 916.846367][T26659] ? tomoyo_file_ioctl+0x23/0x30 [ 916.846377][T26659] ? security_file_ioctl+0xa1/0xd0 [ 916.846386][T26659] __x64_sys_ioctl+0xe3/0x120 [ 916.846400][T26659] do_syscall_64+0xfe/0x140 [ 916.855634][T26659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 916.855644][T26659] RIP: 0033:0x4596e7 [ 916.855654][T26659] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 916.855658][T26659] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 916.855665][T26659] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 916.855670][T26659] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 916.855674][T26659] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 916.855678][T26659] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 916.855683][T26659] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:40 executing program 1 (fault-call:0 fault-nth:23): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 917.222660][T26651] ldm_validate_privheads(): Disk read failed. [ 917.229441][T26651] loop4: p1 < > p2 [ 917.235730][T26651] loop4: partition table partially beyond EOD, truncated [ 917.245944][T26651] loop4: p1 start 1 is beyond EOD, truncated [ 917.252128][T26651] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:40 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="10010500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 917.391261][T26672] FAULT_INJECTION: forcing a failure. [ 917.391261][T26672] name failslab, interval 1, probability 0, space 0, times 0 [ 917.404200][T26672] CPU: 0 PID: 26672 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 917.412177][T26672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 917.422309][T26672] Call Trace: [ 917.425585][T26672] dump_stack+0x1d8/0x2f8 [ 917.429916][T26672] should_fail+0x555/0x770 [ 917.434330][T26672] __should_failslab+0x11a/0x160 [ 917.439260][T26672] ? __kernfs_new_node+0x97/0x6b0 [ 917.444280][T26672] should_failslab+0x9/0x20 [ 917.448786][T26672] kmem_cache_alloc+0x56/0x2e0 [ 917.453536][T26672] __kernfs_new_node+0x97/0x6b0 [ 917.458394][T26672] ? __kasan_check_write+0x14/0x20 [ 917.463501][T26672] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 917.469216][T26672] ? mutex_unlock+0xd/0x10 [ 917.473622][T26672] ? kernfs_activate+0x213/0x230 [ 917.478542][T26672] kernfs_new_node+0x97/0x180 [ 917.483205][T26672] __kernfs_create_file+0x4a/0x2f0 15:09:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3ffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 917.488306][T26672] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 917.493675][T26672] internal_create_group+0x4be/0xd90 [ 917.498961][T26672] sysfs_create_group+0x1f/0x30 [ 917.503824][T26672] loop_set_fd+0xcb2/0x1180 [ 917.508349][T26672] lo_ioctl+0xd5/0x2200 [ 917.512504][T26672] ? __kasan_slab_free+0x12a/0x1e0 [ 917.517638][T26672] ? kasan_slab_free+0xe/0x10 [ 917.522312][T26672] ? kfree+0x115/0x200 [ 917.526380][T26672] ? tomoyo_path_number_perm+0x4e1/0x640 [ 917.532031][T26672] ? tomoyo_file_ioctl+0x23/0x30 [ 917.536975][T26672] ? security_file_ioctl+0x6d/0xd0 [ 917.542096][T26672] ? __x64_sys_ioctl+0xa3/0x120 [ 917.546935][T26672] ? do_syscall_64+0xfe/0x140 [ 917.551595][T26672] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 917.557935][T26672] ? debug_check_no_obj_freed+0x505/0x5b0 [ 917.563681][T26672] ? trace_lock_release+0x135/0x1a0 [ 917.568871][T26672] ? debug_check_no_obj_freed+0x505/0x5b0 [ 917.574604][T26672] ? rcu_lock_release+0x9/0x30 [ 917.579369][T26672] ? trace_lock_release+0x135/0x1a0 [ 917.584579][T26672] ? rcu_lock_release+0x9/0x30 [ 917.589334][T26672] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 917.595081][T26672] ? lo_release+0x1f0/0x1f0 [ 917.599585][T26672] blkdev_ioctl+0x807/0x2990 [ 917.604192][T26672] ? tomoyo_path_number_perm+0x53e/0x640 [ 917.609919][T26672] block_ioctl+0xbd/0x100 [ 917.614240][T26672] ? blkdev_iopoll+0x100/0x100 [ 917.619017][T26672] do_vfs_ioctl+0x744/0x1730 [ 917.623631][T26672] ? __fget+0x401/0x510 [ 917.627777][T26672] ? tomoyo_file_ioctl+0x23/0x30 [ 917.632705][T26672] ? security_file_ioctl+0xa1/0xd0 [ 917.637799][T26672] __x64_sys_ioctl+0xe3/0x120 [ 917.642464][T26672] do_syscall_64+0xfe/0x140 [ 917.646971][T26672] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 917.652862][T26672] RIP: 0033:0x4596e7 [ 917.656754][T26672] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 917.676341][T26672] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 917.684813][T26672] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 917.692770][T26672] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 917.700727][T26672] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 917.708740][T26672] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 917.716703][T26672] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 917.819570][T26681] ldm_validate_privheads(): Disk read failed. [ 917.827607][T26681] loop4: p1 < > p2 [ 917.832278][T26681] loop4: partition table partially beyond EOD, truncated [ 917.840477][T26681] loop4: p1 start 1 is beyond EOD, truncated [ 917.848105][T26681] loop4: p2 size 327680 extends beyond EOD, truncated [ 917.970273][T26681] ldm_validate_privheads(): Disk read failed. [ 917.976847][T26681] loop4: p1 < > p2 [ 917.980774][T26681] loop4: partition table partially beyond EOD, truncated [ 917.988225][T26681] loop4: p1 start 1 is beyond EOD, truncated [ 917.994697][T26681] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0xfffffffffffffffd, @rand_addr, 0x3}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="666930be701c00000000000000000000000000400000000000f5000096000009000300003001002030010000780239000000000000600000ffff4f0000006803000068030000680300040003000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, &(0x7f00000000c0)) tkill(r2, 0x10010000000035) r4 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xac, 0x2000) symlinkat(&(0x7f0000000100)='./file0\x00', r4, &(0x7f0000000140)='./file0\x00') fcntl$setstatus(r4, 0x4, 0x4000) 15:09:42 executing program 1 (fault-call:0 fault-nth:24): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:42 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="75030500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:42 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7ffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 918.968635][T26705] FAULT_INJECTION: forcing a failure. [ 918.968635][T26705] name failslab, interval 1, probability 0, space 0, times 0 [ 918.982006][T26705] CPU: 1 PID: 26705 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 918.990002][T26705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 919.000056][T26705] Call Trace: [ 919.003345][T26705] dump_stack+0x1d8/0x2f8 [ 919.007779][T26705] should_fail+0x555/0x770 [ 919.012200][T26705] __should_failslab+0x11a/0x160 [ 919.017132][T26705] ? __kernfs_new_node+0x97/0x6b0 [ 919.022141][T26705] should_failslab+0x9/0x20 [ 919.026622][T26705] kmem_cache_alloc+0x56/0x2e0 [ 919.031379][T26705] __kernfs_new_node+0x97/0x6b0 [ 919.038052][T26705] ? kernfs_add_one+0x49c/0x670 [ 919.042883][T26705] ? __kasan_check_write+0x14/0x20 [ 919.047980][T26705] kernfs_new_node+0x97/0x180 [ 919.052641][T26705] __kernfs_create_file+0x4a/0x2f0 [ 919.057753][T26705] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 919.063111][T26705] internal_create_group+0x4be/0xd90 [ 919.068399][T26705] sysfs_create_group+0x1f/0x30 [ 919.073238][T26705] loop_set_fd+0xcb2/0x1180 [ 919.077720][T26705] lo_ioctl+0xd5/0x2200 [ 919.081866][T26705] ? __kasan_slab_free+0x12a/0x1e0 [ 919.086947][T26705] ? kasan_slab_free+0xe/0x10 [ 919.091618][T26705] ? kfree+0x115/0x200 [ 919.095667][T26705] ? tomoyo_path_number_perm+0x4e1/0x640 [ 919.101275][T26705] ? tomoyo_file_ioctl+0x23/0x30 [ 919.106184][T26705] ? security_file_ioctl+0x6d/0xd0 [ 919.111273][T26705] ? __x64_sys_ioctl+0xa3/0x120 [ 919.116107][T26705] ? do_syscall_64+0xfe/0x140 [ 919.120761][T26705] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.126831][T26705] ? debug_check_no_obj_freed+0x505/0x5b0 [ 919.132537][T26705] ? trace_lock_release+0x135/0x1a0 [ 919.137740][T26705] ? debug_check_no_obj_freed+0x505/0x5b0 [ 919.143443][T26705] ? rcu_lock_release+0x9/0x30 [ 919.148180][T26705] ? trace_lock_release+0x135/0x1a0 [ 919.153355][T26705] ? rcu_lock_release+0x9/0x30 [ 919.158092][T26705] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 919.163701][T26705] ? lo_release+0x1f0/0x1f0 [ 919.168198][T26705] blkdev_ioctl+0x807/0x2990 [ 919.172780][T26705] ? tomoyo_path_number_perm+0x53e/0x640 [ 919.178395][T26705] block_ioctl+0xbd/0x100 [ 919.182711][T26705] ? blkdev_iopoll+0x100/0x100 [ 919.187452][T26705] do_vfs_ioctl+0x744/0x1730 [ 919.192017][T26705] ? __fget+0x401/0x510 [ 919.196155][T26705] ? tomoyo_file_ioctl+0x23/0x30 [ 919.201066][T26705] ? security_file_ioctl+0xa1/0xd0 [ 919.206154][T26705] __x64_sys_ioctl+0xe3/0x120 [ 919.210820][T26705] do_syscall_64+0xfe/0x140 [ 919.215343][T26705] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.221217][T26705] RIP: 0033:0x4596e7 [ 919.225087][T26705] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 919.244672][T26705] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 919.253076][T26705] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 919.261029][T26705] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 15:09:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() sched_setattr(r1, &(0x7f0000000000)={0x30, 0x5, 0x1, 0x5, 0x8, 0x8b19, 0x4, 0xf656}, 0x0) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:42 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) [ 919.268975][T26705] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 919.276927][T26705] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 919.284886][T26705] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 919.339821][T26707] ldm_validate_privheads(): Disk read failed. [ 919.347352][T26707] loop4: p1 < > p2 [ 919.355815][T26707] loop4: partition table partially beyond EOD, truncated [ 919.372444][T26707] loop4: p1 start 1 is beyond EOD, truncated 15:09:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) readahead(r0, 0x5, 0x1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400000, 0x152) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:42 executing program 1 (fault-call:0 fault-nth:25): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 919.407301][T26707] loop4: p2 size 327680 extends beyond EOD, truncated [ 919.482527][T26732] FAULT_INJECTION: forcing a failure. [ 919.482527][T26732] name failslab, interval 1, probability 0, space 0, times 0 [ 919.506533][T26732] CPU: 1 PID: 26732 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 919.514544][T26732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 919.524600][T26732] Call Trace: [ 919.527896][T26732] dump_stack+0x1d8/0x2f8 [ 919.532233][T26732] should_fail+0x555/0x770 [ 919.536651][T26732] __should_failslab+0x11a/0x160 [ 919.541595][T26732] ? __kernfs_new_node+0x97/0x6b0 [ 919.546616][T26732] should_failslab+0x9/0x20 [ 919.551114][T26732] kmem_cache_alloc+0x56/0x2e0 [ 919.555869][T26732] __kernfs_new_node+0x97/0x6b0 [ 919.560967][T26732] ? __kasan_check_write+0x14/0x20 [ 919.566069][T26732] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 919.571705][T26732] ? mutex_unlock+0xd/0x10 [ 919.576123][T26732] ? kernfs_activate+0x213/0x230 [ 919.581066][T26732] kernfs_new_node+0x97/0x180 [ 919.585767][T26732] __kernfs_create_file+0x4a/0x2f0 [ 919.590862][T26732] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 919.596222][T26732] internal_create_group+0x4be/0xd90 [ 919.601493][T26732] sysfs_create_group+0x1f/0x30 [ 919.606357][T26732] loop_set_fd+0xcb2/0x1180 [ 919.610844][T26732] lo_ioctl+0xd5/0x2200 [ 919.614994][T26732] ? __kasan_slab_free+0x12a/0x1e0 [ 919.620087][T26732] ? kasan_slab_free+0xe/0x10 [ 919.624745][T26732] ? kfree+0x115/0x200 [ 919.628798][T26732] ? tomoyo_path_number_perm+0x4e1/0x640 [ 919.634425][T26732] ? tomoyo_file_ioctl+0x23/0x30 [ 919.639358][T26732] ? security_file_ioctl+0x6d/0xd0 [ 919.644448][T26732] ? __x64_sys_ioctl+0xa3/0x120 [ 919.649283][T26732] ? do_syscall_64+0xfe/0x140 [ 919.654009][T26732] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.660071][T26732] ? debug_check_no_obj_freed+0x505/0x5b0 [ 919.665777][T26732] ? trace_lock_release+0x135/0x1a0 [ 919.670948][T26732] ? debug_check_no_obj_freed+0x505/0x5b0 [ 919.676673][T26732] ? rcu_lock_release+0x9/0x30 [ 919.681427][T26732] ? trace_lock_release+0x135/0x1a0 [ 919.686606][T26732] ? rcu_lock_release+0x9/0x30 [ 919.692751][T26732] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 919.698376][T26732] ? lo_release+0x1f0/0x1f0 [ 919.702885][T26732] blkdev_ioctl+0x807/0x2990 [ 919.707508][T26732] ? tomoyo_path_number_perm+0x53e/0x640 [ 919.713139][T26732] block_ioctl+0xbd/0x100 [ 919.717455][T26732] ? blkdev_iopoll+0x100/0x100 [ 919.722212][T26732] do_vfs_ioctl+0x744/0x1730 [ 919.726778][T26732] ? __fget+0x401/0x510 [ 919.730912][T26732] ? tomoyo_file_ioctl+0x23/0x30 [ 919.735825][T26732] ? security_file_ioctl+0xa1/0xd0 [ 919.740930][T26732] __x64_sys_ioctl+0xe3/0x120 [ 919.745621][T26732] do_syscall_64+0xfe/0x140 [ 919.750106][T26732] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.755975][T26732] RIP: 0033:0x4596e7 [ 919.759858][T26732] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:09:43 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f64bda0d00000004000009000301003001000030010000780200000000000000607814934a4f000000680300006803000068030000680300d2ba5ac7c9ce5d7931d22900e3a07a72"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 919.779456][T26732] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 919.787870][T26732] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 919.795829][T26732] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 919.803781][T26732] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 919.811745][T26732] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 919.819980][T26732] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:43 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="d0030500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:43 executing program 1 (fault-call:0 fault-nth:26): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 920.041618][T26754] ldm_validate_privheads(): Disk read failed. [ 920.047774][T26754] loop4: p1 < > p2 [ 920.051624][T26754] loop4: partition table partially beyond EOD, truncated [ 920.059014][T26754] loop4: p1 start 1 is beyond EOD, truncated [ 920.059737][T26760] FAULT_INJECTION: forcing a failure. [ 920.059737][T26760] name failslab, interval 1, probability 0, space 0, times 0 [ 920.065301][T26754] loop4: p2 size 327680 extends beyond EOD, truncated [ 920.080951][T26760] CPU: 0 PID: 26760 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 920.092425][T26760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 920.092430][T26760] Call Trace: [ 920.092447][T26760] dump_stack+0x1d8/0x2f8 [ 920.092460][T26760] should_fail+0x555/0x770 [ 920.092472][T26760] __should_failslab+0x11a/0x160 [ 920.092481][T26760] ? __kernfs_new_node+0x97/0x6b0 [ 920.092490][T26760] should_failslab+0x9/0x20 [ 920.092499][T26760] kmem_cache_alloc+0x56/0x2e0 [ 920.092508][T26760] __kernfs_new_node+0x97/0x6b0 [ 920.092516][T26760] ? __kasan_check_write+0x14/0x20 [ 920.092525][T26760] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 920.092536][T26760] ? mutex_unlock+0xd/0x10 [ 920.092543][T26760] ? kernfs_activate+0x213/0x230 [ 920.092553][T26760] kernfs_new_node+0x97/0x180 [ 920.092564][T26760] __kernfs_create_file+0x4a/0x2f0 [ 920.092573][T26760] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 920.092586][T26760] internal_create_group+0x4be/0xd90 [ 920.119511][T26760] sysfs_create_group+0x1f/0x30 [ 920.119523][T26760] loop_set_fd+0xcb2/0x1180 [ 920.119537][T26760] lo_ioctl+0xd5/0x2200 [ 920.119544][T26760] ? __kasan_slab_free+0x12a/0x1e0 [ 920.119552][T26760] ? kasan_slab_free+0xe/0x10 [ 920.119561][T26760] ? kfree+0x115/0x200 [ 920.119570][T26760] ? tomoyo_path_number_perm+0x4e1/0x640 [ 920.119581][T26760] ? tomoyo_file_ioctl+0x23/0x30 [ 920.129174][T26760] ? security_file_ioctl+0x6d/0xd0 [ 920.129183][T26760] ? __x64_sys_ioctl+0xa3/0x120 [ 920.129191][T26760] ? do_syscall_64+0xfe/0x140 [ 920.129201][T26760] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 920.129211][T26760] ? debug_check_no_obj_freed+0x505/0x5b0 [ 920.129222][T26760] ? trace_lock_release+0x135/0x1a0 [ 920.129230][T26760] ? debug_check_no_obj_freed+0x505/0x5b0 [ 920.129242][T26760] ? rcu_lock_release+0x9/0x30 [ 920.129251][T26760] ? trace_lock_release+0x135/0x1a0 [ 920.129259][T26760] ? rcu_lock_release+0x9/0x30 [ 920.129268][T26760] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 920.129277][T26760] ? lo_release+0x1f0/0x1f0 [ 920.129289][T26760] blkdev_ioctl+0x807/0x2990 [ 920.138847][T26760] ? tomoyo_path_number_perm+0x53e/0x640 [ 920.138866][T26760] block_ioctl+0xbd/0x100 [ 920.138873][T26760] ? blkdev_iopoll+0x100/0x100 [ 920.138883][T26760] do_vfs_ioctl+0x744/0x1730 [ 920.138892][T26760] ? __fget+0x401/0x510 [ 920.138903][T26760] ? tomoyo_file_ioctl+0x23/0x30 [ 920.138914][T26760] ? security_file_ioctl+0xa1/0xd0 [ 920.149609][T26760] __x64_sys_ioctl+0xe3/0x120 [ 920.149621][T26760] do_syscall_64+0xfe/0x140 [ 920.149632][T26760] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 920.149641][T26760] RIP: 0033:0x4596e7 [ 920.149649][T26760] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 920.149654][T26760] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 920.149663][T26760] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 920.149667][T26760] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 920.149671][T26760] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 920.149676][T26760] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 920.149681][T26760] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 920.529748][T26754] ldm_validate_privheads(): Disk read failed. [ 920.537328][T26754] loop4: p1 < > p2 [ 920.542031][T26754] loop4: partition table partially beyond EOD, truncated [ 920.551220][T26754] loop4: p1 start 1 is beyond EOD, truncated [ 920.557282][T26754] loop4: p2 size 327680 extends beyond EOD, truncated [ 920.650046][T26772] print_req_error: 1 callbacks suppressed [ 920.650057][T26772] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 920.651785][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 920.656123][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.686173][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.694529][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.705486][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.713601][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.725124][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.733771][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.744745][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.753145][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.764195][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.775273][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.786425][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.796708][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.807828][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.816014][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.826967][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.835174][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 920.846048][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 920.854295][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:09:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000040)) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000005203000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) r4 = geteuid() mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bpf\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303037372c6d6f64653d30303030303030303030303030303030303130303030302c6d6f64653d30303030303030303030303030303030303030303030372c6d6f64653d30303030303030303030303030303030303030303337372c657569643e4b0f11cb5b1c102d044b01d2f6f1f6645c73d11fe448a9eb7753c6db044c18935bd146874ba7d75de0d1c074b4091567a8bb272a907e8e47faf46a0a879525edb8b011f34d74cb0a0a10c3cbc9edf30c1459d73cb3e82a1b491d1934ca5fa562d29821ab87c2c0d68b206732a9faf9f6e944d7f3b9683fa353665eacf3c54021c0b88d56e0a750fc9432c56180414050a3df909b49495f7894a9c7b095b0a725746665a13b9619d0ce2fe0ab130935cc48eb82e14be60ecdebe2e8b97fa88ab7d52faf177761e430a1d845574139dbe90dd2", @ANYRESDEC=r4, @ANYBLOB=',\x00']) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x400) tkill(r2, 0x22) 15:09:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/net\x00') r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000002000000f60d00000004000009000300003001000030010000780200000000000000607c148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) getpeername$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) 15:09:45 executing program 1 (fault-call:0 fault-nth:27): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:45 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="05ff0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x100000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 922.010066][T26788] FAULT_INJECTION: forcing a failure. [ 922.010066][T26788] name failslab, interval 1, probability 0, space 0, times 0 [ 922.034457][T26788] CPU: 0 PID: 26788 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 922.042516][T26788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 922.052568][T26788] Call Trace: [ 922.055865][T26788] dump_stack+0x1d8/0x2f8 [ 922.060191][T26788] should_fail+0x555/0x770 [ 922.064603][T26788] __should_failslab+0x11a/0x160 [ 922.069536][T26788] ? __kernfs_new_node+0x97/0x6b0 [ 922.074564][T26788] should_failslab+0x9/0x20 [ 922.079068][T26788] kmem_cache_alloc+0x56/0x2e0 [ 922.083840][T26788] __kernfs_new_node+0x97/0x6b0 [ 922.088685][T26788] ? __kasan_check_write+0x14/0x20 [ 922.093794][T26788] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 922.099428][T26788] ? mutex_unlock+0xd/0x10 [ 922.103851][T26788] ? kernfs_activate+0x213/0x230 [ 922.108797][T26788] kernfs_new_node+0x97/0x180 [ 922.113488][T26788] __kernfs_create_file+0x4a/0x2f0 [ 922.118607][T26788] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 922.123983][T26788] internal_create_group+0x4be/0xd90 [ 922.129276][T26788] sysfs_create_group+0x1f/0x30 [ 922.134125][T26788] loop_set_fd+0xcb2/0x1180 [ 922.138632][T26788] lo_ioctl+0xd5/0x2200 [ 922.142780][T26788] ? __kasan_slab_free+0x12a/0x1e0 [ 922.147875][T26788] ? kasan_slab_free+0xe/0x10 [ 922.152535][T26788] ? kfree+0x115/0x200 [ 922.156593][T26788] ? tomoyo_path_number_perm+0x4e1/0x640 [ 922.162217][T26788] ? tomoyo_file_ioctl+0x23/0x30 [ 922.167144][T26788] ? security_file_ioctl+0x6d/0xd0 [ 922.172309][T26788] ? __x64_sys_ioctl+0xa3/0x120 [ 922.177142][T26788] ? do_syscall_64+0xfe/0x140 [ 922.181839][T26788] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 922.187932][T26788] ? debug_check_no_obj_freed+0x505/0x5b0 [ 922.193632][T26788] ? trace_lock_release+0x135/0x1a0 [ 922.198805][T26788] ? debug_check_no_obj_freed+0x505/0x5b0 [ 922.204509][T26788] ? rcu_lock_release+0x9/0x30 [ 922.209256][T26788] ? trace_lock_release+0x135/0x1a0 [ 922.214425][T26788] ? rcu_lock_release+0x9/0x30 [ 922.219166][T26788] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 922.224777][T26788] ? lo_release+0x1f0/0x1f0 [ 922.229255][T26788] blkdev_ioctl+0x807/0x2990 [ 922.233852][T26788] ? tomoyo_path_number_perm+0x53e/0x640 [ 922.239473][T26788] block_ioctl+0xbd/0x100 [ 922.243779][T26788] ? blkdev_iopoll+0x100/0x100 [ 922.248520][T26788] do_vfs_ioctl+0x744/0x1730 [ 922.253099][T26788] ? __fget+0x401/0x510 [ 922.257237][T26788] ? tomoyo_file_ioctl+0x23/0x30 [ 922.262150][T26788] ? security_file_ioctl+0xa1/0xd0 [ 922.267234][T26788] __x64_sys_ioctl+0xe3/0x120 [ 922.271882][T26788] do_syscall_64+0xfe/0x140 [ 922.276380][T26788] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 922.282351][T26788] RIP: 0033:0x4596e7 [ 922.286221][T26788] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:09:45 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000) 15:09:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[@window={0x3, 0x7, 0x3a9f}, @timestamp], 0x2) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) tkill(r1, 0x40) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1fffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x17, &(0x7f0000000280)=0x7ff, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=0x0) ptrace$cont(0x18, r1, 0x2, 0x1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) bind$bt_sco(r3, &(0x7f0000000000)={0x1f, {0xbf52, 0x7, 0x9, 0x0, 0x1, 0x7f}}, 0x8) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 922.305804][T26788] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 922.314194][T26788] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 922.322158][T26788] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 922.330116][T26788] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 922.338080][T26788] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 922.346030][T26788] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 922.451449][T26791] ldm_validate_privheads(): Disk read failed. [ 922.476685][T26791] loop4: p1 < > p2 [ 922.483657][T26791] loop4: partition table partially beyond EOD, truncated [ 922.491403][T26791] loop4: p1 start 1 is beyond EOD, truncated 15:09:46 executing program 1 (fault-call:0 fault-nth:28): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 922.498063][T26791] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) sched_setattr(r1, &(0x7f0000000000)={0x30, 0x1, 0x0, 0x8000, 0x100000000, 0x6, 0x1, 0x23b}, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 922.602824][T26828] FAULT_INJECTION: forcing a failure. [ 922.602824][T26828] name failslab, interval 1, probability 0, space 0, times 0 [ 922.629716][T26828] CPU: 0 PID: 26828 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 922.637864][T26828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 922.647916][T26828] Call Trace: [ 922.651211][T26828] dump_stack+0x1d8/0x2f8 [ 922.655531][T26828] should_fail+0x555/0x770 [ 922.659944][T26828] __should_failslab+0x11a/0x160 [ 922.664965][T26828] ? __kernfs_new_node+0x97/0x6b0 [ 922.669989][T26828] should_failslab+0x9/0x20 [ 922.674485][T26828] kmem_cache_alloc+0x56/0x2e0 [ 922.679727][T26828] __kernfs_new_node+0x97/0x6b0 [ 922.684567][T26828] ? __kasan_check_write+0x14/0x20 [ 922.689666][T26828] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 922.695375][T26828] ? mutex_unlock+0xd/0x10 15:09:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r2, 0x12, 0x2, &(0x7f0000000000)=""/101, &(0x7f00000000c0)=0x65) [ 922.699777][T26828] ? kernfs_activate+0x213/0x230 [ 922.704713][T26828] kernfs_new_node+0x97/0x180 [ 922.709383][T26828] __kernfs_create_file+0x4a/0x2f0 [ 922.714492][T26828] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 922.719867][T26828] internal_create_group+0x4be/0xd90 [ 922.725152][T26828] sysfs_create_group+0x1f/0x30 [ 922.729989][T26828] loop_set_fd+0xcb2/0x1180 [ 922.734536][T26828] lo_ioctl+0xd5/0x2200 [ 922.738696][T26828] ? __kasan_slab_free+0x12a/0x1e0 [ 922.743902][T26828] ? kasan_slab_free+0xe/0x10 [ 922.748550][T26828] ? kfree+0x115/0x200 [ 922.752608][T26828] ? tomoyo_path_number_perm+0x4e1/0x640 [ 922.758311][T26828] ? tomoyo_file_ioctl+0x23/0x30 [ 922.763251][T26828] ? security_file_ioctl+0x6d/0xd0 [ 922.768342][T26828] ? __x64_sys_ioctl+0xa3/0x120 [ 922.773168][T26828] ? do_syscall_64+0xfe/0x140 [ 922.777820][T26828] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 922.783862][T26828] ? debug_check_no_obj_freed+0x505/0x5b0 [ 922.789577][T26828] ? trace_lock_release+0x135/0x1a0 [ 922.794773][T26828] ? debug_check_no_obj_freed+0x505/0x5b0 [ 922.800487][T26828] ? rcu_lock_release+0x9/0x30 [ 922.805232][T26828] ? trace_lock_release+0x135/0x1a0 [ 922.810410][T26828] ? rcu_lock_release+0x9/0x30 [ 922.815146][T26828] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 922.820771][T26828] ? lo_release+0x1f0/0x1f0 [ 922.825274][T26828] blkdev_ioctl+0x807/0x2990 [ 922.829844][T26828] ? tomoyo_path_number_perm+0x53e/0x640 [ 922.835479][T26828] block_ioctl+0xbd/0x100 [ 922.839789][T26828] ? blkdev_iopoll+0x100/0x100 [ 922.844529][T26828] do_vfs_ioctl+0x744/0x1730 [ 922.849095][T26828] ? __fget+0x401/0x510 [ 922.853230][T26828] ? tomoyo_file_ioctl+0x23/0x30 [ 922.858145][T26828] ? security_file_ioctl+0xa1/0xd0 [ 922.863238][T26828] __x64_sys_ioctl+0xe3/0x120 [ 922.867915][T26828] do_syscall_64+0xfe/0x140 [ 922.872419][T26828] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 922.878293][T26828] RIP: 0033:0x4596e7 [ 922.882185][T26828] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 922.901797][T26828] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 922.910183][T26828] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 922.918130][T26828] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 922.926084][T26828] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 922.934034][T26828] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 922.941982][T26828] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") fcntl$getown(r0, 0x9) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x200001, 0x0) ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000200)={0x3, 0xb3, &(0x7f0000000140)="6e7a11b403e400cbb44bb8494985f722db7d76b84f974f1586a063e932506b9e7bc72ac0673411ad70a205875a23a539ac4ddcbc7abc820e76d1a68d1b99ad868f5a9557766f62d06b119c464848977754c2cc11dcca2317bb7a9d5a4e67a80f9318a1399776b7503ecaf2c409aa090deaa40030c8e3f5a26e7e1bc042066a539d736be2a8210edb71fc53af52ee78b00ba877b8253d509c6c2c07cf287addcd5af2ca8bb2cc9607e078bb1d043cf9bfeb6e6d"}) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = gettid() r5 = dup(r2) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000340)='fou\x00') sendmsg$FOU_CMD_GET(r5, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x30, r6, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e24}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000800}, 0x24000000) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r2, 0x4, 0x2000) 15:09:48 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000300000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:48 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = getpid() ptrace$setregs(0xf, r1, 0x200, &(0x7f0000000000)="3894cbea34eda771ebb5f7a69f") setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:48 executing program 1 (fault-call:0 fault-nth:29): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:48 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3fffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 925.041826][T26851] FAULT_INJECTION: forcing a failure. [ 925.041826][T26851] name failslab, interval 1, probability 0, space 0, times 0 [ 925.064940][T26851] CPU: 0 PID: 26851 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 925.072949][T26851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 925.083004][T26851] Call Trace: [ 925.086296][T26851] dump_stack+0x1d8/0x2f8 [ 925.090644][T26851] should_fail+0x555/0x770 [ 925.095065][T26851] __should_failslab+0x11a/0x160 [ 925.099999][T26851] ? __kernfs_new_node+0x97/0x6b0 [ 925.105020][T26851] should_failslab+0x9/0x20 [ 925.109520][T26851] kmem_cache_alloc+0x56/0x2e0 [ 925.114448][T26851] __kernfs_new_node+0x97/0x6b0 [ 925.119312][T26851] ? __kasan_check_write+0x14/0x20 [ 925.124425][T26851] ? __mutex_unlock_slowpath+0x13c/0x5b0 [ 925.130056][T26851] ? mutex_unlock+0xd/0x10 [ 925.134464][T26851] ? kernfs_activate+0x213/0x230 [ 925.139399][T26851] kernfs_new_node+0x97/0x180 [ 925.144516][T26851] __kernfs_create_file+0x4a/0x2f0 [ 925.149631][T26851] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 925.155013][T26851] internal_create_group+0x4be/0xd90 [ 925.160323][T26851] sysfs_create_group+0x1f/0x30 [ 925.165183][T26851] loop_set_fd+0xcb2/0x1180 [ 925.169702][T26851] lo_ioctl+0xd5/0x2200 [ 925.173856][T26851] ? __kasan_slab_free+0x12a/0x1e0 [ 925.179090][T26851] ? kasan_slab_free+0xe/0x10 [ 925.183779][T26851] ? kfree+0x115/0x200 [ 925.187851][T26851] ? tomoyo_path_number_perm+0x4e1/0x640 [ 925.193463][T26851] ? tomoyo_file_ioctl+0x23/0x30 [ 925.198374][T26851] ? security_file_ioctl+0x6d/0xd0 [ 925.203458][T26851] ? __x64_sys_ioctl+0xa3/0x120 [ 925.208279][T26851] ? do_syscall_64+0xfe/0x140 [ 925.212959][T26851] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.219006][T26851] ? debug_check_no_obj_freed+0x505/0x5b0 [ 925.224705][T26851] ? trace_lock_release+0x135/0x1a0 [ 925.229898][T26851] ? debug_check_no_obj_freed+0x505/0x5b0 [ 925.235596][T26851] ? rcu_lock_release+0x9/0x30 [ 925.240351][T26851] ? trace_lock_release+0x135/0x1a0 [ 925.245521][T26851] ? rcu_lock_release+0x9/0x30 [ 925.250261][T26851] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 925.255891][T26851] ? lo_release+0x1f0/0x1f0 [ 925.260374][T26851] blkdev_ioctl+0x807/0x2990 [ 925.264942][T26851] ? tomoyo_path_number_perm+0x53e/0x640 [ 925.270551][T26851] block_ioctl+0xbd/0x100 [ 925.274871][T26851] ? blkdev_iopoll+0x100/0x100 [ 925.279615][T26851] do_vfs_ioctl+0x744/0x1730 [ 925.284180][T26851] ? __fget+0x401/0x510 [ 925.288326][T26851] ? tomoyo_file_ioctl+0x23/0x30 [ 925.293245][T26851] ? security_file_ioctl+0xa1/0xd0 [ 925.298332][T26851] __x64_sys_ioctl+0xe3/0x120 [ 925.303006][T26851] do_syscall_64+0xfe/0x140 [ 925.307521][T26851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.313660][T26851] RIP: 0033:0x4596e7 [ 925.317531][T26851] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 925.337194][T26851] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 925.345578][T26851] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 925.353541][T26851] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 925.361489][T26851] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 925.369455][T26851] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 925.377406][T26851] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:48 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x0) 15:09:48 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068cc5a0020f6e189c4bcfa3c1da049476af5aad824dcd15b15f2a3036a1461cee664aa6219a19764c806ab6dda054e1db84cffdab10777a1ddbde4978238e76bfbe294fb056062721a97451727dce09dab0b5184366803f95e93dc501bbe0f91caacc5d12d6a1e6997bdb4f2c9d33572628d77815028c185eaef269fd6f4fcde2b"], 0x1) ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f00000002c0)={0x0, 0x0, @ioapic}) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) getsockname$tipc(r2, &(0x7f0000000000), &(0x7f0000000040)=0x10) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040)=0x7, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000100), 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$RDS_CONG_MONITOR(r3, 0x114, 0x6, &(0x7f0000000140), 0x4) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d00f7cd0ab5082b6cff209961010000300180007802000000000000006078148f3a4f000c496803885fecab02a23fff81c38f6dadea00"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c746572000000000000000000000000004000f8ff0000000000000000f60d0000000400000900030000300100003001000078020000000000000060780f8f3a4f000000680300006803000068030000b403000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 925.455264][T26853] ldm_validate_privheads(): Disk read failed. [ 925.463945][T26853] loop4: p1 p2 [ 925.473966][T26853] loop4: partition table partially beyond EOD, truncated [ 925.484996][T26853] loop4: p1 start 1 is beyond EOD, truncated [ 925.493983][T26853] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:49 executing program 1 (fault-call:0 fault-nth:30): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$RXRPC_SECURITY_KEY(r2, 0x110, 0x1, &(0x7f0000000000)='%-\x00', 0x3) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000040000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) rt_sigpending(&(0x7f0000000100), 0x8) capget(&(0x7f0000000040)={0x20071026, r2}, &(0x7f00000000c0)={0x6, 0x2, 0x3, 0xa9db, 0x1, 0x4}) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 925.681878][T26891] FAULT_INJECTION: forcing a failure. [ 925.681878][T26891] name failslab, interval 1, probability 0, space 0, times 0 [ 925.695219][T26891] CPU: 1 PID: 26891 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 925.703201][T26891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 925.713249][T26891] Call Trace: [ 925.716539][T26891] dump_stack+0x1d8/0x2f8 [ 925.720955][T26891] should_fail+0x555/0x770 [ 925.725375][T26891] __should_failslab+0x11a/0x160 15:09:49 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x0) [ 925.730313][T26891] ? kzalloc+0x26/0x40 [ 925.734372][T26891] should_failslab+0x9/0x20 [ 925.738862][T26891] __kmalloc+0x7a/0x340 [ 925.743018][T26891] kzalloc+0x26/0x40 [ 925.746997][T26891] kobject_get_path+0xa7/0x1d0 [ 925.751756][T26891] kobject_uevent_env+0x2f2/0x1260 [ 925.756846][T26891] kobject_uevent+0x1f/0x30 [ 925.761326][T26891] loop_set_fd+0xd21/0x1180 [ 925.765816][T26891] lo_ioctl+0xd5/0x2200 [ 925.769962][T26891] ? __kasan_slab_free+0x12a/0x1e0 [ 925.775051][T26891] ? kasan_slab_free+0xe/0x10 [ 925.779710][T26891] ? kfree+0x115/0x200 [ 925.783774][T26891] ? tomoyo_path_number_perm+0x4e1/0x640 [ 925.789396][T26891] ? tomoyo_file_ioctl+0x23/0x30 [ 925.794317][T26891] ? security_file_ioctl+0x6d/0xd0 [ 925.799413][T26891] ? __x64_sys_ioctl+0xa3/0x120 [ 925.804300][T26891] ? do_syscall_64+0xfe/0x140 [ 925.809045][T26891] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.815098][T26891] ? debug_check_no_obj_freed+0x505/0x5b0 [ 925.820796][T26891] ? trace_lock_release+0x135/0x1a0 [ 925.825976][T26891] ? debug_check_no_obj_freed+0x505/0x5b0 [ 925.831691][T26891] ? rcu_lock_release+0x9/0x30 [ 925.836439][T26891] ? trace_lock_release+0x135/0x1a0 [ 925.841626][T26891] ? rcu_lock_release+0x9/0x30 [ 925.846368][T26891] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 925.851979][T26891] ? lo_release+0x1f0/0x1f0 [ 925.856460][T26891] blkdev_ioctl+0x807/0x2990 [ 925.861031][T26891] ? tomoyo_path_number_perm+0x53e/0x640 [ 925.866647][T26891] block_ioctl+0xbd/0x100 [ 925.870952][T26891] ? blkdev_iopoll+0x100/0x100 [ 925.875702][T26891] do_vfs_ioctl+0x744/0x1730 [ 925.880289][T26891] ? __fget+0x401/0x510 [ 925.884441][T26891] ? tomoyo_file_ioctl+0x23/0x30 [ 925.891839][T26891] ? security_file_ioctl+0xa1/0xd0 [ 925.897021][T26891] __x64_sys_ioctl+0xe3/0x120 [ 925.901688][T26891] do_syscall_64+0xfe/0x140 [ 925.906190][T26891] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.912064][T26891] RIP: 0033:0x4596e7 [ 925.915936][T26891] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 925.935514][T26891] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 925.943904][T26891] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 925.952053][T26891] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 925.960011][T26891] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 925.967966][T26891] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 925.975913][T26891] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 925.988256][T26853] ldm_validate_privheads(): Disk read failed. [ 926.000532][T26853] loop4: p1 p2 [ 926.005069][T26853] loop4: partition table partially beyond EOD, truncated [ 926.018132][T26853] loop4: p1 start 1 is beyond EOD, truncated [ 926.029798][T26853] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:49 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02020500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7fffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:49 executing program 1 (fault-call:0 fault-nth:31): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 926.202877][T26922] FAULT_INJECTION: forcing a failure. [ 926.202877][T26922] name failslab, interval 1, probability 0, space 0, times 0 [ 926.235474][T26922] CPU: 0 PID: 26922 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 926.243493][T26922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.253541][T26922] Call Trace: [ 926.256839][T26922] dump_stack+0x1d8/0x2f8 [ 926.261175][T26922] should_fail+0x555/0x770 [ 926.265579][T26922] __should_failslab+0x11a/0x160 [ 926.270522][T26922] ? kzalloc+0x26/0x40 [ 926.274613][T26922] should_failslab+0x9/0x20 [ 926.279095][T26922] __kmalloc+0x7a/0x340 [ 926.283235][T26922] kzalloc+0x26/0x40 [ 926.287107][T26922] kobject_get_path+0xa7/0x1d0 [ 926.291849][T26922] kobject_uevent_env+0x2f2/0x1260 [ 926.296939][T26922] kobject_uevent+0x1f/0x30 [ 926.301428][T26922] loop_set_fd+0xd21/0x1180 [ 926.306046][T26922] lo_ioctl+0xd5/0x2200 [ 926.310190][T26922] ? __kasan_slab_free+0x12a/0x1e0 [ 926.315276][T26922] ? kasan_slab_free+0xe/0x10 [ 926.319952][T26922] ? kfree+0x115/0x200 [ 926.324003][T26922] ? tomoyo_path_number_perm+0x4e1/0x640 [ 926.329694][T26922] ? tomoyo_file_ioctl+0x23/0x30 [ 926.334617][T26922] ? security_file_ioctl+0x6d/0xd0 [ 926.339709][T26922] ? __x64_sys_ioctl+0xa3/0x120 [ 926.344543][T26922] ? do_syscall_64+0xfe/0x140 [ 926.349201][T26922] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 926.355243][T26922] ? debug_check_no_obj_freed+0x505/0x5b0 [ 926.360948][T26922] ? trace_lock_release+0x135/0x1a0 [ 926.366128][T26922] ? debug_check_no_obj_freed+0x505/0x5b0 [ 926.371827][T26922] ? rcu_lock_release+0x9/0x30 [ 926.376570][T26922] ? trace_lock_release+0x135/0x1a0 [ 926.381758][T26922] ? rcu_lock_release+0x9/0x30 [ 926.386510][T26922] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 926.392123][T26922] ? lo_release+0x1f0/0x1f0 [ 926.396628][T26922] blkdev_ioctl+0x807/0x2990 [ 926.401211][T26922] ? tomoyo_path_number_perm+0x53e/0x640 [ 926.406837][T26922] block_ioctl+0xbd/0x100 [ 926.411148][T26922] ? blkdev_iopoll+0x100/0x100 [ 926.415887][T26922] do_vfs_ioctl+0x744/0x1730 [ 926.420455][T26922] ? __fget+0x401/0x510 [ 926.424600][T26922] ? tomoyo_file_ioctl+0x23/0x30 [ 926.429560][T26922] ? security_file_ioctl+0xa1/0xd0 [ 926.434657][T26922] __x64_sys_ioctl+0xe3/0x120 [ 926.439323][T26922] do_syscall_64+0xfe/0x140 [ 926.443804][T26922] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 926.449691][T26922] RIP: 0033:0x4596e7 [ 926.453565][T26922] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 926.473160][T26922] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 926.481555][T26922] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 926.489551][T26922] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 15:09:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="11dca50d5e0bcfe47bf070") sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) fcntl$setlease(r0, 0x400, 0x0) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x800, 0x0) ioctl$EVIOCGPROP(r3, 0x80404509, &(0x7f00000000c0)=""/165) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) ioctl$PPPIOCCONNECT(r3, 0x4004743a, &(0x7f0000000180)=0x2) connect$inet6(r4, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x8}, 0x10) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = gettid() r6 = dup(r4) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x10010000000035) fcntl$setstatus(r4, 0x4, 0x2000) [ 926.497534][T26922] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 926.505489][T26922] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 926.513436][T26922] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 926.612016][T26936] netlink: 19 bytes leftover after parsing attributes in process `syz-executor.5'. 15:09:50 executing program 1 (fault-call:0 fault-nth:32): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0xc41, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffffffffffa, @mcast1, 0xffffffff}}, 0x3, 0x6, 0x5, 0x14, 0x40}, &(0x7f0000000200)=0x98) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000240)={r3, 0xffffffffffffffff}, 0x8) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = gettid() r5 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) syz_genetlink_get_family_id$net_dm(&(0x7f0000000340)='NET_DM\x00') ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) getsockname$inet(r5, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f00000000c0)=0x10) fcntl$setstatus(r0, 0x4, 0x0) [ 926.711814][T26933] ldm_validate_privheads(): Disk read failed. [ 926.731225][T26933] loop4: p1 < > p2 [ 926.736671][T26933] loop4: partition table partially beyond EOD, truncated [ 926.745644][T26946] FAULT_INJECTION: forcing a failure. [ 926.745644][T26946] name failslab, interval 1, probability 0, space 0, times 0 [ 926.759259][T26946] CPU: 1 PID: 26946 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 926.767241][T26946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.777294][T26946] Call Trace: [ 926.780577][T26946] dump_stack+0x1d8/0x2f8 [ 926.784893][T26946] should_fail+0x555/0x770 [ 926.789302][T26946] __should_failslab+0x11a/0x160 [ 926.794246][T26946] should_failslab+0x9/0x20 [ 926.798727][T26946] kmem_cache_alloc_node+0x65/0x280 [ 926.803902][T26946] ? __alloc_skb+0x9f/0x500 [ 926.808378][T26946] __alloc_skb+0x9f/0x500 [ 926.812687][T26946] alloc_uevent_skb+0x7f/0x230 [ 926.817423][T26946] kobject_uevent_env+0xcbb/0x1260 [ 926.822512][T26946] kobject_uevent+0x1f/0x30 [ 926.826994][T26946] loop_set_fd+0xd21/0x1180 [ 926.831512][T26946] lo_ioctl+0xd5/0x2200 [ 926.835644][T26946] ? __kasan_slab_free+0x12a/0x1e0 [ 926.840735][T26946] ? kasan_slab_free+0xe/0x10 [ 926.845395][T26946] ? kfree+0x115/0x200 [ 926.849447][T26946] ? tomoyo_path_number_perm+0x4e1/0x640 [ 926.855060][T26946] ? tomoyo_file_ioctl+0x23/0x30 [ 926.859985][T26946] ? security_file_ioctl+0x6d/0xd0 [ 926.865085][T26946] ? __x64_sys_ioctl+0xa3/0x120 [ 926.869918][T26946] ? do_syscall_64+0xfe/0x140 [ 926.874571][T26946] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 926.880622][T26946] ? debug_check_no_obj_freed+0x505/0x5b0 [ 926.886325][T26946] ? trace_lock_release+0x135/0x1a0 [ 926.891495][T26946] ? debug_check_no_obj_freed+0x505/0x5b0 [ 926.897363][T26946] ? rcu_lock_release+0x9/0x30 [ 926.902121][T26946] ? trace_lock_release+0x135/0x1a0 [ 926.907293][T26946] ? rcu_lock_release+0x9/0x30 [ 926.912031][T26946] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 926.917638][T26946] ? lo_release+0x1f0/0x1f0 [ 926.922118][T26946] blkdev_ioctl+0x807/0x2990 [ 926.926688][T26946] ? tomoyo_path_number_perm+0x53e/0x640 [ 926.932300][T26946] block_ioctl+0xbd/0x100 [ 926.936604][T26946] ? blkdev_iopoll+0x100/0x100 [ 926.941342][T26946] do_vfs_ioctl+0x744/0x1730 [ 926.945916][T26946] ? __fget+0x401/0x510 [ 926.950050][T26946] ? tomoyo_file_ioctl+0x23/0x30 [ 926.954975][T26946] ? security_file_ioctl+0xa1/0xd0 [ 926.960083][T26946] __x64_sys_ioctl+0xe3/0x120 [ 926.964746][T26946] do_syscall_64+0xfe/0x140 [ 926.969227][T26946] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 926.975098][T26946] RIP: 0033:0x4596e7 [ 926.978966][T26946] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 926.998546][T26946] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.006936][T26946] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 00000000004596e7 [ 927.014898][T26946] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 927.022852][T26946] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 927.030799][T26946] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 927.038746][T26946] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 927.048254][T26933] loop4: p1 start 1 is beyond EOD, truncated [ 927.054973][T26933] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:50 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:50 executing program 1 (fault-call:0 fault-nth:33): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 927.234885][T26933] ldm_validate_privheads(): Disk read failed. [ 927.241910][T26933] loop4: p1 < > p2 [ 927.245898][T26933] loop4: partition table partially beyond EOD, truncated [ 927.253391][T26933] loop4: p1 start 1 is beyond EOD, truncated [ 927.260787][T26933] loop4: p2 size 327680 extends beyond EOD, truncated [ 927.278246][T26967] FAULT_INJECTION: forcing a failure. [ 927.278246][T26967] name failslab, interval 1, probability 0, space 0, times 0 [ 927.294039][T26967] CPU: 1 PID: 26967 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 927.302163][T26967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.312212][T26967] Call Trace: [ 927.315485][T26967] dump_stack+0x1d8/0x2f8 [ 927.319823][T26967] should_fail+0x555/0x770 [ 927.324226][T26967] __should_failslab+0x11a/0x160 [ 927.329151][T26967] ? tomoyo_encode2+0x273/0x5a0 [ 927.333987][T26967] should_failslab+0x9/0x20 [ 927.338463][T26967] __kmalloc+0x7a/0x340 [ 927.342596][T26967] tomoyo_encode2+0x273/0x5a0 [ 927.347252][T26967] tomoyo_realpath_from_path+0x769/0x7c0 [ 927.352921][T26967] tomoyo_path_number_perm+0x166/0x640 [ 927.358390][T26967] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 927.364008][T26967] ? trace_kmem_cache_free+0xa0/0x110 [ 927.369361][T26967] tomoyo_path_mkdir+0x9c/0xc0 [ 927.374113][T26967] security_path_mkdir+0xed/0x170 [ 927.379111][T26967] do_mkdirat+0x15c/0x320 [ 927.383417][T26967] __x64_sys_mkdir+0x60/0x70 [ 927.387986][T26967] do_syscall_64+0xfe/0x140 [ 927.392471][T26967] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 927.398346][T26967] RIP: 0033:0x458c97 [ 927.402230][T26967] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 927.421815][T26967] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 15:09:51 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02030500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 927.430294][T26967] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 927.438244][T26967] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 927.446197][T26967] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 927.454159][T26967] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 927.462113][T26967] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 927.471549][T26967] ERROR: Out of memory at tomoyo_realpath_from_path. [ 927.659671][T26973] ldm_validate_privheads(): Disk read failed. [ 927.666140][T26973] loop4: p1 < > p2 [ 927.670098][T26973] loop4: partition table partially beyond EOD, truncated [ 927.677398][T26973] loop4: p1 start 1 is beyond EOD, truncated [ 927.685072][T26973] loop4: p2 size 327680 extends beyond EOD, truncated [ 927.809770][T26973] ldm_validate_privheads(): Disk read failed. [ 927.816056][T26973] loop4: p1 < > p2 [ 927.820050][T26973] loop4: partition table partially beyond EOD, truncated [ 927.827291][T26973] loop4: p1 start 1 is beyond EOD, truncated [ 927.833708][T26973] loop4: p2 size 327680 extends beyond EOD, truncated [ 927.900890][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 927.903128][T26984] print_req_error: 12 callbacks suppressed [ 927.903140][T26984] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 927.914912][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 927.937859][ T2510] buffer_io_error: 10 callbacks suppressed [ 927.937864][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 927.953440][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 927.964370][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 927.972565][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 927.983461][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 927.991839][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 928.003229][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 928.011686][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 928.022715][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 928.030916][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 928.041972][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 928.050228][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 928.061372][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 928.069526][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 928.080573][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 928.088826][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 928.099757][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 928.107859][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:09:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ptrace$setsig(0x4203, r1, 0x8, &(0x7f0000000000)={0x3e, 0x8, 0x1}) r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:52 executing program 1 (fault-call:0 fault-nth:34): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:52 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02040500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:52 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x0) [ 929.091364][T27007] FAULT_INJECTION: forcing a failure. [ 929.091364][T27007] name failslab, interval 1, probability 0, space 0, times 0 [ 929.132694][T27007] CPU: 1 PID: 27007 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 929.140700][T27007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 929.150757][T27007] Call Trace: [ 929.154205][T27007] dump_stack+0x1d8/0x2f8 [ 929.158532][T27007] should_fail+0x555/0x770 [ 929.162946][T27007] __should_failslab+0x11a/0x160 [ 929.167885][T27007] ? getname_flags+0xba/0x640 [ 929.172676][T27007] should_failslab+0x9/0x20 [ 929.177170][T27007] kmem_cache_alloc+0x56/0x2e0 15:09:52 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 929.181932][T27007] ? __kasan_check_write+0x14/0x20 [ 929.187122][T27007] getname_flags+0xba/0x640 [ 929.191618][T27007] do_mkdirat+0x3c/0x320 [ 929.195857][T27007] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 929.201580][T27007] ? trace_hardirqs_off_caller+0x58/0x80 [ 929.207207][T27007] ? do_syscall_64+0x1d/0x140 [ 929.211877][T27007] __x64_sys_mkdir+0x60/0x70 [ 929.216463][T27007] do_syscall_64+0xfe/0x140 [ 929.220962][T27007] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 929.226862][T27007] RIP: 0033:0x458c97 15:09:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x922, 0x1c9001) ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431) r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) getsockname$ax25(r3, &(0x7f0000000000)={{0x3, @null}, [@null, @default, @bcast, @netrom, @default, @null, @bcast, @bcast]}, &(0x7f00000000c0)=0x48) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 929.230762][T27007] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 929.250389][T27007] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 929.258790][T27007] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 929.266750][T27007] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 929.274701][T27007] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 15:09:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1ffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 929.282649][T27007] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 929.290598][T27007] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 929.312132][T27002] ldm_validate_privheads(): Disk read failed. [ 929.318263][T27002] loop4: p1 < > p2 [ 929.323471][T27002] loop4: partition table partially beyond EOD, truncated [ 929.332292][T27002] loop4: p1 start 1 is beyond EOD, truncated [ 929.338284][T27002] loop4: p2 size 327680 extends beyond EOD, truncated [ 929.456112][T27034] ptrace attach of "/root/syz-executor.3"[27031] was attempted by "/root/syz-executor.3"[27034] 15:09:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)=0x0) write$FUSE_LK(r2, &(0x7f0000000100)={0x28, 0x0, 0x3, {{0x7fff, 0x38, 0x2, r3}}}, 0x28) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = gettid() r5 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:53 executing program 1 (fault-call:0 fault-nth:35): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:53 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02050500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:53 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0xffff, 0x1) ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000380)) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x200, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000002c0)={0x79, 0x0, [0x9, 0x8, 0x7, 0x6]}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000006c0)=ANY=[], 0x0) ioctl$SIOCRSGCAUSE(r0, 0x89e0, &(0x7f00000003c0)) ptrace$setopts(0x4206, r3, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x3, 0x1, 0x7fffffff, 0x8, 0x9}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f00000001c0)={r5, @in6={{0xa, 0x4e24, 0x9, @local, 0x2}}}, &(0x7f0000000340)=0x84) tkill(r3, 0x10010000000035) fcntl$setstatus(r2, 0x4, 0x2000) [ 930.104016][T27050] FAULT_INJECTION: forcing a failure. [ 930.104016][T27050] name failslab, interval 1, probability 0, space 0, times 0 [ 930.129481][T27050] CPU: 1 PID: 27050 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 930.137484][T27050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 930.147026][T27058] ptrace attach of "/root/syz-executor.3"[27057] was attempted by "/root/syz-executor.3"[27058] [ 930.147531][T27050] Call Trace: [ 930.147549][T27050] dump_stack+0x1d8/0x2f8 [ 930.147564][T27050] should_fail+0x555/0x770 [ 930.169953][T27050] __should_failslab+0x11a/0x160 [ 930.174882][T27050] ? getname_flags+0xba/0x640 [ 930.179545][T27050] should_failslab+0x9/0x20 [ 930.184049][T27050] kmem_cache_alloc+0x56/0x2e0 [ 930.188807][T27050] ? __kasan_check_write+0x14/0x20 [ 930.193917][T27050] getname_flags+0xba/0x640 [ 930.198412][T27050] do_mkdirat+0x3c/0x320 [ 930.202642][T27050] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 930.208345][T27050] ? trace_hardirqs_off_caller+0x58/0x80 [ 930.213962][T27050] ? do_syscall_64+0x1d/0x140 [ 930.218631][T27050] __x64_sys_mkdir+0x60/0x70 [ 930.223206][T27050] do_syscall_64+0xfe/0x140 [ 930.227696][T27050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 930.233576][T27050] RIP: 0033:0x458c97 [ 930.237471][T27050] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 930.257074][T27050] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 930.265486][T27050] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 930.273447][T27050] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 930.281402][T27050] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 930.289365][T27050] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 15:09:53 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 930.297334][T27050] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x8}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0x1f, 0x8206, 0x0, 0x6, 0x0}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000340)={r2, 0x1, 0x853, 0x100, 0x5, 0xde, 0x7a79, 0x5, {r3, @in6={{0xa, 0x4e22, 0xffffffff, @dev={0xfe, 0x80, [], 0x14}, 0x6}}, 0x3f, 0x7, 0x54e, 0x9, 0xfffffffffffffeff}}, &(0x7f0000000200)=0xb0) r4 = gettid() r5 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:53 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x2000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:53 executing program 1 (fault-call:0 fault-nth:36): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 930.414820][T27051] ldm_validate_privheads(): Disk read failed. [ 930.439056][T27051] loop4: p1 < > p2 15:09:54 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 930.481707][T27051] loop4: partition table partially beyond EOD, truncated [ 930.492593][T27086] ptrace attach of "/root/syz-executor.3"[27085] was attempted by "/root/syz-executor.3"[27086] [ 930.507250][T27051] loop4: p1 start 1 is beyond EOD, truncated [ 930.518115][T27051] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x1, 0x0) 15:09:54 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) 15:09:54 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02060500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:54 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3ffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 930.744120][T27114] ptrace attach of "/root/syz-executor.3"[27112] was attempted by "/root/syz-executor.3"[27114] 15:09:54 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) ptrace$setopts(0x4206, r2, 0x0, 0x0) [ 930.811705][T27111] ldm_validate_privheads(): Disk read failed. [ 930.819684][T27111] loop4: p1 < > p2 [ 930.824095][T27122] FAULT_INJECTION: forcing a failure. [ 930.824095][T27122] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 930.824454][T27111] loop4: partition table partially beyond EOD, truncated [ 930.837299][T27122] CPU: 0 PID: 27122 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 930.837305][T27122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 930.837308][T27122] Call Trace: [ 930.837327][T27122] dump_stack+0x1d8/0x2f8 [ 930.837341][T27122] should_fail+0x555/0x770 [ 930.837354][T27122] should_fail_alloc_page+0x55/0x60 [ 930.837364][T27122] prepare_alloc_pages+0x283/0x470 [ 930.837375][T27122] __alloc_pages_nodemask+0xb2/0x5d0 [ 930.837385][T27122] ? lo_release+0x1f0/0x1f0 [ 930.837393][T27122] ? blkdev_ioctl+0x807/0x2990 [ 930.837404][T27122] kmem_getpages+0x56/0xa20 [ 930.837412][T27122] ? trace_lock_release+0x135/0x1a0 [ 930.837421][T27122] cache_grow_begin+0x7e/0x2c0 [ 930.837430][T27122] cache_alloc_refill+0x311/0x3f0 [ 930.837437][T27122] ? check_preemption_disabled+0xb7/0x2a0 [ 930.837450][T27122] kmem_cache_alloc+0x2b9/0x2e0 [ 930.852436][T27122] ? getname_flags+0xba/0x640 [ 930.884723][T27122] getname_flags+0xba/0x640 [ 930.884734][T27122] do_mkdirat+0x3c/0x320 [ 930.884744][T27122] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 930.884752][T27122] ? trace_hardirqs_off_caller+0x58/0x80 [ 930.884762][T27122] ? do_syscall_64+0x1d/0x140 [ 930.884769][T27122] __x64_sys_mkdir+0x60/0x70 [ 930.884777][T27122] do_syscall_64+0xfe/0x140 [ 930.884787][T27122] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 930.884797][T27122] RIP: 0033:0x458c97 [ 930.884806][T27122] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 930.884811][T27122] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 930.884819][T27122] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 930.884829][T27122] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 930.894573][T27122] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 930.894579][T27122] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 930.894585][T27122] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 931.020368][T27130] ptrace attach of "/root/syz-executor.3"[27129] was attempted by "/root/syz-executor.3"[27130] 15:09:54 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) clock_gettime(0x6, &(0x7f0000000000)) [ 931.022977][T27111] loop4: p1 start 1 is beyond EOD, truncated [ 931.064125][T27111] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:54 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000277000f7ffffffffffffff040000090003000030010000300100007802000000000000006078148f3a4f00000028"], 0x1) 15:09:54 executing program 1 (fault-call:0 fault-nth:37): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 931.242337][T27144] FAULT_INJECTION: forcing a failure. [ 931.242337][T27144] name failslab, interval 1, probability 0, space 0, times 0 [ 931.256516][T27111] ldm_validate_privheads(): Disk read failed. [ 931.258222][T27144] CPU: 1 PID: 27144 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 931.264951][T27111] loop4: p1 < > p2 [ 931.270574][T27144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 931.270579][T27144] Call Trace: [ 931.270597][T27144] dump_stack+0x1d8/0x2f8 [ 931.270610][T27144] should_fail+0x555/0x770 [ 931.270622][T27144] __should_failslab+0x11a/0x160 [ 931.270636][T27144] ? __d_alloc+0x2d/0x6e0 [ 931.280424][T27111] loop4: partition table partially beyond EOD, truncated [ 931.284476][T27144] should_failslab+0x9/0x20 [ 931.284491][T27144] kmem_cache_alloc+0x56/0x2e0 [ 931.292155][T27144] __d_alloc+0x2d/0x6e0 [ 931.292167][T27144] d_alloc+0x4e/0x1d0 [ 931.301473][T27144] __lookup_hash+0xe5/0x290 [ 931.301482][T27144] filename_create+0x14f/0x670 [ 931.301490][T27144] ? getname_flags+0x214/0x640 [ 931.301499][T27144] do_mkdirat+0x5a/0x320 [ 931.301511][T27144] ? trace_hardirqs_off_caller+0x58/0x80 [ 931.306348][T27111] loop4: p1 start 1 is beyond EOD, truncated [ 931.312915][T27144] __x64_sys_mkdir+0x60/0x70 [ 931.312926][T27144] do_syscall_64+0xfe/0x140 [ 931.312938][T27144] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 931.312946][T27144] RIP: 0033:0x458c97 [ 931.312957][T27144] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 931.317641][T27111] loop4: p2 size 327680 extends beyond EOD, truncated [ 931.322259][T27144] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 931.322267][T27144] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 931.322272][T27144] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 931.322276][T27144] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 931.322281][T27144] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 931.322286][T27144] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:56 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = getpgid(0xffffffffffffffff) sched_getattr(r1, &(0x7f0000000000)={0x30}, 0x30, 0x0) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:09:56 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) gettid() dup(r0) 15:09:56 executing program 1 (fault-call:0 fault-nth:38): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:56 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02070500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 933.422277][T27162] FAULT_INJECTION: forcing a failure. [ 933.422277][T27162] name failslab, interval 1, probability 0, space 0, times 0 [ 933.440559][T27162] CPU: 0 PID: 27162 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 933.448565][T27162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 933.458618][T27162] Call Trace: [ 933.461915][T27162] dump_stack+0x1d8/0x2f8 [ 933.466247][T27162] should_fail+0x555/0x770 [ 933.470664][T27162] __should_failslab+0x11a/0x160 [ 933.475598][T27162] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 933.481314][T27162] should_failslab+0x9/0x20 [ 933.485827][T27162] __kmalloc+0x7a/0x340 [ 933.490149][T27162] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 933.495860][T27162] tomoyo_realpath_from_path+0xdc/0x7c0 [ 933.501405][T27162] tomoyo_path_number_perm+0x166/0x640 [ 933.506877][T27162] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 933.512512][T27162] ? trace_kmem_cache_free+0xa0/0x110 [ 933.517888][T27162] tomoyo_path_mkdir+0x9c/0xc0 [ 933.522646][T27162] security_path_mkdir+0xed/0x170 [ 933.527658][T27162] do_mkdirat+0x15c/0x320 [ 933.531965][T27162] __x64_sys_mkdir+0x60/0x70 [ 933.536539][T27162] do_syscall_64+0xfe/0x140 [ 933.541039][T27162] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 933.546934][T27162] RIP: 0033:0x458c97 [ 933.550838][T27162] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:09:57 executing program 5: socket$bt_cmtp(0x1f, 0x3, 0x5) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c7465fa00000000000000000000000000400000000000000000000000f60d0000000400000900030000303a0000300100007802000000000000006078148f3a4f000000680300006803000068030000680300006858111fdf9d23818864c09a350435dd909d5364c815fcc5f1710e6f3bf605ede48eb418a76238b969c523b7d62421723939d3d2042f49a58208a32966da2e732a11fed8c60af9e4ba02e056a695831bd3314e82c7d961b226ffe7d52cd74cbd74d71d2fcdc18ae178d8ab237f834ccaa285d794b2c34990531e9c347a2dc44d32e599424c6268"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x4000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) gettid() [ 933.570433][T27162] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 933.578822][T27162] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 933.586798][T27162] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 933.594757][T27162] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 933.602704][T27162] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 933.610659][T27162] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:09:57 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x2, 0x414200) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f0000000140)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x2, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, [], 0x19}, 0x5}, r2}}, 0x38) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000180), &(0x7f00000001c0)=0x4) 15:09:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x6000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 933.622547][T27162] ERROR: Out of memory at tomoyo_realpath_from_path. [ 933.650235][T27161] ldm_validate_privheads(): Disk read failed. [ 933.690838][T27161] loop4: p1 < > p2 [ 933.723065][T27161] loop4: partition table partially beyond EOD, truncated 15:09:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:09:57 executing program 1 (fault-call:0 fault-nth:39): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 933.784824][T27161] loop4: p1 start 1 is beyond EOD, truncated [ 933.809224][T27161] loop4: p2 size 327680 extends beyond EOD, truncated 15:09:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 15:09:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7ffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 933.902580][T27208] FAULT_INJECTION: forcing a failure. [ 933.902580][T27208] name failslab, interval 1, probability 0, space 0, times 0 [ 933.993366][T27208] CPU: 0 PID: 27208 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 934.001372][T27208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.011426][T27208] Call Trace: [ 934.014716][T27208] dump_stack+0x1d8/0x2f8 [ 934.019053][T27208] should_fail+0x555/0x770 [ 934.023473][T27208] __should_failslab+0x11a/0x160 [ 934.028407][T27208] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 934.034126][T27208] should_failslab+0x9/0x20 [ 934.038620][T27208] __kmalloc+0x7a/0x340 [ 934.042776][T27208] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 934.048485][T27208] tomoyo_realpath_from_path+0xdc/0x7c0 [ 934.054039][T27208] tomoyo_path_number_perm+0x166/0x640 [ 934.059513][T27208] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 934.065144][T27208] ? trace_kmem_cache_free+0xa0/0x110 [ 934.070519][T27208] tomoyo_path_mkdir+0x9c/0xc0 [ 934.075275][T27208] security_path_mkdir+0xed/0x170 [ 934.080293][T27208] do_mkdirat+0x15c/0x320 [ 934.084622][T27208] __x64_sys_mkdir+0x60/0x70 [ 934.089211][T27208] do_syscall_64+0xfe/0x140 [ 934.093711][T27208] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 934.099596][T27208] RIP: 0033:0x458c97 [ 934.103486][T27208] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 934.123105][T27208] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 934.131525][T27208] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 15:09:57 executing program 5: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) ioctl$VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x2) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timerfd_create(0x0, 0x0) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006889ac0068030000680300006803000068"], 0x1) ioctl$VIDIOC_TRY_ENCODER_CMD(r3, 0xc028564e, &(0x7f0000000040)={0x1, 0x1, [0x401, 0xffffffff, 0x5, 0x4, 0x2, 0x7, 0x9, 0x1bb]}) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'veth0\x00', 0x20}) ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000140)=0x8001) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:09:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) [ 934.139483][T27208] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 934.147451][T27208] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 934.147457][T27208] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 934.147463][T27208] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 934.149464][T27208] ERROR: Out of memory at tomoyo_realpath_from_path. 15:09:57 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02080500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:09:57 executing program 1 (fault-call:0 fault-nth:40): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:09:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) connect$inet6(r0, &(0x7f0000000080), 0x1c) [ 934.386066][T27240] FAULT_INJECTION: forcing a failure. [ 934.386066][T27240] name failslab, interval 1, probability 0, space 0, times 0 [ 934.399730][T27240] CPU: 0 PID: 27240 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 934.407713][T27240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.417755][T27240] Call Trace: [ 934.421034][T27240] dump_stack+0x1d8/0x2f8 [ 934.427205][T27240] should_fail+0x555/0x770 [ 934.431631][T27240] __should_failslab+0x11a/0x160 [ 934.436553][T27240] ? tomoyo_encode2+0x273/0x5a0 [ 934.441397][T27240] should_failslab+0x9/0x20 [ 934.445882][T27240] __kmalloc+0x7a/0x340 [ 934.450014][T27240] tomoyo_encode2+0x273/0x5a0 [ 934.454771][T27240] tomoyo_realpath_from_path+0x769/0x7c0 [ 934.460407][T27240] tomoyo_path_number_perm+0x166/0x640 [ 934.465854][T27240] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 934.471470][T27240] ? trace_kmem_cache_free+0xa0/0x110 [ 934.476832][T27240] tomoyo_path_mkdir+0x9c/0xc0 [ 934.481600][T27240] security_path_mkdir+0xed/0x170 [ 934.486629][T27240] do_mkdirat+0x15c/0x320 [ 934.490938][T27240] __x64_sys_mkdir+0x60/0x70 [ 934.495512][T27240] do_syscall_64+0xfe/0x140 [ 934.500000][T27240] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 934.505871][T27240] RIP: 0033:0x458c97 [ 934.509751][T27240] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 934.529340][T27240] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 934.537733][T27240] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 934.545683][T27240] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 934.553633][T27240] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 934.561691][T27240] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 934.569659][T27240] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 934.578021][T27240] ERROR: Out of memory at tomoyo_realpath_from_path. 15:09:58 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_PTRACER(0x59616d61, r1) [ 934.695481][T27248] ldm_validate_privheads(): Disk read failed. [ 934.703276][T27248] loop4: p1 < > p2 [ 934.707733][T27248] loop4: partition table partially beyond EOD, truncated [ 934.715151][T27248] loop4: p1 start 1 is beyond EOD, truncated [ 934.722014][T27248] loop4: p2 size 327680 extends beyond EOD, truncated [ 934.801217][T27248] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 934.804517][T27258] print_req_error: 23 callbacks suppressed [ 934.804528][T27258] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 934.815851][ T2511] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 934.839541][ T2511] buffer_io_error: 20 callbacks suppressed [ 934.839550][ T2511] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 934.854257][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 934.865290][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 934.899331][T27248] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 15:10:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000f66078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:00 executing program 1 (fault-call:0 fault-nth:41): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:00 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 15:10:00 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x8000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:00 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02090500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:00 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xa000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 936.721801][T27276] FAULT_INJECTION: forcing a failure. [ 936.721801][T27276] name failslab, interval 1, probability 0, space 0, times 0 [ 936.765035][T27276] CPU: 1 PID: 27276 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 936.773051][T27276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.773055][T27276] Call Trace: [ 936.773074][T27276] dump_stack+0x1d8/0x2f8 [ 936.773088][T27276] should_fail+0x555/0x770 [ 936.773100][T27276] __should_failslab+0x11a/0x160 [ 936.773113][T27276] ? ext4_alloc_inode+0x1f/0x560 [ 936.773122][T27276] should_failslab+0x9/0x20 [ 936.773130][T27276] kmem_cache_alloc+0x56/0x2e0 [ 936.773139][T27276] ? set_qf_name+0x3c0/0x3c0 [ 936.773148][T27276] ext4_alloc_inode+0x1f/0x560 [ 936.773156][T27276] ? set_qf_name+0x3c0/0x3c0 [ 936.773163][T27276] new_inode_pseudo+0x68/0x240 [ 936.773172][T27276] new_inode+0x28/0x1c0 [ 936.773182][T27276] ? trace_ext4_request_inode+0x28b/0x2d0 [ 936.773192][T27276] __ext4_new_inode+0x43d/0x5650 [ 936.773201][T27276] ? memset+0x31/0x40 [ 936.773216][T27276] ? smk_curacc+0xa3/0xe0 [ 936.786550][T27276] ext4_mkdir+0x3f5/0x1450 [ 936.786568][T27276] ? security_inode_permission+0xdd/0x120 [ 936.786581][T27276] vfs_mkdir+0x43f/0x610 [ 936.870707][T27276] do_mkdirat+0x1d7/0x320 [ 936.875037][T27276] __x64_sys_mkdir+0x60/0x70 [ 936.879613][T27276] do_syscall_64+0xfe/0x140 [ 936.884108][T27276] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 936.889975][T27276] RIP: 0033:0x458c97 [ 936.893851][T27276] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 936.913460][T27276] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 936.922048][T27276] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 936.930004][T27276] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 936.937953][T27276] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 936.945921][T27276] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 936.953872][T27276] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 937.065759][T27274] ldm_validate_privheads(): Disk read failed. [ 937.100712][T27274] loop4: p1 < > p2 [ 937.104581][T27274] loop4: partition table partially beyond EOD, truncated [ 937.112455][T27274] loop4: p1 start 1 is beyond EOD, truncated [ 937.118784][T27274] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/btrfs-control\x00', 0x101000, 0x0) ioctl$TIOCSISO7816(r2, 0xc0285443, &(0x7f0000000240)={0x100, 0x1, 0x8001, 0x3, 0x401}) clone(0x800000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3fc08a3e20c30cd1, 0x12, r2, 0x0) write$9p(r3, &(0x7f0000000100)="15445609fb548f916ef7df9d75a2ac033e5d699a5e962c0570c1523154b792c50fa837aaed1f1a0ab8445320d22c37cc", 0x30) r4 = gettid() r5 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c54657200000000000000000000000000400000000000000000000000f60d00000004000009000000000000006078148f3a4f0000006803000068030000680300006803000068000000000000000000000000ef8a43d0aa47614f9c5ddc6a00800cc3329b52c2d5c227"], 0x1) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0xc00) setsockopt$inet6_tcp_int(r5, 0x6, 0x1f, &(0x7f0000000040)=0x1, 0x4) fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f0000000340)) ioctl$VIDIOC_TRY_DECODER_CMD(r3, 0xc0485661, &(0x7f0000000380)={0x4, 0x1, @stop_pts=0x8}) ioctl$SIOCX25SCALLUSERDATA(r3, 0x89e5, &(0x7f0000000140)={0x26, "e62c09932da13f68f2ede2b11ddf5cfff78fbb0951864b3f38a99a99dd091111416ff1e62af3bc83735a9a71da74d395f38f8659c94b4c04395436282f8a006a0a4e48ffa68dbf44e7ca1fe241882aeeb998e9b30e9f53eaa96f3d88c393221eef7e2a8142822c6038278f515c64489c9282c0191f50a812a8cefdebc0bb8d6b"}) 15:10:00 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 15:10:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000080040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) setsockopt$nfc_llcp_NFC_LLCP_RW(r2, 0x118, 0x0, &(0x7f0000000000)=0xc0000, 0x4) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:00 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xe000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:00 executing program 1 (fault-call:0 fault-nth:42): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:00 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 15:10:00 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xf000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 937.260751][T27274] ldm_validate_privheads(): Disk read failed. [ 937.267320][T27274] loop4: p1 < > p2 [ 937.272846][T27308] FAULT_INJECTION: forcing a failure. [ 937.272846][T27308] name failslab, interval 1, probability 0, space 0, times 0 [ 937.286084][T27274] loop4: partition table partially beyond EOD, truncated [ 937.295114][T27274] loop4: p1 start 1 is beyond EOD, truncated [ 937.334947][T27308] CPU: 1 PID: 27308 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 937.343225][T27308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 937.353361][T27308] Call Trace: [ 937.356657][T27308] dump_stack+0x1d8/0x2f8 [ 937.360995][T27308] should_fail+0x555/0x770 [ 937.365423][T27308] __should_failslab+0x11a/0x160 [ 937.370365][T27308] ? security_inode_alloc+0x36/0x1e0 [ 937.375651][T27308] should_failslab+0x9/0x20 [ 937.380149][T27308] kmem_cache_alloc+0x56/0x2e0 [ 937.384902][T27308] security_inode_alloc+0x36/0x1e0 [ 937.390002][T27308] inode_init_always+0x3b5/0x8d0 [ 937.395016][T27308] ? set_qf_name+0x3c0/0x3c0 [ 937.399605][T27308] new_inode_pseudo+0x7f/0x240 [ 937.404374][T27308] new_inode+0x28/0x1c0 [ 937.408539][T27308] ? trace_ext4_request_inode+0x28b/0x2d0 [ 937.409488][T27274] loop4: p2 size 327680 extends beyond EOD, truncated [ 937.414261][T27308] __ext4_new_inode+0x43d/0x5650 [ 937.414274][T27308] ? memset+0x31/0x40 [ 937.414293][T27308] ? smk_curacc+0xa3/0xe0 [ 937.425948][T27308] ext4_mkdir+0x3f5/0x1450 [ 937.425964][T27308] ? security_inode_permission+0xdd/0x120 [ 937.425976][T27308] vfs_mkdir+0x43f/0x610 [ 937.448575][T27308] do_mkdirat+0x1d7/0x320 [ 937.452903][T27308] __x64_sys_mkdir+0x60/0x70 [ 937.457491][T27308] do_syscall_64+0xfe/0x140 [ 937.461987][T27308] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 937.467874][T27308] RIP: 0033:0x458c97 15:10:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e23, @local}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e24, 0x0, @mcast2, 0x80000001}, @in6={0xa, 0x4e22, 0x2, @rand_addr="775b4a706791a9b0b69620ad87239c0e", 0x7}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x27}}, @in6={0xa, 0x4e24, 0x401, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x1}], 0xa4) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 937.471756][T27308] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 937.471762][T27308] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 937.471770][T27308] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 937.471776][T27308] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 937.471780][T27308] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 937.471785][T27308] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 15:10:01 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0x0) [ 937.471794][T27308] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x202, 0x0) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000240)=0xa0b4) r3 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000100)={{0x6, 0x5, 0x35, 0xfffffffffffffffb, 'syz0\x00', 0x40000}, 0x2, 0x1, 0x1, r3, 0x2, 0x3, 'syz1\x00', &(0x7f00000000c0)=['selfwlan1\x00', '\\selftrustedwlan1vboxnet1self{}vboxnet1.\x00'], 0x33, [], [0x5, 0x0, 0xfc46, 0x6]}) r4 = gettid() r5 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:01 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="020a0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:01 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0x0) 15:10:01 executing program 1 (fault-call:0 fault-nth:43): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:01 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0x0) [ 937.840465][T27359] FAULT_INJECTION: forcing a failure. [ 937.840465][T27359] name failslab, interval 1, probability 0, space 0, times 0 [ 937.855188][T27346] ldm_validate_privheads(): Disk read failed. [ 937.861437][T27359] CPU: 0 PID: 27359 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 937.869510][T27359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 937.869515][T27359] Call Trace: [ 937.869534][T27359] dump_stack+0x1d8/0x2f8 [ 937.869546][T27359] should_fail+0x555/0x770 [ 937.869564][T27359] __should_failslab+0x11a/0x160 [ 937.887330][T27359] ? smack_inode_init_security+0x3cf/0x490 [ 937.887342][T27359] should_failslab+0x9/0x20 [ 937.887357][T27359] __kmalloc_track_caller+0x79/0x340 [ 937.896685][T27359] kstrdup+0x34/0x70 [ 937.896698][T27359] smack_inode_init_security+0x3cf/0x490 [ 937.896723][T27359] security_inode_init_security+0xfe/0x310 [ 937.896730][T27359] ? ext4_init_security+0x40/0x40 [ 937.896742][T27359] ext4_init_security+0x34/0x40 15:10:01 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup(r0) 15:10:01 executing program 1 (fault-call:0 fault-nth:44): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 937.896757][T27359] __ext4_new_inode+0x446c/0x5650 [ 937.896773][T27359] ? smk_curacc+0xa3/0xe0 [ 937.896786][T27359] ext4_mkdir+0x3f5/0x1450 [ 937.907070][T27359] ? security_inode_permission+0xdd/0x120 [ 937.907084][T27359] vfs_mkdir+0x43f/0x610 [ 937.907094][T27359] do_mkdirat+0x1d7/0x320 [ 937.907103][T27359] __x64_sys_mkdir+0x60/0x70 [ 937.907113][T27359] do_syscall_64+0xfe/0x140 [ 937.907124][T27359] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 937.907134][T27359] RIP: 0033:0x458c97 [ 937.907143][T27359] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 937.907153][T27359] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 937.951173][T27346] loop4: p1 < > p2 [ 937.951513][T27359] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 937.951519][T27359] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 937.951523][T27359] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 937.951528][T27359] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 937.951532][T27359] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 938.058120][T27346] loop4: partition table partially beyond EOD, truncated [ 938.068265][T27346] loop4: p1 start 1 is beyond EOD, truncated [ 938.086546][T27346] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:01 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0xfffffffffffffffa, 0x4000) io_setup(0x0, &(0x7f0000000240)=0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000540)='/dev/vcsa#\x00', 0x8, 0x2000) io_cancel(r0, 0x0, &(0x7f0000000680)) write$binfmt_elf32(r1, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x1, 0x80, 0x401, 0xf39, 0x2, 0x6, 0xffffffff, 0x21c, 0x38, 0x139, 0x5, 0xd3, 0x20, 0x1, 0x1, 0x7ae, 0x8d}, [{0x4, 0x7, 0x993, 0x3, 0x4, 0x401, 0x400}], "1f9883e7af6dff607e68a16a0dd95a914b12bcd7613b5955c198a140c73b1cbc2a14cfc45183ca3eaa2e8b13ec734104e4a5425ac529d15af438497fa04887746fc8584dbceeb4cbe166ad3a5b7d00e7a44c84", [[], [], [], [], [], []]}, 0x6ab) modify_ldt$write2(0x11, &(0x7f00000000c0)={0x4, 0x20000800, 0x2000, 0xfffffffffffffffe, 0x6, 0x0, 0x100, 0x0, 0x3, 0x2}, 0x10) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x101000, 0x0) prctl$PR_GET_NAME(0x10, 0x0) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2, 0x50001) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, &(0x7f0000000200)) gettid() recvmmsg(0xffffffffffffffff, &(0x7f0000003140), 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000100)) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) [ 938.122270][T27372] FAULT_INJECTION: forcing a failure. [ 938.122270][T27372] name failslab, interval 1, probability 0, space 0, times 0 [ 938.146751][T27372] CPU: 1 PID: 27372 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 938.156152][T27372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 938.166813][T27372] Call Trace: [ 938.170125][T27372] dump_stack+0x1d8/0x2f8 [ 938.174455][T27372] should_fail+0x555/0x770 [ 938.179182][T27372] __should_failslab+0x11a/0x160 [ 938.184114][T27372] ? mempool_alloc_slab+0x4d/0x70 [ 938.189341][T27372] should_failslab+0x9/0x20 [ 938.194361][T27372] kmem_cache_alloc+0x56/0x2e0 [ 938.199202][T27372] mempool_alloc_slab+0x4d/0x70 [ 938.204048][T27372] ? mempool_free+0x350/0x350 [ 938.208716][T27372] mempool_alloc+0x104/0x5e0 [ 938.213312][T27372] ? rcu_lock_release+0x4/0x20 [ 938.218176][T27372] ? trace_lock_release+0x135/0x1a0 [ 938.223361][T27372] ? rcu_lock_release+0x4/0x20 [ 938.228220][T27372] bio_alloc_bioset+0x1b0/0x5f0 [ 938.233197][T27372] ? trace_lock_release+0x135/0x1a0 [ 938.238403][T27372] ? mark_buffer_dirty_inode+0x2e7/0x300 [ 938.244041][T27372] submit_bh_wbc+0x1d5/0x700 [ 938.248623][T27372] __sync_dirty_buffer+0x1a2/0x2e0 [ 938.253801][T27372] sync_dirty_buffer+0x1a/0x20 [ 938.258567][T27372] __ext4_handle_dirty_metadata+0x154/0x870 [ 938.264460][T27372] ? __ext4_journal_get_create_access+0x42/0x290 [ 938.270793][T27372] ext4_getblk+0x38d/0x460 [ 938.275193][T27372] ext4_bread+0x4a/0x240 [ 938.279526][T27372] ext4_append+0x175/0x310 [ 938.283937][T27372] ext4_mkdir+0x7ad/0x1450 [ 938.288351][T27372] vfs_mkdir+0x43f/0x610 [ 938.292584][T27372] do_mkdirat+0x1d7/0x320 [ 938.296904][T27372] __x64_sys_mkdir+0x60/0x70 [ 938.301656][T27372] do_syscall_64+0xfe/0x140 [ 938.306150][T27372] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 938.312052][T27372] RIP: 0033:0x458c97 [ 938.315944][T27372] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 938.335536][T27372] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 938.343948][T27372] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 938.351904][T27372] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 938.360016][T27372] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 938.367968][T27372] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 938.375928][T27372] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:02 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x11000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 938.471192][T27346] ldm_validate_privheads(): Disk read failed. [ 938.478727][T27346] loop4: p1 < > p2 [ 938.482680][T27346] loop4: partition table partially beyond EOD, truncated [ 938.493645][T27346] loop4: p1 start 1 is beyond EOD, truncated [ 938.501621][T27346] loop4: p2 size 327680 extends beyond EOD, truncated [ 938.676393][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 938.730833][T27391] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 938.745028][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.755958][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.766422][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.777504][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.785761][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.796696][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.805122][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.816066][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.824224][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.835131][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.843269][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.854649][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.863094][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 938.871348][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:10:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0xa00000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000000)=""/56) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:04 executing program 1 (fault-call:0 fault-nth:45): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:04 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="020b0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 940.570385][T27405] FAULT_INJECTION: forcing a failure. [ 940.570385][T27405] name failslab, interval 1, probability 0, space 0, times 0 [ 940.583184][T27405] CPU: 1 PID: 27405 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 940.591166][T27405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 940.601226][T27405] Call Trace: [ 940.604523][T27405] dump_stack+0x1d8/0x2f8 [ 940.608862][T27405] should_fail+0x555/0x770 [ 940.608878][T27405] __should_failslab+0x11a/0x160 [ 940.618219][T27405] ? __es_insert_extent+0x321/0xd90 [ 940.618232][T27405] should_failslab+0x9/0x20 [ 940.618246][T27405] kmem_cache_alloc+0x56/0x2e0 [ 940.632757][T27405] __es_insert_extent+0x321/0xd90 [ 940.637774][T27405] ext4_es_insert_extent+0x220/0x2fb0 [ 940.643151][T27405] ? trace_ext4_ext_convert_to_initialized_fastpath+0x310/0x310 [ 940.650781][T27405] ext4_ext_map_blocks+0x1806/0x7180 [ 940.656075][T27405] ? __kasan_check_read+0x11/0x20 [ 940.661085][T27405] ? mark_buffer_dirty+0x280/0x2e0 15:10:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @timestamp, @sack_perm, @timestamp, @timestamp, @mss], 0x6) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r3, 0x4, 0x800) preadv(r3, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/109, 0x6d}, {&(0x7f0000000140)=""/240, 0xf0}, {&(0x7f0000000040)=""/20, 0x14}], 0x3, 0x0) 15:10:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:04 executing program 3: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/udmabuf\x00', 0x2) ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000380)={0x0, 0x1, [{0xffffffffffffffff, 0x0, 0x0, 0xfffffffff0000000}]}) [ 940.666277][T27405] ? ext4_es_lookup_extent+0x4a7/0x5a0 [ 940.671818][T27405] ? trace_lock_release+0x135/0x1a0 [ 940.677001][T27405] ? __down_read+0x14b/0x330 [ 940.681577][T27405] ext4_map_blocks+0x422/0x1e50 [ 940.686408][T27405] ? ext4_mark_inode_dirty+0x216/0x700 [ 940.691871][T27405] ? __kasan_check_write+0x14/0x20 [ 940.697093][T27405] ext4_getblk+0xae/0x460 [ 940.703253][T27405] ext4_bread+0x4a/0x240 [ 940.707496][T27405] ext4_append+0x175/0x310 [ 940.711919][T27405] ext4_mkdir+0x7ad/0x1450 [ 940.716334][T27405] vfs_mkdir+0x43f/0x610 [ 940.720672][T27405] do_mkdirat+0x1d7/0x320 [ 940.724985][T27405] __x64_sys_mkdir+0x60/0x70 [ 940.729564][T27405] do_syscall_64+0xfe/0x140 [ 940.734059][T27405] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 940.740045][T27405] RIP: 0033:0x458c97 [ 940.743935][T27405] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 940.763697][T27405] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 940.772089][T27405] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 940.780069][T27405] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 940.788039][T27405] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 940.796021][T27405] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 940.803991][T27405] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 940.836684][T27408] ldm_validate_privheads(): Disk read failed. [ 940.861789][T27408] loop4: p1 < > p2 15:10:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) fcntl$getownex(r3, 0x10, &(0x7f0000000040)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:04 executing program 3: syz_mount_image$btrfs(&(0x7f0000000100)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001", 0x33, 0x10000}], 0x0, 0x0) 15:10:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x1fffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 940.880122][T27408] loop4: partition table partially beyond EOD, truncated [ 940.896595][T27408] loop4: p1 start 1 is beyond EOD, truncated 15:10:04 executing program 1 (fault-call:0 fault-nth:46): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:04 executing program 3: getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f00000009c0)={0x0, @in={{0x2, 0x4e21, @multicast1}}, 0x0, 0x2, 0x4, 0x7}, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = accept$ax25(0xffffffffffffffff, &(0x7f0000000140)={{0x3, @netrom}, [@default, @rose, @default, @bcast, @remote, @bcast, @rose, @bcast]}, &(0x7f00000001c0)=0x48) r3 = getuid() ioctl$SIOCAX25DELUID(r2, 0x89e2, &(0x7f0000000200)={0x3, @default, r3}) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x68, r4, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x54, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xc2c51ec, @rand_addr="45372054e023ced96b6709f621ef9426", 0xffffffffffffff80}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x101}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfbc9}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xa15}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x8000) poll(&(0x7f0000000280)=[{r2, 0x1}, {r1, 0x20}, {r0, 0x10}], 0x3, 0xffffffffffffff81) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000301ffff808fdb003d88c8f00010ae1b4256b5bac309c7e29b5239412c0c38baf3b46881f33a73032cdaa9280d"], 0x14}}, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) recvmmsg(r5, &(0x7f00000013c0), 0x4a5, 0x200002, &(0x7f0000000c40)={0x77359400}) [ 940.989246][T27408] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x3, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x103}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r1 = getpgrp(0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, r1) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000002e000000000000300100007802000000000000006078148f3a4f0000000000000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x7e, 0x0) ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000000340)={0x0, 0x0, 0x2080}) tkill(r2, 0x10010000000035) ioctl$NBD_CLEAR_QUE(r3, 0xab05) fcntl$setstatus(r0, 0x4, 0x2000) [ 941.128144][T27439] FAULT_INJECTION: forcing a failure. [ 941.128144][T27439] name failslab, interval 1, probability 0, space 0, times 0 [ 941.145962][T27439] CPU: 1 PID: 27439 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 941.153976][T27439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 941.164039][T27439] Call Trace: [ 941.167341][T27439] dump_stack+0x1d8/0x2f8 [ 941.171872][T27439] should_fail+0x555/0x770 [ 941.176300][T27439] __should_failslab+0x11a/0x160 [ 941.181246][T27439] ? kcalloc+0x2f/0x50 [ 941.185319][T27439] should_failslab+0x9/0x20 [ 941.189826][T27439] __kmalloc+0x7a/0x340 [ 941.193989][T27439] ? debug_check_no_obj_freed+0x505/0x5b0 [ 941.199876][T27439] kcalloc+0x2f/0x50 [ 941.203775][T27439] ext4_find_extent+0x216/0xaa0 [ 941.208641][T27439] ? trace_ext4_ext_map_blocks_enter+0x2ca/0x310 [ 941.214975][T27439] ext4_ext_map_blocks+0x170/0x7180 [ 941.220189][T27439] ? __kasan_check_read+0x11/0x20 15:10:04 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="020c0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 941.225214][T27439] ? mark_buffer_dirty+0x280/0x2e0 [ 941.230413][T27439] ? ext4_es_lookup_extent+0x4a7/0x5a0 [ 941.235884][T27439] ? trace_lock_acquire+0x159/0x1d0 [ 941.241107][T27439] ? __kasan_check_write+0x14/0x20 [ 941.246222][T27439] ext4_map_blocks+0x8f2/0x1e50 [ 941.251084][T27439] ? __kasan_check_write+0x14/0x20 [ 941.256202][T27439] ext4_getblk+0xae/0x460 [ 941.260540][T27439] ext4_bread+0x4a/0x240 [ 941.264790][T27439] ext4_append+0x175/0x310 [ 941.269222][T27439] ext4_mkdir+0x7ad/0x1450 [ 941.273656][T27439] vfs_mkdir+0x43f/0x610 [ 941.277908][T27439] do_mkdirat+0x1d7/0x320 [ 941.282338][T27439] __x64_sys_mkdir+0x60/0x70 [ 941.286904][T27439] do_syscall_64+0xfe/0x140 [ 941.291392][T27439] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 941.297272][T27439] RIP: 0033:0x458c97 [ 941.301153][T27439] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 941.320732][T27439] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 15:10:04 executing program 3: prctl$PR_SET_TSC(0x1a, 0x2) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, 0x0, 0x2d8) syz_genetlink_get_family_id$tipc2(0x0) r1 = epoll_create(0x2) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500)='/dev/zero\x00', 0x4066fdc2586d4bb6, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_GET(r3, 0x0, 0x2000000000000000) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000140)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000180)='/dev/ppp\x00', 0xffffffffffffffff}, 0xfffffd59) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0), &(0x7f0000000400)=0xc) fcntl$getownex(r1, 0x10, &(0x7f0000000440)={0x0, 0x0}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000480)=0x0) prlimit64(r4, 0x11, 0x0, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0xfffffffffffffffb, 0x0) r7 = syz_open_procfs(r5, &(0x7f0000000000)='net/dev_snmp6\x00') setsockopt$packet_buf(r2, 0x107, 0x0, &(0x7f0000005680)="31545d76560d07e946ae7955a10cb6dae75ed5db9d49eead197d3e186638751db384333541dcbee2ef03461ca3256c278cd8dae7416f43d4a6e24c7bc0aae91214f98a871eb5a0568c837cde19db62d5d73d72316d5cb6be63cce818b7a9925fd9c389038fa181a506473e1468a7969e1ac85de7a1a58e14d6adee8a49789590af8cbb51775992596c8250f877be7490122ccc4d30d72a92c2f6f9e75be5092d5c3a40f151b8a1a66d374ed6400a5a889f5ee315d4c769a5acddf5bb08ab8fba858195bbf3caaf9d6d1076710c9438ca59d4f79cdf039039652637a24d499eab5009aa6da70a43b4f36553a354b713a30ad1f28719194c543c2e21c6a12774b0539a329c6cd702cd2781a5a2f14667ad05f8dd962304b6bfed8892dd1f5d66c80537c1847b005fd5b2aff5e5b4147ef4f3bd3466b11eea2b22c84c2303bdfc8fd2388a88a44bd9904d5c6307766ff6c4f3c37e33d8988dea59d8e9939bf899fb296f72d198308bfe89754eb218bdfcd1e47b4a7c80f0db115fb9d3043ce4ac62ef8fcf5f50d14c03d08c734567cf41ad3f540d880d3c810d00399fcf23e16c4c39577eef37d5c48f1d62b1c1c943377a39febee76a04a9d94990c977da70ee1b108b0ee1bd2371557de1582d3c19d90bd28f58c4afa1d6609b7318b3a7e492364baf4283e4e6cfb5b98a259fb8c606dae48d3ace781a9ddfbde3dbdfa1b4456b20a46cd9f928d3ea80a2e2fc621d6e454e49a9dc7a8936e54841b661deed5450e15f7dbf7f4bb52ef060896ee2a0d0e24c077341ce00e220c0288c0a6489a7b8766220932639519d3b00e146621ecda99386ab6c3eaff55d8d97c1cba6116e27185139d441e082d498d22e8ba051d3805aff4a0f1a86dea57bc88db4eb8ddbb05618b08c593ed3ca15a6d5772aa80b393aca7611ce93a5f3e61c0734f051e155a6c9dc2b3dae920d917d17b9ab86b6438aac88ec4bee94275b057a686b5ba3113dc2014d88eca9b02188a4321f700f08e46d72b0864c3848026b6ba1a5d2a988978ee0d01e41fb42e3eb6c8f711b74a46217fd735b0e7992acb3728084c1f46215247f8c871ac10a160cb91be9fb3de5ca04ba40a163ce80c8765deba7f1d8f3c7e3049da62926a3f6bfb3c3f517b7ad24d8fc5cc210841a552702d7b7804b21ebf7741b4b12b4d68614cce1c2772cb18968e939ac728d8dcb5dc7836ed6cf2144c6231744417c1dde3339b3120ebf7420f5e85dd9f7a06f5c2bb04ee8061ad9b81b83c6107a5c905471ae42c86982ce6e8a7e62aa4369f59262cad9352638dd72c5531b5ca724f35049247ea4e615d51924fcb4c4cb98ece67a10b2b24482e0b3fc7d211cd7ec1e9daab89226672d888d883e813e64fe0969f48ce016cbd3fe98b3ccc381d35009d475b1d370e77fe8dda416ee0c9f4ffc7c83bb8f71de68adfbe1073449209e96f45d753bc4bc3c2d61d30ce99031f30b9be083938cd8164d70d8e5786412b84b6120a39a0480fcab821fa8b33e7d8ac2170e725aa7874e035d675ce14392c53ea57ac7ba9dbd5b30af26c6ed35e9f171b961f36d9507e34c56f642e362805c0d30ad5929a1dc1c1e6aeea39da17b27c55f959418a0665ea0d39eb568a88e2690d0e69993eeb9e866e02b5c52c6f39a1cb8e07c12cb7022f8318e1da59bfbe1a5f674a82cf802d0cc641d3292ca5204b18b1114ca8f120e2e2752f83e9447a031be1506b00485c5dcdffd0c98a8fa7c68e72b5ea320011784a03d1498c0112e13b03f6bb68922050ec90fc49a5727c63725dca9a124523c26b2b9d0549d9face079933c66162822f25a84cd5322dd47fa9c6ec6e09768ce7aef632195d53ae115933f12a2049be0fabbe2886cc49d5bbab7cdc1496dad09943963efc6f43ac06dad839ee4751b2cb11b5adab8f0bc2472f117fb4c7c912071552eb24d08f6f4077e727ddc68d2ecad511136e347300025848d98011b79cfe3016e8b49c6c81e1d851258893057138379d0fa78782ca97bb7d2bd50143adbd45d5547a8647ac9213085c13e8af722ab611bc8ca172889ac03bdf71603c8231593883576d3476fe3e5c4c427d84e862f240fafd13534b7fd5c6f63efb71e5e7df863c31c13048bd0da956d270da3d0850e1f9fbedb2a06c1767a19a0ddc10077d31c2a21427b1a16804a5a4e883927554aaf6d951f368b935b8a46eeab9808d5efd8a5ea2a0ffce5a45401ec48c5f05b022ee560f9d3444b091f20296ed79a79ae87a5093f15a62f3068a03230ed96e6395052fc6544363cf169130fc2ddc82892228f24d88e5319cf6653c008b8be81446117437ffc018fe8010609b57f205c8636899bf6ff7b624527279c8118255202a922cac7518a362cf76cff117e5a70ead5b13e0a3e6b4ef57e8d5b0e6f6a8afb24437c9156ec838223f257456d4379a1a3ff2a4a7436b95a5de798f21fe68d033625d6f1fb0dcf7879dd648d37ef5acdd97758605bc487e3f60352a89f853fa955b68a10ae2044b156a838972f9c01132cc53bbabcd0fc351ea711a3ae8e649505aef573472da5289514ea6097684ea843ed02dcc0674aa8623a4a747075e8d3fc714de5a678e31003f822ee5f49919916c6a57127e7f48a75d6a94c73e563887322fc31064ccc0bda0ac4846d1349a009a4ef9b1224b0d02ed02a37e4d023ac6076b2022088ef879647ea28d632aee566f6ed7d601195cffba40aa5957adb3f0ea34e3851ba322f0770954a8bac5eb6f270170487be38bacadbe21a3d3075cbc58da1fb2fb05c65f1ca0aec2ee0bfb8ad714b73855e6bf5ff005b29321b958ad887465a4b99ba47f25e0212c202e8fc8f80ec9e101992e1d0030dbca1ba692ac851f08509d77c5aa146178d8374e394f0fd1b05d9cf51c973943230badbfd1ddbf6dc634469d3ba2c35aad9c6c321ecca7b823de32a126aecbced39e7c68c5e5815223693bdc4b90c51f169d3ee6d4c97198452707752787d2a06c5bfe558b138d5a2cf78e95d6ea316b46b4cebb980b29464784b1ccc16662893feabc35ef80d9ec42526a5803a161c7bc340bac0fb524aa0c1fe052d4389828faf183235dccac6efc0c1ab1bb4ef2412e23f0e2862e518e263df81ea9bcf39a182e172e5af08eed55b3bc3b0a1cdda9ec0e365c2985aea662f4e4880c3b8b1d3c3abb02521cff1f1477515466cfc08b5da4a8ea1cb14737e45d6addfe26f8fe01a371405921e59473d2947458a4ed0148c1612a43fdb075c2ef057ccfbe8fc5587f80e6f07d76d8f71f25c5175bbcbdaa074337ca11c0641519afdc330a1c527c9c054c75712a16d7e4bb2a38c47514a2429419465d6b0757efb1ba0babd5ffa91ee1297c20321293273b429a820b6c23561c1f98476738f5fa0751f7c16b5ba63f9b180be2fa808aba5f145622b50892a66fa6ba2e50f7b848d714ee2756191ec38288dbc6ca030473ae115313cab71eff9a9cb4ba36f3817a8b536918b997186c7a3979c85e249e9afab8dc5a594bd0e952a12ef53f78ae780eb94de72f81183900612230e0cec86b83ed0160ba3d9aaf65a958b17bd6e51590ae4411107ad4b5425ceb06f62acd0ff09dde65304d96bc796caf702355ecffc6101106630ea52bc8cdd6acc7c028bde4dbdbec6f2e98367b7c61d7923e014cf5d52517516f50cbb09be552962618ceb5545b68ea4d7eacca95056d7ff407d98de94748f550debdf926c5cb7c6357f5577754201d4ec7e06d1a688c01e260302c47d9d3d53e67d115fded57a53d7d3c8732f4cb1c08f80261a9e4b3ab2e5ecd6b85c311f188a70f1f258c3b708460e41512b5a3367cb64daa67524d6f1f2a1bf8c59935c427030d4515a0420453fb0010624daa74005bd7280234931e95a95067cc2f3ee389369d1f422208e171db18d0025abfbedbb513d5102646eaeceea8be68159999a53f1dc2b375f52077e30fd74bfd46623e9ed5a7d88b3c852c58c51eaa5ad1ff486baddad45d3e6d8919993ad02ceea05f1ceb87f24375432ac51d45f10766f99b595348dd9960e6a6a562a16ca4e5a2bf13f9b5dd5d2c9a7a7383acb37b4456ebf0effd13b6eaf1f3d69c4de68e244a4e124fd83d1476313f426d622725d3f565be48c76d87df54f90195f533a396817f45ab08e00fadbbca472d18ca3d111d98a50d4ed72b0eda730309e7a44a483693db3b285582e742d874129e20ce8b92df8b97671687845ff246555e8357a491f78d2f2ced6d078afa5df2520823b8f61a3fe6ef33f53f23995ff874bdfed447763f9633d9608300a9caa22dbe39a0c8cd9f37aca0d6f049ef608cba017be050b894c9ba876dacf8a1e26e634054b6dd7aab090f1190d95123b7537dfb04b41dd031ce4f09d99cb70bf1185278b74c6fc8882d4caa2324440b8658fa4761b194944abefca19f0537dbcc3600e58db5508764565690d44347678a74118b18bb81fda87a5c9c83da40dee3acac5eecf132ff69db0daee9ec4669ed37393e0385028dac39c529451a0d5646076b2a5af505d23b0636ee32a5c3d4990c716423176e8c456f925434ab02d25c80e33eed3f991551c451ee10ff5aaacdcb89f240ebca6abff8b1cf928976c02262ad38672ce309c8931d0a351234f836e53556c34fb1fe2c9190c3e7905d8256cb7e37cfe06cee855ecbc004d107619ddfb4d361701d8f1b399f0efe460f73fb59425347301763c5e9ef6ac97200f3a202c0a0ead8b72951d31b43b4af7efa841f1f9d29e84d446d51007112cb0e8214d12aad28662824dc6d3d72f10e1122b444c11fe0fb66c3b21d726296bf8d1adba3820e2beff3ff5d0c3ed1cd696fa02ca92e7c5d17f3fd9b734ea9daf1636a781e7cd94d9d404fdae1dd51243d071b77232840950d206be0f5075e8a2bc0b2c8e764001ffdb419dbe0d3841acd20475835bffcb87a035f6c3283494f369ee97eaa677153377dab552a016664523e9d083ff2bfd6464188a3875649aee782786627a640dee8ac38a4c1732ca7f0dc8c255faf6277d0e866fb7b78cbd2c213608c4e6fb88006844829ada45eb757b97b842bf0835ef45fa916725026835e3845d959ecaa07d9279482e2c74c72447c5ef6040af459e0f2f71031070072d848def2f8cd1e71716e7cea912a60f41364c924328f645df133c75c890e14634afd81af7e463d0031a40b8d6c94d01f9f617f893ee3d6c5096aaef86c1dcfbb1e8d16f3aa9433206ae835bbea8d283681fd5482ca872425bd55d86d279bf07568389d64717a8a0239a16b2add96a663c2078cf8d9cce1c5707518702271a7d75234aacb69b0d8a84a67abc9b8df0723900572861b0954729636e78662d8fb42aabc1bd4417e0634d8d3fdb268a09b63bc4dc87fc141f145d4cad73eebbfb5c27bc5659896b3d289d65d2dd68dcfbd66e5946fe17f8d5cf8191bd60c7b8bc55e01f287471e2e416f196f1fa1d841f2b00a2e6ab8769243c6fae2f037afed0c5eb74ca3342b6ace441bef1f98b104fea0c05aaf9a61309cfede6fe3cbb6613f420b84f2a8e905f0d47b704f00fb880c5a72bee8daf1d18d7d179569f57cd76e521093037249efdebf7c32bc7213afc27f3a1911361337ce1b6dbf4586bc5b9fe345041235ad77bf9a4dd222359a9a9d0e969afce225915b8568fd53789d403d55e0dcd3207ad7f8d1b96fc224aef44f0136f25143f9e61de0ac38032f1862aa0886fa8d90f2f446e1c2d601c963b40d2859c6334f0c8213035534b4e2c9c73ac7247f16afe3d151eef9fe96c8027fca8", 0x1000) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f00000001c0)=0x90, 0x4) mknod(0x0, 0x0, 0x1) setsockopt$inet6_IPV6_ADDRFORM(r7, 0x29, 0x1, 0x0, 0x0) ioctl$sock_SIOCOUTQ(r7, 0x5411, 0x0) r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x1, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000340)={'lo\x00', {0x2, 0x200000004e25, @loopback}}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$RTC_SET_TIME(r7, 0x4024700a, &(0x7f00000000c0)={0x34, 0x3a, 0x80000000010, 0xa, 0x7, 0x81, 0x5, 0xc}) pwrite64(0xffffffffffffffff, &(0x7f0000000580)="744d4596987a4b94e2e478ed5794f84373b42dfd220032ca0c72994fb27350beb170e7fcd9dfcc45559ab7527d90b8e59b82d1227dd467d541d10f2025b734cf85d9b2b6dfd6c051f7cb0e1278b233f064863c7c7e5163e585caea7f9c868707a4a7413f733005afa75ec2858681f939d15010a1df5798be0f53c2dc5df87530017f7c6e6d7d2c2968bcbb9834f4070321eae41c04fe24cb455e9887f8624a3250df3dd8281f5644e59f111b6ad47f4a9d81f3ad2fe2c02c2956309a6077810065e94395401706452f6470530faf1da5e34021e09d6d495b0eeb0378f2a1f69b7af524ff", 0xe4, 0xfffffffffffffffc) flistxattr(0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCGPROP(r8, 0xc004743e, &(0x7f0000000240)=""/246) getcwd(0x0, 0x2a6) clone(0x2182209ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) ioctl$TIOCGPGRP(r7, 0x540f, &(0x7f0000000680)) waitid(0x1, r6, 0x0, 0x8, &(0x7f00000006c0)) close(r8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 15:10:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000040)='self\x00', 0xffffffffffffffff}, 0x30) fcntl$setownex(r0, 0xf, &(0x7f0000000100)={0x2, r1}) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) set_tid_address(&(0x7f0000000140)) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006000008f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r4, 0x111, 0x1, 0xf61, 0x4) fcntl$setstatus(r2, 0x4, 0x2000) [ 941.329117][T27439] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 941.337071][T27439] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 941.345025][T27439] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 941.352980][T27439] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 941.360952][T27439] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x2200, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f00000000c0)=0x1ff) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) tkill(r1, 0x16) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) write$UHID_INPUT(r4, &(0x7f0000000340)={0x8, "a3178901b1351162b3ee65defa70de7eb938652311e5be238bd1cae2d299bc1a0f8e4b27d5d603c91a733c875582e8a4548396eee9028a96abb44642fc1d00c3545131a8d639dfc2c259df0accd1677385631723cfa821d5214c58b4132d72f81c69d7eb5f482412e7a14bfb3ac0d24a065249649aaa122c6ca895b224736280dafcbd928003e2c26f4db8bfea7171a32eacc122450bba5329287805a70fa58e7e0dc14e885c08f9081b6b43b40fd46ce74f76c1f5330e7f55db6c1d9affa4537bfdae9399ab8c4fb825351b2cebce310d5be202135e9e6c4c5d92ac0186ef6adade28c2eec79d57217c4f32f0a8643b829579298389a170510961dc1b9a4ff7d75b62a68e033c4aacc898040e27b91893feeff89782b1ce7188d46f8ceec4ec2c0f0513e3a4e860daa561dba4ef127b89a139433a20f80c782b959e96e071b4f48a274fc00a15731ae4a9234edeaaecccf2fb83df37f8104d650c8f3c5778e1ba7a6e09cc44b47722de321ed795af6bad4c1006661949a459abfdc748894107bb8a5153fbbdc9d19adb7ff32c07554d0ba5d5656ca8064bfb72685a66f4227a1433a6a2e99148fad53f0f75aae1a8a7ce1189c5768eee7eb854d581679a172fb274afcdf8b16d1d9dadb66f188a2ff05a785c04ee387ecb2c56888c902d91182061e57888050a7e76f38b36b327195c681b16f6e57dd6d13b9a3ff3b728176a54c1933fec27471bd3f61b583cc165b334547b6a80de28d55b93431cdf012ae9a1a98f2cbcde1f7d317bb8e92113fb5f567820398a1150a4bac258ff16bcc8868cb1f76ae39643191b6959ca815ef173da99fe6ad43042369fe5517c1e08424d0355f3adb9f19aacffb24407001ad631191f9e7fef8a674048ecc004b793b0bffaf873e5dd6ae363189633524a312e968a51793a5686537585e01d7c112dcaa99f3c4dab9f4c6bc9a5db7c352bcd67a7dd2b56764b0a6669472ef422a31cd9c410a6fde80e9aa0d520044f104239e51e82fbd94a780addd9c5335fdae27b0b09ec170adc07d1fbee19e41573fe01d1c0c5e1842b84435833a6eef8324659b597692a699e52ee76dfeda7ddf4028c94feb9cb828873fba69df63f13b657e014e1b1e3e714160d2de0fb90ae6f07ad33374483aba28b5a4a6cdac427ba70117dd63e7f3a0f012769722109f448a87bf74a1b06da7bf4840795237d467465d056c8cf3d408d6d107aefff37ea60a3d821d64bf24d8b2f6ac00b34d422d0f5c40702411f338124d7eb41e5aac865f3c90e3960343cad06d5765b8eae34c933bbe52220b2a13a446bf96d592e036c5bbb19979b9bbf2de3985db82eb16ab88ca3ae22224b3523baff8189487a4ccbb75388861020ad6302573ffa811ecb98998340a0a9d34fd40742db77b445268ce137c916afc27d77850e1df760813f7b67207be6f36c846dbccc3e2e73b664a313ef0184a9f2f0e02d406c2e33c229458f1abb477269987a39e018444aacaf2c4187d16e590ee7d64d95d95a36841d3e9d98c5539929fc34a795d9c16065fbdbe1896de6f154751f8cd8f9a50c60fcac71bfe54c0cae45c7a23ca0da8b3fd58236cb848a1d4aa8c16b96e6d6824253c961cec1c27fda1f096a4fe8f287ecbd43e4f1235e7a6258bd93747ca6043da9df21bb4f9beb589f1f444aef92c5e779b628242fbfbc1f1d756a87a29953aaaa22749e081dec8f48781e7d445c6b73b86bd362d5c842c0cb24ae213fca76087e045e6712837f83068acde5ba5890b57015c9c819cbf2220ea55a5ab76058d2c238b9ace16852fc6d1cc3f1d8c2d2ddb76a49cfc8591249e2cf782336865c67d808c0ecb3122aa6dbfe7ace168d3282d26b7f74383e424bb3108417bade77aa8791a74c91be8663ebefa74883f23f4cf71c406f598b351e54817800c880af599741359721d7115bf3c80d03b7e64cea55ff3806bd9f178e37b9c249d9971a9ff62d634aac356e055fbece9977e16631b25b76940606462b7dab64b5bbc2b6aea72d5561c761deb5715ae5fde79daff886515b19066ba1c5d393a44bdf13100c5cdf867eedfefdfcac8b86e576a1d13d0a4efb95745410391b77e3df8978318e43ae30db6517e77542effc996324743e6d71ce6da173b7bc310c5f44404906c57ea4d1aeeb3a7d935d531154c8108f5c3e1df3d3437d03122951b520aa07733d96440ef8f2eaa4476c9ccff9ad7e00a832905b4973c432d70add55bac998abfe1a6cefbf14e1129220ba52608f6f249e3669c97062408003db71fec43fe4747ec85f3cbc564cf7b98b114db72e3b3614fcab30361bcbca013b20097a31eaa9752fe419f44d3008b009719adb8d2344c9cb37b435b9064456dbac53a7f4ad65847050f43ce8a030436025403d761b28b18988b7c348b9b653d4fe32dfa2f3feaca5f81141651319e78c75cf45266b52e68e92aa0b090b49a6bd17216cbbf9e425076c1cbc58f42f2f4385c7cbd11065eed128a0543ae0794033d664783f67621d1e8f2d1e088ccc56dc75564fd70631807ca6c9006ea7599b09c7dab3ee1cbb397fb3bbfcf0300d4b8b48cff97d157a2ca869a7e4c034ab706c1abe0ec423877eac91f86eccf3483962d8c31012594d1c14e435088b060420377b150ac0e841e6d6f016abd8b53cee209e62d68611c12be9112f04156895d9890435833d8aa30f1cbd97e4484671a5ffb6ee2008646c7be1ae5951338f7cbcc08d8954ba05cecb5b738345f33f6a304683f5d79a33fa5da0b0c04dc71dbe85c4d82509be2674c0f3bf1fd89a5914a91ce201e9c5efde53abdefecee17da151a04fbfa9dc410a4913f2dd57417710a8648cb1984d222a97807d0122c39f1facdaa73a828e87bf0c1c278967b61895ea9a19d34c15ef60e96f79a93489aa529fea81c13662e7128e5f0324b7ff6ca405268fad5155c05ac6887a492f50016a28c36f275872aea3bedbd9450cfba8aaed6068b422333862f5f07afe99e284af7946c21d045a191fccc1e5922043099a617449d0de1b4f458003cac45a28dcc8663fd5bf0cddfa4e5770f70921efbab0027658fde3023e33d59f78060ba87b1e7c835570b7b8b36387e8d06e6d3346219d7713ed18c3dea4053524e3e685744345a1444734bc0eb2c2bcdd6c1699bfd74a96128f5445f43a716b23f53ba3645a4fc9265c33d46e650e38c5d34bffe92daac23a2a4dcc200bd680c727965d85ceeb55b833a546b3a79ae874bae9c2f3e380d11be5b19eb6394995d3ead2206c6c6ae9cdf87640139c06e180bb0f47a291de15bac6e7a1b5cda120090e2dc24812621d47fb684a3ae56133a437a2237f30adae8a3af969d89d75e67b2d80ed74e9dec4c4e1f48a965580841e980626aeda8bef9d11f40a8c999b728ae601c89ca4a3294efdbefbd689c433bfc6b58a362854ae0ecf3d225827f7c117dbca569a2a1d1c3567c20689bce06697e6d2fef0b580554665821106d0776c1ed9f974386659188d1dae0104c47bf54bcfbc9cc26264e3031ace467d3a9bd3ece2827f2f99614ecc96cddfe804572e03083d81150a5906b846659840ea46bd911706db7ba6ee384b8fe4529bec6649040d1bd5c7b5146e4a90ced94010474ba8c282078178a859f725a4d713772c08b4ab842b3515894ceab7bd651e6748e4df4f9c8ce9f4322ed463a229acfee094fd604fa5d2f177eecfe0498b75d166de34c7fa42432b0b55e90dc88129e4b99c70e2e398835f84f79810f7e4ea80c5fa2e5222b0784ec50db1d473db1d1af89e9741e56d6da2ca32d6a0527e559d123f7cee16b6f45fecc3d66741ecc51602d00724d67301888a86d1579afa697ead5b6431c956ad6afc42724ac09c31d2915dff3f1c030e9adaa2e86b38fe4684c845baa6f8996528a239a310f8c995d5aa93dd0dd13c2f310fb94caf980b12bda3cf350eb0b99f928daf7670ff18fbc8d3172bff4b4cfd191d01266452c3f7a0228b2deb938f190c5758b67f4cdc8b02cd25b8bf5b41decb0fbae94b6a981185e250fef04fe98584dfafa91e8b2cca2ca00db72b4e86ba94b66d592130c334827ea8bb94bed573be472f227426fc3210bada991e8aee25c3fd273b9aac7fba737a8c8742035005ed4851ef0e510b80f16245b53d99c54257647fd3997528a9be3b02adc5032e7fcfc0122e3fea8d64b6d0b6761e1295e7a20d77fdd0d119893bfc7dfe87114b5ddf4c4f67c5e13150ea03cbf46b577831395a995467554c35cd451b430007b9a7b2c4299fa7660f880bb8870b6f302ec1b9d7b109e03250f08d97c26ea8646b674c4e45200eb622c8f3243bb6080ca16e20e7d415f98206e97334f1f0257483b35631aa1fd566578772966d5be98755f17df05b7385c6ca1727d6b9073a3e8bdb3f19dc51b62a529c69b4e5583c7164f3df8b98f60eb6cc1611e93224be06ca2ca8cc02fc3d74cbb09acc83b5d76a858b882c91c0f04e670c7a5c629d1b250b66cd1cf44cdf72c0f6e67b2e380b6d38668e3a3308ad746f72c9d5419552ca82b9758538e375c221268a523963fd6bd61ff7bd8ff277ca605fca95047e716056c1f3f8f784c651fafe43d86d60e22094aae1d6e5605eaaccb115e5311d161ccfc6f7460b6dc74372672e6cdc5d296e745b72e59bc9f226bcac9a4a34762226258dae7cae184bccf867f35d9fe6451c65f4f1d3209cbb081fa0754e886c7f5fba0c6a625a1fd595b3d87bd134300d29831e8ef91a1658d4acdc50b850145382ec7e94b7936b6c4f5ba0c1bab4c7d9776ebceaf9668be9c23c104038e9f309f510f6818f0208f627b294e9281531700b03e449aaf3664f016c6bd225f96e48668391e2e1e3110cccda6ad99f1422f95d04d676880540b6788446d937791e87f5f3bd463de45294d93e9c13d68d6de4d884166fe2de5a1339f6a4a5320ecd21d2df946626e0041974fc7019a52e220860861abf1a339231460c6d78cf5faf63322582f333c5f3b1692abe135b9b6fb7db5f262a771aa4e3f0ec31a33019a26057ee441c8413dab47f8a727d51c15389b70dc89b25797eea65563364705b26f890794441413ae57eed590aa44042f4c3f790f46604b6c17422cb811e96153438c6d035e3b899c17d675db894d8c4bf448244a65545c0749dbd40e93783295d2b44debb0b301a74420b8a30347beef200ab6431de56a4fb8bfc1126c9da183ba5f4bf5a15f4c9c8cda789df014081e2f69e5800823d5569d7d7e4014093a74f61843844f052d9bc6a0915edfabe8fb590ece8d348de34f30860ef508645fb4c73af042de372df1ccfdee9907028e8e537a65e67c0f8e7d052808077cc7c424a4813c65436b4671304f23cf3e9a7086b1c9c99b4bc273c726721dcf39355f0ed393a94d4ab635a8f6604177684dc94160d3776e502ab778ba514df540781d033b4df7900c093aa40cfe463990cd1d03d468d3b5a1a26a1988f4b9f6eefd65e591092be883b72727e04e78af9edfbf43ea2ad22421a7e828ce73914f702c94ee6e56a10f222035d0b4096243346d66a6e799039d08e2bccd67d62acff7ebde76e51bab7ce93387579913fd58cf7fd0b256428124d542f0a229d7983d9975254d565e31cecb715a9c1b83377a5bcf55a80c6d041233e56dec37ea7195525e4b298aba1e36a624ae72a1abbf4d9789c776b5776934ed7d7d92f1d3b4abbb66996314cba384049a409f49d2cea5a16e19e3ba74cea3ddc3cf41e8b8838152a63c690601059dff2a179d04ca6bdefca21c3d4c5be5104", 0x1000}, 0x1006) fcntl$setstatus(r2, 0x4, 0x2000) 15:10:04 executing program 1 (fault-call:0 fault-nth:47): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 941.540990][T27461] ldm_validate_privheads(): Disk read failed. [ 941.547327][T27461] loop4: p1 < > p2 [ 941.572719][T27481] FAULT_INJECTION: forcing a failure. [ 941.572719][T27481] name failslab, interval 1, probability 0, space 0, times 0 15:10:05 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) [ 941.592547][T27461] loop4: partition table partially beyond EOD, truncated [ 941.600364][T27461] loop4: p1 start 1 is beyond EOD, truncated [ 941.607274][T27481] CPU: 1 PID: 27481 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 941.615313][T27481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 941.625368][T27481] Call Trace: [ 941.628663][T27481] dump_stack+0x1d8/0x2f8 [ 941.633010][T27481] should_fail+0x555/0x770 [ 941.637442][T27481] __should_failslab+0x11a/0x160 [ 941.642392][T27481] should_failslab+0x9/0x20 [ 941.646936][T27481] kmem_cache_alloc_node+0x65/0x280 [ 941.652139][T27481] ? create_task_io_context+0x32/0x3e0 [ 941.657601][T27481] create_task_io_context+0x32/0x3e0 [ 941.662968][T27481] ? generic_make_request_checks+0x1401/0x1a00 [ 941.669122][T27481] generic_make_request_checks+0x1411/0x1a00 [ 941.675295][T27481] generic_make_request+0x33/0x980 [ 941.678674][T27461] loop4: p2 size 327680 extends beyond EOD, truncated [ 941.681655][T27481] submit_bio+0x254/0x540 15:10:05 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e21, 0x0, @rand_addr, 0x3}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup2(r0, r0) ioctl$VHOST_SET_VRING_ENDIAN(r3, 0x4008af13, &(0x7f0000000040)={0x3, 0x9682}) r4 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068dfa475f6c9142a3814f3c5f387cf414627c6042fbbb56d2f022926e5c29d1e069d2dd6ff68a679fc957785e43aa49cbad579d98c8dbd845b4873fbcc08557a2f5425f0239e496d4e6368261ed4e59c06d23b659ef38a076b18c8977358f4f184278cc70523b66d83"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x4000) [ 941.681665][T27481] ? guard_bio_eod+0x2a0/0x640 [ 941.681677][T27481] submit_bh_wbc+0x619/0x700 [ 941.681690][T27481] __sync_dirty_buffer+0x1a2/0x2e0 [ 941.681697][T27481] sync_dirty_buffer+0x1a/0x20 [ 941.681711][T27481] __ext4_handle_dirty_metadata+0x154/0x870 [ 941.692762][T27481] ? __ext4_journal_get_create_access+0x42/0x290 [ 941.692773][T27481] ext4_getblk+0x38d/0x460 [ 941.692783][T27481] ext4_bread+0x4a/0x240 [ 941.692792][T27481] ext4_append+0x175/0x310 [ 941.692804][T27481] ext4_mkdir+0x7ad/0x1450 [ 941.692823][T27481] vfs_mkdir+0x43f/0x610 [ 941.702151][T27481] do_mkdirat+0x1d7/0x320 [ 941.702163][T27481] __x64_sys_mkdir+0x60/0x70 [ 941.702173][T27481] do_syscall_64+0xfe/0x140 [ 941.702184][T27481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 941.702194][T27481] RIP: 0033:0x458c97 [ 941.702207][T27481] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 15:10:05 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) getpeername(r0, &(0x7f0000000000)=@ethernet, &(0x7f00000000c0)=0x80) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 941.712059][T27481] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 941.712067][T27481] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 941.712072][T27481] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 941.712076][T27481] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 941.712080][T27481] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 941.712085][T27481] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x20000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:05 executing program 1 (fault-call:0 fault-nth:48): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x2c010000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 942.053286][T27461] ldm_validate_privheads(): Disk read failed. [ 942.060186][T27461] loop4: p1 < > p2 [ 942.069054][T27522] FAULT_INJECTION: forcing a failure. [ 942.069054][T27522] name failslab, interval 1, probability 0, space 0, times 0 [ 942.081818][T27522] CPU: 0 PID: 27522 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 942.089794][T27522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 942.099851][T27522] Call Trace: 15:10:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 942.103143][T27522] dump_stack+0x1d8/0x2f8 [ 942.107489][T27522] should_fail+0x555/0x770 [ 942.111913][T27522] __should_failslab+0x11a/0x160 [ 942.116867][T27522] ? __es_insert_extent+0x321/0xd90 [ 942.122064][T27522] should_failslab+0x9/0x20 [ 942.122075][T27522] kmem_cache_alloc+0x56/0x2e0 [ 942.122086][T27522] __es_insert_extent+0x321/0xd90 [ 942.122096][T27522] ext4_es_insert_extent+0x220/0x2fb0 [ 942.122110][T27522] ext4_map_blocks+0xe18/0x1e50 [ 942.122128][T27522] ? __kasan_check_write+0x14/0x20 [ 942.131376][T27522] ext4_getblk+0xae/0x460 [ 942.131387][T27522] ext4_bread+0x4a/0x240 [ 942.131395][T27522] ext4_append+0x175/0x310 [ 942.131405][T27522] ext4_mkdir+0x7ad/0x1450 [ 942.131420][T27522] vfs_mkdir+0x43f/0x610 [ 942.131429][T27522] do_mkdirat+0x1d7/0x320 [ 942.131438][T27522] __x64_sys_mkdir+0x60/0x70 [ 942.131446][T27522] do_syscall_64+0xfe/0x140 [ 942.131462][T27522] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 942.131471][T27522] RIP: 0033:0x458c97 [ 942.131483][T27522] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 942.136547][T27461] loop4: partition table partially beyond EOD, truncated [ 942.141839][T27522] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 942.141847][T27522] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 942.141851][T27522] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 942.141855][T27522] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 942.141859][T27522] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 942.141863][T27522] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 942.273415][T27461] loop4: p1 start 1 is beyond EOD, truncated [ 942.280028][T27461] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:05 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="020d0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:05 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x400, 0x0) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000200)=""/85, &(0x7f0000000340)=0x55) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) write$selinux_attr(r1, &(0x7f0000000000)='system_u:object_r:pam_console_exec_t:s0\x00', 0x28) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) r4 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000004ff0)={0x2, &(0x7f0000000000)=[{0x3c}, {0x6}]}, 0x10) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x3fffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:05 executing program 1 (fault-call:0 fault-nth:49): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:05 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000000)=0xe8) ioprio_set$uid(0x3, r1, 0x3) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 942.498617][T27543] ldm_validate_privheads(): Disk read failed. [ 942.517255][T27543] loop4: p1 < > p2 [ 942.532108][T27543] loop4: partition table partially beyond EOD, truncated [ 942.540215][T27543] loop4: p1 start 1 is beyond EOD, truncated 15:10:06 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) [ 942.546489][T27543] loop4: p2 size 327680 extends beyond EOD, truncated [ 942.558034][T27559] FAULT_INJECTION: forcing a failure. [ 942.558034][T27559] name failslab, interval 1, probability 0, space 0, times 0 [ 942.603745][T27559] CPU: 0 PID: 27559 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 942.611796][T27559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 942.621868][T27559] Call Trace: [ 942.625175][T27559] dump_stack+0x1d8/0x2f8 [ 942.629507][T27559] should_fail+0x555/0x770 [ 942.633928][T27559] __should_failslab+0x11a/0x160 [ 942.638863][T27559] should_failslab+0x9/0x20 [ 942.643352][T27559] kmem_cache_alloc_node+0x65/0x280 [ 942.648525][T27559] ? create_task_io_context+0x32/0x3e0 [ 942.663350][T27559] create_task_io_context+0x32/0x3e0 [ 942.668640][T27559] ? generic_make_request_checks+0x1401/0x1a00 [ 942.674779][T27559] generic_make_request_checks+0x1411/0x1a00 [ 942.680757][T27559] generic_make_request+0x33/0x980 [ 942.685865][T27559] submit_bio+0x254/0x540 [ 942.690184][T27559] ? guard_bio_eod+0x2a0/0x640 [ 942.694929][T27559] submit_bh_wbc+0x619/0x700 [ 942.699500][T27559] __sync_dirty_buffer+0x1a2/0x2e0 [ 942.704589][T27559] sync_dirty_buffer+0x1a/0x20 [ 942.709359][T27559] __ext4_handle_dirty_metadata+0x154/0x870 [ 942.715259][T27559] ? __ext4_journal_get_create_access+0x42/0x290 [ 942.721576][T27559] ext4_getblk+0x38d/0x460 [ 942.726096][T27559] ext4_bread+0x4a/0x240 [ 942.730341][T27559] ext4_append+0x175/0x310 [ 942.734739][T27559] ext4_mkdir+0x7ad/0x1450 [ 942.739141][T27559] vfs_mkdir+0x43f/0x610 [ 942.743379][T27559] do_mkdirat+0x1d7/0x320 [ 942.747697][T27559] __x64_sys_mkdir+0x60/0x70 [ 942.752273][T27559] do_syscall_64+0xfe/0x140 [ 942.756757][T27559] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 942.762649][T27559] RIP: 0033:0x458c97 [ 942.766525][T27559] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 942.786129][T27559] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 942.794553][T27559] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 942.802510][T27559] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 942.810462][T27559] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 942.818419][T27559] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 942.826372][T27559] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 943.048568][T27543] ldm_validate_privheads(): Disk read failed. [ 943.077559][T27543] loop4: p1 < > p2 [ 943.085306][T27543] loop4: partition table partially beyond EOD, truncated [ 943.093089][T27543] loop4: p1 start 1 is beyond EOD, truncated [ 943.102197][T27543] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:08 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = syz_open_dev$audion(&(0x7f00000002c0)='/dev/audio#\x00', 0x0, 0xcfb3b9efedf9a8d2) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000300)=0x4) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000340)={0x53, 0x252e5885dbdb1f0a, 0xeb, 0x3, @buffer={0x0, 0x2b, &(0x7f0000000040)=""/43}, &(0x7f00000000c0)="4d832876c0383443bbf12f5d0c8b0e0073974038fccb06facc084f0dbcb99994b80fbf43d0d1201a078d6146d7d58e9e11eba6e6c73aacde86800b7363b744f0bef5f52a3da031018c7e8f9f8726bde4cb1d516d2e06195e61a0038430fef5781394331db73c83cbd5c8a2b7b3309052514ecd1934b639688f28a454e397489365a2e9a97f8808dc488ce7179b104546d859bea729a83d969ddcd54f470006103d8238de58eb5d97642aea05884317153cdcb679350de8125da3faf0c0450a6785debc89a41e2b42e4517511b80211a8902c27a872bdca43288b9bee21b8086d4c52aeaf993bfa8ab5af69", &(0x7f00000001c0)=""/87, 0x2, 0x1, 0x0, &(0x7f0000000240)}) r3 = gettid() r4 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000003c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300140dbe136ee6a318c04cfddf300007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:08 executing program 1 (fault-call:0 fault-nth:50): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:08 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="020e0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x40000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:08 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) 15:10:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x44000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 944.778367][T27595] FAULT_INJECTION: forcing a failure. [ 944.778367][T27595] name failslab, interval 1, probability 0, space 0, times 0 [ 944.791306][T27595] CPU: 1 PID: 27595 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 944.799304][T27595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 944.799308][T27595] Call Trace: [ 944.799325][T27595] dump_stack+0x1d8/0x2f8 [ 944.799339][T27595] should_fail+0x555/0x770 [ 944.799352][T27595] __should_failslab+0x11a/0x160 [ 944.799362][T27595] ? __es_insert_extent+0x321/0xd90 [ 944.799373][T27595] should_failslab+0x9/0x20 [ 944.799380][T27595] kmem_cache_alloc+0x56/0x2e0 [ 944.799393][T27595] __es_insert_extent+0x321/0xd90 [ 944.846250][T27595] ext4_es_insert_extent+0x220/0x2fb0 [ 944.851652][T27595] ext4_map_blocks+0xe18/0x1e50 [ 944.856489][T27595] ? __kasan_check_write+0x14/0x20 [ 944.861584][T27595] ext4_getblk+0xae/0x460 [ 944.865889][T27595] ext4_bread+0x4a/0x240 [ 944.870113][T27595] ext4_append+0x175/0x310 [ 944.874507][T27595] ext4_mkdir+0x7ad/0x1450 [ 944.878905][T27595] vfs_mkdir+0x43f/0x610 [ 944.883140][T27595] do_mkdirat+0x1d7/0x320 [ 944.887468][T27595] __x64_sys_mkdir+0x60/0x70 [ 944.892051][T27595] do_syscall_64+0xfe/0x140 [ 944.896538][T27595] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 944.902494][T27595] RIP: 0033:0x458c97 [ 944.906367][T27595] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 944.925969][T27595] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 944.934361][T27595] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 944.942326][T27595] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 944.950301][T27595] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 944.958263][T27595] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 944.966225][T27595] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 945.012888][T27594] ldm_validate_privheads(): Disk read failed. [ 945.029950][T27594] loop4: p1 < > p2 [ 945.048901][T27594] loop4: partition table partially beyond EOD, truncated [ 945.057104][T27594] loop4: p1 start 1 is beyond EOD, truncated 15:10:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x7f000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:08 executing program 1 (fault-call:0 fault-nth:51): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 945.080037][T27594] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x94010000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 945.207105][T27625] FAULT_INJECTION: forcing a failure. [ 945.207105][T27625] name failslab, interval 1, probability 0, space 0, times 0 [ 945.234459][T27625] CPU: 1 PID: 27625 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 945.242477][T27625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 945.252533][T27625] Call Trace: 15:10:08 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02100500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 945.255939][T27625] dump_stack+0x1d8/0x2f8 [ 945.260269][T27625] should_fail+0x555/0x770 [ 945.264693][T27625] __should_failslab+0x11a/0x160 [ 945.269673][T27625] should_failslab+0x9/0x20 [ 945.274177][T27625] kmem_cache_alloc_trace+0x5d/0x2f0 [ 945.279440][T27625] ? smack_d_instantiate+0x732/0xd70 [ 945.284805][T27625] smack_d_instantiate+0x732/0xd70 [ 945.289925][T27625] ? lockdep_init_map+0x2a/0x680 [ 945.294847][T27625] security_d_instantiate+0xa5/0x100 [ 945.300128][T27625] d_instantiate_new+0x65/0x130 [ 945.304958][T27625] ext4_mkdir+0xfa9/0x1450 [ 945.309360][T27625] vfs_mkdir+0x43f/0x610 [ 945.313605][T27625] do_mkdirat+0x1d7/0x320 [ 945.317940][T27625] __x64_sys_mkdir+0x60/0x70 [ 945.322514][T27625] do_syscall_64+0xfe/0x140 [ 945.327023][T27625] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 945.332904][T27625] RIP: 0033:0x458c97 [ 945.336786][T27625] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 945.356399][T27625] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 945.364800][T27625] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 945.372787][T27625] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 945.380757][T27625] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 945.388727][T27625] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 945.396696][T27625] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:09 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'nlmon0\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x22}}}) r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:09 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xb8ff0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 945.550772][T27636] ldm_validate_privheads(): Disk read failed. [ 945.563858][T27636] loop4: p1 < > p2 [ 945.586836][T27636] loop4: partition table partially beyond EOD, truncated [ 945.594860][T27636] loop4: p1 start 1 is beyond EOD, truncated [ 945.604617][T27636] loop4: p2 size 327680 extends beyond EOD, truncated [ 945.749847][T27636] ldm_validate_privheads(): Disk read failed. [ 945.756850][T27636] loop4: p1 < > p2 [ 945.763609][T27636] loop4: partition table partially beyond EOD, truncated [ 945.771344][T27636] loop4: p1 start 1 is beyond EOD, truncated [ 945.777391][T27636] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=[&(0x7f00000000c0)='\xc1posix_acl_accessbdev[\x00', &(0x7f0000000100)='eth0)\x00', &(0x7f0000000140)='ppp1vmnet1\x00', &(0x7f0000000180)='vboxnet0eth1user\xf2(cpuset!\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000200)='\x00', &(0x7f0000000240)], &(0x7f00000003c0)=[&(0x7f0000000380)='/cgroup@user+\x00']) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000400)={0x0, {0x2, 0x4e20, @multicast1}, {0x2, 0x4e20, @rand_addr=0x20}, {0x2, 0x4e22, @empty}, 0x200, 0x0, 0x0, 0x0, 0x119b, &(0x7f0000000240)='syz_tun\x00', 0x8, 0x4, 0x24}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @mcast2, 0x7fff}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000005c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068dc1382750a0229f9b390b03bf8999751bbe2167d8e4b1f43e86cce300475be845a7e6a21922f7522989ce6c05a47e4bae0aed8683ec93deb27513121375260ae7a59f019ca8302fb31a178d650f43ba1107201fafc43d79087ea284407240ef13f86fc43c2d576be8e6bd70e37b79a625dcc4d5d43254be702f25b225406424833df2b31527dd8af7b76449ec8ffdcca9dcbddd6b741b584a6b1e66801a36e2c889afbedc921a6cd2ae22b883a45714900"/263], 0x1) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000480)={0xef, 0xc, 0xfffffffffffffff7, 0x6, 0x0}, &(0x7f00000004c0)=0x10) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f0000000500)={r4, @in6={{0xa, 0x4e22, 0x1, @loopback, 0x1}}}, 0x84) ioctl$SG_GET_TIMEOUT(r3, 0x2202, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f0000000840)='tasks\x00', 0x2, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000700)={{{@in=@empty, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}}}, &(0x7f0000000300)=0xe8) bind$packet(r3, &(0x7f0000000800)={0x11, 0xc, r5, 0x1, 0x0, 0x6, @random="969517dad65f"}, 0x14) tkill(r2, 0x10010000000037) read$eventfd(r3, &(0x7f00000002c0), 0x8) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:11 executing program 1 (fault-call:0 fault-nth:52): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:11 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xe0ffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:11 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) 15:10:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000031) prctl$PR_SET_PTRACER(0x59616d61, r1) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:11 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02110500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 948.070213][T27674] FAULT_INJECTION: forcing a failure. [ 948.070213][T27674] name failslab, interval 1, probability 0, space 0, times 0 [ 948.099900][T27673] ldm_validate_privheads(): Disk read failed. [ 948.100446][T27674] CPU: 1 PID: 27674 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 948.109579][T27673] loop4: p1 < > p2 [ 948.113987][T27674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 948.113993][T27674] Call Trace: [ 948.114011][T27674] dump_stack+0x1d8/0x2f8 [ 948.114026][T27674] should_fail+0x555/0x770 [ 948.114040][T27674] __should_failslab+0x11a/0x160 [ 948.126003][T27673] loop4: partition table partially beyond EOD, truncated [ 948.127938][T27674] should_failslab+0x9/0x20 [ 948.127949][T27674] kmem_cache_alloc_trace+0x5d/0x2f0 [ 948.127959][T27674] ? smack_d_instantiate+0xabf/0xd70 15:10:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8) r2 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$negate(0xd, r1, 0xff, r2) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r3, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = gettid() r5 = dup(r3) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) r6 = semget$private(0x0, 0x0, 0x2) getresuid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000001340)=0x0) stat(&(0x7f0000001380)='./file0\x00', &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001440)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000001540)=0xe8) write$P9_RSTATu(r5, &(0x7f0000001580)={0x63, 0x7d, 0x2, {{0x0, 0x46, 0x5, 0x4, {0x9373bbd186d0e9c6, 0x4, 0x1}, 0x50000000, 0x1, 0x8, 0x3, 0x3, 'syz', 0x8, 'keyring\x00', 0x0, '', 0x8, 'keyring\x00'}, 0x8, 'keyring\x00', r7, r8, r9}}, 0x63) semctl$SEM_STAT(r6, 0x1, 0x12, &(0x7f0000000340)=""/4096) ioctl$DRM_IOCTL_AGP_ALLOC(r5, 0xc0206434, &(0x7f0000000040)={0x9, 0x0, 0x10003, 0xd478}) ioctl$DRM_IOCTL_SG_FREE(r5, 0x40106439, &(0x7f00000000c0)={0x3, r10}) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r3, 0x4, 0x2000) [ 948.127973][T27674] smack_d_instantiate+0xabf/0xd70 [ 948.135593][T27674] ? lockdep_init_map+0x2a/0x680 [ 948.151913][T27674] security_d_instantiate+0xa5/0x100 [ 948.151926][T27674] d_instantiate_new+0x65/0x130 [ 948.151935][T27674] ext4_mkdir+0xfa9/0x1450 [ 948.151953][T27674] vfs_mkdir+0x43f/0x610 [ 948.151965][T27674] do_mkdirat+0x1d7/0x320 [ 948.151974][T27674] __x64_sys_mkdir+0x60/0x70 [ 948.151987][T27674] do_syscall_64+0xfe/0x140 [ 948.159096][T27673] loop4: p1 start 1 is beyond EOD, truncated 15:10:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d030000040000090003040030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x4000) [ 948.162022][T27674] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 948.162031][T27674] RIP: 0033:0x458c97 [ 948.162040][T27674] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 948.162044][T27674] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 948.162053][T27674] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 948.162058][T27674] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 948.162063][T27674] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 948.162068][T27674] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 948.162073][T27674] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 948.182348][T27673] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x20) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)={0x0, 0x5, 0x4, &(0x7f00000000c0)}) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200001300000000000000000000400000000000000000000000f60dfffd00040000094003000009000000000000007802000000000000006078148f3a4f00000068030000680300006803000068030000684acb931470bead6397490dfc3dde7438a9b2d4306c1706ccd0602575ae8563bc54f64c6b9d8df6d58d03a34ab55c9deff5b4af57cfe07b143c5c154dd4a58fe1254b25fdbfa1315682f3ff513bdbbdf4d04f752df33a1cfc7cd809ce0f8f423fa5b01b86e9b81ade5ea05e3fcc81f5089291ad230c10"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:11 executing program 1 (fault-call:0 fault-nth:53): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:12 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000686a90f377a26030d8e4bc5520faa0c2e74c9538cd7c436d60918ff3f2751224017e7fc2193cb0028f33f46e1a45c58d68dd27c289c5b70064e1ea4767c7b14f9c7c5134699a3004c0290fcff54bc27770e28ca51e9224ecf264bff12e3c38b036c1e28195969facbbaf458645ece7ba5273173f435fde8f3f3ffbd7e8c683fecbffdf890cd0a2cca26232d51d240e9e9d37c75d61d07845cca9368275e28876327215e3ec5b1207a9f6070f1bc2c627d30bb973e011d4cc181bc71796c4a97da94f44597f980e87a9c0c37c8bf1de421dabfb887349a7f4377a5f7e6bad54af6b7ea010088934012d58070099ee71d6d34950735a28d262b6b053cfcb8372ccb158f0b139f839f0843fadba98d53f9d9e6d7bbfb946f34d41993187723cc3ad16387799d43a50341926"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 948.515077][T27673] ldm_validate_privheads(): Disk read failed. [ 948.537617][T27673] loop4: p1 < > p2 [ 948.552457][T27673] loop4: partition table partially beyond EOD, truncated [ 948.578216][T27718] FAULT_INJECTION: forcing a failure. [ 948.578216][T27718] name failslab, interval 1, probability 0, space 0, times 0 [ 948.589284][T27673] loop4: p1 start 1 is beyond EOD, truncated [ 948.590834][T27718] CPU: 1 PID: 27718 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 948.604073][T27673] loop4: p2 size 327680 extends beyond EOD, truncated [ 948.604780][T27718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 948.621562][T27718] Call Trace: 15:10:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c7465b445eca650af3c00400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006800"/87], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$setregs(0xf, r1, 0x2, &(0x7f00000000c0)="c3ce3c8471d79dd00920cc55ca538174deae9d09bb777f50c944644c59e57d5a86689c09be1eab8c0c75f3e93eb9fe4bebc6b31319f7d2b617f3f33fc1dc512dd430d55974e044f03a4defa0b362a19663455c279f1ac33c246aea9045c9fdd12656adee174ad5f00e787874887ad9c09ef234e20041f703689cab768f83cadca32b63869454cc16fe761b78202f48837b08560cb882276dfbde66f93680d8b2fcb8d8bcbfb73c46726425d84dc33d1f5a80b19e4f0cb270ec9072d02760c6144327ea20483df7d00102cf326d") write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={0xffffffffffffffff}, 0x106, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r2, &(0x7f00000001c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000340), r3, 0x2}}, 0x18) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 948.621580][T27718] dump_stack+0x1d8/0x2f8 [ 948.621592][T27718] should_fail+0x555/0x770 [ 948.621603][T27718] __should_failslab+0x11a/0x160 [ 948.621613][T27718] ? __sigqueue_alloc+0x2ce/0x440 [ 948.621622][T27718] should_failslab+0x9/0x20 [ 948.621630][T27718] kmem_cache_alloc+0x56/0x2e0 [ 948.621639][T27718] __sigqueue_alloc+0x2ce/0x440 [ 948.621648][T27718] __send_signal+0x508/0xcd0 [ 948.621658][T27718] send_signal+0x6e0/0x830 [ 948.621669][T27718] force_sig_info_to_task+0x247/0x2e0 [ 948.621681][T27718] force_sig_fault+0xbf/0x130 [ 948.621694][T27718] __bad_area_nosemaphore+0x307/0x470 [ 948.621705][T27718] bad_area+0x6b/0x80 [ 948.621714][T27718] do_user_addr_fault+0xacc/0xaf0 [ 948.621732][T27718] __do_page_fault+0xd3/0x1f0 [ 948.633720][T27718] do_page_fault+0x99/0xb0 [ 948.633738][T27718] page_fault+0x39/0x40 [ 948.643659][T27718] RIP: 0033:0x45347f [ 948.643669][T27718] Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0 0f 49 29 d0 48 8d 7c 17 31 e9 95 0b 00 00 66 0f ef c0 0f 6f 0e f3 0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f 15:10:12 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02120500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 948.643673][T27718] RSP: 002b:00007f08bc38da88 EFLAGS: 00010283 [ 948.643679][T27718] RAX: 00007f08bc38db40 RBX: 0000000020000028 RCX: 0000000000000000 [ 948.643684][T27718] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f08bc38db40 [ 948.643688][T27718] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 948.643692][T27718] R10: 0000000000000075 R11: 00000000004e5320 R12: 0000000000000004 [ 948.643698][T27718] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xe8030000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:12 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) tee(r1, r0, 0xf81c, 0x0) 15:10:12 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0xffffffffffffffff, &(0x7f0000000140)="11dca50d1f213082fba524b94e04dccc2b44993aa131a930c486067052d8a9800000000000000000") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) finit_module(r3, &(0x7f0000000000)='##^\x00', 0x1) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f00000000c0)="240000001e005f3814fffffffffffff81000050000000000000000000800400000000000", 0x24) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) getgid() r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[@sack_perm, @sack_perm, @timestamp, @sack_perm], 0x1300c3) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2, 0x100) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3) r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="b0ff68dcd0b907645c9f66696c746572000000000000000000f20d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803ecff680b2000680300006800"/97], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:12 executing program 1 (fault-call:0 fault-nth:54): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xf4010000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 949.043653][T27743] ldm_validate_privheads(): Disk read failed. [ 949.058437][T27743] loop4: p1 < > p2 [ 949.069064][T27743] loop4: partition table partially beyond EOD, truncated 15:10:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfc000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 949.093202][T27765] FAULT_INJECTION: forcing a failure. [ 949.093202][T27765] name failslab, interval 1, probability 0, space 0, times 0 [ 949.115460][T27743] loop4: p1 start 1 is beyond EOD, truncated [ 949.135104][T27743] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:12 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000040), 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0xfffffffffffffffc, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) fcntl$setown(r3, 0x8, r2) [ 949.193339][T27765] CPU: 1 PID: 27765 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 949.201361][T27765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 949.211417][T27765] Call Trace: [ 949.214710][T27765] dump_stack+0x1d8/0x2f8 [ 949.219300][T27765] should_fail+0x555/0x770 [ 949.223715][T27765] __should_failslab+0x11a/0x160 [ 949.228742][T27765] ? kzalloc+0x1f/0x40 [ 949.232793][T27765] should_failslab+0x9/0x20 [ 949.237297][T27765] __kmalloc+0x7a/0x340 [ 949.241460][T27765] kzalloc+0x1f/0x40 [ 949.245352][T27765] smk_parse_smack+0x197/0x230 [ 949.250106][T27765] smk_import_entry+0x27/0x590 [ 949.254857][T27765] smack_d_instantiate+0x78f/0xd70 [ 949.259953][T27765] ? lockdep_init_map+0x2a/0x680 [ 949.264873][T27765] security_d_instantiate+0xa5/0x100 [ 949.270146][T27765] d_instantiate_new+0x65/0x130 [ 949.275009][T27765] ext4_mkdir+0xfa9/0x1450 [ 949.279443][T27765] vfs_mkdir+0x43f/0x610 [ 949.283716][T27765] do_mkdirat+0x1d7/0x320 [ 949.288049][T27765] __x64_sys_mkdir+0x60/0x70 [ 949.292639][T27765] do_syscall_64+0xfe/0x140 [ 949.297127][T27765] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 949.302996][T27765] RIP: 0033:0x458c97 [ 949.306877][T27765] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 949.326507][T27765] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 949.334931][T27765] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 949.342913][T27765] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 949.350884][T27765] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 949.359310][T27765] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 949.367261][T27765] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:12 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") r1 = getpgrp(0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d00000004000009000300003001000030010000780200000000eaff006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0xb) fcntl$setstatus(r2, 0x4, 0x2000) 15:10:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfcff0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:13 executing program 1 (fault-call:0 fault-nth:55): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 949.521055][T27743] ldm_validate_privheads(): Disk read failed. [ 949.544661][T27743] loop4: p1 < > p2 [ 949.567380][T27743] loop4: partition table partially beyond EOD, truncated [ 949.579076][T27743] loop4: p1 start 1 is beyond EOD, truncated [ 949.588151][T27743] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:13 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02250500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:13 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfe80ffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 949.709945][T27798] FAULT_INJECTION: forcing a failure. [ 949.709945][T27798] name failslab, interval 1, probability 0, space 0, times 0 [ 949.724433][T27798] CPU: 0 PID: 27798 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 949.732435][T27798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 949.742492][T27798] Call Trace: [ 949.745816][T27798] dump_stack+0x1d8/0x2f8 [ 949.750143][T27798] should_fail+0x555/0x770 [ 949.754546][T27798] __should_failslab+0x11a/0x160 [ 949.759498][T27798] ? ksys_mount+0x38/0x100 [ 949.763906][T27798] should_failslab+0x9/0x20 [ 949.768391][T27798] __kmalloc_track_caller+0x79/0x340 [ 949.773658][T27798] strndup_user+0x76/0x130 [ 949.778076][T27798] ksys_mount+0x38/0x100 [ 949.782322][T27798] __x64_sys_mount+0xbf/0xd0 [ 949.786904][T27798] do_syscall_64+0xfe/0x140 [ 949.791397][T27798] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 949.797277][T27798] RIP: 0033:0x45c2ca [ 949.801146][T27798] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 949.820731][T27798] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 949.829121][T27798] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 949.837074][T27798] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 949.845030][T27798] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 15:10:13 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) tee(r1, r0, 0xf81c, 0x0) 15:10:13 executing program 5: r0 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000016c0)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") gettid() fcntl$getownex(r1, 0x10, &(0x7f0000000040)) r2 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x7, 0x400) sendmsg$nl_generic(r2, &(0x7f0000001680)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x21010000}, 0xc, &(0x7f0000001640)={&(0x7f0000000440)={0x11d8, 0x31, 0x400, 0x70bd28, 0x25dfdbfc, {0x14}, [@typed={0x8, 0x3f, @str='^\x00'}, @generic="e99d31552dc2fbe6c3383a35889bb5efb41d8c1830abd47b8b2733a20c1c8ca6327f01e12c82791ce89f63fcc1e22d0115b38c5991fdaf4f480b113bc3885810c4b360f87d49f781783cd31de399210306616f3ee406e53a20d4958fece668a59fe98cc029215e643640ff02920a5f730d1866e068134ee67fb00a79f935ea6603c73da4e4da53d9352d8881d612d5f4074e3e11fc3446b8c0441d580c2692e37c0f33b26516b80752a9784657d7a6cd56e86a80ee97c8725e424e3a9e105564573c9f254a79a3b53cdcdeca937dd4b41d7a95e83657dbbb699f52c2dbeaa3d65f90c262e26d1d07890d48fce53e2b81b3e5b94103", @generic="b654012e80f89370ded8706a0a1cddb4ec62d8c9cf6e43e4cbfc450937121dee80139c236d7e4f67319908d7dfe63c23f81120358a433b522c2aaa284b1e7c5dd2b1b0a0c1694eba34b9d96e3a0d40e2ad9cedfc881e97fe9ffadd4a965fd71b5c157c75d0d5f198314095dc37fc4b56cab839d29408f7a5449a22e0556fcaf95c1028180492510a4395ccbe932165dadde65e50d5af46e9c0e7d92ceaa19a3c65b3", @generic="b2ee1fba1443d493602f96221fe20b9edae2d7e1517054c516cc908660c3e5bbbfd9", @generic="d949eed9393e802279aba00aae76600a13240d3841e0dc52d842afc979c74c1fe8a228d52ddd134d4172bf13601d6c7112d59b5a64e60b95eda2f35e45bae205854d02e32306d97fd3b4fc1b256bc6dee3390911dc926a21f474d1e89509cdaa628601781cc290e78fc8b2e8050edb500d212a0124af6e02d6c7280c5465eac26a7bc39ca48b4d6541ae2061860f7ecc9f347bf6f7817248fbb61b0a13809bd0500a0d91469a54964a051085c5a6b5be59c5870b78d67dfd5b46ee20ae2925467b4f62ce8bb398c00ceafb329367bdcfef5ebb4271ade6ef2221d82ebf0a9d21df5676e123137939d00a0d43b5f581295228db799b4f6ab7aecff1077f82c16e119975247b02d1866255f01a33e7ae3441425c3dc0b9ee8b9b72e18a70b23e9daef7fe6011760d64d3af5585bd80168b31e4d76e8ded2130a64e9951f6dc2c9f2477ec5361b79084dc45799a2b9ba24c8573e5cb55814927ba72c452807ca865032eb3adc7196e48ec88f2a69cb284639298dddd348562e3aa6ab356be649f9db3f08e4708aebcb7ffbb06538d084ba4046d45063e5bdf4f93c2a7b4d165e8ef36aa5159abe3e34b11ca245eeede7de1d9881d2a80c7adf0bab88360ecf73fbe9638acc32e70e89e33e6892a72da53d06ec76dde2b5e654960cd534aecc820973e296bfc241f49d4ecab3f6f2c5f057b6b76b64dfc7f28f6aea1e0fedce73517068a2427cf6608a48942d7e8acc41ce34e6608401dd712f99f67e84224767c7bf3d563c1189d9f4cdb70222774319a17ca9899999d772933d8f66243a477945a5fc4440605af0d033c45287b29d82d9df3ea8eb8e4e817536997045330f9fd7c96744d1e09d6a4c2d25a7c73c9e087bb8a1166f48da36b478b9c516b6ee9d26c05ba6e0bba47d3a355697d13732ad6b1734e4af32e1343aa5af31a4b0e6f0dd1f10650690d18dbb20390ddcc1f9843cc2840bb2deb1505d8bfe3b2ba68bb89df67db0139ed11ae3db96ca0896ec7474ce0c039d1739d73bf655bf2de905c9cbd4b3264126979c3a7f7802ed95a6b94bfccb91f627d9667448a07b552f0c73056867807fde8511673fbbf26a5a492a68edc8d969cfe4d6463ea78638511d20a9833b13594f4b5981fe39b997ca9e2466bd9af18d56ffe8dc26eb49ee23212537a6e407abcac17b0fa3ee639183925a1e7823b3de0556f67bbd32d4ca8feea463f37690e09bbb56e7aa95ab2373adf2e3ebef3b20dd7f7613f35b3e5ed25077e35b38971786b9b073ef6e0210fec85740350dd29fbf9dc7879f2eeba74f0a0cafb295fa2abaabe981ff0d38d45e6b0bc9345d7d2a6eb563f9524c8e35d49c7fd47fbdbee82465a5df260b28a4f6cec1f1b7845b935be4ff459a76cc25fee0e65fa3d6f08427f2f55727b6baf7fe6dc00a02b9139a36e48c957699e34ff3e435acb6a1d13ca4660e1790fae66a3316da90adfa3a388c49641d02b7f1f139ce3503cc78951c50de6eb974973a3d56065a2795fa08f61f25afff8ec36e58644c97a849545ab3df4b8d2796dad24cb42388dbff0258e773cd50d5f9c1ee416ff6e3da871a7620d465d14f1feaa15f96c1bce95a640aa2ce0ceaf0ee1929cd7aeb75a211422b5caab77443daf58db591fbf1e48ce4c220fef95cfe0355824c68780dfd4c895e32eab06e0b4be1a6ae44c1e3dbde5b7188694c11201b7f427be3ee42d530792f6db7c8f1912f0a13bac3ed083885862d07b26b1a1e88eb21df8393f5825d6e650747c92f34ac22480358ac4c0d94887623656c3daaf6695b6bdeff3adf2a77cfb46bb49fbcde8476b5497820f820c254bfedf4c39a15cc268ce5fbb4c10e6e0dd909a73d3fa3ccc088edae33031fd015bc46280a651f33b523432fc22eeacc4b3f8dbb601f6791a1040f1d989473eb5a828d45bfd5d8123001492728f1337f82276c85248081ec2c389a8a5fd1a350744605babc0fe6a613027cb77b40146dbd49ee178ed92a97a0e45baf42334d02cf725c9383ab2f14e3b0d6b72398d894809ce269f900dc66e705dec2968620f0575399e13c1b3e10bc268ce935d7527f4c0d43c033cbc5b692c629d6c22eb47ba9fcdd3decf4ec6d58f60b3bc063611cada3b162ef097c9afc10a7dad42a802ffe14a50f50be5387d9970d654c0e938eb330cf5eee2ca83f3db9d6eac86f2ca7922e79dfadf2095cba4b41c95ca0a5efaa892583d3e9a53e712d5bb7ed7c4569f159ce08ecc7a67ff2bf79c40de6ea00643daf4b8f321bca2bb3810339d4e80e5672141a40d6b95ae1a4f834ba5f465517fee89b6d40c0be7c732813c7d6eb7db80e60c092374883ed5606df9e2c5a386cd514747420a720d37908c6ef114a2d53dc7f9e171dac98f00530f3578b9797c69ecdd9cb2a86015197d46f93129b218c045a333fe2c2bab8570cc29d1da097213bc96b204c05ef7042f849c2804b5d120a1a2ec111d4ef841da1af88e360dfd844b45181c7fa7a12faf20d205d48233d9c9d0e60e25f0ed75498b5d810b3ee52e8d5031a9ca00a361e68e1312a6a05172c7ce08f09abfabb219819b008e85c0559f77b60cd0c2d077e285a01e226d2e76cf44fa26cc4c71e04b1414a3adaaa613922ed3d88f9ee735b5bc5c1927f5023d9a9ece6859b67360ab2cbe2644ca7c2c226b3c71f5b20003b2d292ceb119b1505f3ac35731cf74b526edcd4c634e956b1a59df045f4091ccb0449e2adfc6ff4b2fd2ed983545c542698daf5c9dd855ce187efad7eaf5dacff22c997cb76e21a53d47dbf933cb612aacf0d50d6921d48e8898ec3c1deeee352d15ca4306e14dd26e6757b16e218e1fd0a7389d6fe08a70021a907ebb985c3dfbce3d2c5f6305224e8380ca0dcde2af9b215a5f8f1d8b02ff6860f3d594614b6172f3bf9011b31fcca012e48bd5c20c3079ec88399a6125aeca0ac44c04eb0d4f86a4874748248e287d4605d3a551312b9f8cd62fed476a8dfd3591ef7b0e7c5df857bda6ad8cf163873ab9110c38580b0a7c465212290e32888099ec4d9111ce57b2b0f0beed64c91d4a5c06c157b51f489c9d2cacc243a89d795dab18e14a71a5c592a20263324ba925596b5f6b8869f1220ccae50ada3fe8c50f55d800fd529d2bfedc833f7710bc8b666d990f29533dd18de208ee102ff31ce7051a9294abe86d43c445a2ba9b92bb60c55cc44fa326f88fe78dae9f1ab5aa61247c581fac3e984c3f441d5269e38c6a484a99af4d3047f7a6dbccf1ffeb36282b23e760f594538411a7ded1a633678c1e8119d1188a43cdc9032470b57fa5d24283daf290cca2f13e0bbb03c89bdc28124445c6274815db9444cd70d34099c5ac74d50052fda4615963c6103a730c5b82ddf15707bb7962fb8cdb1941953104b9b56e1ee71f1c22e7a484f1dd3a781b5897ffab936a584136b0138cdc7f2a1a1fd7383a3bbf66bf0a5b229188a2c345a91df82c5f8549723c4916f6601f82b4f853942145c60b4902cc23a4780e501ec6c938ab2911c370c859af62e24c2e81186e9cc2fbe60c83a793584e4bf24b4eb77ad0b9827835d1915ab0bd147a971aa0562975934150d756e6d9de72084de0a7e9bec2ad5b9b3624951335d064bb7760221a8bdce6adfe65c8810939dae569f48d4e9450cba1bda6e53566699270857b0db747e7e2ce4aaf17d692d70d3114f4d1a2ab99c96a11d1c87bbe1e591997c16e8140956575743e99661cf4540ba7938f247022ac5c337fe565c6799b66e2f0e32953c9fa7b0a73aeaba8ba5479bdda7cc19e97d3a756bd49ca33bce7ffc41f44a44f3238f19f895a3e3c0a2285fdc0700863d9c79695ac52c5af8fbd34b3c1b7995624b642ef20c93a7a7d9bd893c130ab9f2bc10d5e5b2bdb552df9a73c6b58da0703dcc2b32eb5bd797f2da935427023bc0a9883382f69d701ebc44ff66798c4415f470bd8d4f58cfc673ad403790cdf9366b54e1bbd61c018c73717a3b8a7e7115fd95a77b9630c23f25bca2810704c6dc9ad748f0754d8b0fd55c2eb848621f97dbe0e660248a0d1f924f235e13f5c5a6ddf72b5d85eb7f048826f55904df14ee93215aa56ee1ae5a2abc462e25a1ece71dd5c1b500b8b66072a7c37cb7bf0190576306dda5db60bf9e02884630ab541de0cc7440d981e61285f26bc40b56e526b39c5e662784c92ce98101109640acb97471385e457cb127da4e8327295715a607e28eff8736200229b18b791b30fa0129d193d7bfce37c0faf9f91482f4f92be48e4f402e01db890a614ffd46b036e715b1df864424299f9a948c80c7baa5f7b71578e9451fb5fa4af0af9145fc423c6a8ba4721eaebec1ce9efcc560e2d245972fe50e7e00638271856dd6cf1531023234922d169c6ee7020dde396ac324853d5311b2360a223a248a379655440a372b290a0c0b306b54b903f928b0ab5ef9cbeb7c89bb13d29f89662163f4f109eaa8468393f6924eb4a5d222485fde6fab51edcc2e3d115c441ed9470c4191041e4a733d65310c4209d6966a4921a519d24ac57775be32af66e59731b8de360081bd54b96afde376bece830d1808aa5a0300dbc521f4b73bf66894c7cc196069407bdb2a7d55e39dc9c887d099bba06d89b8da88cec26a49dd0886d7a0d0acee666669fa13dcc14d9a08f6b334478ba36a662fba753a37e4cbc7ea7083915df8426110604e159008a1dd962cbb1adb6e8da0998da115c646987f47db0fd02ad59e667d05a7cc3363331ce55c23547f957ece5d777d88ee2451c1a551f53ba683de0d70e6085fa618ee8f13f0b112a96a0eb7d8a64964daf6def2093b99f6b9d1ca5ead975295bca04600f391bbe26616f7704fc219d4b8d164714863394d16bb0a829aee316bc81121a04d818f7e6138dfff30d351ff3e1bd448f9f47e4ef74be7d96612fd512d37378ddae04687e32493a317fa184cac3d916b04b132c9e59177d8d280c5dabb17be9e2c018f8b2af0b0a382a8c048b6933bdc40de11350fce4e563d2b5250b87cdfdf744ae2f7c5d39202b4d011a8a5fe272b1a174974e44527ebae8dffe1eb5fbf0a5b0199eaa6f40034f01ff77435a23263690f47ec04ec986f34614d7f4d873192786c5e04c956ca2ca5bd23b9a7bc7da45ce292d39b56ab20add3bba1b28dbef64e2629bfe19e4ae3866a2b1815a063df2eb536bd64e5d48a5c5ac4e813acc56deedeac7cd8ff78ea43bc0562f94f11cb7eca50c12368493c127cd8b643afd3724f71de0c719bf86d945d144b9df235bbe7d3d6d388a85409093cee925a92d4d83222a5299df117d345efde0123ccc09dbf4ee53781dddcea26bbe0ba9b50d3639d4d01013990f35594f0cdd726ff3687e53853208f394b23d0f7d9dc9ab079d23689ffb64ee20913cda2d995001f6267112d2919084780e6bc2fcdf51f54bcba38221ff3dee755f3a0d082b71dd1c853d2272afa43f77fdb5f7d65db020f6aba43f2baf8598e9562e80333b7c91a9fc86a294d0af33fbd3416b989f4f741c57467912a1e76f5ccdaeb130de3867e459976d1c777a8240f6b53c47fbb20c77dfa0bd9c0121be2866e180d608b3ebc1c0d38feaec7526755f5efeb8848d63c5c0717922ec056923696a39005c6da957188d444bd74904fa969439cacba647c7159ac98f6703d87503cbf4291b9893984de13cc195f0b584fb56aa8858aa179cdc43f6b214b5e895e1cac4080a98c0fc22bd6c69a17bc34138e43d66c85e8589f740964a6b4595f388c0732e717f86f0973c6b4c8f70236bb6f26cb040"]}, 0x11d8}, 0x1, 0x0, 0x0, 0x4000}, 0x400c044) getpgid(0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f00000000c0)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000100)='\xf8\x00'}, 0x30) prctl$PR_SET_PTRACER(0x59616d61, r3) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r4, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = gettid() r6 = dup(r4) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x10010000000035) fcntl$setstatus(r4, 0x4, 0x2000) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r6, 0x84, 0x1a, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="ff5ae311ef45bd4e0000007c86f902e8361fc685f82a276af1f9e3b6c8113cc4a76c8d33a326e1e07b42335d53000000000000000429e99de28d23da9c3fa2b2f257772e39336cf81744708f98653c041b11f9eba0dbdb49c60cf4968164fa4f695e9ded46cdbc45fed4612112b1b5d87f0d196c7467026eeba1750ec4375d656c9e21fbb2d685e8edc73c2615fc64e435fbf397026d0d3f9ed50158e4a120fc387679951281123877f6c9040be059f679068f60519f94c0"], &(0x7f0000000200)=0x56) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000240)={r7, 0x100000000}, &(0x7f0000000340)=0x8) [ 949.854481][T27798] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 949.862434][T27798] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 949.955351][T27814] ptrace attach of "/root/syz-executor.5"[27813] was attempted by "/root/syz-executor.5"[27814] [ 950.005405][T27810] ldm_validate_privheads(): Disk read failed. [ 950.018607][T27810] loop4: p1 < > p2 [ 950.052561][T27810] loop4: partition table partially beyond EOD, truncated [ 950.062264][T27810] loop4: p1 start 1 is beyond EOD, truncated [ 950.074722][T27810] loop4: p2 size 327680 extends beyond EOD, truncated [ 950.181931][T27810] ldm_validate_privheads(): Disk read failed. [ 950.188166][T27810] loop4: p1 < > p2 [ 950.192016][T27810] loop4: partition table partially beyond EOD, truncated [ 950.199620][T27810] loop4: p1 start 1 is beyond EOD, truncated [ 950.205704][T27810] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:15 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) open_tree(r2, &(0x7f0000000000)='./file0\x00', 0x89001) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:15 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) ioctl$SCSI_IOCTL_PROBE_HOST(r3, 0x5385, &(0x7f00000000c0)={0x49, ""/73}) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:15 executing program 1 (fault-call:0 fault-nth:56): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:15 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02480500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:15 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfec0ffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:15 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) tee(r1, r0, 0xf81c, 0x0) [ 952.078359][T27852] FAULT_INJECTION: forcing a failure. [ 952.078359][T27852] name failslab, interval 1, probability 0, space 0, times 0 [ 952.101693][T27852] CPU: 0 PID: 27852 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 952.109709][T27852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 952.119801][T27852] Call Trace: [ 952.123096][T27852] dump_stack+0x1d8/0x2f8 [ 952.127423][T27852] should_fail+0x555/0x770 [ 952.131842][T27852] __should_failslab+0x11a/0x160 [ 952.136771][T27852] should_failslab+0x9/0x20 [ 952.141271][T27852] kmem_cache_alloc_trace+0x5d/0x2f0 [ 952.146545][T27852] ? smack_d_instantiate+0x962/0xd70 [ 952.151825][T27852] smack_d_instantiate+0x962/0xd70 [ 952.156933][T27852] ? lockdep_init_map+0x2a/0x680 [ 952.161866][T27852] security_d_instantiate+0xa5/0x100 [ 952.167145][T27852] d_instantiate_new+0x65/0x130 [ 952.171994][T27852] ext4_mkdir+0xfa9/0x1450 15:10:15 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0xd2b2f65ea21c93b4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f000000680300006803000068030000680300006851cf73ce029d5c4d5628fd8e4980de8fc8b0ed3a96d4ca20744c331978db16e4c800b7cb87dd7ebf5b65acf59c0000000000000000695750073c3ec1b2d25b26c9ed64133707cbb227226642c7352a39adb2b8a17e8190cca7380150cbdb1f75043e2d03"], 0x1) ptrace$setopts(0x4206, r1, 0x7ffd, 0x102) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 952.176414][T27852] vfs_mkdir+0x43f/0x610 [ 952.180655][T27852] do_mkdirat+0x1d7/0x320 [ 952.184976][T27852] __x64_sys_mkdir+0x60/0x70 [ 952.189563][T27852] do_syscall_64+0xfe/0x140 [ 952.194108][T27852] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 952.200003][T27852] RIP: 0033:0x458c97 [ 952.200014][T27852] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 952.200019][T27852] RSP: 002b:00007f08bc38da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 952.200029][T27852] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000458c97 [ 952.200034][T27852] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 952.200039][T27852] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 952.200044][T27852] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 952.200050][T27852] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 952.314458][T27850] ldm_validate_privheads(): Disk read failed. [ 952.322927][T27850] loop4: p1 < > p2 [ 952.326980][T27850] loop4: partition table partially beyond EOD, truncated [ 952.334672][T27850] loop4: p1 start 1 is beyond EOD, truncated [ 952.341085][T27850] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:15 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x10, &(0x7f0000000000)=0x1, 0x1) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x100) setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f00000000c0)=0x83f, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000100)=ANY=[@ANYBLOB="66696c742c6a77fb0000000000000000000000400000000000000000000000f60d00000004000009000300000000006078148f3a00000068030000680300006803000068030000680000000000000000000000000000b1e91edce4001377c6f38da295ec298655324fa8ecccf9a5d4516c"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:15 executing program 1 (fault-call:0 fault-nth:57): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 952.514519][T27850] ldm_validate_privheads(): Disk read failed. [ 952.521370][T27850] loop4: p1 < > p2 [ 952.529276][T27850] loop4: partition table partially beyond EOD, truncated [ 952.540938][T27850] loop4: p1 start 1 is beyond EOD, truncated [ 952.541395][T27881] FAULT_INJECTION: forcing a failure. [ 952.541395][T27881] name failslab, interval 1, probability 0, space 0, times 0 [ 952.547208][T27850] loop4: p2 size 327680 extends beyond EOD, truncated [ 952.559567][T27881] CPU: 0 PID: 27881 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 952.559573][T27881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 952.559578][T27881] Call Trace: [ 952.559599][T27881] dump_stack+0x1d8/0x2f8 [ 952.559613][T27881] should_fail+0x555/0x770 [ 952.559625][T27881] __should_failslab+0x11a/0x160 [ 952.559636][T27881] ? __sigqueue_alloc+0x2ce/0x440 [ 952.559646][T27881] should_failslab+0x9/0x20 15:10:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() bind(r0, &(0x7f0000000140)=@l2={0x1f, 0x7, {0x0, 0x3, 0x5, 0xffffffffffff838a, 0x80000001, 0x1}, 0x8, 0x3}, 0x80) r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) ptrace$setopts(0x4206, r1, 0x0, 0x0) getsockname(r2, &(0x7f0000000000)=@ethernet={0x0, @dev}, &(0x7f00000000c0)=0x80) tkill(r1, 0x10010000000035) fstat(r2, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = getuid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='fuse\x00', 0x2009, &(0x7f00000006c0)=ANY=[@ANYBLOB="66643dadb6617c7621676a1ca231a1c307e94b15bbdf2ef9418660c3e223e65e2799f4753e6f9b5163ffaa23ec66028cabd5b9a4f8915bd02eea7c00000000000000000052610fad2302ddd7bb80a999ab68a42ab363f9b86eaaada713218dd3b570eb1d3bdd0e9e842315c129f06ea2547c2c04defa9c33c716290b5ea7832abc3396d235692e5125ffafcb74a227617a1f887f004b7eaf7240ae39d7d867924bb3b490ce0dbeed91", @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=r3, @ANYBLOB=',group_id=', @ANYRESDEC=r4, @ANYBLOB=',default_permissions,default_permissions,allow_other,dont_measure,euid=', @ANYRESDEC=r5, @ANYBLOB=',defcontext=sysadm_u,smackfshat=}cgroupsecurity^eth1vboxnet1,mask=^MAY_READ,fowner<', @ANYRESDEC=r6, @ANYBLOB=',obj_role=(-wlan1(\\vmnet1,\x00']) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000100)={0x400, "9481b8e983797efaca212f9c04d6f6fa4547112b5be4380a9be4949ddd48092c", 0x3, 0x1}) [ 952.559655][T27881] kmem_cache_alloc+0x56/0x2e0 [ 952.559668][T27881] __sigqueue_alloc+0x2ce/0x440 [ 952.574406][T27881] __send_signal+0x508/0xcd0 [ 952.574417][T27881] send_signal+0x6e0/0x830 [ 952.574427][T27881] force_sig_info_to_task+0x247/0x2e0 [ 952.574439][T27881] force_sig_fault+0xbf/0x130 [ 952.574453][T27881] __bad_area_nosemaphore+0x307/0x470 [ 952.601411][T27881] bad_area+0x6b/0x80 [ 952.601422][T27881] do_user_addr_fault+0xacc/0xaf0 [ 952.601436][T27881] __do_page_fault+0xd3/0x1f0 [ 952.601444][T27881] do_page_fault+0x99/0xb0 [ 952.601455][T27881] page_fault+0x39/0x40 [ 952.601467][T27881] RIP: 0033:0x45347f [ 952.611119][T27881] Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0 0f 49 29 d0 48 8d 7c 17 31 e9 95 0b 00 00 66 0f ef c0 0f 6f 0e f3 0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f [ 952.611123][T27881] RSP: 002b:00007f08bc38da88 EFLAGS: 00010283 [ 952.611130][T27881] RAX: 00007f08bc38db40 RBX: 0000000020000028 RCX: 0000000000000000 [ 952.611134][T27881] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f08bc38db40 15:10:16 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="024c0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 952.611139][T27881] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 952.611144][T27881] R10: 0000000000000075 R11: 00000000004e5320 R12: 0000000000000004 [ 952.611147][T27881] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:16 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) 15:10:16 executing program 1 (fault-call:0 fault-nth:58): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 953.018842][T27895] ldm_validate_privheads(): Disk read failed. [ 953.026650][T27895] loop4: p1 < > p2 [ 953.030792][T27908] FAULT_INJECTION: forcing a failure. [ 953.030792][T27908] name failslab, interval 1, probability 0, space 0, times 0 [ 953.045201][T27895] loop4: partition table partially beyond EOD, truncated [ 953.055217][T27895] loop4: p1 start 1 is beyond EOD, truncated [ 953.062237][T27895] loop4: p2 size 327680 extends beyond EOD, truncated [ 953.078208][T27908] CPU: 1 PID: 27908 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 953.086220][T27908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 953.086225][T27908] Call Trace: [ 953.086242][T27908] dump_stack+0x1d8/0x2f8 [ 953.086255][T27908] should_fail+0x555/0x770 [ 953.086268][T27908] __should_failslab+0x11a/0x160 [ 953.086278][T27908] ? ksys_mount+0x6a/0x100 [ 953.086287][T27908] should_failslab+0x9/0x20 [ 953.086296][T27908] __kmalloc_track_caller+0x79/0x340 [ 953.086306][T27908] strndup_user+0x76/0x130 [ 953.086315][T27908] ksys_mount+0x6a/0x100 [ 953.086327][T27908] __x64_sys_mount+0xbf/0xd0 [ 953.099675][T27908] do_syscall_64+0xfe/0x140 [ 953.099688][T27908] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 953.099698][T27908] RIP: 0033:0x45c2ca [ 953.099706][T27908] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 953.099711][T27908] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 953.099719][T27908] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 953.099723][T27908] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 953.099728][T27908] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 953.099732][T27908] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 953.099736][T27908] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 953.320922][T27895] ldm_validate_privheads(): Disk read failed. [ 953.327154][T27895] loop4: p1 < > p2 [ 953.331015][T27895] loop4: partition table partially beyond EOD, truncated [ 953.338338][T27895] loop4: p1 start 1 is beyond EOD, truncated [ 953.344696][T27895] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:18 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x165) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c7465720000000000000000000000890000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000040)) fcntl$setstatus(r1, 0x4, 0x2000) openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x50002, 0x0) 15:10:18 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xfeffffff], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:18 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x789bf344bbb222c, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0xff, @remote, 0x7}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x24}}, @in6={0xa, 0x4e22, 0x3, @loopback, 0x2}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0xffffffff00000000, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x6}, @in6={0xa, 0x4e23, 0x3ff, @loopback, 0x1}], 0x90) dup(r0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:18 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) 15:10:18 executing program 1 (fault-call:0 fault-nth:59): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:18 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="025c0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:18 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) [ 955.059544][T27934] FAULT_INJECTION: forcing a failure. [ 955.059544][T27934] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 955.072856][T27934] CPU: 1 PID: 27934 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 955.080838][T27934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 955.091086][T27934] Call Trace: [ 955.094577][T27934] dump_stack+0x1d8/0x2f8 [ 955.098935][T27934] should_fail+0x555/0x770 [ 955.103357][T27934] should_fail_alloc_page+0x55/0x60 [ 955.108552][T27934] prepare_alloc_pages+0x283/0x470 [ 955.113661][T27934] __alloc_pages_nodemask+0xb2/0x5d0 [ 955.118946][T27934] ? trace_lock_release+0x135/0x1a0 [ 955.124139][T27934] kmem_getpages+0x56/0xa20 [ 955.128631][T27934] ? trace_lock_release+0x135/0x1a0 [ 955.133931][T27934] cache_grow_begin+0x7e/0x2c0 [ 955.138689][T27934] cache_alloc_refill+0x311/0x3f0 [ 955.143714][T27934] ? check_preemption_disabled+0xb7/0x2a0 [ 955.149429][T27934] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 955.154792][T27934] ? copy_mount_options+0x5f/0x3c0 [ 955.159894][T27934] copy_mount_options+0x5f/0x3c0 [ 955.164813][T27934] ksys_mount+0xa0/0x100 [ 955.169074][T27934] __x64_sys_mount+0xbf/0xd0 [ 955.173657][T27934] do_syscall_64+0xfe/0x140 [ 955.178140][T27934] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 955.184011][T27934] RIP: 0033:0x45c2ca [ 955.187892][T27934] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 15:10:18 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c746572000000000000000000000d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300f9fb0300006800"/87], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 955.207681][T27934] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 955.216110][T27934] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 955.224072][T27934] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 955.232034][T27934] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 955.239993][T27934] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 955.247942][T27934] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:18 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() accept4$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000240)=0x14, 0x80000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'ip6_vti0\x00', 0x0}) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000380)={0x0, @initdev, @broadcast}, &(0x7f00000003c0)=0xc) sendmmsg$inet(r0, &(0x7f0000000700)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)="2705e94799703781e2c93fba313a5200543d0b8f9ba65ba2701c2d47a6f31b844899bbfbefdf49f12db232fd36eb4b26ac84b900ee3466b561211bc87743ab5565e9773acb048e25e84328371700b8ed9c3453c8e803c44b397c5609984f6d4596f82019da4c30bb3a4a1a7eb5811fa882e047757d0482f5cbd6831c8e5c541aadd473ba67bde66e81a0a015f04cc37c39cd56c8c3c9f46ea1a861144d18f07bb06145d0e7c6c359688ac5529424dd23d0554552cb872217f46187bea5dfc50ece8100235981b76acbfbba27567df540b96f00b314c66295a6f7c0e91c22d8184b", 0xe1}], 0x1, &(0x7f0000000400)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x15}}, @ip_retopts={{0x98, 0x0, 0x7, {[@ra={0x94, 0x6, 0x37}, @generic={0x86, 0x8, "1264ab4c81d7"}, @lsrr={0x83, 0x23, 0x3f, [@multicast1, @loopback, @multicast2, @multicast1, @loopback, @multicast2, @empty, @remote]}, @ssrr={0x89, 0xb, 0x546, [@initdev={0xac, 0x1e, 0x0, 0x0}, @local]}, @ra={0x94, 0x6, 0x8}, @lsrr={0x83, 0x13, 0x100000001, [@empty, @multicast1, @multicast1, @local]}, @ra={0x94, 0x6, 0x352}, @timestamp={0x44, 0x24, 0x7fff, 0x3, 0x20, [{[], 0xcc}, {[], 0x1}, {[@multicast2], 0x319}, {[], 0xfff}, {[], 0x1}, {[], 0x7ff}, {[], 0x800}]}, @ra={0x94, 0x6, 0x10001}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @multicast1, @local}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @multicast2, @rand_addr=0x2}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@noop, @generic={0x83, 0x8, "8a3c545085cd"}]}}}], 0x148}}, {{&(0x7f0000000580)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000640)=[{&(0x7f00000005c0)="206f8e73960ef3afffeac6a1bf5f4f0edf7d8331da4888073a5c4017ee2c73866958421ef31dea2a64c05dec9708bfa4d54e3276d0bbade9a43f950323c8b815f4588ec61960dbf3ade134de4e1452c21c1c22d189738a4bfbb9b4f93f40", 0x5e}], 0x1, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0xc698}}, @ip_ttl={{0x14, 0x0, 0x2, 0xffffffff}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x5}}], 0x48}}], 0x2, 0x0) r6 = syz_open_dev$vcsn(&(0x7f0000000780)='/dev/vcs#\x00', 0x0, 0x2000) write$rfkill(r6, &(0x7f00000007c0)={0x81, 0x2, 0x1, 0x1, 0x1}, 0x8) r7 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:18 executing program 3: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r0, 0xffffffffffffffff, 0xf81c, 0x0) [ 955.298838][T27933] ldm_validate_privheads(): Disk read failed. [ 955.315257][T27933] loop4: p1 < > p2 [ 955.328524][T27933] loop4: partition table partially beyond EOD, truncated [ 955.336546][T27933] loop4: p1 start 1 is beyond EOD, truncated 15:10:18 executing program 1 (fault-call:0 fault-nth:60): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 955.359581][T27933] loop4: p2 size 327680 extends beyond EOD, truncated [ 955.472571][T27964] FAULT_INJECTION: forcing a failure. [ 955.472571][T27964] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 955.485799][T27964] CPU: 1 PID: 27964 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 955.493771][T27964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 955.503816][T27964] Call Trace: [ 955.503833][T27964] dump_stack+0x1d8/0x2f8 [ 955.503846][T27964] should_fail+0x555/0x770 [ 955.503859][T27964] should_fail_alloc_page+0x55/0x60 [ 955.503868][T27964] prepare_alloc_pages+0x283/0x470 [ 955.503881][T27964] __alloc_pages_nodemask+0xb2/0x5d0 [ 955.515872][T27964] ? trace_lock_release+0x135/0x1a0 [ 955.515886][T27964] kmem_getpages+0x56/0xa20 [ 955.515898][T27964] ? trace_lock_release+0x135/0x1a0 [ 955.546267][T27964] cache_grow_begin+0x7e/0x2c0 [ 955.551023][T27964] cache_alloc_refill+0x311/0x3f0 [ 955.556135][T27964] ? check_preemption_disabled+0xb7/0x2a0 [ 955.561861][T27964] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 955.567238][T27964] ? copy_mount_options+0x5f/0x3c0 [ 955.572536][T27964] copy_mount_options+0x5f/0x3c0 [ 955.577480][T27964] ksys_mount+0xa0/0x100 [ 955.581873][T27964] __x64_sys_mount+0xbf/0xd0 [ 955.586634][T27964] do_syscall_64+0xfe/0x140 [ 955.591129][T27964] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 955.597000][T27964] RIP: 0033:0x45c2ca [ 955.600883][T27964] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 15:10:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720006000000000000f67f000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000000680300006803000068b7ce71cbdaea03464736"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) ptrace$setopts(0x4200, r1, 0x0, 0x68) setsockopt$sock_void(r2, 0x1, 0x3f, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r3, 0x1, 0x6, @local}, 0x10) [ 955.620473][T27964] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 955.632210][T27964] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 955.640165][T27964] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 955.648151][T27964] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 955.656121][T27964] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 955.664097][T27964] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 955.731169][T27933] ldm_validate_privheads(): Disk read failed. [ 955.737304][T27933] loop4: p1 < > p2 [ 955.761318][T27933] loop4: partition table partially beyond EOD, truncated [ 955.770753][T27933] loop4: p1 start 1 is beyond EOD, truncated [ 955.777771][T27933] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:19 executing program 1 (fault-call:0 fault-nth:61): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff000000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x1c3102, 0x0) accept4$netrom(r1, &(0x7f0000000100)={{0x3, @null}, [@remote, @remote, @default, @remote, @null, @remote, @null, @default]}, &(0x7f0000000180)=0x48, 0x800) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000040000000f53ee098ddcf0000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:19 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02600500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 955.991758][T27999] FAULT_INJECTION: forcing a failure. [ 955.991758][T27999] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 956.004991][T27999] CPU: 0 PID: 27999 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 956.012963][T27999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 956.023017][T27999] Call Trace: [ 956.026338][T27999] dump_stack+0x1d8/0x2f8 [ 956.030683][T27999] should_fail+0x555/0x770 [ 956.035114][T27999] should_fail_alloc_page+0x55/0x60 [ 956.040319][T27999] prepare_alloc_pages+0x283/0x470 [ 956.045435][T27999] __alloc_pages_nodemask+0xb2/0x5d0 [ 956.050716][T27999] ? trace_lock_release+0x135/0x1a0 [ 956.055920][T27999] kmem_getpages+0x56/0xa20 [ 956.060416][T27999] ? trace_lock_release+0x135/0x1a0 [ 956.065608][T27999] cache_grow_begin+0x7e/0x2c0 [ 956.070370][T27999] cache_alloc_refill+0x311/0x3f0 [ 956.075387][T27999] ? check_preemption_disabled+0xb7/0x2a0 [ 956.081110][T27999] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 956.086520][T27999] ? copy_mount_options+0x5f/0x3c0 [ 956.091640][T27999] copy_mount_options+0x5f/0x3c0 [ 956.096675][T27999] ksys_mount+0xa0/0x100 [ 956.100936][T27999] __x64_sys_mount+0xbf/0xd0 [ 956.105532][T27999] do_syscall_64+0xfe/0x140 [ 956.110037][T27999] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 956.115927][T27999] RIP: 0033:0x45c2ca [ 956.119823][T27999] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 15:10:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff010000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 956.139429][T27999] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 956.147835][T27999] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 956.147840][T27999] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 956.147845][T27999] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 956.147850][T27999] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 956.147856][T27999] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:19 executing program 3: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r0, 0xffffffffffffffff, 0xf81c, 0x0) 15:10:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff030000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:19 executing program 1 (fault-call:0 fault-nth:62): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 956.270940][T28004] ldm_validate_privheads(): Disk read failed. [ 956.305333][T28004] loop4: p1 < > p2 [ 956.316679][T28004] loop4: partition table partially beyond EOD, truncated [ 956.342336][T28004] loop4: p1 start 1 is beyond EOD, truncated [ 956.361918][T28004] loop4: p2 size 327680 extends beyond EOD, truncated [ 956.392673][T28030] FAULT_INJECTION: forcing a failure. [ 956.392673][T28030] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 956.405920][T28030] CPU: 1 PID: 28030 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 956.413881][T28030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 956.423922][T28030] Call Trace: [ 956.427206][T28030] dump_stack+0x1d8/0x2f8 [ 956.431533][T28030] should_fail+0x555/0x770 [ 956.435940][T28030] should_fail_alloc_page+0x55/0x60 [ 956.441131][T28030] prepare_alloc_pages+0x283/0x470 [ 956.446237][T28030] __alloc_pages_nodemask+0xb2/0x5d0 [ 956.451533][T28030] ? trace_lock_release+0x135/0x1a0 [ 956.456721][T28030] kmem_getpages+0x56/0xa20 [ 956.461206][T28030] ? trace_lock_release+0x135/0x1a0 [ 956.466387][T28030] cache_grow_begin+0x7e/0x2c0 [ 956.471136][T28030] cache_alloc_refill+0x311/0x3f0 [ 956.476146][T28030] ? check_preemption_disabled+0xb7/0x2a0 [ 956.481852][T28030] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 956.487203][T28030] ? copy_mount_options+0x5f/0x3c0 [ 956.492330][T28030] copy_mount_options+0x5f/0x3c0 [ 956.497275][T28030] ksys_mount+0xa0/0x100 [ 956.501538][T28030] __x64_sys_mount+0xbf/0xd0 [ 956.506128][T28030] do_syscall_64+0xfe/0x140 [ 956.510616][T28030] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 956.516575][T28030] RIP: 0033:0x45c2ca [ 956.520449][T28030] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 956.540034][T28030] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 956.548460][T28030] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 956.556427][T28030] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 956.564402][T28030] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 956.572359][T28030] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 956.580317][T28030] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 956.679725][T28004] ldm_validate_privheads(): Disk read failed. [ 956.686190][T28004] loop4: p1 < > p2 [ 956.690317][T28004] loop4: partition table partially beyond EOD, truncated [ 956.697624][T28004] loop4: p1 start 1 is beyond EOD, truncated [ 956.703797][T28004] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:21 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) getsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@local, @local, @broadcast}, &(0x7f00000000c0)=0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:21 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff070000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:21 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02680500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:21 executing program 1 (fault-call:0 fault-nth:63): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:21 executing program 3: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r0, 0xffffffffffffffff, 0xf81c, 0x0) [ 958.399312][T28053] FAULT_INJECTION: forcing a failure. [ 958.399312][T28053] name failslab, interval 1, probability 0, space 0, times 0 [ 958.421593][T28053] CPU: 0 PID: 28053 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 958.429697][T28053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 958.439753][T28053] Call Trace: [ 958.443056][T28053] dump_stack+0x1d8/0x2f8 [ 958.447588][T28053] should_fail+0x555/0x770 [ 958.452010][T28053] __should_failslab+0x11a/0x160 [ 958.456955][T28053] ? tomoyo_encode2+0x273/0x5a0 [ 958.461896][T28053] should_failslab+0x9/0x20 [ 958.466411][T28053] __kmalloc+0x7a/0x340 [ 958.470573][T28053] tomoyo_encode2+0x273/0x5a0 [ 958.475251][T28053] tomoyo_encode+0x29/0x40 [ 958.479663][T28053] tomoyo_mount_permission+0x216/0xa30 [ 958.485124][T28053] ? debug_check_no_obj_freed+0x505/0x5b0 [ 958.490843][T28053] ? kmem_cache_free+0xd8/0xf0 15:10:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) ioctl$KVM_GET_CPUID2(r3, 0xc008ae91, &(0x7f00000000c0)={0x3, 0x0, [{}, {}, {}]}) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x35) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 958.495606][T28053] tomoyo_sb_mount+0x35/0x40 [ 958.500186][T28053] security_sb_mount+0x84/0xe0 [ 958.504950][T28053] do_mount+0x107/0x2490 [ 958.509199][T28053] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 958.514783][T28053] ? copy_mount_options+0x5f/0x3c0 [ 958.519897][T28053] ? copy_mount_options+0x308/0x3c0 [ 958.525238][T28053] ksys_mount+0xcc/0x100 [ 958.529495][T28053] __x64_sys_mount+0xbf/0xd0 [ 958.534073][T28053] do_syscall_64+0xfe/0x140 [ 958.538667][T28053] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 958.544628][T28053] RIP: 0033:0x45c2ca [ 958.548518][T28053] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 958.568105][T28053] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 958.576598][T28053] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 958.584551][T28053] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 958.592526][T28053] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 958.600497][T28053] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 958.608472][T28053] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 958.691446][T28052] ldm_validate_privheads(): Disk read failed. [ 958.703764][T28052] loop4: p1 < > p2 [ 958.724686][T28052] loop4: partition table partially beyond EOD, truncated [ 958.742123][T28052] loop4: p1 start 1 is beyond EOD, truncated [ 958.750767][T28052] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000007c510b770000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff0f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:22 executing program 1 (fault-call:0 fault-nth:64): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) setsockopt$bt_hci_HCI_FILTER(r3, 0x0, 0x2, &(0x7f0000000040)={0x100, 0x7c80, 0x1, 0x1400000000000}, 0x10) [ 958.879996][T28052] ldm_validate_privheads(): Disk read failed. [ 958.886178][T28052] loop4: p1 < > p2 [ 958.891202][T28052] loop4: partition table partially beyond EOD, truncated [ 958.898480][T28052] loop4: p1 start 1 is beyond EOD, truncated [ 958.904614][T28052] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:22 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="026c0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff1f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 958.997208][T28087] FAULT_INJECTION: forcing a failure. [ 958.997208][T28087] name failslab, interval 1, probability 0, space 0, times 0 [ 959.013879][T28087] CPU: 1 PID: 28087 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 959.021888][T28087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 959.031936][T28087] Call Trace: [ 959.035232][T28087] dump_stack+0x1d8/0x2f8 [ 959.039584][T28087] should_fail+0x555/0x770 [ 959.044010][T28087] __should_failslab+0x11a/0x160 [ 959.048939][T28087] ? tomoyo_encode2+0x273/0x5a0 [ 959.053841][T28087] should_failslab+0x9/0x20 [ 959.058325][T28087] __kmalloc+0x7a/0x340 [ 959.062476][T28087] tomoyo_encode2+0x273/0x5a0 [ 959.067163][T28087] tomoyo_realpath_from_path+0x769/0x7c0 [ 959.072808][T28087] tomoyo_mount_permission+0x294/0xa30 [ 959.078263][T28087] ? kmem_cache_free+0xd8/0xf0 [ 959.083012][T28087] tomoyo_sb_mount+0x35/0x40 [ 959.087590][T28087] security_sb_mount+0x84/0xe0 [ 959.092339][T28087] do_mount+0x107/0x2490 [ 959.096557][T28087] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 959.102082][T28087] ? copy_mount_options+0x5f/0x3c0 [ 959.107178][T28087] ? copy_mount_options+0x308/0x3c0 [ 959.112457][T28087] ksys_mount+0xcc/0x100 [ 959.116708][T28087] __x64_sys_mount+0xbf/0xd0 [ 959.121290][T28087] do_syscall_64+0xfe/0x140 [ 959.125787][T28087] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 959.131688][T28087] RIP: 0033:0x45c2ca [ 959.135561][T28087] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 959.155161][T28087] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 959.163565][T28087] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 959.171535][T28087] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 959.179597][T28087] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 959.187562][T28087] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 15:10:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0xa, 0xfffffffffffffff}]}}}]}, 0x3c}}, 0x0) r4 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:22 executing program 3: pipe(0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r0, 0xffffffffffffffff, 0xf81c, 0x0) [ 959.195522][T28087] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 959.207181][T28087] ERROR: Out of memory at tomoyo_realpath_from_path. 15:10:22 executing program 1 (fault-call:0 fault-nth:65): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff3f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 959.337651][T28112] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551615) [ 959.390173][T28100] ldm_validate_privheads(): Disk read failed. [ 959.424117][T28121] FAULT_INJECTION: forcing a failure. [ 959.424117][T28121] name failslab, interval 1, probability 0, space 0, times 0 15:10:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() dup(r1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 959.440012][T28100] loop4: p1 < > p2 [ 959.445526][T28121] CPU: 0 PID: 28121 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 959.453529][T28121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 959.457082][T28100] loop4: partition table partially beyond EOD, truncated [ 959.463592][T28121] Call Trace: [ 959.463613][T28121] dump_stack+0x1d8/0x2f8 [ 959.463626][T28121] should_fail+0x555/0x770 [ 959.463639][T28121] __should_failslab+0x11a/0x160 [ 959.463650][T28121] should_failslab+0x9/0x20 [ 959.463659][T28121] kmem_cache_alloc_trace+0x5d/0x2f0 [ 959.463668][T28121] ? alloc_fs_context+0x65/0x5f0 [ 959.463677][T28121] alloc_fs_context+0x65/0x5f0 [ 959.463690][T28121] ? _raw_read_unlock+0x2c/0x50 [ 959.478345][T28121] ? get_fs_type+0x47f/0x500 [ 959.492194][T28121] fs_context_for_mount+0x24/0x30 [ 959.492205][T28121] do_mount+0x1095/0x2490 [ 959.492218][T28121] ? copy_mount_options+0x308/0x3c0 [ 959.516885][T28121] ksys_mount+0xcc/0x100 [ 959.516896][T28121] __x64_sys_mount+0xbf/0xd0 [ 959.516911][T28121] do_syscall_64+0xfe/0x140 [ 959.535662][T28121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 959.535671][T28121] RIP: 0033:0x45c2ca [ 959.535682][T28121] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 959.551877][T28100] loop4: p1 start 1 is beyond EOD, truncated [ 959.554565][T28121] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 15:10:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xff7f0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 959.554574][T28121] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 959.554580][T28121] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 959.554585][T28121] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 959.554590][T28121] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 959.554599][T28121] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 959.603458][T28100] loop4: p2 size 327680 extends beyond EOD, truncated [ 959.837069][T28100] ldm_validate_privheads(): Disk read failed. [ 959.847947][T28100] loop4: p1 < > p2 [ 959.852039][T28100] loop4: partition table partially beyond EOD, truncated [ 959.870979][T28100] loop4: p1 start 1 is beyond EOD, truncated [ 959.877933][T28100] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:23 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x80000004e22, 0x3, @rand_addr, 0x1}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12fbad) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400040, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000000c0)={0x0, 0x65, "4671bf87e4a3f1980756cb79409180d59a538d0953abe0193feef37e05ce3110a567040a2f5caeefd49cd9aa395248e21d6ab3af15a0a97816d448a4874532ecce833f94ec4c51fd9cd4377e2a7b69a265a1e20d9a983ebd540b43e6119be6a02e4582ad1f"}, &(0x7f0000000040)=0x6d) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r2, 0x1}, 0x8) r3 = gettid() r4 = dup(r0) mlockall(0x4) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:23 executing program 1 (fault-call:0 fault-nth:66): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff0000], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ioctl$RTC_WIE_ON(r1, 0x700f) ptrace$setopts(0x4206, r2, 0x0, 0x0) ioctl$EVIOCGLED(r3, 0x80404519, &(0x7f0000000140)=""/57) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000040)={0x1, 0x8004, 0x0, 0x7af9, 0x0}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000100)={r4, 0xadd6}, 0x8) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:23 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02740500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 960.029833][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 960.037598][T28145] print_req_error: 15 callbacks suppressed [ 960.037611][T28145] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 960.072966][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.084013][ T2510] buffer_io_error: 12 callbacks suppressed [ 960.084020][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:10:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff0100], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 960.118324][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.129356][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.138967][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.149992][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:10:23 executing program 3: pipe(0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r0, 0xffffffffffffffff, 0xf81c, 0x0) [ 960.158386][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.169700][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.179577][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.190623][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.206984][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.209457][T28156] FAULT_INJECTION: forcing a failure. [ 960.209457][T28156] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 960.218088][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.231057][T28156] CPU: 1 PID: 28156 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 960.231063][T28156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 960.231066][T28156] Call Trace: [ 960.231084][T28156] dump_stack+0x1d8/0x2f8 [ 960.231098][T28156] should_fail+0x555/0x770 [ 960.231112][T28156] should_fail_alloc_page+0x55/0x60 [ 960.231123][T28156] prepare_alloc_pages+0x283/0x470 [ 960.231134][T28156] __alloc_pages_nodemask+0xb2/0x5d0 [ 960.231156][T28156] kmem_getpages+0x56/0xa20 [ 960.239655][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.247081][T28156] ? quarantine_put+0xb7/0x1f0 [ 960.247094][T28156] cache_grow_begin+0x7e/0x2c0 [ 960.247104][T28156] cache_alloc_refill+0x311/0x3f0 [ 960.247116][T28156] ? check_preemption_disabled+0xb7/0x2a0 [ 960.257302][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.260418][T28156] __kmalloc+0x318/0x340 [ 960.260429][T28156] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 960.260438][T28156] tomoyo_realpath_from_path+0xdc/0x7c0 [ 960.260450][T28156] tomoyo_mount_permission+0x294/0xa30 [ 960.260463][T28156] ? kmem_cache_free+0xd8/0xf0 [ 960.260481][T28156] tomoyo_sb_mount+0x35/0x40 15:10:23 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f00000000c0)={{0x7fffffff, 0x9, 0x2f, 0xf7, 0xffffffff, 0x8}, 0x5, 0x8001, 0x9, 0x2, 0x2, "f047dffc32a91b9565aa404be565ba28d3b50a3d3980b7189c095b87c476296be0eb04a82cc1d222dd0604cf1ef28b5847b1b31bb960cbe8b754e3f416196a1a1e9baeb3059b2af395dfc7dc5225b70192611c5fb4da2658925ad731d150528c6a75e5b184099f0cd31f98b94a88ec88d437fea005640f63ec3dab73e326b020"}) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 960.265076][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.269260][T28156] security_sb_mount+0x84/0xe0 [ 960.269275][T28156] do_mount+0x107/0x2490 [ 960.269284][T28156] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 960.269291][T28156] ? copy_mount_options+0x5f/0x3c0 [ 960.269300][T28156] ? copy_mount_options+0x308/0x3c0 [ 960.269313][T28156] ksys_mount+0xcc/0x100 [ 960.274574][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.279669][T28156] __x64_sys_mount+0xbf/0xd0 [ 960.279680][T28156] do_syscall_64+0xfe/0x140 [ 960.279692][T28156] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 960.279701][T28156] RIP: 0033:0x45c2ca [ 960.279712][T28156] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 960.285401][ T2510] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 960.289451][T28156] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 960.289461][T28156] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 960.289466][T28156] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 960.289472][T28156] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 960.289477][T28156] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 960.289483][T28156] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 960.300611][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read [ 960.371443][ T2510] Buffer I/O error on dev loop4p2, logical block 0, async page read 15:10:24 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff0300], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 960.546567][T28151] ldm_validate_privheads(): Disk read failed. [ 960.568985][T28151] loop4: p1 < > p2 [ 960.589473][T28151] loop4: partition table partially beyond EOD, truncated [ 960.605971][T28151] loop4: p1 start 1 is beyond EOD, truncated [ 960.612517][T28151] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:24 executing program 1 (fault-call:0 fault-nth:67): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:24 executing program 0: getpid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) r0 = fcntl$getown(0xffffffffffffffff, 0x9) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:24 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff0700], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 960.743138][T28151] ldm_validate_privheads(): Disk read failed. [ 960.755028][T28191] FAULT_INJECTION: forcing a failure. [ 960.755028][T28191] name failslab, interval 1, probability 0, space 0, times 0 [ 960.762863][T28151] loop4: p1 < > p2 [ 960.792993][T28191] CPU: 1 PID: 28191 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 960.801011][T28191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 960.805333][T28151] loop4: partition table partially beyond EOD, truncated [ 960.811066][T28191] Call Trace: [ 960.811088][T28191] dump_stack+0x1d8/0x2f8 [ 960.811101][T28191] should_fail+0x555/0x770 [ 960.811116][T28191] __should_failslab+0x11a/0x160 [ 960.811129][T28191] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 960.811139][T28191] should_failslab+0x9/0x20 [ 960.811148][T28191] __kmalloc+0x7a/0x340 [ 960.811155][T28191] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 960.811164][T28191] tomoyo_realpath_from_path+0xdc/0x7c0 [ 960.811178][T28191] tomoyo_mount_permission+0x923/0xa30 [ 960.811193][T28191] ? kmem_cache_free+0xd8/0xf0 [ 960.811211][T28191] tomoyo_sb_mount+0x35/0x40 [ 960.821513][T28191] security_sb_mount+0x84/0xe0 [ 960.821527][T28191] do_mount+0x107/0x2490 [ 960.821539][T28191] ? kmem_cache_alloc_trace+0x23a/0x2f0 15:10:24 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @rand_addr, 0x1}, 0x20f) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000b00c0000000000000000680300006803ffffffff00006803000068"], 0x1) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f00000001c0)=@nat={'nat\x00', 0x19, 0x2, 0x364, [0x20000a80, 0x0, 0x0, 0x20000ab0, 0x20000ae0], 0x0, &(0x7f0000000000), &(0x7f0000000a80)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{0x9, 0x20, 0x6007, 'nr0\x00', 'veth0_to_bond\x00', 'yam0\x00', 'sit0\x00', @local, [0x0, 0x0, 0xff, 0xff, 0x0, 0xff], @local, [0xff, 0xff, 0xff, 0xff, 0x0, 0xff], 0xce, 0x156, 0x18e, [@m802_3={'802_3\x00', 0x8, {{0xf0, 0x2, 0x1, 0x7}}}, @m802_3={'802_3\x00', 0x8, {{0x80, 0x8, 0x5, 0x1}}}], [@snat={'snat\x00', 0x10, {{@dev={[], 0x22}, 0xfffffffffffffffd}}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x100000000, 'syz1\x00', 0xe00000000000000}}}], @snat={'snat\x00', 0x10, {{@local, 0xffffffffffffffff}}}}, {0x19, 0x0, 0x201, 'veth1_to_bridge\x00', 'vxcan1\x00', 'vcan0\x00', 'vxcan1\x00', @random="9991db61ab16", [0xff, 0xff, 0xff, 0x0, 0xff], @remote, [0x0, 0x0, 0xff, 0x0, 0x82ef4ec1069533ca, 0xff], 0x10e, 0x10e, 0x146, [@time={'time\x00', 0x18, {{0x1, 0x6, 0xa894, 0x2bbf, 0x2, 0x4}}}, @arp={'arp\x00', 0x38, {{0xd80b519dadb4393b, 0xf9, 0xa, @remote, 0xff000000, @empty, 0xff000000, @remote, [0x3d6ad6eeea17ef11, 0xff, 0xff, 0x0, 0x0, 0x7f002fbe8f28f715], @random="82b03d1fcc3d", [0xff, 0xff, 0xff, 0xff, 0xff], 0xa0, 0xc0}}}], [], @arpreply={'arpreply\x00', 0x10, {{@empty, 0xfffffffffffffffe}}}}]}]}, 0x3dc) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000340)={{{@in=@remote, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @remote}}, 0x0, @in6=@loopback}}, &(0x7f0000000100)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000180)=0xc) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x20, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@loose='loose'}, {@afid={'afid', 0x3d, 0x6}}, {@noextend='noextend'}, {@cache_fscache='cache=fscache'}, {@privport='privport'}, {@cachetag={'cachetag'}}, {@noextend='noextend'}, {@cache_loose='cache=loose'}], [{@fowner_eq={'fowner', 0x3d, r3}}, {@appraise='appraise'}, {@smackfsdef={'smackfsdef'}}, {@euid_lt={'euid<', r4}}, {@fowner_gt={'fowner>', r5}}]}}) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 960.821546][T28191] ? copy_mount_options+0x5f/0x3c0 [ 960.821559][T28191] ? copy_mount_options+0x308/0x3c0 [ 960.830291][T28191] ksys_mount+0xcc/0x100 [ 960.830302][T28191] __x64_sys_mount+0xbf/0xd0 [ 960.830315][T28191] do_syscall_64+0xfe/0x140 [ 960.830326][T28191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 960.830334][T28191] RIP: 0033:0x45c2ca [ 960.830343][T28191] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 15:10:24 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff0f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 960.830348][T28191] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 960.830355][T28191] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 960.830360][T28191] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 960.830365][T28191] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 960.830373][T28191] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 960.835795][T28151] loop4: p1 start 1 is beyond EOD, truncated 15:10:24 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="027a0500000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") [ 960.840993][T28191] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 960.854363][T28191] ERROR: Out of memory at tomoyo_realpath_from_path. [ 960.857294][T28151] loop4: p2 size 327680 extends beyond EOD, truncated [ 961.170208][T28220] ldm_validate_privheads(): Disk read failed. [ 961.176473][T28220] loop4: p1 < > p2 [ 961.180973][T28220] loop4: partition table partially beyond EOD, truncated [ 961.188325][T28220] loop4: p1 start 1 is beyond EOD, truncated [ 961.194675][T28220] loop4: p2 size 327680 extends beyond EOD, truncated [ 961.289777][T28220] ldm_validate_privheads(): Disk read failed. [ 961.296144][T28220] loop4: p1 < > p2 [ 961.300790][T28220] loop4: partition table partially beyond EOD, truncated [ 961.308267][T28220] loop4: p1 start 1 is beyond EOD, truncated [ 961.314573][T28220] loop4: p2 size 327680 extends beyond EOD, truncated [ 961.469880][ T9196] __loop_clr_fd: partition scan of loop4 failed (rc=-16) 15:10:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000240)='/dev/cachefiles\x00', 0x41, 0x0) ioctl$BLKIOMIN(r2, 0x1278, &(0x7f00000002c0)) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r1) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r4, 0xc0305602, &(0x7f0000000200)={0x0, 0x1, 0x2020}) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74777200000000000000005f32369af2000000004000000000009bbc9400e9ea36589f895ce60000100100f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803a9d771e8f0b43bc9ce586d925c40fa0300ab939ffa4daf0a68600dde11fbd68e854dbed536a4ab3e759ebe0542f9e87b96663006de49f172c035276a752d3a965ed1dfbe00d8ae57dc822a96d1d64a000000"], 0x1) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000180), &(0x7f00000001c0)=0x4) ioctl$UI_END_FF_ERASE(r4, 0x400c55cb, &(0x7f0000000040)={0x1, 0x9, 0x10000000}) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:26 executing program 1 (fault-call:0 fault-nth:68): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff1f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) socketpair(0x7896d0e15d1d12a4, 0x5, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$rxrpc(r1, &(0x7f0000000040)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @empty}}, 0x24) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00d5014581cf05ded50000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:26 executing program 3: pipe(0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r0, 0xffffffffffffffff, 0xf81c, 0x0) 15:10:26 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000600000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff3f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 963.108197][T28256] FAULT_INJECTION: forcing a failure. [ 963.108197][T28256] name failslab, interval 1, probability 0, space 0, times 0 [ 963.157251][T28256] CPU: 0 PID: 28256 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 963.165263][T28256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 963.175322][T28256] Call Trace: [ 963.178621][T28256] dump_stack+0x1d8/0x2f8 [ 963.182967][T28256] should_fail+0x555/0x770 [ 963.182980][T28256] __should_failslab+0x11a/0x160 [ 963.182994][T28256] ? getname_kernel+0x59/0x2f0 [ 963.197090][T28256] should_failslab+0x9/0x20 [ 963.197103][T28256] kmem_cache_alloc+0x56/0x2e0 [ 963.206359][T28256] getname_kernel+0x59/0x2f0 [ 963.210944][T28256] kern_path+0x1f/0x40 [ 963.215014][T28256] tomoyo_mount_permission+0x7f1/0xa30 [ 963.220572][T28256] ? kmem_cache_free+0xd8/0xf0 [ 963.225352][T28256] tomoyo_sb_mount+0x35/0x40 [ 963.229948][T28256] security_sb_mount+0x84/0xe0 [ 963.234712][T28256] do_mount+0x107/0x2490 [ 963.234724][T28256] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 963.234732][T28256] ? copy_mount_options+0x5f/0x3c0 [ 963.234745][T28256] ? copy_mount_options+0x308/0x3c0 [ 963.244517][T28256] ksys_mount+0xcc/0x100 [ 963.244527][T28256] __x64_sys_mount+0xbf/0xd0 [ 963.244537][T28256] do_syscall_64+0xfe/0x140 [ 963.244548][T28256] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 963.244560][T28256] RIP: 0033:0x45c2ca [ 963.277988][T28256] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 963.297686][T28256] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 15:10:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff7f00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 963.306107][T28256] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 963.314078][T28256] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 963.322055][T28256] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 963.330039][T28256] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 963.338014][T28256] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 963.370794][T28254] ldm_validate_privheads(): Disk read failed. [ 963.382477][T28254] loop4: p1 p2 [ 963.386649][T28254] loop4: partition table partially beyond EOD, truncated [ 963.394499][T28254] loop4: p1 start 1 is beyond EOD, truncated [ 963.406159][T28254] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:26 executing program 1 (fault-call:0 fault-nth:69): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffff80fe], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 963.567572][T28254] ldm_validate_privheads(): Disk read failed. [ 963.575254][T28288] FAULT_INJECTION: forcing a failure. [ 963.575254][T28288] name failslab, interval 1, probability 0, space 0, times 0 [ 963.579620][T28254] loop4: p1 p2 [ 963.591805][T28254] loop4: partition table partially beyond EOD, truncated [ 963.592538][T28288] CPU: 0 PID: 28288 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 963.606803][T28288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 963.606808][T28288] Call Trace: [ 963.606827][T28288] dump_stack+0x1d8/0x2f8 [ 963.606841][T28288] should_fail+0x555/0x770 [ 963.606857][T28288] __should_failslab+0x11a/0x160 [ 963.620179][T28288] ? tomoyo_encode2+0x273/0x5a0 [ 963.620190][T28288] should_failslab+0x9/0x20 [ 963.620200][T28288] __kmalloc+0x7a/0x340 [ 963.620213][T28288] tomoyo_encode2+0x273/0x5a0 [ 963.624668][T28254] loop4: p1 start 1 is beyond EOD, truncated [ 963.628912][T28288] tomoyo_realpath_from_path+0x769/0x7c0 [ 963.628925][T28288] tomoyo_mount_permission+0x923/0xa30 [ 963.628941][T28288] ? kmem_cache_free+0xd8/0xf0 [ 963.633903][T28254] loop4: p2 size 327680 extends beyond EOD, truncated [ 963.638683][T28288] tomoyo_sb_mount+0x35/0x40 [ 963.638695][T28288] security_sb_mount+0x84/0xe0 [ 963.647342][T28288] do_mount+0x107/0x2490 [ 963.647352][T28288] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 963.647364][T28288] ? copy_mount_options+0x5f/0x3c0 [ 963.663602][T28288] ? copy_mount_options+0x308/0x3c0 [ 963.663613][T28288] ksys_mount+0xcc/0x100 [ 963.663623][T28288] __x64_sys_mount+0xbf/0xd0 [ 963.663634][T28288] do_syscall_64+0xfe/0x140 [ 963.663646][T28288] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 963.663655][T28288] RIP: 0033:0x45c2ca [ 963.663663][T28288] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 963.663672][T28288] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 963.673851][T28288] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 963.673857][T28288] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 963.673862][T28288] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 963.673867][T28288] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 963.673872][T28288] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 963.678744][T28288] ERROR: Out of memory at tomoyo_realpath_from_path. 15:10:27 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000700000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:27 executing program 1 (fault-call:0 fault-nth:70): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 963.967167][T28303] FAULT_INJECTION: forcing a failure. [ 963.967167][T28303] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 963.980404][T28303] CPU: 1 PID: 28303 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 963.988379][T28303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 963.998429][T28303] Call Trace: [ 963.998448][T28303] dump_stack+0x1d8/0x2f8 [ 963.998469][T28303] should_fail+0x555/0x770 [ 964.010459][T28303] should_fail_alloc_page+0x55/0x60 [ 964.010475][T28303] prepare_alloc_pages+0x283/0x470 [ 964.010489][T28303] __alloc_pages_nodemask+0xb2/0x5d0 [ 964.010499][T28303] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 964.010512][T28303] kmem_getpages+0x56/0xa20 [ 964.036340][T28303] cache_grow_begin+0x7e/0x2c0 [ 964.041126][T28303] cache_alloc_refill+0x311/0x3f0 [ 964.046144][T28303] ? check_preemption_disabled+0xb7/0x2a0 [ 964.051858][T28303] __kmalloc+0x318/0x340 [ 964.056089][T28303] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 964.061793][T28303] tomoyo_realpath_from_path+0xdc/0x7c0 [ 964.067370][T28303] tomoyo_mount_permission+0x923/0xa30 [ 964.072835][T28303] ? kmem_cache_free+0xd8/0xf0 [ 964.077590][T28303] tomoyo_sb_mount+0x35/0x40 [ 964.082164][T28303] security_sb_mount+0x84/0xe0 [ 964.086907][T28303] do_mount+0x107/0x2490 [ 964.091142][T28303] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 964.096668][T28303] ? copy_mount_options+0x5f/0x3c0 [ 964.101761][T28303] ? copy_mount_options+0x308/0x3c0 [ 964.106937][T28303] ksys_mount+0xcc/0x100 [ 964.111170][T28303] __x64_sys_mount+0xbf/0xd0 [ 964.115759][T28303] do_syscall_64+0xfe/0x140 [ 964.120252][T28303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 964.126143][T28303] RIP: 0033:0x45c2ca [ 964.130017][T28303] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 964.149624][T28303] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 964.158019][T28303] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 964.165979][T28303] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 964.173933][T28303] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 964.181887][T28303] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 964.189855][T28303] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 964.211541][T28302] ldm_validate_privheads(): Disk read failed. [ 964.227616][T28302] loop4: p1 p2 [ 964.231304][T28302] loop4: partition table partially beyond EOD, truncated [ 964.244692][T28302] loop4: p1 start 1 is beyond EOD, truncated [ 964.251119][T28302] loop4: p2 size 327680 extends beyond EOD, truncated [ 964.401892][T28302] ldm_validate_privheads(): Disk read failed. [ 964.408208][T28302] loop4: p1 p2 [ 964.412183][T28302] loop4: partition table partially beyond EOD, truncated [ 964.419820][T28302] loop4: p1 start 1 is beyond EOD, truncated [ 964.425954][T28302] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:29 executing program 1 (fault-call:0 fault-nth:71): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:29 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) 15:10:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffc0fe], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:29 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000900000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0xffffffffffffff9a) connect$inet6(r1, &(0x7f0000000080), 0x1c) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000014c0)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000001540)={0x7, &(0x7f0000001500)=[{}, {}, {}, {}, {}, {}, {}]}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_dev$vbi(&(0x7f00000017c0)='/dev/vbi#\x00', 0x3, 0x2) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000001880)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000001900)={0xffffffffffffffff}, 0x106, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f00000018c0)={0x1, 0x10, 0xfa00, {&(0x7f0000001800), r4}}, 0x18) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r0, 0x10f, 0x84, &(0x7f0000000040), &(0x7f00000000c0)=0x4) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000100)) r5 = gettid() getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000001440), &(0x7f0000001480)=0xc) r6 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000015c0)=ANY=[@ANYBLOB="66696c74657200000000000020000e000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068bbfce7b2aa2075a9650873b3b4d3cdd2680dab65b72e99138b0204c03d65805370a98c85621d581700f03bbd55a08e932c1e915ede4997ada322f6cf7a83a035e7dff2ec39e900"/157], 0x1) ptrace$setopts(0x4206, r5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001740)={r6, &(0x7f0000001680)="654ec47ea142a66629fee5e25b5d4e5231411610b63ab02853e806e6796fcba13c7d024c16be1d1e778701e32a46e7d25b20f633a0ce632b56300f0fea6141adc9a5b492dd1432f5edcb32f4f1d7a5e1ca5cdd8abe7389e918876b1e79145a0e2a5566f82f6ea74222664f6b64c640894492b9dd8dbe4e2d90558140900b126da0a76a17723e0acdd6531b3ad7554b7ec3fafdbdde7a01aa97d9076face9f694bef618623040498175dbe1e747f91bdbcce1c467", &(0x7f00000002c0)="003bc1ae5bbaa220a45a1c4b7083dbf10027036eb70847f3f3a38abad2d1d0a6132c03eec61cc65c4b157f9cbe783c3bbdff0bbdbade71929f860b520b67226f8f7588567fbbf2a62f8eb97e", 0x5}, 0x20) syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x5, 0x3, &(0x7f0000001340)=[{&(0x7f0000000340)="44b9cba6ddf5af1045d2b72e47cd6cbe7a395191a0a341004e5687e21dc44afd4c7f299f37274bad9451f71cfd4ac1d05ba8fa113d58d8a6456ed164a6800a8a5dfe839b188fae1103775a333b63520dc7de796f377c19bccac51b863dbe0941171d12386a0df5bf2cd63051c8942afbcec8b4b12fad1ef2d2444ecfd3f4c7216be6782c92d9a030b23ce08df35732df33ad711e7aca7efdce89b4938e36e335bd0d221f7ce3cd4f83b4050c882f67155db2998f08c29c7031a6ca8fadac0d12d3ca719bf61f70aab8979f09ead949c35a9160eddcf116bce7202babc4617db91cf728f6767f029984d87d5ae2ef9bff63a646d9c9f1c6cd1f105ed80bfb9fdc65e9114fa638a641822c9bca1f35fa8feffc47a8e96b73b121bb8accaaaae01b675de231126180df7a243dd739310d28ea91de39416e7fe63d0d82763e33e47359732a894398920667034d53a74b2ae2fc46ef38d6e25e077f95d39a1dd26385af01d4a86c8927ac5bc413ca90a563b4808dbbd13eac06dd3ac33c6157a6ef7824b3d08ad4cbd0f6e51b36c18f081c329699200f8a63b95e318bea37697582c9b10af7f53acc50c7479ea64f18f849fa04013b1c341be40bf147e4e8de42ca24a99cc12184a43e6d438ae2e0e43304cf04ee0542fc03fd81a68f252456a9ae80d00ef42f64168b2344f8feadfb8d88247802714252dc4a03dcb9942864af0da5cf69837598429fb270820f4a10e56fbcc11501b738916effe10c8882a3d8007036a59e79c5c2fe157bec463738b4d30c2aed3338f3c701ac9147bd4144b218de7961213903989f16c2378127ed53d3e143808c186fee520691a79c2da84b326e9cc7edcc2d85f3a3d936c41b678a91debf0093754cae897503e3a7308fdba2af33aa2df3f8895a9b2e31df3aab19774a211fc50de2ac721665b67fdd429a9379311a35399e3874bcd58bbe269bbc8349a72a792e7153881a8c6225e40e21396118173aa52a29da11e12299ad7c093d99ed5d4df0cfa29710b29159b6d5ab5470b57d1a971b9c34b0bd861d187c8989e22d422c6ffae2135aadf88b8ce4dfc246319a22ed261f2cceb8e1c61c57ccc46a5768f98c3835b3d0593b12bdf71ef8438632b1f7d6a93b27968015735bec9c5b0197927a6bdc7fe536a7970b98b56df00452e3aab8f66186850fa19f31e0b27b85c03beb2aca65bf2720108c238c3038cb54cf3250162fd5322c72bc63a3db216be370d738a137145f64036fc547a5f83ba132a6d7cc8d049a40bbe0629c038d4012e46e61776f97a8b0a81e6d908cd0bd4ba809a674b3da19b20926286c7d8fbf20520c1cfc3ff352a926dbf9fe42324a7cd3e5b89800e4dfa02db58971d5baeed3e87852310714d41e84f1546b81624cbde822bca0987c2be853e9bef1deeb0ad68ca4fbd4fa663ba8be868efe523aec2537663b4aaa5bf95348a3842ddac6476cb757080a2a1e159dcaa45e22f16e07188a7d3177a2f65a3b1bf6f0fbedfd328c75adfbd42ae2b7bca46b1d0a6d6d69f6c7f790f6ffc3dd3454939820dae5f27595358702f93d401a37064e3f8581e50936d32eca7cd641366b20719349f24ecd0c08c4bf1511e1bbaf1594641311c7095d369937b6b200a69b3b239954cfe56fda256dd8791f4b5882ff937a7b7dee624ce707018e32cf2ad895724172d050496418f7f87b4581b5e0b2725adb1957aded80920fa0192a17c58d668adc0133ddf11f93410e04c886d0bc912c2109641bc6e001adcc3546b458300acbb6a28112cbcacf2eb6fe33abc59584526a0f053f0f2add7091d0f2face59431147f9656554a9bac46536bd1e3856c5be8ef2de8112e180e31c0c41af4a47ad9cbbdecc54095a20c9875488b4f2f1a2456ca37a4c24904a2f85e869d4d421f5a6ec9bb09665c1daa451acbc69c138725b670c801563bb54b4d1b11f06368ed213a9dceadf956f09e19bd51153f4623f6ad7d02500c4e2b100e7ac91f62e0b0231bf15a95a84c812191ced5998b134f190895822c919921bce5ffe2eedf7b4e046f6003e2a4e77b16cc0b553e0b6fc22a37a3e24207cb42e27cdae71f47143554d7c46fcc8842621c923007d2e868bd50b8218a36583c9ec2145a9448367325995b9621c488a2858714575e6eed2c6c1979c73ee2a1b713f8209cfb03dd2ee0101e22a30574b2b271c64e37a18d6c85885449276384a0c41bba844d7ead4c1c89b787dc6c6f9651288f8f02bc5a09eb32fff089bb477c5fab946b33ddc9db0e28030767906f120654595c190275b621f47e1d8c0e8fca00c84ff4a00040d45654d22ae78376c6bc67fd2e74eeaab95b0c382b1f5755dc7e6abd8f6112d49e55e2c67095d9aaec0b7dbe29e6836624c156f9e290b705114bf11dcfa21ad2b4a55cc767cceb8ffa095150ca01865f346f365c8dc0974fe7c412e4301ecbe01288f6b95c90b302840744438ae6a210906a8695f44505afe1e5dd87c24a61969a9242adb68877e8bf1a265409101c783fbadd412a8c4682f922ae7a3149fbf8344083367ecbd52431269bbc88b8591ef4549dd1b39d81dd7dd3ac8368efa3fa53c52358777706757de4e50bf70caa7a765eeeaa4dc998da7fb13debd3ea583f5aa6a69d2801a677f46f4b1b7795e037122034d8f35b68830ce90f61687bb5f819f746740473e1491b76471bbbd68385ad204f44000308b18ed4fe28c1396993159326ca24f05fed07d906d0061ab031eeb2acbd0e155822bf8ef3cc34b733d5757f2020a4ebf70322cb910be9864e2e69ea6bcd8f7923173535466c72ca74ff3c55a9d42b2bb9ee3075edd045454e1214092663cbbc9d013da405bf0caa5982c0b38687e099ed42310377ac5d5bd584d5b3aae83fe32a011a7c001646e7ef97c6341a3d451d212dfe1feea9df6f555bba5e782728b0d3a0771393769397ff7d54592c52418015c44f9a75ec9b3bc81ca7b47d54d2bddf43144ff94f904f432da00faa74cc02523b6006d5853a42d774ab64106dcc0ab35d8bec9fe8167b731f17323e578c08d01b458ebf4da90a09127d924b8f9b77f8921d3730db592a83cfa236d7d7106c72af12a7547d3b7d93638e48831743e037dc4cb36d6213e3d49b4006c5b4149e746a2903e85fe5473cfa0779ed4dbca36bc113fb0b95bbe9c71284becc86a512efe9d39d3274e151752e5a489dd4e38281866c9b236d416819ec6806dfa6f99557890cbb623fa590107e4427bd691897af0e9e2221375e783e8a3a227b02a51b63141a6bdcda27dd371406fc90980ddc5d08f210f42eb89b5f67e4a117d4b7dbc367a7bb572e6d35b88fe7daef2097472ff7aa1d223836fcc262aefa5233ed4aa68e6d3a93f25fbcc772d88d50d4f112954b5e0e7116cf263b1bc52eaa9f39a12ef484279918907f9a6763a513e1f50de65dfef212183d5d045cd7a0eac306a1ed7676f23337e803a4fa2e80d12590a936f2604093386783bcfe0a24d5ab28fa583c3b97cee508041af6bb84dfc91f7d218153287540db9b4f46e14dedf1b19dfc87475b06b76c3f7f7442d3f2cc99bdc47ecec1c603be4af48ac17112b2c5437f896f637b3987f1a9f8af14b3ddbc51b80717f087a6e6d96585fd744852550f9ac1ca3f3e0acd9ca69874a5f00a8bc832a85950d84fa49cdc7379b0d0cbc3c7ca9d7edfe1396406bd73610b14d38154dd010bbd7a63c8b6c879436e52cfba8499510b11c97f840c81a82649d28227075bb10a7d40eaea4f448db6e2ca95e22240835b4ca840862481e57a3d45c3500d419608179e3cb08feceec0900755620ac225e864dead540569ac0154f5cd80d5e4f1b67031c3772b2144f9c8f59d37f2e496f935c5cd7b3f0858522a82a1b5ec47d418cb7fd5607b133238f9dc5bc1ef98771002762e5ad4adccd93cdd7969ba2019be78366fe1e00f11ab1aab13290c5ce726233f017141ae72d3549856930d1fcc3cdcd58f2d6c8cea0f64c8c87c30cbd11af0506cfe23c37d0feac1f505c0c0aeccd5c4e9f494bf2b57312ca51d6bb206359bc5b9a119cb26cc1785c44e455e3738a24d32918de3157a30a20e78e8ddd9bc7ded1ff3e9351c90f0d76b67598337832c5917f7c296cbdaa15c87ad8a2b662cd75778b811635b8a478ac8724f3b32945f7b60ebd58c668682120daf1374f9515f45fb72690fc4b9afb09e9c92027c430a9d15aa267818966398d3082764423c5a7291703eae09c25aadf6bfcd3e42957a4c94f3b64acd770cb9cc42e4d0cbfbb1d40044fae286e74cebc159a84d9769222aa38b5f31856dc3ffe41b5730a70be1a01e6386ea2da28c304bbc500ebd37b95ba6853e3fb8a7b90fb140fb394b53fbb1dd933853487edf2de8459db21f0990413bf83d6aa4baedec738302480809c39d31296418f1ff59fdb652e1ea80c80b9f73f495a48ca7deda4b07bdcebd9aa3ebc5244b76822a2e1e6e6030ffe5da3414d3f9697f3290e9532c7b022b5d66b12726b49e6b0b61caabd85fd02274b6f516fc058494dd0c5b134e804cdcba028598df679948fd71ab65a3627c1480a6cbb31eb24ae253331c7f7b2335e31d9e0c8a21123bce9e5278e5bfea63e86ecf8d355cd0c4cc54fc8ce09028f040999f4dbad2b9859bb50accd009d9848ad8e399fe948031d9a316ee925ddc2bce260c47df7eb8f4fb42da538180ba0058e7174db5274994cbe3f6a829783ea0f6f7e2fd86d6d58d8691e32a6ab59d98cf5216d3d11248a67a8c324b3affd7ee04d2217fce9c00a60a43d19867563db31c068030337f212885c41caa6d16c2afc900a4070d10c5a30877d130357d582789fb9a60330921b13575f6f2f68a9f2c020ae63aa102f7ccd67f1d52de58fd4bb0e8232bab1bbb73c9c23c9e6fb94401d668008cbec815c0bb50f4821f5193de74156c5fb83a5d5abec32e23a9ee8c3055d0fe93ebb6f7e76773440a87e6c4a66d6639f72471f3a8f7a93fbef0834a05ca054616f5ed6e341046ac775562df6422e4f90aaea6a845ec22471cca7f2d4e7ddc38399560fd90069352d78d3eefeea81130a95d89a5210d91a6733699b81e52854189df3565e79e9e3e949ed9357cf39c623f927a8d205b0dae9cf6ad9a7e64cb03fae4261d2b2d51c91e0c949815757e044c2359eb422b6817d18c72bd6e5a27e8305ea6f60b4628405ce62976c15cf0b9ffad924f055ba030d0f186688172edf74c4dc64184f9a45524eb4c28513b1bab276699406271915d09d6516b3543cabbb06cc48fc475b91c2a44c29b2e92ae73a000b35dba5d533fcedd271f529c0eb94814ec75d3ece8f14c921a1f7c2620050377e5106729f86c9726f2e8fff3c427611de9006eb46973db9740537c7a710a5d12fb7203111c91bfc5d5afbc1e357a81ea163ff1336dcdbcb03cfb41cf24a7fb4847bbdfe339bfd242a064c2fc361dcada7fb573bf601a9c2310fd908d121276d6b00a223c8b2b1f34c7c9760682da2d125c0018e555ca7ea6c03215475854f28f7467e6de44405b6be8b0664b71b5d3cadc4ee68505cba962468316557175ad57983bc1ef3cc069c514da6dc94ffe40d6832fc5974eda9b969f2f27d389b1d86e867cbc012bef9014b32a3d235c9b79b3674f4aa65339b4501404874bd40aff2f8ded1588826389411762643f36b570b0d66666223e93753c254ea95e267efc51469dab59d3dbf7c7213621870c5aa6166fa1e6d6375b3af0243e99e816ffc27cc95cca20e0f7e394eb5239e48b0dc91528cc2d6405aeb11159b41", 0x1000, 0xffffffffffffffff}, {&(0x7f00000001c0)="ec4619177ab3c6d4112cdb883a2303", 0xf, 0xe9}, {&(0x7f0000000200)="239262d423cce28bd1cff2f0b1f7d16b7a5c339086444f41a68d9027082142bfc6aff9d88c3ca91ec4b2c7294edd41ebff18f81ea638d146e8a311bcd8a5bc768878c1b136d600d4c883b78f2331a64d59b96fb54d2cd7fda601dd16f32fa81ce0a3b8f90bb53a37ac335dbd", 0x6c, 0x6}], 0x2, &(0x7f00000013c0)=ANY=[@ANYBLOB="6e6f6c6172676569672c71756f74612c6c6f676465763d2e2f66696c65302c72746465763d2e2f66696c65302c6673636f6e746578743d726f6f742c6d61736b3d5e4d41595f415050454e442c66736dfb0000000000000030303030303030302c7ac0330bae1f7ae0"]) ioctl$FITRIM(r6, 0xc0185879, &(0x7f0000001580)={0xc8, 0x71ab, 0x5}) tkill(r5, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$int_in(r0, 0x5452, &(0x7f0000001780)=0x9) 15:10:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) prctl$PR_SET_UNALIGN(0x6, 0x1) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x8000, 0x0) ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000100)) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000000)={@remote}, &(0x7f0000000040)=0x14) clone(0x28000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:29 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) [ 966.173071][T28332] FAULT_INJECTION: forcing a failure. [ 966.173071][T28332] name failslab, interval 1, probability 0, space 0, times 0 [ 966.203701][T28332] CPU: 0 PID: 28332 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 966.211705][T28332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 966.211710][T28332] Call Trace: [ 966.211729][T28332] dump_stack+0x1d8/0x2f8 [ 966.211741][T28332] should_fail+0x555/0x770 [ 966.211754][T28332] __should_failslab+0x11a/0x160 [ 966.211764][T28332] ? btrfs_mount+0x83/0x18f0 [ 966.211774][T28332] should_failslab+0x9/0x20 [ 966.211783][T28332] __kmalloc_track_caller+0x79/0x340 [ 966.211792][T28332] ? tomoyo_mount_permission+0x8d8/0xa30 [ 966.211804][T28332] kstrdup+0x34/0x70 [ 966.211818][T28332] btrfs_mount+0x83/0x18f0 [ 966.211835][T28332] ? legacy_parse_param+0x37b/0x880 15:10:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000006f80)={'bond_slave_1\x00', 0x4}) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) sendmmsg$sock(r0, &(0x7f0000006e00)=[{{&(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff}, 0x80, &(0x7f00000006c0)=[{&(0x7f00000000c0)="1737d3ad93714cc0726ef37423430650fc57ee46294be604bce71f5ce3873526ce409ebb5f2d38f2f875f2e67fa303efbaf9755506d6e367d878e0ccb69e5c2550cc91c6da0a5b636ffc23c411aad5bc1e4497eb261bb5c95aca3a0a5ac0ef96ffa8ac0aea70340d117ae93cc7dd4e5291625a3be6b3de880339642d97acef546f36d76bfd7ae5a5fd829016fce038da3de0f2d129fa", 0x96}, {&(0x7f0000000180)="d4c8fb175f21941a7c91df74854265b62c712eb883d6a5ef355f3593cd14ba7b651dca5ea59ee5cb45c87411a0", 0x2d}, {&(0x7f00000001c0)="5c324362f9a5f48a57c7cf6956f5806ea9467ce998e9fd084f88ce0280265e9d32b7d3f55a1453738c039e95e248fd7eb4f19af94db92bc84dba528a10f926b4a8d5b6addf06f2533e92", 0x4a}, {&(0x7f0000000240)="8a43327eea20aad3b8b1e0f693b316c9e26f6c1691a7e1d4383f0e8cf12d2645557d78859bd14ea6d76edafcfa47", 0x2e}, {&(0x7f0000000340)="b94309d863b1b027f443f6b172f26170ee2f117e560b0f5964c8bc7e6aeaa3f0addb212c0205dd363dfb820bdbfd1d1ef7b24b470b8f79777c8a8ff0f253b360368de8e88e7b7f17e20fe8919d3f39d96cbaed96dc", 0x55}, {&(0x7f00000003c0)="b2eb96a77e174d40dc37dd12ac3b75d17b00da0afad4e586f39042d3961d771114f590179426770f5941497013ab3ed624367c25257ce9d2150d7bd4dc8f1dd47272d67edfb438c172b46d77318bbab0988933c3d2a50463ec03020c639063f4eef7338c02d6483fa3b605cd6bceb081bba1df5755d08258526a7cfdd58f9ae913a70a8d2421245a92534c498f37e78628510468bc9c9d9a70360771fefa0417f35828a3df189047b4692e5b4271cef1ac67103ad9e61774f5b5c9f427a133473f2b17a445e33f21e25d2285a19a116055bbb7", 0xd3}, {&(0x7f00000004c0)="d0a8ad95fb7d0f8a3b04057e9a3d6a09350f166ca432c7af92683275ffe5f6c9371a38af6eb59e2cd8a468afa1af6ba89b9c4869deb1a8876175f1f78281ce99cc169ba771e86d6c2a0cd024ace4f46a08f2986d797e9b736ccaa2774fccfe4805001292a67608c09b93465b0ee723a0618ecf989d92d0bcc8f8125265a7a8d9b4d9ee467c698e91ac4fcb141a133758e76a1a187531c5e76609e324566820d0ea02ba08d3d02c116d964c016a5369f51c07a2af9dbf", 0xb6}, {&(0x7f0000000580)="8e736b6fd9f67a17a4c93c99c9322820e48e78dad26a3dc3fc38a2eddb67590e578b805bc638c1608ec5685bc8558f2bf9b9f92163", 0x35}, {&(0x7f00000005c0)="3e299e8a80a207a7269a7ebdeae3746e82546148422f7552c3404c4f6a1972994014c427a25fe4c27b12916fc764b05eb3889c0875806e8600432e7047d2321ef05d4287d1664e54cce85f6113a1cc188acc5ae735bcb8e0c53eae76ed6c718a7af2bcd374ed4aa36807522f87e2128900a4e4b5840d14ebe85532674220b1a83b8dfb7a34f287d87ea32eecab275c7acd49bd2f7a1d8a8f7be4a9fae3bff51a9111cc5829a40462284fa61e15e71ddfdafa5cec0c4e3df87bff743beb8f97df44440479e77c6be792ccc9268fcf52c831141d83794f7da4a70149ea4e8e2f3c", 0xe0}], 0x9, &(0x7f0000000780)=[@mark={{0x14, 0x1, 0x24, 0x80000000}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0x30}}, {{&(0x7f00000007c0)=@l2={0x1f, 0x5, {0x5b55, 0x6, 0x1, 0x5}, 0x6, 0x8}, 0x80, &(0x7f0000003ac0)=[{&(0x7f0000000840)="d5a0aad77917fb7a1445b50b06b70c09761b35269d63fcb6d33b344fe0f5f7121db7f84be74f5f33685369492eeaa714a62736af73999594f8ff03a6f6e0eefbe7eee089cfce183681f5b11ea33d1a3710ed39e3fe294fa8e6a1909a911821a06d49167c33a07d1d5d55175e0b57cbe1ebfbb01861cb2c402d44dd5754c2f9c336286ed7017eff8172662bc97d8b0cb53883b4c596cf10334dfc8b1380f00f774874db8780ba079bf24f413a339498f2d6ea7a82a718ff2deddbb1493030e197cab1b054351775b6fa67f1922742092acfd59f425c013ca5cd88d573055fd9bbc7756c7438d2d43122a5262d2e8783bb0d179b63d8059b5de804ebba6d504fe4e24666fb2f44cc63263c7e025d23ab983d6f6addff9afc8af3ee181f48c9b345ac64f79c7facbb87362f016d114083bc7a797f4ddb1249182d8ab72d320e28d0b331a7d9b61bbf3012b6eae71a6562425c2f3110fe21915983d05fcb903d7e2efc379099c8c1a4623a5669f44aefcbaa3d76be97ebbaa1c04ccd9cea902a48282372cd1667b597149f8f577e246c4cc51d1e5d2b8fe2443d2fe854973b0705fe710cf7a20f393718857c846e2509f0b45cfdf9e99c6ba25ccd5a9161ebdcd025ee501e6d097f96a25cd986d9a6aafe2a54f92ccddec593595ff54ab08741d31af727ff4347be2a8c4bec9dbd90e539d317b481bab2314dd3a65e91b6c50ecbc7bf87ff17cebf9768270e94bb0c3581640166bfb579d3eccdad108a0c3299ac05cef13abfcad8536a4c2f9b8f8ee979b3805cb56267cdaa0a46438d9eee1245c888b13f1753ecfae4b17e01ea757442d1764f91b716a6d68cd41f99f6eee96637e30707ab28fa9ca69e38dc66839d46f54a315d2efcc577789d6fa54ae94101e96135c1a6e74aee0914b517cad4373eee505a2140affd499014a3354e5e136734b4fea72df9a718c532e006f8d5553f15ecabeff6cc5fe21dba1517158647aa5efd737a2d891a8900b1e4b89db9b6bdbb219e697f3836c0c4e63931db9b9f6e3553c3d02d4cde4605c08abec83c93f60b9dabed961357f17788d7ff1dada05c8247f33c0175b9cc3f23e798c54a5d01a2b13a09a630cded8443d858c4ecedcd4c15b2bbf5cdee8ae7359fa3b24f3bc47cdb6d3496c0077d20f322a2a1ef68a44129edd1ee353bffcdb06d70bc2572ce52df2314171dee4ae2e99d386f3ac4582417dc4bc1fbe20afdc95322f6199a81a4a74ee4064625859095b758253036e3f35941cedcdab84dada79edcb78b6cfe7c62e0839db830631b94cbe349d9fd08f11ff734d75b6e2d5c46fe8a50b4c056c464e60fa64e8b019c9592ab973553833b4d7c44b8b771c11c74240a610451f1e7d4bc0a65e72adad6ce4dcf49c701dfe12deeb4d035d04a60533eb85647e8658c53b0ee5f10911b76ed1522f9d041926818954efdd04b6f77f40d4525279e55b98041dcd86d17169999b44984a11a83eff3d0a81326c670495ecab2fe6fea182245428099ba6048eadd80502af32355bba4dab17b55eb93c90d90df3386283bbcf5aaa7831f820fa52b412336caf13a8dd9de3be2d7b45771f17d5844a4bc285a8ad792c495e8b0b70e535f548fc69f5096e10dafdf9a90d1bf3047e60ea9ea644f0fa435aa85c293f1343dcbc9d034862da2f8d689b214159996b659bd1bcf7e41b0ae4a7e32fb027cdff4793a1bf83acb6b9237a1eb31a0d472f92e357c48ce6daaaa417d2ee95e8b196ef3a3063b521d9662f2b0d534ef8be518a48106ef303b4f2f64cd7f605f04898d1769af1d1a8afbdde70729564e56f40df84e0f577e13078b1a5cb2682a8d0b22cb6dd2fc532cfa6e66f3f718c77e5252023a5fd6a48d5c50e049e78b56838fa54d9edd1f6ce51670cc77016509759b488cbeea2ff3679171c5d347621ca10dae8dd4e3ab83af31ac1d3cebc1328dc4066d93cc93ebc8e3856cb0c5399b4a4942443271093e0c46cc5fb31fd0e556b106af8f54427abecb78ceb65dbb83f362d1364eb3eb145120fdd971a952720062f0623d972214aa42ba15c5d395feb2d105f11e1640e75a8c72aa2d8830c4559ed60d13bcbf9f88b072d85c267bc6572c972a65186fa20f3b8785f9cbdc90fd68d1f960a2829d33a0331b2214f0c8bb6f2ff2a289f80f286f268bd3fbdca75d8eda42d7bf74810199a12c7308c5ece1028c424bd24ba4fb58c0438b1ecfdd4e976d261d5fb9d11037605690cecde7154d9c19031a400393422d85b19447df953be5ed360369731cd376805d9377531e989518cd51524789b58e411043be5729e632d62b299c2bc48c0a1a3552855be7d648a88816bb86bc70f7ab33200e9765fc47b22f4b934f818cdf87c0fb0aad65a6dcf9d2e50fe7557046ceba4a27c814d395585e8a6fe0bef9a31d5c814f7eb42398bb547725fcf3e62591ca1c45867b0a16aaae4770cbbeed500793de3f3f18b5f265d4b30c5681965f5173ecf73bf79e13a6d4507cbfb2b471310abc5ecdc53a339ac99529b03f2c76bdce37298a5f72c8ed0d710839c0d6baa4becefd58865207155dd0f940ed93d04318a4a89a5edb31c1bf94a0b84ea6993e72747d5bf6bc8b102c58b2d6677229102bc5bd59cc2ef11d1ff34a7b52c2a7fb0411f34b6923524f9d541ef46efabb7da9b4e2ce472b90e42824d0664f15d0ebf3796d4c624cb2a0a8287dc82533f2fd114d1a03ae39d883085ebb49e30c504093be7791270b4ae5904fb77965f159578826057f49ae339be401d97779c6351a151c67c8d5c3606a3b0a0e1f126b16e0091eb4dc42bb912c88e863ede07953d55603b78fcfbe4f481bb7867d118b4c032663c396f11e6482ba162eca21f96416af2e70eb9dc9d46259bf64cddfb08de2db5c2e5e30b69d7132ecaad4f2fa423b916335dc5b6463e6034e5963c53281e72dee9352f65c601bd11c7081f05f6c2d69946bffc7f50597da2e37b0f4d62c93094e057ac3c8b5ecb2aff6e6769b8e4c251c8e79c8fb2093a7170372eb794e7af6e0b950da43652a0e11d61f8d10272e866fa0c3d0d46edbb773c8cbbf0f585b09c356bbe3cf72cfff62f98dff858983cbdf3430504a53dc9e48624f8c109202d4da9d0dcd0df981e9f9c2d44ddb71b7eb00792318dfc600ec3749622d0707455dd47491ae08998c93d735d3ab1d864b338e799cb28b631a42436f1f5dd72586f6659b1d8c17717e94af060709f1120dff3111293dce183667c9fe833a68c71e60d6f685bf332133edc9a023c683cde9642adbe282c872f2e857e99eba178b0c57d6eab1e6720e122d74191850163915c56d2eac07e8c234cfde73f1184fb1df1a61d0629eda9cdae756ede9646508364f671ccab5f7627e81db603612ed595c844fa7edeb91e92e04af51c349a51e0c48f3383fa3e258c2fb0751c3b35e5340d32f09ff9e02952d70572c1772594ecbd0861e4d776fe09f28b23961ff2896b5488938015f416773d0e9c4b512330c9613c82606311f5c97d508ee31cf09591b6bcdcec14fa8c3ee25bc9d9877fdf3fbbeca20d6dd60a842b5109f5b069d1a97994e9127d58b0f6c78fe8d522cae18b8446df7c229d6fd01cd4b296cf862489b3304b15ad87069fc384141774a7082dd3bc79ecb48209d5c3dfbe8b28fdc63d60719061d9e13f4fada4c45c9180dede20f0f66ba7036bb2ac9b4f12ba39d19607989031fca6c6a7c4bfda894eb7c65600d8b4d6e2c723df5994c24cd99f248e3937ec64d815368956b2caf53305428ebc0b92b03524e78ec7c5e1216f6cb8d4bfbdc462e9c03fe29df6b894222208cbdd53e2ed0f5a4996f5ca70820ed9eec5719d501e1152d5b924f1e98b0fd8e75bcd2d60201fd7fd40f8bd35caf2e60ad0277cc19014a964a6aa8ab287b41f737e08a0c909f96be847a62ee885ca8d059fcbe158604a65030a8a4af9d9fe18f20e677cd7ee1712967adb4db4d1a63beb0ed93e27bc4cf2357e6fb902076486a1a349bad28c93a9e71563381a36e7f52b5dfb1af584dd3e1ad313472cf94cf1528966481b5b9a9022d373d496ca2a13d93e448ab2df2d1e1b44fdad0bbfa1cb6aa19918ab341ede3a3d2464981e3fcb39bc63604100ca14da52abe3a6feb5067dcad0e6e614915f34651ed54cb6a6bbc6180c1ab6b12756061a6609676632d2fe053b82a884e175f37cd08535da191d300a71ea5a1cdab917e81c64a916d86f5d53cbf36a0b6d978acdd6eb054ab9d57ebf90b79c3ed93e6add9bedc97a6554d6df6f5af0cbce3a3594572fa6fdcda95370b0f940b2fa12becf4d28e06fbb5f69b2983dd62fe7386ef585add119dc877456970b0cfdd23d99c389678905f4d6f55c4b5b9e9ace42cba2deee9c1ef7fa28685016a6f7771fd8d9713d11a1b6b724d74aad28635ae7b236242d3ced531eaadc1e4f6a98b44b86ea636cb9c9850b9f5d8513f6d57c9cee2829b033db45d6552dd1e43e58bb257dfdb1387c0cc537e90d78dd5cf582d3faae326a7ecffc8b43de4c6148cff5d0aed209d321de378599f71902865dc48308b2b5a51c11900469059ddbc4953ba81dc82cbb0e7481ef7340e326c13ce3fe98618cdea172a60cfd968bb8683210a410d17091e038500c642acb3367c153c0bd32a38d1f38d71e29869d23cdea9bfe1cd39b0fc3d91fc66530c4a3e6500d33b9b489cdbaef499a24eb5ff84bf772bce193f77f28e0e2b3d34173f73b1cc5df8e8270bf328bfc0fb71cc91cebb33432e9663d9166503e6b782119192090536f678ef859b2dc2ecc56f0c8930d62c86de24c812e073af6552d1248f63d81bb4ac65228284e5005700a689bacd043d7a21b5dd12bb79851e7799ee8b460c1f2a24ad135db7f6401e095e4287e622a23ada71de56f53bbc14f04aa2667bce35018b422b6a0ad4be200c3de71cbe1b37bdfd8065fb154cddd0aa6022e491fe37365d5422cc4d94e4fbbabd6a124278b51be51345523dd668913c7ce7d71ccf99145093fa6bd5896e41614604571f48f1769db133c0ae3420bd523651935b8af508f7afd58c0e9ece65fd0d71b2ec0b119152bc62932e4835ea6fde0deca03b98efd7ab88efcb9d2b6617363f90036144b30ad2a704a2997d0d2df1677b9d8a9ed69d74095d48f23f991ec291a59dc2ab3122eb4b7e8c97e3b888eef2e9eb2e49b376377ea6237e3b27aabb41d45e41fbf451e4fc9b12e43370acc45b43a37ae869344ea4c7d4abf927a5fd9b58fabe7e1db8bbc0e477d362b26c7d08140d1cd01e5d3db3b224ca6da7c1b12f990f0613ee703178f607a3257816e48f268a15e506a07f1b6838c9a94222887e65c91cb08f163967aa8d19e8638c914b3fe29aa6f4c6c83aec3f3d9e1ccf2142fc631c2ca40171312d89b801c7e0d2d72cbdfb912201c80b8581c835674dac130eddaf4477e47a7a857456bdc6990c40ddc5ba4afa186a8a4daa58a804c3d8999470c245dafdefb5a6f3509df1a8c3ea750d199d5086340a79f8300b60a696c4a35a474a80a3d725069adaefa6ec2b0dcf0b9d95e6cd6b87262c803186063dee76a8635a18ccb5ae713432aa785bc2fbb4862a9ef3dd78f0efc3d2a42ee278552afed7bd17009728ba2cd792b0a9b68e2e6200f47495a8415c1239bf2721790738eb3aa2af42254f9425d330bf78e64193712ababf5492b3fddc07fa261ea09f5c2ac78f06bb7e92d7e2bee821dc1013c472e847d43c2a961ea0cd38f2c1ce18326285d48066a41e2f27fc518e677287beca991eb7e72ddc3b0248d9", 0x1000}, {&(0x7f0000001840)="ef9548f4b88ea267c421d25f98dfc77090a40c14e5a2cb0746c81a58527783041e82567bd6300e5ebdc82313eae580abafb6640ad7966df85b8a306192ff38ac1a09befe8f3b01baf5b8ae18ed5d96f72a202d4f4f422f786333a46940edb45eddf9da1c2fe8a22ffeb56f616aa064142a8fb2415332c354a57a0e5f98c1af9a52fe16cbdda9c5847d938941dfd22049f4f3b59cae5a8b0af570ad6c70b0733a5c2bf00d31175fe126cdf3f6f247151463f26734ed18e6c1cc721260fadb7bbaba9fd56c1f0ba4", 0xc7}, {&(0x7f0000001940)="e10f78a7eb7ae343d61331c4555f456782dbe68e1e77690e82f006ff90fd0f0ef20280a470c9e3264f33a432bd195743fa95a31340970b97c4de878ee96023e3de28c0f0f393ee79aa2dfa590ebecffdeb7ca2bb6845d55ac1bda4fcdb32b2d4e103bbdf09cf44011dfc6f9cf9484afc05c12fba06c3a713d291aed9079f26e543322972d10fd9d7044f2191040d3f7681e3803b09aa0507cf72c634bcaafed88a6130d9f9f43ca3b3251648522d7ca90e17652d78fea99a51f81b502179fb98cbac51408499", 0xc6}, {&(0x7f0000001a40)="b31b64ded0fd75c394a18669e4ed4e3aff1d5132b010904b9d125ddb800a67c986f4fe82e708524d257cf985048b0c56c14db9ce953200a4bcd9559d776f40ca7360fc849440f199863d5a2041a5e11b942a315c7d1a723e148b8f44ada5cb0e77659ca8d1592148b129a11d7702ce60f1e2e6580cae7c162a551cf9812a7cc17f9ddc209d5dffebd94edf9093f019403a33b6d7a195b1bcd39d7ecc7b0a48420991e027715153a119f57dad2201a686f27dd641187772f95750962c8e8172adf0489506e4da282d1c402e3ac1a521ccbcddc3f8c92e11d51ac347ac9a4f121cb514913c03721931dcd9b3de1777931e8a5624a610f59fbcf9fce6d828b50da4288e89497d042cfa5dab8aec9ea2cf5ea7ef1d1ed389ac8eb1f1387d93041b9e8a424cca95e3b5fa8b8ac7bbb879e483f96e972d809d77b4b7c5e10eaf933d4da9f3110e730f41603d7d88f0f075850ba81d26810227ca3279585ea415345a7ec9efb63c51eec8deafc5fecaa0d996d9408ec57dce9f4d183af93fb6806a69034d0ac9a7247fc0dc1105d0d6b320ffe9e18b422d4e643e0f6380395a73d6c72c71ff89151d08188ca261bcf6358a8d39480922dd3680435521be6546904850d92a253af0985b71079c6a902e38254550357f32f529c7b850ee0d33c2283a4f4fc716ec81c8c7198d77d62b8d82f411cfc0b2efc4eed7531cedbbe2832219958f8e274f6cf00dfb61ecb303a9803c889e530196286f62475e24cf7d9ac676a61e7f38f42a5e4a0a8f0eedfbe3839bd38e64befef6c96e6e162a6583bcf75c2d0a9a41c1c4aa2aac8e1ae53ee0b74ae53568fa158a0a0cdbedb17e0121004f8d39270cfbf67f78eb5ed4ffc24291636f5a9b1b21674ce23965f10ca07ed508a31ccd3e11ad8521ed7294347e44418cc02b5007d95fd924247cb567a34746f4eb7349dd10d76e40fec44dbda07bff55f25b57a35b06308f462d1831a66a9c0199049ee4b1f43758c8f57fc3dcdc485ea942bc117d479e15729c5db9641158b5e7c5ee119fd05329b2919fce9dc6b3417a8a837ded8d177a83ed2bf6a2a797ca371a61a1d9611641796d126a690485c89f870d646967e4630652b183df912af2ea78e7e9077a029790649e520a3f3fe74363fc4331be59702025525599963296b789a2f6fa0268e29f4af0de439b348a7ab860bee7d1ba4ae6a58b00be6795c4ee0dc4f243928e370638993c6ba0c4cfae3529442acf802b069c500d7d5647ad01fa9ce8e5b74b01dcc5efb8c859f8b98c9c8a646c924bfcd5a53875422ed87eda691e61164c6f1a8561f93e5793bdcb009391705e13fe3873771dab61b5b059d3bb4a0ddfadf4f86df6f217fc474332dad99364627f93857003efbf795c47b262f64d86b9a2c75ef183a12d8f1832589ec851303eee3491391512d929119d7a6dec890c930a952f06254fe8ecd83124038023837e0fe15a979a2b77b0fa4dd5a2caac475401c3556ba3bd41b118b770431ff719df3142bbe87f71d21532798e370a79e8c4f98573fe97fb7ee31b8b4365773b92bbe9d9bcff8c06d26165b4c91a08dfaf2bd8deb5abd3598eaa3ea31d62420f5a1ab2f5d6952a0817d631166bee2e6d1e6f891a8bbb14894cf001f11b3b66b89adeaf25b918062a7375bfb526c426de4b2816bcf78bf08a7755f978bdb4436434eb21594a0836dffa5f58e34b05289f8d66de8be9964777dfeef3191fb46fd66b742c8f2e5d5e029396d14fe64ea817a411e8a081f804376d04bbe907ddb2fe26e593c7ebdaa7ea4575d60c1dcce8a66107ac2f335686d3b35428668fd5c490e512c399dc5d1f57f55289d9ca29a265d577b668aa50165e0754f959f6185fdb2a8ff21635f1c85c21530acd9e35313197e9325bf44d874d0f99c873f419ba876776dc730960298e9d257be5c25ec61814f4d22a532a11f66fd7e62e5451276d48170f3ce4085d56391fd4318d96492b17d51d4a853b347d1256151959ceeb719fdcc8f93ab00d6a23e22397a8a4dd5db39c4791c40308e46d0ea94a30de25e4c61ce361a39d16f148deebbe67cb7835a7c77a585f82a2734a9b242891802f6cca5ce7099186e755f43535a01b195057bc22bf2d6bf34d17cbed8e8bdb83d80c84365de47626307a799cdc3ac471fc13157354ae4c4dd4e541d833a20db15d58047406e5a2aa7332356904823a4b20d26f9207bb07d25036543d95bbb4a3bc06c7540b3cd8ad3fd6d8649bacbbed65e594cd565108b893f6ec3986636c6686626f861ec3940a606076203642e1e0a3c61a710b0b7a2eaf117a76569fe943814a9724d62cc1ee5689a76924bcd01efd6fc14ada65a787c59f0751d64474ad8e630a4817d93204ad069244cfa4506448d33599623bf7d2ab8b4e3f6e66fc20df70189c760491500adb46d2c3726439bed5109ffa980d76f6a49b87820820a9dbd3505abc51ee8a8bb9497cb28f16bfee4ddc537672c4a6103345f62651db82d2eb366b487846721dc08c8aa3b550026223359af2556f66b0a7d073159aee07d530ff37cc9fb6832dce4599bb7ea73550eabfe200f07bea22522028822436a9218b469b21351865d5e3cc268c7c0a5dbb6018aff58c34dde4adda944ea3896dec8ccb2794422bb0a2d86cc246a42f540ce86a1cb5511a1ade13b49f86c617a67088d9dd0be7699a86a564044f21c98ba856c24e8c807cd84c5edda1c21ad530fa28feb4610f5770e3e6f3121e757aa6de264d3da40c27ba52bc9f5ab8c3bd0aebaf49120c6b9c216049b0c92430c4c339f465eac7c92ea2477ab22d0117c38ca607ec20dbdfa16acd2fc46fb90f9f6ad5f2a96da4418d22079d0f5e950c5e01308d2aa54db122d2103316688dcff5b9df86887dfd0c7c4e568bcf35d5d39375e7284019fc95f28658f985bb317d65673d7df77a902c2258f6786a69c14cffd6a21b47a6ec9177633f178856c89e3e8600deae06c98d29667ca0d15bb16800e26a3f9775946bb264575e49b7ce1315858001ff20d5e08fff95e4b19f6453558dad115d710158fc8d4d137cb921c0113878e01be09912b9b9d0dae2f9bf04c5859270abcd8a642dbcae25c3794d7e073b158ef555066ac8ea66d02079758bdc01094eac6b013817871bc9ddd69d99a460d00621551e87994b33dbbf07680e73460dd1183b1788b8842beee4d6ead236c1fb6852c78583676609d5819bb42dbd2dcde03bc047d7463a289ae2df02e570a6d566268ce14483ce5e5e7284cf8af0d52af823fe828e5d86299d5e92a7390d524af7c73bb2090ce92af38107c45227403b8dd7b3cb7eb6ad1240f41cf8d80ced247f6fbe18b1388797850daea7a3201071364af67f0fff4726082b7410026b6206a0da89cb04d2630c27d25f51bd1bebb68039ccbf8c63bccedb7e6c1e0c89a6776cf45d627d421fe06d3bffdd576a33c3bf7b3c16b1788f9d9d006f76c96180e6aa20a05abf41126989b9121dd7ebf3c7e1b68a97321a6ac3d392661ea5dfe8e9746a62bd1b53f59ad069639cb54015e9a9e42c3c87211ff197df0f2932991c9dcf20a4bb946004e2098fa7f0bf0230eafa1db3d6dcf44b4dfde7a0102ed49b531b1ddfcd6e9199f7c8f59aa3c0ef5b561f7833f77d66e3180f2897b5934d29c98fe2eac8b031a401dbcb5fa96ac6b3593717a31b5373d919ef633a1763bcfc33e4fb7bf558a0be4a229e892856da3d7b4e24bc6f3b8348bbaded9a7e9d5dff97f9b44703fc5d56d2f53e0048a477528a47b9d61fbd8a2a5d92e303dcb6245868adfac9f8e1e55a34394440b91ee32cc1bf13e1efd9e0823668c4039d1bde6a1272c645ca4017f52f6ef8b2d876accbc07d20b40b0d239970b3408725325d6cf5c6018c6a2631b04f7473f7ba73328dfa46e56cbbbaa8a00817898a24aeedb8f5048a7d3ff640f2fad3919f14eeb82b8c489daa09e9500f29a683dd25f8fb18bfdf50231e9ec75b1b6d765c2bec2fdee900861f17e4f5ac63d49e92344821c062777496bb91c999bed81690a528da5bfbe1cafa7380355c92e5b2b531e02cc11cabfe9d2782b97dae9b8a1768d4908add6ea543533c93c9582d01a16e98fdafa3a1da0601f209e1a72e32bd246e7387f7bbf836d6608387f33188e53a55f6c24952826bdf2ca7b51ede9aa75603f75fe64061c648af8ff79a28553d18c60b07ab307d2b922760780743176ca7bd2c4fa15c694554c9873efe5ae209b443d9b36b9b07ebb9de7130c143129144401d13ec2e93c118cee3008bcde192034319aafaefa447e9fdd9880e441666e28ee1b1787141a12eb785dd8ffa420768766f9ed6ace8f86a4afbba99e3b8a0b410ecc2f97569e75539098b2eadd394020bd519535463443a6bda907ccc383b48755d0a6a46a4b11eddb1bb319de73fc33f45772a1b86868fd4851866228ca375331016bc395fd4791bce077a963b9a463c70e4a5fb4e72b1e5d68a924dc8a5625ef453ce1cd5d28467d522f0d0c6e85172983c16daa5c1e707058463be903150000950f961f69dbe5305c1a48118b20a12002a44e1bc571ee96dd91a39b27e94f3038656cfedec6715701c26f5de950a04bdc34956a46d41b21f5a343c5a2bad2c9563fa257127a94409cec3a447ee48699886c1e6f88ba3fe291739d00e9bb0e76fdb690dd09321ca7f0ff1d347b382c0f9f3243eb60be146adb54c87ac1a7e15422f1cf661f4068de46c6dd96addd2117ce289fa02d40e87e95800a1a48e083498cf6038c01efee30be2a706575ce9352d530ff4c3e4a85ecfab8ec23cfc2e7b6bd1bfc8c68f70dfe4afbee9ffb19b704bcff60c5c7e734176e974f1f36786761b5ae52c1a6657a792395e30e0fded831e57cb43b390644d0194fa07606c112bcd931ee1d519421c6497691574c2127cc225fcf7fe1e2078d0b45c2e9980879b9ddd99e9240f93b1b3c6071cda201691a2a72830d6efdf71f7184a58b203037d8cb57f428c7acdc43a138bbc219580a4eedeb67d90515351f927ac5d4b9df23fc97ec623ac413a32f6c3408f0d2761bbee1b0ce73962ba81428653083fef71ae109b508d840bd56885ab102e90615e57c9aeca24e21bd378bea5af7f6baf1df02569101cbc1ba3f1887526e233a8d121df92bf0480aa1cd76b1a27bd6d39ebcbe6a6c55196f29c2e3c5ea6d1caa5729d1a417ea8c130da6c9a7d92768ab4c1883345455ff3b2b77dcca5974885f5725b8f6eae497054d131370f06966b28724b8e889d70f5d16d15083232e14724ab56a2f7afa46864edc734cbbaf5b9e9f622937e5e5ccc7839ee7f4b4a97c8dfbdf78042d9e75cd6f46a3c4514cfc13d7e0be571c3fd035a57b593e8e8114103759bbaa28f24037382d3489dd21cee72958af5e740ad1b4fa459129da9c50f55aff36a0d60827acb2aa80c10fdf20da21a644144ebf9d3a0782a9e687b319d49f42e725af1f4fac6bdf5c3b9e76b5a3e8df3bbc4d33c4b8c5fdc468149f76eb319b677e75009a85f19cc09c145347de48f41fd49a08f98a1759be75ced6f71effae5be0be57c5d773849e388e653ec48bbb4cd3638e09cc7bebed80757fd535cc63e6abd4048340239a1d6cd473cd68e2a0b2befa76f676f37dd14df155df3555da09f9e7d60549d303dc197f56fde769f172862c07533d844d177f3b4baa6555a42f2898bbbda3fb9b0d8f43c3dfe4f55d852656ef34db37d86a39b75f4ccafc09d62b1b5768e67a858498def497d522e422fd984653e4690e76bb2b346de00ef57aff1de", 0x1000}, {&(0x7f0000002a40)="c8750d6ecc424597f14dd003f785910e7ddd6e132cd7132434bc0b6a75c1e8b3116f42e9c12e34a1c780e3f19c7e6fc88bf7094e750900dbe37bd272", 0x3c}, {&(0x7f0000002a80)="9edd5903f3de959461f2e3353d0afd4ae3910f904950535bdf9f7e5d0930d9f25223b8223a642d5ee29e0a810e986a8732e0bef4f3b777b44a9f8462975b1bfc703f7d648887c2ad714deca87bd9fc63d7f3c217fcaf7be4a8b0099eeaf4281a8347a3f73b9c8296df20444665ef1352f0cb6c9b6868bf155013b958a60a81a60d44de4f09693e6e68dd8d8738e97f6e92bd86566f3cc23371aae54701aedf481ee5b595a932e11d3efa4e250021aa48fc7db18b7b6f376d29a8d13ade7decc92c0dc5b225a76c30d52382d60e4eaab7052a48c058069421038e718fa9eb535b8678b92382e2ed14922f192dcf67781b4068a5572afa0231a93d82237316a0f2f29bd495db6b637b9565d863121f5db333f8f0f6acb9eeeb44545df095bf85c8758b9d1f8d3c5ef67544e1c34803047a6b7dc2219e6b027753111165730393304527a377db5e11b6423d5b4935d4a6a75b4c86feae80f575c628c4d3f885825b7da4fc835d312c5f74eaad523e7a8cca901f2f00e5aa0e7291c5df4f2ce14c8b8b39aff582bb5407d004e0f09187a74965cc1de6a607bd9b35a7484ac7801d81a83493539dac13505d7cd5d4ef71164f80fcf994ab0626377ade9aeda360764878393f4881eb4dad0c40d034fb54b1c40efd84b867df4ec18b17150b62c928ea71b5033cfc9605e477dbe1d6fe9d3807d90c1c559977af9cd52f92cbe246f6dfc398b1324774785560ec6c5ba7d855e682d9068648224a636bed14ca4151ea997ba8055fc3eefe85dc912560e81a51944653fab04b654f822a32504b3809ecb78cdac0abe3cca0a33ed3f50302f2735cbb3c30f2ece55eec99be10cd8b9a624584b4507add43145768a95d02def5d065ed8c3446d4b18d0bfef247b682186cdfee494269651209f1109c47eee896697f6b492ea3acf9709fa75567784bac831788e230a66d69b42fe9214fc324c4e4f5746a4b90021891bb00661ac0c9178b999724f335312d9d0657bf25ffdcb6b36614e5d5a7b140009dc1c699773f7cfbbf09ed4d8e22a64eb79f189e4ef4e138bba8f70c7279bec9778e5c23e285dee657ec8ea2c5877a94ee97245592ec8d8ef35d74242da17fe1a1fd32264bd993a281f4488b2c2eb5531f86edc42218ec08efc4c3695e65581001144e20cf4b3c76d70c00767d93397ae1b244601fb3b1252c1f3132eba5e6fe4ae0c1f7681aa3e465f890d10c5d4f61f451712122ece84d953d74abfc33cc2f58abc59af2c163be45f08aacc18233a7034fe0b68fb98692d85cb06ae0d567895c022201baf17cc6aea70fc10a02beafb3dd029e9d4df153df640fe0df2663df7a57aef44848a620619971eea8c22f7705a6adb9593a55e11cb9c624d8df3f9f2ecb360f51e029413fa0c3da57630648d0a2a1b62afee7c6608c26d3f395e042835ee76366cf1262e0ef3b4ba91f8c0f27f3643112539b2d6653e6224dccadb20fcc3111f8f362d5062d9cbda618ef2ceee2ce6621a08b58b07f7900f20c7c77de379cf926ec40d77aa5c70065f56b3c88ddf5241f6c84434fe428550ff443d64f10440f4365aa91e9c5d0637a5f1e3b5e364d1c9e406f89673eff161a2ea8b2cce2663b6374d682c93e43d36eeb31520be9d026820d13f70499eb3bf826d1b5d1359f2bee99a53e1eb21c5b4ead760bc730f72503ad64d982ebd801adef60ab4871edcf2937af36d894b489be223aba4723b4b0d23d180c0deecdb7c35a4f3a76f8ed643c71a735cf65fb2f89eae930b0ca1325f8e849a9ad89ce678751d4a5f0260a1a02d682ff4f43bdcd405d490f2ba4aeaa882ab307d74a3bcc4ec2b0480f8e0e25fb2adf35c48a471b537b6ab309cff231eeafa7c9e9ec03436ee6188dedb47b45a59e9c4a619dcc0723995a3316f6d6eaed0725fc7f71b13a7924bfe2cae401d8aafd52db30de87eedc8a88316e7366d7fcd0f49dee5de9fe05f940bf39905d98f531e3f07eafca2b44cf82c739b9a789534f7dc6468da7a139c6fc33665a0a9f72bf84eb04040f68cf32a0b3671595bfdf9fbed15d4fe5070134abc0eb8827603fa691c9d112bde45ffc5055fcba9310bc128545734d3fb1bc8a5193650dbea77236fc5efd989a8f39f601528a56ae7d1ec3037f917fd0dc05f1734532d2ccce1675aef850bc4ad86945018782f2c4a767f42961635e239cf4a33cc366d999f7f32f4a15a04838e48e7d39b6eebd47675f500bfbee8bae1ffb931b987f40df441118f1e769adc65ba6742fe9308f6ba5448c64fcd68870c09c03dbde92fe5a3cb9ff6a05ebbbbd5b590634e6d62f16132b452bb92f1700d5bb893c98fea0855ecb5fa5fbcb8a1b8f16f5262fa207f77f39808a9370f7b0bd37c14760fed5b2cd769426f76b0d8d0d97a50384115c7e2a0cf603d3cf2d591f5c1208f0c4ac25d8258931a7962db360671f700af638a5c5a1af30f908d029d71307af1c3863f5f68493944e83b620ae9ceedc5d7d363441b4852e00f7e8d492b60babd2882a819d17c3012232aedb1e897bfc3b752af8cf7b7b4e31e328bef8c7caf04af86fc2eedf172a01f517e7e2be2e5d84e71b8a6c350b3b58036efffb3edeb8b0afdc2283d80786db61eaba380ae4c3cc639265d72c5bc19e7138144dac7a191f0f3aaa6d7bc68bb33f9355b01de612068241a8e2676d06414f27870b1d0a4e4374e454113d0a7af04376325450253c4667f0d1730d73288fe7cecd89762f8214e31d4c9c1ed5cbeb313cfed45692f55d57d4c0a0d59b90a6691d4807315687cd69123529285fd134b1571b35aae54376642a8321a919271f05802cb959a7dfa99b54d19bf784a0aea9d2fc6ea795cfe9d6dfed49460159dadc2a585a75992243b788d6a600397032040750a3c556be12e81de9603dd5955e7218b6dc53353be8c49c8a38760d451f44a00d1df5181fed048c807e00645c9e4e35c8a46c10c2c392a5c2fca2316a38f09dfd39f13f3142065e5a4047dc87175b31c6c02a7e2af69f2f607c4cdb54115abc117d93ae029c12d4e21161a527ef126330495459aa79e01c389c12b282a78a880b168957c13d01bb4bb4624906697bf2962ee76cbdbc874634e38bff5b923cae2974fda519b2a44fc2902982d2a273a1fd9bd73170875bb1117aa03fa17c612678a10d653c5efd8026606e5318014bb22cd6bfe77d4117e9884f814f15f2a9201042ae80d781b192d30b1c811710a65a90342feef6cebe89ac63dd6df8c5e86938efff781e33a036b2e39c040c405f5e27adb5cd4782be0ef60eea6e7d2c8c25781dfbc43f32216a622be7a7074df06e782125a5355851fa82041194b3e0556fe46592496e3ffac6e77781d1316121c430b3449c12b96c88fc710448febac536504f3b27ba9f2197ffdcf79a0c373a18b4d84783f8fb0bd4c2c1288ca61d06fa45ee78b1de91956b886da84d0a85158a8449f441077119233f24bce8256753362ba013aa38214eed1e603e4d9dcccb50fbd6ef17c529ed4ebd3e57b5361236c9521a81ea38f3c9049479e7a781f1a3e93296ac5ca9b0425192646be9445c777e067dfbfc2ee531e85d96c2aadefcc077aa86723094ba9efe2ff1e0e76d494ca52ee6c6244c4da37e2a82ff6e1362e23071694587468746d560da426e38be977b94d192f944abac4230a028118d83adb8ded2c5da6eda86f20559af8756b020ecdc20b7f48e0c373e43c8066b6f8f0baeca59ffb58d26c7d06ce7b0f20336697167f50a02affad756e83a479aa770d27b13a485770f7e3cabcf76e93dba51d84736a9f16771fc878b53c225852bf553cf9eb2ff3a75703757672b9e1286fa2313c3758825840dd0736387004300809819f6551e3da1d750af6a6a3b925ef889dccd8f84f1b3d7fdcf5f1ee37fa448756613a7742b64190f02a0a62b6a4e0b79aeffbbed6e99ab6c8e06f4ad7153bf4e0daceee9b9b8b52b66cbe9951e3d1aaaeaeba72c8be33909608e5874b28ae0eb4a40061837aca8ffb4f8cac2a0ea74885bd27fcf82e543086c36ce2e5b6f8370c35153b8103b5b953591b1ef3d0337a4befb8d529c5b1f6d5afe21dbc798fc0bb1200b0fadc34c96e4a12135ff3057f9439ecad21de82e5d7ab409ebbd326394901f1dc351856e09ce64d3a8c4c733954b990e68c4aa30e89ed7b71df08baabf51695c4e26bfc2f709906557d9658165373531fc6e7a6f361ecfe9fcd074a7bf54c708129bdff195cce468cffefdc5b7e969327dd8ddc26e508b620548ca99113db514137cedbfabc09188ab8a9cab42bb558b5852bdf984986f49f435f06496fdf7f4fdf4dfb3ceabb2c2ddd2d8a6f67aaebf9821da06a34ac60a3633eb086aa6c0dbbef1b4d187c69fe60eabc4c0aa3e64c2f1502b76ac932de07143918d5ebbf17fdb793228959ad0a2b873b7e70177414d4fe6f66d44f3cc545bcd39c4ae4e456dbde757fa1d9c4cde094811e5a13a97e7305bfa66cbc066a090486113886aade35219a42e03bd55f677247bcade2861b11708fd31b0396e8de4364874eb741d5ee9d69f3123eef8873f74a1ac969c712051dd33f6003bd296d0c668712f2f9134e689944240a3067fdb0006dd19274ad10ac296b6477e062c02766ed041ca8deeaa8c57196e3ec6749fbf9aa2e148e7a67b8479744bff82b70ed77ff07be16e54c6cec2f551ebc30e5b7a3014785973801a8102af273232b205dd5371c0edcfccfd3af82bb50eb4029c952c74e4383545cd72c9b2a0e7e58265b2f33a27bde5d9ee56693b784d3a584bbf4f0b3c5d76dfed75249eb69b8f7e130b3306f5ae652a06089c21d30fdd627398e7e4ae9af571f9a120605bacf5c0919329fc2fe241b01edd03f91ac48a29417abdea6f5be97d66375dac9b3a8c8352e7a7ec8e307b19c25263926642ea5dcae76eec32e70170fa45f50d8b210fd44fd771ad5db6a880cd142ac9daa25d0796011e61b4cdf96351cfb7f1bcf4adf23d0d639b6d38450d238f309f84ac51aff0c9aa041bdad9f5b354bd40b845f6e4652b6959f44aa436cd3a47717edb64d9907458e527b0126ac2413df91420d4c0dfd022f0683f61861bf972977b0c9a02b003a30b5a291f4ca5dafc677b4070ba4a672e3db29a4c48c2ba317472316f910c025d36f67d493e2cac4feed3e7962f8e3b24e508345173d4cc28f34a685e6c51ecb12980a36dfe4be10f406b9a1914955ea1528a6f75b463ae72a827fa92036b5654d43a94a533004953b08d48a5fc6dd2081ba560dac5f69860f2466bdc44f70acfa964cf7dcb00b8bfa7863297462a04ab1c3a7854bf58514013a9d700191c60bd12e7f59dd8dcc87af6894143ed50f714a6cb61b14c7cf6fdbbaf11ea2517b9d742c3ceea5c1520c1e0d8f23936e6393d96793939c3cc5285e02eb1cd355806d700f6656af513003147ac507234a0f8e58814b8e5f9f457837d9d1ba0afc0e6ad3b17b2106c48b1afba1682389d791fd4e5d5e817cad9fdf46aa641b5107ae40a0f859a41c8cc3c2f7c74f5e97d688bf2d81764d1100cefa1a0d997f6f2a9bf4f9c3f7cb56bf5d67c50267d1b644aa45e721650706b39440cc44e209cb6a9c1d2868ac0b542272c60138f0d7cf7b65f917c911f6d93896a84cbfdc7a1f0bcbcdd45791b40c73a1b37168ed5e9f0502a10c457caf984d49dda92b763940ade12e85ab630e94e6179b29bbf9f9892ad465cecf528a5bcb6dfc195ba146a84670ee28301b5de1783daa398f63b953d0cbea565723fe8acae79b32823c24f031d5426707d", 0x1000}, {&(0x7f0000003a80)="09c25f11023e851c0dc9b334b79ee638093ec90bea09580935be5999550e1c36c8ac4940714a0eddbd24811a735cc034fc795133", 0x34}], 0x7, &(0x7f0000003b40)=[@mark={{0x14, 0x1, 0x24, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x200}}, @timestamping={{0x14, 0x1, 0x25, 0xfffffffffffffff7}}], 0x48}}, {{&(0x7f0000003bc0)=@ipx={0x4, 0x6, 0x3, "79f2c1701a89", 0x2}, 0x80, &(0x7f0000004100)=[{&(0x7f0000003c40)="57d5c2cbafb8dba103d064676ef75cc180cb68eeafb99b369d154535ab8805bfdbe71dd8ff8420d70877fd58a1d345fe9f88fa149687f9db5d9a40d95958b394f7302ce0a2e679cb8f1494630f817fed423add02539167c5c94465e3dd462dd1772a68806573ca2ce54dfcd321da9551a304e9021a96809a5ba60609904edd6010d757702a87e4db7bd5b0e4ccea04d3808d47db680a34f00be9656e213a5bba087a07c97160e8d23a038549d509", 0xae}, {&(0x7f0000003d00)="a27ccadc9b295577c3008334534d2df6a9004a6425fb075a992dc667f8525c6f2596956645e95db9d655be5a29269f9e1862a4ba9d2af972aa1da5776c5e7dd27e2112e43564c51fe40f345c59fecb0d6f71d74985d36e23", 0x58}, {&(0x7f0000003d80)="c786d1615e17bb6f07c66bec0d4c821421847a945ef9eb3cd485a1b300761239a052c9bbcf55cb28e8851f619fd5b42cd515c92e7c0814ededaeeccbec6a89e27932efa987a0ef7c7de2632e3785ea10b436ff9a518ddf3c746ae1d730028972a82b67c98721ec3b06ef337f6f0c7a5de7b1e8124959637a7eacb6ee2ee5118bd48d167f50cc9434b5a3a324a3b6f1e7fa5bbfeec4d0b758a0bfd42d74df864000d89df0c4e78df0242891d2209b7d38e494a9819505e9d9b6d1c4cf112da2c219ee67b7b25eb8e2cd66dbda1ede73d05f5e33e89a7c", 0xd6}, {&(0x7f0000003e80)="d985d20a684f08e67dec75a3bc6d88153717d52e7b6c7db67aabe499df47d5479bd34bfe2922d940466257d4422ecb719f94efa5ec6f351639d0df3e1b3b3d8a7a232b210ac5d34788edacbec41d0f2d95347f7e1f0d50e650eeefd60a380a2643afef70a3e961da2eed98a86ec9850776d8bb603eb472983be1467f496c9f34588366ff9cec580810f87f66b97b8ff50fa07fed763835faaeea42b0a5faecc027c73bf76c651c312cb0879b446ef902788814886fbe6ae387220daf7dac371b2f6f3238371a00697a480228a1d20aea07859e72dac363862ea9151b2d68f263ee5477201c6f9e127ae64c867f070370376c207518363211f74f", 0xfa}, {&(0x7f0000003f80)="cfe26ab14256b0cfc2", 0x9}, {&(0x7f0000003fc0)="31b475e1574b462fc990bb6fd670434138f5f0ab85dee9fd0951d8b3c54287a07d038716a9237170f04b0efead572c8d735901d58c92f16ca6ee89d3b3d72e69964004d4b0a28274d7dd0176c81ffd6d288bc52069d7ac578ea72a9cc584bc45cdc06d", 0x63}, {&(0x7f0000004040)="3f8b08cfd47fd745bad8f9fa081946120bdae5fc7f4c147cf96a9c3f5e", 0x1d}, {&(0x7f0000004080)="65a04591b282b00edd82a5567851f6501496c3a1f500b0d887c469ba977ccde371df886710ab983a31fa5b2c8fb0315ba7ee43747f1251389dd331a9ae9ff929197e5ea6b72348ce3769149a8f08dd4674cbdfb5a0fb4c6b8fedf7313707686ee2966dc3839a7a5650fb8d30a6e9f986b02626", 0x73}], 0x8}}, {{&(0x7f0000004180)=@generic={0x1, "233d85860dd6e50ca1b6bd9c7a52f5842c3af80b1b5d3e7042afd749e032fddc7d9caa067bd02aed55eca9d73122130870ef60f535400278b1c1c646934426b7b9b85af9cc47c5cdfda31236625130bce811ab7c0746e145517faf9de9e3cb4732a97e0fc42cbd23971a7bff672a67a0b5cd64b813d606f8f758188b1d30"}, 0x80, &(0x7f0000005680)=[{&(0x7f0000004200)="b29fca8be9ee822bb5c949db5b9a7844ee89cc669b7856f897cb2f631b966123e5491641c10250962976b340c5d087f42620cff80afa0c73681f92039b593538d280a9a3b33385e9737e19b0f31b3e2e829ce55d42a47c50df2fe87b530b97d356154bcc2bd83046197a2fa8d732f32995a9d26430e9b6ab830082287415e3fbfe383baf0ac3f18792e336261df05a59b4f5400e1d27a22037e57d7a97563724ff90b9cf1833a53505f3f64d2a4570ff995af2f1475cf4", 0xb7}, {&(0x7f00000042c0)="7ea89210745f976155b51aafe4d2bd950ad32f869b220c3b23f794903e5e766716c711143457da469802511bc2c2f1d5ded477cd10937b19150570e8d9a21c7d6bb17d49d83ed5a85ee405a54e84a5ff7731a2cac9d624588e545e9cc6b0944c094eb00b3cfab9c566cddd64975366bf56f484846e0d7b74f140de86870ddcf7362138e2edc77f2fefa378e140c74c621a9a1de26c4112b77d28f0c7b07e5310be77ebad8fa4cec82d97dff3b35ad3848661cd4a5cac6a19b640ccdbb1b8", 0xbe}, {&(0x7f0000004380)="c625a41665081e10e310c923e8a5df2d11d9a5708bea42acbac15bfb8e5ac38ce4c5171a73d7129cf83265f5d9894c7f0d83759dac", 0x35}, {&(0x7f00000043c0)="5acb649f3523fd252e5493b35396071e768cc1b244fab2ee25928c972486befd5a3cbdbaa5fa34354ef76d0c212fe32130994b4ddad8c85d9af34c0c3f733784084400f30ca3", 0x46}, {&(0x7f0000004440)="521378170e4c43035b5c92b1d33e9074226caace7415abd796c66b9418ea252eea5b25c2a36b1d5b5102aefc12e67cc636c1b7b90200a7ac1f5c13343d498a9e262e027dd1a83114d8f9028675065ed7d70547a5da5536e89bd0facbe57c2f58d103991ee0dd43661773f266489deb191264f17d2d9a2ec91036eb4a2502e8a1f82e6d41f5805b78431d72da2ebfc3fa97ad993c85d7171add1c3c8c0838e2c86b0fdd420c93e660ee47456e0d7474800003459c10bd70de9caeb6d40872c8d3181a48f3c13baa7233fcabb8b053a5fc6048bc49fc696c4e5f436d36447cdb623a7588955dc16d071e2d454c88305a533e51c6c0176ff23e573b6c85bf5643f5f12b710bd02d079c3cea36f8ff9a70fc00c2131171013d8b5f4f5cb76f51e6238597cc412fc9cbc5867a99292a23be55b5857d32fdc763b2ec8f60256428ad8eda6a1991ff9a02f8c7e11f040a1c1e026c37c17e97e7ada2fdb19b1e04e0b8dc20af441c4e393a3b8dea559fcb5cadd2239adabd766f31a202dd2387b252eb9b254e5eaa4394680c2da789520a7bf66c26663ce9b5e7c139fecb2a4fd165e0fbdd8474186c757b8ffc1ee388ef22d300aad750f0fa89bcd6279ec5997fcbec5f2d8fa714643e554fd2500889588fd3951d74c6b30c787c774ee5b4b63be51acba176adc5670d4c7c17832b1315718eb408aa0172d80a7c2f6319bb9f1014151f6a58c59ed3b36824a44c15f5d23f63c66b8ed762ea1687d301db2059f525c8c590b415a9189077c94d129456695d7678b01cbb52002d240783401f945d5f71b5c2c2a7ad151ef8fcfd3a6939edc1c3a1dae6aa8cc983a347f8bbedc227dcd87015e44ed0cbdbea08ff90626f5c9555db49ca7db832f910d002f97f6e8af18b982d485c7d2994cb83a4b1da366d2e18215ddc0861aaea41886840dcc79c951a1d9a28e30e91e6fc993301519f56303cb701242a4f6ea25e1760f7e9c9041e7aa40344f531ce3defd34a1a040d376ae4fec31f0dd5af93076585be9b2d8b4130ccc48bb6bc3368f1bf94c0bfe275ffdfb1783ab3339d7e282a985410334bf83af9c3e6ed0d06be6a6a76a988c81384951623b0f5d65b439205d25a211e689a127ce0b481999d9588bbcfad94d0ac9b21290e4dfd121384dfd70dba48d9d245c0b1ee38b219146d344234c88da8c5b7b3b0078982bf1d075d4f3869c0298f30b7b4cc4cf27ab9d120df322eb3ed5c98d9d83228f5c0d109664a585b48d1c143b8da72150cad82fdbf964b9b22a9914947411eab7a5a458d46b71205d63e5f1abcf28c766d07fcade2096a8744e6e3ba9786555ca77af53f89f94bce1f56800f0c5c6745417988a8ddeb01b696b525b2f19e3edd026ca000dff2b16da2b65f2206094c22c9506a189f340d0f10a5a982ad563200746ca3f5a1ef8abe10914756fabc35ec5320a9190d25487cdcff561ef8e5d014d6e796c29592083b430794ffe4c2a5cac55a14b0936455dbe47aad3c302ff1a7678e121a0cd6a08363d0b6c766c3a0bb1264205f00f65a38cd5e4a61f9c85bf0ab8a23909c985cf0689dbcdad61d09cd285572852b029c4d5f9269f3f72242a4aedd9041a422bb5388a912255e698d48d20d5049d3b35cecb1b12f38bc69f62e680cdba60442d66b2f7f0903fe0903c6598f793d8a44f17c3fc40022bc97d93602378b9ff5dac4574a6cc3bb2aac6aa32c7255e047888aad3e7cebd5ea5527e5fe73739879dfe4812421a7b04b1fe69b5b2b006b8384a38ca40fe5774463e55584743aaba00875e9d6ac3bc3a0487f160e05539f8ed5f0dc5e66c2830efbe1603cc1c207306e1c3245e11ed1c3fb2ac645a5258696dfac0d487a7278fda7e1b3a074ed1b161922f10870bbdd08f4baa7639bf603d9a1976066d9cf9578defe54efb0e2498a984a6b6c1956855abdae48fdb1498dfa1241e5b97b2152f0facefea38398048afd5cbe6cc82d7b6fd8d7c43d4b7219fd73cf4f233544344e6cb68a5be5922f20e06da5c583f6efe9aba2a9477c7a0fe9390b6313f437bcb3069386857696d68dc2aeb1a6cef4b8d688e3ccb0bc08ac7f27097745a6049c945dd56063fe7cbc2aa0e3d27fffbfa4b05c6b34938171322fc47b072ab56aeef269cb61f5a0b9472295897aca032aa16ad1d9535c80221cb40a8fbad0ba66d24af5a527900444dc99d9a31032df76cee0754122d9c46aa0f33224b3e86a940f6f01d92c32e5a50578484d4ec3a89d78824acaab030b8c8d5023283297b2f269343af42f13079098f36460a8f2ad2fc952adcb517499c9f06ed315276ac2374e6b2bd185309473de1f024e85ec4d7b061496c59358b7342c69e0d9403819045dab607f3e5250657ff09ef7331fd9fcaaf8ee28c9ef7b4592267b183b0310e4f0b8449b4d346a0c16a8452a7301d0cf0ed9bdd4bbdbf7fcc2d829100e440fc2ecda182d91a941fdacce3a7a922158cb630521a5a86eb4484f6f878c9484ae377c0da68bd3416e2775750630ab8733b869f8f52f24f06ede438c1412c83eca25e6384407dc8ae71f17f77862da269375907fb599d19ae6e48c642387e18c1db56024085b40964c5de380d8b348d48f1bdf2f569c34583250288a1bd4f15ea820e1dc689f4e1f3db62d95c50dffdfd27693b2b450033466a61f6de441be0fb4313dc5330d071236a0fa5e8b055a098894fb4a95f1162a551a0abecc0f97ff5fc679adf549650746d34a458cd1e1b0f3f70c516607e3d949533f2088fe5d0cef6f7589f6431779d1c5d02b71e685545a963fad668d99fe7df80629ea2be3ef2322c008a7bb773f74fc86c035e77cd6718b31c4b2dd6bdd1b5bfb1f9e8a9ec8658c1acfbcac018e00e4682fdd2d52187a9e2028af50d24fbb7e11af816a439fbef06c708b7bb59b87446b063bc5b8973383fc6f1c10b89992939f3f00f0a7802b3009ed5516fcd016a30f2d47f507e14cc165bd8f3ceec1077e8da8fbdfdefe3f7e0d49fab791d5117a72be13969ef5884a8ab2b6bbfcce425a6b372580ddb945a4c08957dbe10779423ff911f4749e858312b30756e6cc7cd6932c823feec59d9803fc24c223fbd05b92520c1bd33f9cd748c478a04d7194d3246e6dbf6894a35d2b4646951bea6ae146a48030f10b3bb8c1225447b7b043c233a3409951478ca9016a7fecbe2d725c1809776f18306b293656cd3b142f73a0666799762096dacf379144f02fbb429a4b9917d1aa78c5108409f7869b7dd4920ae448183162fd6b5665c3fd843d5bd22657d9f56b136fccca29444657ac97491d9516490ac85a1f5d159cadb9fa973e62daba9311ff4c8e352b93fd84b118651297b9dc7ab618c9cf0b48637d5de97df493d8a66612b6a87603791ea700b3540686d0dcd4691a6f83cfba9245e3ee5951e499ffa6712fd62376222975c8ec06a66380f3819153e5a71a0e47ec332960576ce0cb147ee07dc75999581a564cf8e5ae26fd797c5f7eb4b064c7c08b28c169ea7b6d9e3b0a370fe09749ca8190894e2ae53f3fa53c787ef5305c5aee513d21bfa99aa2d9dc87f4975c951713477c1ae4190e6f77f7e5d72ca033425b02bee5f2387a27148de7219d9927ca780f82bbd49874dd99e73a9a7b4c0fff6d42a4be7ccacd6d8bf93c18bdf35dfb013562fc1182bce48e352fd472e5bb85cba91e09537d93207c538be30ff2088ad455925e0064585b778c665ef2d7948c85958194f0c40cf4f55438f17f5c1bb239dcfa2c75fd1b4624022318027e2eba2f441f5b414c897407ec17de9fdf732bd8778d9952d54180d2a138c4798c1ef98c6bfc33ee5988d4cd53b8a33756fd09f3b1b609524bbfc953fceec6c2102b2e2cd0bfb7f944c5f302c7ea316a6b609602e593f88f6a5927e4dfcbc066bc785143c4d082601f59ddc4284f2c864b1728d7c4e569a3fe975f3f72df8418598091e76fdace2700ed4e0b4f3fa94fcceea4d62f262c53b2a10ecb71b92e6733b411345a56263b04897f1852a95defc303c0422f7647fe151b15fa34faa798a9b18a6e5d4d6b73809aed50b86c86a2adf9ebf96c0f85a2c99d29fb4b8a1d270022c3cd6fa12b75d10fd1218811705578721260179f65dd09f56ff160ab9eb57ce0580e0c0351066a692fb6f1cd4c5c49d6da517962b4718b5751ce264a2c7b4d986dc217d96753e5e741cd61d763577610d012f17e93edcad33eec9723c4eb9ad45bf270a64ae1f9b1d180fc73f13fe1b82be281d74587d6192e0e714ab9ecfcb144845c3778928f11ca56ba0341e28f32403d4a6b330353a0eb31aad0693ace374a52381c514a6f121540bc39391d7174d6dee05489f5257969ae8a03f00d178d79cc979811a7c150dc19028099c5b1fd36a2bda8810c7b442fbc91d19f8d4b1ef111805035f099b7f5f1812992042dc0c5d2eb78328582ef11e5358f9827d5ef55eeb85202be1df1b1b6e26c28b64fca9ad3502a75c3eaaea8b95b228cbc6478e05404d61c30aa7681682e7968911278e18d700814d4c34ff765e5c63f3118cfa1846f82b53204abd3a55a0a5a1e84d86dc35575d9ccab415ece34bfc93bec03956593866e57f9bec8932588a220064d0e37ed9d1b47fd40d6d4a31476706d9be87001dc1992104a201b2550ea985f288abb12f5894ed30fe36c8e7e7ccd0189beac397d598c8b276e3fe94d08c038d72bfc08416e9c093966122e82fb4a499fa1a79d974dceba187c3198bc6d5c6ead905e6090287b01e834bce4c2e6553e0241fa724009a0655908570cbd57eaa573f6b6f6e9f43488f9f767d10541ec84bfa834adba9f3272d0fb6024dfdf65157ac68414e4a6b45f2cbc226f10d45b6a60fff42977667a4c6ac7fb62b81150c025ba0fca4cd4314cc070b663d61111429de63fdbdc7c956eb1a0b0d16c68ec2b04c80e93f4257fcf2ea61f2f77325b4048a6dd6580ebabdb7c62e6dfa41541aefe63ad05f963774d68b0283ec33d1e005f5c1a3a3fa386b02df6c7a1f071bf4648ec61d3b64ea4e96219476551cc3831cdeba19579486f3515dd4544f2d6f3ded19baf2acd6a2360ca130562ae39a29593ca9ca25323684edbba628520c2dc027482227ee31f24e7e826ee7b52a86a0db231ed95d922b78ccc3eefbf25a576887f3f8b65a6435c41518ab32875f82522f0c62ed2483464479d39b3a10b23b3615a9d888836afc4acdc7f866415ecf6f38e465d1d258c67053c45bfa309d68559a003bd9daa83e2be7b2758cc02465c6eb1363a60003d6de942b2f2dff5da3fd20770d1b80e62fe848096d53f69933edb80f2806095b3437081e4898c572d8226db1bf607db43d5598435be096c607ab98e536783212a0eeeced1dfa2a7555097e2edcd224e1366d5a892dc8ee1218a8ee8cc5ce388e85350bc077452c07050109f9040176f46f4b194e311040d2dc2f674362f36982564e2285e398e04ce40f0a3cab839be9a20a925b05e76fb902f78ebe584ff9775306e08044b3e66eb0892986e43e31f27f6c77038cd6d3cf3a6ff462b7908be33cf83af907400303630fd4dedce7041e53e9dadaf68369d556c5302013b20d60569dd290d1842d1715ba383eda7ed45a18e4f3af82a82895f14889b9a75fda74ae93cc7d3331624ececd064682d245534c567e0a983f821e25fff7a3b1d8c5841d4cf80e1bbb41fcfa8b8a1040665074a126f2da4549a60b398e225d0446d6e559040217f98761abc209f749e1eb3585276ce5f8534b6b3b897ed7d22c8a99fe3821775596348f6cd4c8e", 0x1000}, {&(0x7f0000005440)="500908b881f7dc37eb851bb198b67cf6c1031a2171147bc3b51a4fdbc159213b289a1072cc93519dfdcc23cf9f4cbe04f8dd444b4e9fed524ee8bbd678644cb83b4d3c5f92884f699d0a9e1dd57e3903bd2c8f5c0ba4b57cbf4430d1779af555", 0x60}, {&(0x7f00000054c0)="939a97b5f2223ad3cbc3c8ea902193a9331a580f3589f87a58e1d524801e3ffaec520317896aeb3c7e0ed571838010fd2d5a8e29b84f2700e793c826001b41038b3ac67afca80e4a0fdc96923b7559b97c63a0934b8e1bd443b99d03c4543b1dedb14e0645d0a115c236feff212cf26e4f4fb5ec475e70e60c39e6e36eeef151130c67794c9abd772ad2d5affe1ef0c63bb88051642a90f38b9f5d4fdbd70c9d6802ae4b98cddc34a9cc80d857f6034c79396680688e1907418cb3ac83d104d974a6a7d2842f1694096a14c1a55d52a8ff419e72f344521cbab28c19e1530b431af4", 0xe2}, {&(0x7f00000055c0)="336f734abf45c02f4124a08c1c9afca22a0e5baebc66bf5173032040f0efb6ba8aed062745aec92cee6bd7c5bcf8d143f7f17ac46f8e80234ebcb45259cab686311928f243c7592418937069f4564f55ef56f3cf177c1954a2a706c49e925b97f543cdff2ebe412fbe4f11873bcb3b7b2cde3e475dca65027c5a97", 0x7b}, {&(0x7f0000005640)="09c9e8e3882745bbd8249b59a5fa16be6649", 0x12}], 0x9, &(0x7f0000005740)=[@timestamping={{0x14, 0x1, 0x25, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0x27}}, @timestamping={{0x14, 0x1, 0x25, 0x80}}, @mark={{0x14, 0x1, 0x24, 0x3f}}, @mark={{0x14, 0x1, 0x24, 0xcc64}}, @mark={{0x14}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}], 0xd8}}, {{&(0x7f0000005840)=@ipx={0x4, 0x1, 0xa7c, "bca6ddbb1ac8", 0x3f}, 0x80, &(0x7f0000005a00)=[{&(0x7f00000058c0)="952540499eeb36337d083275feb0c9775ec6d328a7fde90a38", 0x19}, {&(0x7f0000005900)="80368e5b904d44c57100bc01a1b5a511394adc2183f8d1e82745bff364385c80548e2592546bb26bd4dac9c88067e9f1c6ffdea4580d96ce101bc019102d937800930802f2461d046fecf0a1568f7f957154f302f244c0ed608e73c84d5080d68032041269530f1bdb25144599231488a3a1e2ab1ff0be5eb500aa0210475a8796268eb1af394892c2623c6afc6a3cf6639646f7fe2e48d13453c00b8eb7a726fd64fbda4cb2003095d1a61836ced4772218c5155455db429eba9786de2276792d0dcf", 0xc3}], 0x2, &(0x7f0000005a40)=[@mark={{0x14, 0x1, 0x24, 0xfffffffffffffffe}}, @mark={{0x14, 0x1, 0x24, 0x806}}, @mark={{0x14, 0x1, 0x24, 0x80000001}}], 0x48}}, {{0x0, 0x0, &(0x7f0000006cc0)=[{&(0x7f0000005ac0)="cc8f657293251a8baf4fead04acce60b433aa1800f72db06151609092d065166c5ec81f8b02bfeb99a89896888b02ccf", 0x30}, {&(0x7f0000005b00)="0adce612a1a6aa8982790d9b1586c3168804605f012e864ca711bc2d852d02cb3a27f0e18168e333dd420d46446efe2042cb01db202cd573a62a0ee68444aefce36fc15073e236afe617bfc1b911e10f9cefe6eafbbb3c2f2e0ca1f3d9a172f4011f0e9a09e24c5af3625003f47a669ea4f034b64f30c41991916ba9444a79e87c65bf79aceb547f31568e548ad3003b4e", 0x91}, {&(0x7f0000005bc0)="272722d787a70b4ace03299a6da749f57363d0d4d778fe93c633a000e18fd00821dd02f4504424f3d4c465f92cd8799577ed819565672d", 0x37}, {&(0x7f0000005c00)="4c1c512339407b9f87a4df92375a82b18a18ad5201f6d8101df7bf2c2be120e6d114811a9fe262af5ea5440c015ba41cf207e3fcfab10ba98c8f64e364e444b18b887473dc9eae2693f55a0ab76cdb2c426af4431f29a2b319eea99f2bae541a4698f17a708ecdb89c613b0fb70cf70de65de716f4a8d80a370e48fbee8e1d13a03e4a2735335130e4d8658b28f80b963365076dd70e30baafa1678b8cf681ff33c760b48be274d2aacdc2dd541603d21fbfac3abe44d1104ad54624", 0xbc}, {&(0x7f0000005cc0)="4c4d6c2e996a2e669d8cab0fb0eb00a97dd6f2800f3be4c69bf06f28077e8c7cd21692ee7dc3251a88a869f8eb00a134a9dfbff09fed8508cbdf123caaccbb1a62761532746b3cf8b3577e00a15e91d270b34a4b99f46e943baa155c87b835be7e8cd6caad8297c77e2854c693a34dfae5fb25695d5d3e9dfa353cc7bb852f697435c1b791905f0b5b531c9904b37b364a4347789ead7e6b0de17e404dbee8396a91b5fd195dabd8f19ee938768637f28ebbc6a8635576a4e4c2a58e42611dd1e38fde0d1214ae4262939f96f928beadbca4aa1b3039d6dafcb9665172263e7fcfacbb6a67cdd93db70756b323b8112384ca6dee51960d4b5806870fcf24998501f3618bad15de70a783f000550a8eb0eb4930dcf0eadd119d4c72c2ce72a4118a8c73e266fa36a002ca1e7cc9fb582defc717b2fc17cc0766e29bcc48eff51c9a4883af24553db6cde570a4a7531005944bf27bf1ee17274c3389d48ff6e865d2ab0298ced11c95b61232bd67d18638e818fa7e14a3f6fb985200ccc4266a819ae6ddb53a657e1b9fee8581ecaf59f4ce6d619a3126074d8df1b983c640dd388267946bb2df281ef2b2c11077a7419ac3823f08ff1035bbf5e95d166357a61dc3a33de14846b826028a07b1909d0639c4eb73db07c31f58cff1f783fbde6c6f3845191df7cee8fc6df1137109de026ac139a1fe8991708c56a5b0f5dfd20d2c6a1dbce85edf64c6e8b94297c7dc1ba66b5eda787f55eee9a8b5cceceee427a2502a935711243b0ef575b1feebc77d3a45f094e1ba752af04fa432a909c07d5761b628cc3ddf8c9fb234a578215ef2c83b5af4be6d68274d00a32b95ae13905d5201798be52055b4b3f7423ac08f9f663cc52b11d3b397b886263a3a3bf44e594f7a0677413abd7ea3024aeccd665b146059d67ca3c06e4afbb22b304da8cabc6ae49fd6056d1fbaa50bf15be258124deccdb22e60207363c9080e48c9ac66c0269a4ded8b96d8b4e44aaff0b9b1528c19e90d9a3e86e3b25b3f52c237c0067a6f85a2046b66cf7bacec8afc377714b7b380bdb7ca763af5deec31612ff2186cfc7736bb5c3469612a40dd267b16c59be831c51f3dd48448888d4884f9e5adfe354a6bec8c2e98517c484cc614ad91e446fa45c491e8fe38c75cc7242529464ce7005afcae94b2e2f7a55756621be30121cfa479624b2be4a53a43759cbae3f4bb9de5a1d44cd9ced1f0a3819f3dc37ca683dd6a75c332f30126ba11ac65a12af3afa8920b09539a82a4a3043593213d20662d038f0e4124613fcf93dbc282f65ce409fbd2e0763c2f6c56d2845ead5e075c5f91c51c946bed2ee08152cabee5f9ee6581007cb62a76fbc6751a50e54ed92019619081917007e41674172432ec72f69e47ffbda183a1e1c13f7291b4d5e8d11fd32b72b45c6c6570513c14af971e47eb6f96f3952ca7a0fda908718cdbef3b7f35cb92f05f4b8856417e2134893e25120d66f6fa87d38f3fd922ff1f71e9a82673b0ac86684274cb47a4811cca295f183d9279e56b29dbced1032793088689ffe48d1e200887a89a37296f474e1eddb70259c611139ee8d20b51b7614f52951565f6c33582839ddd9265c7df13a63adbef8eb1d12869b324a5d92aa0e61b8790620736faa33fb54eacc4b2eb83f348336be21badf45806b8f0f1ce8abd5050a27764f92d76df5b0104e514bb006081e844b21ad148633068a110f231faab2500393497353c50b135016a68a934c9e0985b9b4d00357251d0e4da72399346497341076e089c36cc110fe73c4d1eb988a724404a2d59685ec152a94f629b64d1764c900a575e35b5e8c6566e31b2763c280acca446d5a9fa7910f2d0ad4e724bbf51934aa856c725527799297a8ef68bad92d980273254cc7003beb939cf4ae717e3b3cc6fc3575b3cfdc31b938f7fbc445c19f6804b4965cf164dee0b2f7fe3fdf5d7dd0e99a0e66dcbf0feb69799be81a2938f14b2cacf63f23ff7ab250eebfe6cd78de9988531d749ce207788e675843ff6b918f248960cb1c7a8b40c5297c195b60e00532e9c7b55abd5c2465b35f176c33ec7ff6782dda041a89062843eeb5e07e40dd26f1e411406b11d24aa53b70b428832b7e1f4b66b958ba5ca9bf6e32769dd72617441e4aca65d689577504445217daa38088d9e956d949b557b181a6c41d5b61b8748df131d67345b89c95276c94634cd59fb2b03163cbd0ad3909eb98b5e144dbabf6f903524bd20441093bf0f35cd49388864c4084dfe625f165fd8058ddc9398c41ead176d5058173657aed649f917635404446f4ff783cbfff210ee0956cbd49fa64e3882784a5492f163ebd265e129e0bf8fca0f6f9f3fc032324e19f75627961608745bc1d485262891e6bcf913745302db716228fd11e65a115e17c29f9be3cd35210ff7d2ea0a9a1a5bc7219e3b00a8cc0d0c2515db709ae839f9c04b9c4414436721bc379c5f2d7a10d80c778693c31b3fa69738ac3bb6bf413d2b716d2fa07a1e800f9912ce61c64317d2cb672d32d67a311bb8e519c7a93f4ff389930a9184aa2995fbd6645dcc87131e194bf0e9ef054e62df818903870efe82857e8ffd956bc07086ea6beb3a078b94879f8ba449036eb70469b8519a2d17d204154a984b01556cb8eb063b9f2232e745f25916c7fc7a09b4298e82e7b92da72fcd4c1b5ab3a0026ebff409bfb435dfffc64db0981fe6d0ea9513e485ae94292c077b5758b8459d662aec520bb2754c4b239899d5c1ad2b0cbb9d0adc5e5680516eb051c5f704f2a8ba56427308df630b056afa1b242c3e76b6e80071f86a61c285a8cc98cac3a3bfd35d122e774eac8b1a0036543a1347cb239acc0508f97191a85edd923bb62f7eae317aac795a2f740879e16823d28d6231d46418d4446a0068e382deac3c7876eed7908be8074e5a0c71aad32d3b8b193ac2c264b095e68d378d04f0a122730c323895451040b5637a35fa9221118a0c7cce93551879ed09c984374ba76b032f54aefe7217d74fda91b4df05e09cabe8d105737d75d84d6f8dd16d332f31d6927e7c044b2dedfb012af84f329771abd5ff5ead951dc98299bf35dee5bddc0614fa28d2f3ba7bdd61b56b405fa6b7a8fd7d89c557998f09e40f4145b14211054242134be126576de4a572f5c015ef88bda7ac66307d5eab37ababb9329d9c769309a84ceb445d4c8aa2443897a73a62e37f058f60476fa4d3213109aaaffce7ccf24c2bb2c2010de5e5aa394ef564b340640842d9c43cfaca58d6af02771aa5786dcbefbfe0f6e2a60110b08febd15253e789c0c984a952eb9f21b412f5e9732779683dd23dbd0c6c21fba84497385a2047e8f8d7833cb123931bb0191331ab9ddbde95d66cea455536fc5bb27cc224e9481c573dc20b61e3e423388a2f7598814c2ed1fa9193f2995f77c172829210571c81031349b0737a90278ebbf308f79640ea98b421b2512224637fe15375e16fcd4cc3000b8d7ff3ab4db642b513709304b929e78981d4fc3e2609422b4bc62ed0c5fa040fcd873a31c1cda961175d48b1b16b1b655c5e71855b44d8186e860ca6ee2dfa7f6d8a5306fa9df1dc45a18cd0d11141d694bbc86cbb06ca58da08a369fc28890943527b9636703153e70c6d96a67b4bb82847ff3552f1d32fb6915c606d3de72a41b8674ecea87b528e9025b0f9b7381731346decd675ee253cb596c2456d45ccaf4fb4cafe8ee3fac6b70951c2957131b2b0ba9c7483d3eca193dc723ff7691ad7ebad38b8da07eff53913c1d8a7404511666e548ff666c6ba8fd2440f93828f77202a2664686395f59e4390b2c71353ff13edaf8bbab0cd7d147464d340b02e0ebb1ba75cae264d57a4361dcbbfdad85a6711a78b5396df60fb419977369fc0d7f062ceab5a397301de45abd51027f20aceb13381f3641a0cec5ca65f4689e5e8f61da7634002b51e83813579e1e8765dce40be475944a984431e169528abd1e079cb0ab26c49dc5d1d4bb6b5dd4fe17628f8ee8bf68520dba4b41afdd7f9aa635ff3abef848f6fa6499b04ad59814576cc5bac866550b5b472102b405affa7bc05569ff58025eb0d08a7e2eef83046d995345f044d8347ae061b11949b5aae2b7d08904b77fbee911900a761ffd75ffd7decbde948c5d94148209d81a22be998fc059008a2ec5039e2083b81e2d1409be34126cfa8ff9cf015e62b88894b4f0522a7085fa4cee1781bf053faaaac9a7363f217020e2be97240ed52750881e63a3e4c34e016830c77e248706a71c732b3704fda901edccb8458fbc7aee85ad865845ed9c23ce76d11a22d473e14673c370b1a8027449478978e50cdf87aec75f6507a8d75890f57191847d7407db22da5dcb8f114f49895a38cee10b1baec1c69b159b9bc34579d7d23566686193d5508d5e44eefc79dfdf6b2f08932a7d9efd0c9d2554a784196564143e13d82319462857112a6c0d800f3b172a30b78017398552b6bd035a16a541b9dc28ddf5482f52bb35b821fa7b280ee7a6ee54929191865cbbb66649a546a67f91a54b9ba5d1d06e9db06f7c72805cfa54ea8c6af819050ae40b4b2a2c653f966a8c1fabbfe00bfbf1c8c33906f74548d2f4a63c58386209cabf20afe20228602c5f9b54e924ca893dc2b47dc3d9c4a265704ed013f53dd97b342f3b3d16ac7e8ae8fc23c5aeb5334ea94720a658185070187ef4276f752b2772e4e92eb1dcdab1b8cd35247dd07f805e10c686f525bb1be0ee03d891d07aa644b4e689a74e837c421d9acf7ea1ae4daad204f6389dacab5ad0ffe254b257d488ff27dbb8077e86a6b1b1e36be10881aaf8e21c6d97558d80ae953110d2d8f237fef9c361e3e6828815a5a789c9043b76155557d0f09369a99878ab7e1e9d6a2df118f4dfb1bf227c7678f9fe573125220b7194fc77a9339745461776274a5de5c2be2d531acb19346d90d8816c5afb28e37fa50cd6f0bfb441ba8e77b09500b938822228875fcef2e22c3c20072de85f3b7e33f6843238368259ee68f52399c7e17971620a485a73ad62e9d239503665b428fa3e751f37138da12427d935c948e6253828072d901ab348ab6d9e96ab5865937042c0a1f20240eb98c862a3bd91b6419e0519bcb1c30d613f1fa6ce23a82271aecf370b0e6ac7cb1127c49f4a717948d6006b72109ca144b363166a6a48d236a144ad045e0e458911487389efea3bee53adf214c9956bc16f9eec51fa418178540c30c4f19e26e76c329f54affecb8f3d2a1656fbcb3d7dc938dc638c66a7c0f85ffeca525cfa0565f69b8c85cca624e70900a5bd1bca6e8c4fcd3864b9e352cd686a350bc0c474da6dd42307fe72fa24f6c6a3199db989d9e122f64d22a3b3aa21002e3e138573bdb28cc2d45e98d0b4da6625d773d2282bcec782e3f93463f9ce5c5f22e6ee957beedd1d6b819fe08e39d4efab46bf3d813013cafe8c71fd2c8d70ea1236571b810d775945cbf847a5a8a2ed019d672a0063419076620f7a2b52b78f2d009311566ce9120242e36f984b4db1e3fa8e9d69d66b033891922f90fe60eb8a9f80c8a4388e4ded5f31f0f88e1f6ecd2b4369f6f1b803d7f0b0c2e389591df5a799345340099296bf281b2f929fad070f28e6661de0ed0f8203b1c7cad6b1b1ccbb2fd28b80a0fc7b8e83890fde8561040edd7146ff2d277eaeb2928e6e9e265ba0fb8f5f28cf7053b3b6c4a15efcbd11766c0e93621fa91d53cadb158a205cb2065507f87e8d244e3b98836be032a", 0x1000}], 0x5, &(0x7f0000006d40)=[@mark={{0x14, 0x1, 0x24, 0x8a1}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @mark={{0x14, 0x1, 0x24, 0xfffffffffffffff8}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x80000001}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}], 0xa8}}], 0x6, 0x4000) fcntl$setstatus(r0, 0x4, 0x2000) [ 966.211848][T28332] ? cap_capable+0x250/0x290 [ 966.225184][T28332] legacy_get_tree+0xf9/0x1a0 [ 966.225198][T28332] ? btrfs_resize_thread_pool+0x290/0x290 [ 966.287259][T28332] vfs_get_tree+0x8f/0x380 [ 966.291678][T28332] do_mount+0x169d/0x2490 [ 966.295998][T28332] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 966.301541][T28332] ? copy_mount_options+0x5f/0x3c0 [ 966.306642][T28332] ? copy_mount_options+0x308/0x3c0 [ 966.306654][T28332] ksys_mount+0xcc/0x100 [ 966.306663][T28332] __x64_sys_mount+0xbf/0xd0 [ 966.306677][T28332] do_syscall_64+0xfe/0x140 [ 966.316071][T28332] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 966.316081][T28332] RIP: 0033:0x45c2ca [ 966.316090][T28332] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 966.316098][T28332] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 966.363646][T28332] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca 15:10:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000006d00), 0xffffffffffffff92, 0x1ffffffe) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000008030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 966.371634][T28332] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 966.379591][T28332] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 966.387816][T28332] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 966.395785][T28332] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x141000, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000100)=0x100000001, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000140)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068aad2ab119560c40186401b0ae75e48b7c8080bd00d862bd5cd67d16d44899af206fec4fd722078bb7650ba031a563eb7c43876d6cbd7e81191e11d2d367b4722f989c045610f0b0dd127e165d6f63a32d768b076be40982afa4a7caccb2f0590d571f28c8ca32721b2089a2be4264d8b28fdfb69ac6aafb03fc177e21f8aee62a0ed76c6c6ed71e8123a5e0570dcd1f81f2339a8dbab1591588f74c5357e53f717ce6f20dcad5bbdffab4d38862fe280c9e4200163fcd1e42c8cf914115cf2343f4ce12ff2349daa4e8c129a3bb51c43d2fa"], 0x1) ptrace$setopts(0x4206, r3, 0x9, 0x100000002) tkill(r3, 0x10010000000035) fcntl$setstatus(r2, 0x4, 0x2000) setsockopt$bt_l2cap_L2CAP_CONNINFO(r4, 0x6, 0x2, &(0x7f0000000040)={0x8, 0x100000000, 0xff, 0xff}, 0x6) 15:10:30 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) [ 966.576796][T28334] ldm_validate_privheads(): Disk read failed. [ 966.589418][T28334] loop4: p1 p2 [ 966.592902][T28334] loop4: partition table partially beyond EOD, truncated 15:10:30 executing program 1 (fault-call:0 fault-nth:72): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 966.642953][T28334] loop4: p1 start 1 is beyond EOD, truncated [ 966.678779][T28334] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:30 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) 15:10:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="a0e30000", @ANYRES16=r3, @ANYBLOB="10002dbd7000fcdbdf25030000004c00030014000600fe880000000000000000000000000101080003000100000008000300020000000800010001000000080001000200000014000600fe8000000000000000000000000000bb2800030008000500ac1414aa140002007665746831000000000000000000000008000400010e00001800010014000300ffffffff00"/154], 0xa0}, 0x1, 0x0, 0x0, 0x40}, 0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d2, &(0x7f0000000340)={0x4, &(0x7f0000000200)=[{}, {}, {}, {}]}) fcntl$setstatus(r2, 0x4, 0xbb9e0c0fd494f110) [ 966.845209][T28334] ldm_validate_privheads(): Disk read failed. [ 966.853105][T28383] FAULT_INJECTION: forcing a failure. [ 966.853105][T28383] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 966.866319][T28383] CPU: 0 PID: 28383 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 966.874291][T28383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 966.884341][T28383] Call Trace: [ 966.887611][T28383] dump_stack+0x1d8/0x2f8 [ 966.891920][T28383] should_fail+0x555/0x770 [ 966.896316][T28383] should_fail_alloc_page+0x55/0x60 [ 966.901491][T28383] prepare_alloc_pages+0x283/0x470 [ 966.906636][T28383] __alloc_pages_nodemask+0xb2/0x5d0 [ 966.911898][T28383] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 966.917692][T28383] kmem_getpages+0x56/0xa20 [ 966.922181][T28383] cache_grow_begin+0x7e/0x2c0 [ 966.926920][T28383] cache_alloc_refill+0x311/0x3f0 [ 966.931923][T28383] ? check_preemption_disabled+0xb7/0x2a0 [ 966.937626][T28383] __kmalloc+0x318/0x340 [ 966.941851][T28383] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 966.947544][T28383] tomoyo_realpath_from_path+0xdc/0x7c0 [ 966.953072][T28383] tomoyo_mount_permission+0x923/0xa30 [ 966.958506][T28383] ? kmem_cache_free+0xd8/0xf0 [ 966.963267][T28383] tomoyo_sb_mount+0x35/0x40 [ 966.967842][T28383] security_sb_mount+0x84/0xe0 [ 966.972599][T28383] do_mount+0x107/0x2490 [ 966.976817][T28383] ? copy_mount_options+0x25e/0x3c0 [ 966.981993][T28383] ? copy_mount_options+0x308/0x3c0 [ 966.987163][T28383] ksys_mount+0xcc/0x100 [ 966.991381][T28383] __x64_sys_mount+0xbf/0xd0 [ 966.995948][T28383] do_syscall_64+0xfe/0x140 [ 967.000448][T28383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 967.006318][T28383] RIP: 0033:0x45c2ca [ 967.010187][T28383] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 967.029771][T28383] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 967.038156][T28383] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 967.046104][T28383] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 967.054051][T28383] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 967.062019][T28383] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 967.069993][T28383] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 967.079593][T28334] loop4: p1 p2 [ 967.085822][T28334] loop4: partition table partially beyond EOD, truncated 15:10:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff00], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 967.111641][T28334] loop4: p1 start 1 is beyond EOD, truncated [ 967.127110][T28334] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:30 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000a00000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='auxv\x00') io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f00000000c0)=[r0, r0, r0, r0, r0], 0x5) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r2, 0x4, 0x2000) 15:10:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff01], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:30 executing program 1 (fault-call:0 fault-nth:73): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068c42889afd3132e523b5a539bd0e6c42c5bfce6"], 0x1) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x81, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r4, 0x4, 0x800) [ 967.351640][T28418] FAULT_INJECTION: forcing a failure. [ 967.351640][T28418] name failslab, interval 1, probability 0, space 0, times 0 [ 967.391547][T28418] CPU: 1 PID: 28418 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 967.399564][T28418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 967.409619][T28418] Call Trace: [ 967.412914][T28418] dump_stack+0x1d8/0x2f8 [ 967.417258][T28418] should_fail+0x555/0x770 [ 967.421678][T28418] __should_failslab+0x11a/0x160 [ 967.426623][T28418] should_failslab+0x9/0x20 [ 967.431130][T28418] kmem_cache_alloc_trace+0x5d/0x2f0 [ 967.436416][T28418] ? alloc_fs_context+0x65/0x5f0 [ 967.441365][T28418] alloc_fs_context+0x65/0x5f0 [ 967.446135][T28418] ? _raw_read_unlock+0x2c/0x50 [ 967.451070][T28418] ? get_fs_type+0x47f/0x500 [ 967.455665][T28418] fs_context_for_mount+0x24/0x30 [ 967.460791][T28418] do_mount+0x1095/0x2490 [ 967.465124][T28418] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 967.470665][T28418] ? copy_mount_options+0x5f/0x3c0 [ 967.475767][T28418] ? copy_mount_options+0x308/0x3c0 [ 967.480978][T28418] ksys_mount+0xcc/0x100 [ 967.485212][T28418] __x64_sys_mount+0xbf/0xd0 [ 967.489804][T28418] do_syscall_64+0xfe/0x140 [ 967.494302][T28418] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 967.500190][T28418] RIP: 0033:0x45c2ca [ 967.504070][T28418] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 967.523658][T28418] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 967.523667][T28418] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 967.523672][T28418] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 15:10:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) dup(r1) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66692922ff467c732283d494a5d86c74657200000000000000000000000100400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f00000068030000680300006803000068030000683de754ae939b985485441603ba6f1b6279e67bcc93f579c6591f68cb4ac96a7e74b9d319deac1189a930358f3b67871eeab204ef01cb803d1ba1a1beb4d272013daeefa8d809"], 0x1) prctl$PR_SET_FPEMU(0xa, 0x2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:31 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) [ 967.523678][T28418] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 967.523683][T28418] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 967.523688][T28418] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:31 executing program 1 (fault-call:0 fault-nth:74): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 967.679097][T28423] ldm_validate_privheads(): Disk read failed. [ 967.704395][T28423] loop4: p1 p2 [ 967.726428][T28423] loop4: partition table partially beyond EOD, truncated [ 967.747580][T28423] loop4: p1 start 1 is beyond EOD, [ 967.747587][T28423] truncated [ 967.747597][T28423] loop4: p2 size 327680 extends beyond EOD, truncated [ 967.763513][T28443] FAULT_INJECTION: forcing a failure. [ 967.763513][T28443] name failslab, interval 1, probability 0, space 0, times 0 [ 967.780807][T28443] CPU: 1 PID: 28443 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 967.788830][T28443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 967.798883][T28443] Call Trace: [ 967.802178][T28443] dump_stack+0x1d8/0x2f8 [ 967.806520][T28443] should_fail+0x555/0x770 [ 967.810947][T28443] __should_failslab+0x11a/0x160 [ 967.815898][T28443] should_failslab+0x9/0x20 [ 967.820406][T28443] kmem_cache_alloc_trace+0x5d/0x2f0 [ 967.825698][T28443] ? alloc_fs_context+0x65/0x5f0 [ 967.830644][T28443] alloc_fs_context+0x65/0x5f0 [ 967.835407][T28443] ? _raw_read_unlock+0x2c/0x50 [ 967.840254][T28443] ? get_fs_type+0x47f/0x500 [ 967.846333][T28443] fs_context_for_mount+0x24/0x30 [ 967.851361][T28443] do_mount+0x1095/0x2490 [ 967.855699][T28443] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 967.861284][T28443] ? copy_mount_options+0x5f/0x3c0 [ 967.866404][T28443] ? copy_mount_options+0x308/0x3c0 [ 967.871604][T28443] ksys_mount+0xcc/0x100 [ 967.875849][T28443] __x64_sys_mount+0xbf/0xd0 [ 967.880435][T28443] do_syscall_64+0xfe/0x140 [ 967.884911][T28443] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 967.890779][T28443] RIP: 0033:0x45c2ca [ 967.894672][T28443] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 967.914267][T28443] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 967.922654][T28443] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca 15:10:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d0000000400000900030000300100003001000078020000001f0000006078148f3a4f0000006803000068030000680300006843000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000040)=0x54) tkill(r2, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) [ 967.930604][T28443] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 967.938550][T28443] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 967.946508][T28443] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 967.954453][T28443] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:31 executing program 1 (fault-call:0 fault-nth:75): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 968.164184][T28464] FAULT_INJECTION: forcing a failure. [ 968.164184][T28464] name failslab, interval 1, probability 0, space 0, times 0 [ 968.177813][T28464] CPU: 0 PID: 28464 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 968.185797][T28464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 968.195852][T28464] Call Trace: [ 968.199129][T28464] dump_stack+0x1d8/0x2f8 [ 968.203460][T28464] should_fail+0x555/0x770 [ 968.207855][T28464] __should_failslab+0x11a/0x160 [ 968.212769][T28464] should_failslab+0x9/0x20 [ 968.217242][T28464] kmem_cache_alloc_trace+0x5d/0x2f0 [ 968.222498][T28464] ? legacy_init_fs_context+0x51/0xc0 [ 968.227845][T28464] legacy_init_fs_context+0x51/0xc0 [ 968.233017][T28464] alloc_fs_context+0x4e3/0x5f0 [ 968.237839][T28464] fs_context_for_mount+0x24/0x30 [ 968.242836][T28464] do_mount+0x1095/0x2490 [ 968.247138][T28464] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 968.252653][T28464] ? copy_mount_options+0x5f/0x3c0 [ 968.257753][T28464] ? copy_mount_options+0x308/0x3c0 [ 968.262925][T28464] ksys_mount+0xcc/0x100 [ 968.267139][T28464] __x64_sys_mount+0xbf/0xd0 [ 968.271715][T28464] do_syscall_64+0xfe/0x140 [ 968.276199][T28464] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 968.282149][T28464] RIP: 0033:0x45c2ca [ 968.286034][T28464] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 968.305616][T28464] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 968.314022][T28464] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 968.321967][T28464] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 968.329924][T28464] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 968.337870][T28464] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 968.345829][T28464] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x10000, 0x0) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x26) ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f00000000c0)) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:33 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000b00000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff03], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:33 executing program 1 (fault-call:0 fault-nth:76): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:33 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(r1, r0, 0xf81c, 0x0) [ 969.881860][T28480] FAULT_INJECTION: forcing a failure. [ 969.881860][T28480] name failslab, interval 1, probability 0, space 0, times 0 [ 969.912749][T28480] CPU: 0 PID: 28480 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 969.920963][T28480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 969.931019][T28480] Call Trace: [ 969.934312][T28480] dump_stack+0x1d8/0x2f8 [ 969.938642][T28480] should_fail+0x555/0x770 [ 969.943064][T28480] __should_failslab+0x11a/0x160 [ 969.948003][T28480] ? vfs_parse_fs_string+0xed/0x1a0 [ 969.953198][T28480] should_failslab+0x9/0x20 [ 969.957700][T28480] __kmalloc_track_caller+0x79/0x340 [ 969.962989][T28480] kmemdup_nul+0x2a/0xa0 [ 969.967235][T28480] vfs_parse_fs_string+0xed/0x1a0 [ 969.972268][T28480] do_mount+0x11a6/0x2490 [ 969.976607][T28480] ? kmem_cache_alloc_trace+0x23a/0x2f0 15:10:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000000)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4, 0x3}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000007000000000000000000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 969.982161][T28480] ? copy_mount_options+0x5f/0x3c0 [ 969.987355][T28480] ? copy_mount_options+0x308/0x3c0 [ 969.987366][T28480] ksys_mount+0xcc/0x100 [ 969.987377][T28480] __x64_sys_mount+0xbf/0xd0 [ 969.987388][T28480] do_syscall_64+0xfe/0x140 [ 969.987402][T28480] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 969.996797][T28480] RIP: 0033:0x45c2ca [ 969.996806][T28480] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 969.996812][T28480] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 969.996821][T28480] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 969.996827][T28480] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 969.996832][T28480] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 969.996840][T28480] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 15:10:33 executing program 1 (fault-call:0 fault-nth:77): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 970.005896][T28480] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 970.121492][T28479] ldm_validate_privheads(): Disk read failed. [ 970.130303][T28479] loop4: p1 p2 [ 970.140030][T28479] loop4: partition table partially beyond EOD, truncated [ 970.148113][T28479] loop4: p1 start 1 is beyond EOD, truncated [ 970.155744][T28479] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = accept$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000000)) bind$netrom(r1, &(0x7f00000000c0)={{0x3, @default, 0x5}, [@default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @null, @default]}, 0x48) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) r2 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x10000, 0xc0391d3cd42f7e5d) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0, 0x3, 0xdf1}, &(0x7f0000000180)=0xc) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000001c0)={r3, 0xfffffffffffffffc, 0xfffffffffffffffb, 0xfffffffffffffff7}, &(0x7f0000000200)=0x10) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) getpid() clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = gettid() r5 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) [ 970.199030][T28500] FAULT_INJECTION: forcing a failure. [ 970.199030][T28500] name failslab, interval 1, probability 0, space 0, times 0 [ 970.218843][T28500] CPU: 1 PID: 28500 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 970.226919][T28500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 970.236957][T28500] Call Trace: [ 970.240234][T28500] dump_stack+0x1d8/0x2f8 [ 970.244548][T28500] should_fail+0x555/0x770 [ 970.249046][T28500] __should_failslab+0x11a/0x160 [ 970.253980][T28500] should_failslab+0x9/0x20 [ 970.258481][T28500] kmem_cache_alloc_trace+0x5d/0x2f0 [ 970.263823][T28500] ? alloc_fs_context+0x65/0x5f0 [ 970.268745][T28500] alloc_fs_context+0x65/0x5f0 [ 970.273493][T28500] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 970.279121][T28500] fs_context_for_mount+0x24/0x30 [ 970.284153][T28500] vfs_kern_mount+0x2c/0x160 [ 970.288719][T28500] btrfs_mount+0x34f/0x18f0 [ 970.293202][T28500] ? legacy_parse_param+0x37b/0x880 [ 970.298384][T28500] ? cap_capable+0x250/0x290 [ 970.302963][T28500] legacy_get_tree+0xf9/0x1a0 [ 970.307620][T28500] ? btrfs_resize_thread_pool+0x290/0x290 [ 970.313321][T28500] vfs_get_tree+0x8f/0x380 [ 970.317722][T28500] do_mount+0x169d/0x2490 [ 970.322070][T28500] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 970.327599][T28500] ? copy_mount_options+0x5f/0x3c0 [ 970.332703][T28500] ? copy_mount_options+0x308/0x3c0 [ 970.337876][T28500] ksys_mount+0xcc/0x100 [ 970.342094][T28500] __x64_sys_mount+0xbf/0xd0 [ 970.346661][T28500] do_syscall_64+0xfe/0x140 [ 970.351146][T28500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 970.357067][T28500] RIP: 0033:0x45c2ca [ 970.360950][T28500] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 970.380559][T28500] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 970.388955][T28500] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 970.396915][T28500] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 970.404870][T28500] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 970.412833][T28500] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 970.420816][T28500] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:34 executing program 1 (fault-call:0 fault-nth:78): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 970.550337][T28479] ldm_validate_privheads(): Disk read failed. [ 970.562008][T28479] loop4: p1 p2 [ 970.573281][T28479] loop4: partition table partially beyond EOD, truncated [ 970.581657][T28479] loop4: p1 start 1 is beyond EOD, truncated [ 970.587959][T28479] loop4: p2 size 327680 extends beyond EOD, truncated [ 970.593542][T28513] FAULT_INJECTION: forcing a failure. [ 970.593542][T28513] name failslab, interval 1, probability 0, space 0, times 0 [ 970.624494][T28513] CPU: 1 PID: 28513 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 970.632501][T28513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 970.642632][T28513] Call Trace: [ 970.645926][T28513] dump_stack+0x1d8/0x2f8 15:10:34 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, 0x0, 0x0) tee(r1, r0, 0xf81c, 0x0) [ 970.650256][T28513] should_fail+0x555/0x770 [ 970.654685][T28513] __should_failslab+0x11a/0x160 [ 970.659638][T28513] ? btrfs_mount+0x83/0x18f0 [ 970.664230][T28513] should_failslab+0x9/0x20 [ 970.668740][T28513] __kmalloc_track_caller+0x79/0x340 [ 970.674034][T28513] ? tomoyo_mount_permission+0x8d8/0xa30 [ 970.679696][T28513] kstrdup+0x34/0x70 [ 970.683589][T28513] btrfs_mount+0x83/0x18f0 [ 970.688017][T28513] ? legacy_parse_param+0x37b/0x880 [ 970.693206][T28513] ? cap_capable+0x250/0x290 [ 970.697792][T28513] legacy_get_tree+0xf9/0x1a0 [ 970.702457][T28513] ? btrfs_resize_thread_pool+0x290/0x290 [ 970.708203][T28513] vfs_get_tree+0x8f/0x380 [ 970.712615][T28513] do_mount+0x169d/0x2490 [ 970.716939][T28513] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 970.722472][T28513] ? copy_mount_options+0x5f/0x3c0 [ 970.727562][T28513] ? copy_mount_options+0x308/0x3c0 [ 970.732850][T28513] ksys_mount+0xcc/0x100 [ 970.737082][T28513] __x64_sys_mount+0xbf/0xd0 [ 970.741684][T28513] do_syscall_64+0xfe/0x140 [ 970.746299][T28513] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 970.752170][T28513] RIP: 0033:0x45c2ca [ 970.756043][T28513] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 970.775626][T28513] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 970.784043][T28513] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 970.792002][T28513] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 970.799972][T28513] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 970.807939][T28513] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 970.816087][T28513] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:34 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000200)=0xc) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x20000, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000001c0)=0x6, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r3, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$CAPI_GET_PROFILE(r4, 0xc0404309, &(0x7f0000000140)) r5 = gettid() r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='rdma.current\x00', 0x0, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r6, 0x4010ae94, &(0x7f00000000c0)={0x1f9c, 0x2, 0x1}) r7 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000400)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680700006803000068102ac934a3029f2163212654958dff7933cb76aca6cfca768103f7f5c621317cbff6bd85ec6ffa2908fb44607450283643a504cdd20e9fc8090341ac2b9838eeaf9702e3360fca71e8d277cd690d65549369796ff869741edf430c7ca36c720fa1782eab37e487f7c19f28e336b05f98da3e866c5342a264f33f9d427bee63226686436a588e3e8987d580967c86cc4a494e40f39aa91da7ffdad6478f8341af864b513dad3b93eb80ac9980e861c6fbae50424b3774fcda"], 0x1) ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x10010000000035) fcntl$setstatus(r3, 0x4, 0x2000) 15:10:34 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff07], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:34 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000c00000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:34 executing program 1 (fault-call:0 fault-nth:79): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 971.090132][T28538] FAULT_INJECTION: forcing a failure. [ 971.090132][T28538] name failslab, interval 1, probability 0, space 0, times 0 [ 971.105635][T28538] CPU: 0 PID: 28538 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 971.113684][T28538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 971.123731][T28538] Call Trace: [ 971.127028][T28538] dump_stack+0x1d8/0x2f8 [ 971.131361][T28538] should_fail+0x555/0x770 [ 971.135874][T28538] __should_failslab+0x11a/0x160 [ 971.140816][T28538] should_failslab+0x9/0x20 [ 971.145326][T28538] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 971.151042][T28538] ? __kmalloc_node+0x3c/0x60 [ 971.155800][T28538] ? smack_sb_eat_lsm_opts+0x867/0xa20 [ 971.161262][T28538] __kmalloc_node+0x3c/0x60 [ 971.165788][T28538] kvmalloc_node+0xcc/0x130 [ 971.170565][T28538] btrfs_mount_root+0xe3/0x1050 [ 971.175436][T28538] ? vfs_parse_fs_string+0x13b/0x1a0 [ 971.180722][T28538] ? trace_kfree+0xa0/0x110 [ 971.185210][T28538] legacy_get_tree+0xf9/0x1a0 [ 971.189870][T28538] ? btrfs_control_open+0x40/0x40 [ 971.194911][T28538] vfs_get_tree+0x8f/0x380 [ 971.199339][T28538] vfs_kern_mount+0xc2/0x160 [ 971.204054][T28538] btrfs_mount+0x34f/0x18f0 [ 971.208561][T28538] ? legacy_parse_param+0x37b/0x880 [ 971.213765][T28538] ? cap_capable+0x250/0x290 [ 971.218344][T28538] legacy_get_tree+0xf9/0x1a0 [ 971.223008][T28538] ? btrfs_resize_thread_pool+0x290/0x290 [ 971.228725][T28538] vfs_get_tree+0x8f/0x380 [ 971.233126][T28538] do_mount+0x169d/0x2490 [ 971.237437][T28538] ? copy_mount_options+0x25e/0x3c0 [ 971.242735][T28538] ? copy_mount_options+0x308/0x3c0 [ 971.247919][T28538] ksys_mount+0xcc/0x100 [ 971.252156][T28538] __x64_sys_mount+0xbf/0xd0 [ 971.256907][T28538] do_syscall_64+0xfe/0x140 [ 971.261394][T28538] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 971.267266][T28538] RIP: 0033:0x45c2ca [ 971.271313][T28538] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 971.290899][T28538] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 971.299306][T28538] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 971.307273][T28538] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 971.315491][T28538] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 971.323439][T28538] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 971.331391][T28538] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) r2 = getpgid(0x0) ptrace$setregs(0xf, r2, 0x401, &(0x7f0000000140)="1da58a656f82624b275417380f1bbdf461c81943fc18e072919d55e5bc599eac6238b8bfd4b68f0ea2a806d0f592") connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000100)=[@timestamp, @sack_perm, @timestamp], 0x3) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}, &(0x7f00000000c0)=0x10) [ 971.366300][T28537] ldm_validate_privheads(): Disk read failed. [ 971.378273][T28537] loop4: p1 p2 [ 971.386470][T28537] loop4: partition table partially beyond EOD, truncated [ 971.395426][T28537] loop4: p1 start 1 is beyond EOD, truncated [ 971.401789][T28537] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00') ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000100)=&(0x7f00000000c0)) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x82000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() r4 = dup(r2) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x10010000000035) fcntl$setstatus(r2, 0x4, 0x2000) 15:10:34 executing program 1 (fault-call:0 fault-nth:80): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 971.547990][T28559] FAULT_INJECTION: forcing a failure. [ 971.547990][T28559] name failslab, interval 1, probability 0, space 0, times 0 [ 971.586141][T28559] CPU: 0 PID: 28559 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 971.594168][T28559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 971.604219][T28559] Call Trace: [ 971.607520][T28559] dump_stack+0x1d8/0x2f8 [ 971.611856][T28559] should_fail+0x555/0x770 [ 971.616270][T28559] __should_failslab+0x11a/0x160 [ 971.621213][T28559] should_failslab+0x9/0x20 [ 971.625716][T28559] kmem_cache_alloc_trace+0x5d/0x2f0 [ 971.630993][T28559] ? btrfs_mount_root+0x12c/0x1050 [ 971.636183][T28559] btrfs_mount_root+0x12c/0x1050 [ 971.641117][T28559] ? vfs_parse_fs_string+0x13b/0x1a0 [ 971.646392][T28559] ? trace_kfree+0xa0/0x110 [ 971.650891][T28559] legacy_get_tree+0xf9/0x1a0 [ 971.655567][T28559] ? btrfs_control_open+0x40/0x40 [ 971.660599][T28559] vfs_get_tree+0x8f/0x380 [ 971.665015][T28559] vfs_kern_mount+0xc2/0x160 [ 971.669585][T28559] btrfs_mount+0x34f/0x18f0 [ 971.674069][T28559] ? legacy_parse_param+0x37b/0x880 [ 971.679257][T28559] ? cap_capable+0x250/0x290 [ 971.683832][T28559] legacy_get_tree+0xf9/0x1a0 [ 971.688486][T28559] ? btrfs_resize_thread_pool+0x290/0x290 [ 971.694178][T28559] vfs_get_tree+0x8f/0x380 [ 971.698571][T28559] do_mount+0x169d/0x2490 [ 971.702880][T28559] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 971.708399][T28559] ? copy_mount_options+0x5f/0x3c0 [ 971.713486][T28559] ? copy_mount_options+0x308/0x3c0 [ 971.718746][T28559] ksys_mount+0xcc/0x100 [ 971.722968][T28559] __x64_sys_mount+0xbf/0xd0 [ 971.727542][T28559] do_syscall_64+0xfe/0x140 [ 971.732022][T28559] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 971.737890][T28559] RIP: 0033:0x45c2ca [ 971.741764][T28559] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 971.761450][T28559] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 971.770274][T28559] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 971.778226][T28559] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 971.786170][T28559] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 15:10:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) write$binfmt_aout(r0, &(0x7f0000000900)={{0x10b, 0x3ff, 0xffffdfffffffff7f, 0x22, 0x3aa, 0x3, 0x1a9, 0x5}, "d4d3f2a558d1650f805700b14118cbbbaea4516cc8b6b678eec40007ae7faef0fcf8ff839bd9e6284b1d0e1bdcd146a1386b39b567eb3758ddc253f9c33dd8a2b6e3bc64a76bc08d596747478e5e8deb58ff6f00000000000000000000004e0d21a305754fe3e792c0b18774154043166956353a008ba482a5a0797400984003dcfc69c1e955b432c5a1b433e8053ce2602b7446a60000", [[], [], [], [], []]}, 0x236) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000000c0)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x200, 0x0) sync() fcntl$setstatus(r1, 0x4, 0x2000) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r3, 0x408c5333, &(0x7f00000000c0)={0x4, 0x3, 0x6039c407, 'queue1\x00', 0x1f}) 15:10:35 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, 0x0, 0x0) tee(r1, r0, 0xf81c, 0x0) [ 971.794135][T28559] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 971.802101][T28559] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:37 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x1, 0x0) ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f00000000c0)={0x0, @motion_det}) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = dup(r0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="62696c74657200000000000000000000000000000000f60d0000000400000900030000300147ea7fd8221cf62419725086f42a0000300100007802000000000000006078148f3a39000000681317bfe82d9d8be18603000068030000680300006803000068000000000000000000"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x2000) 15:10:37 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000d00000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff0f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 15:10:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcff47bf070") prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x402000, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000001340)={0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x20}}}, 0x6, 0x400}, &(0x7f0000001400)=0x90) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000001440)={0x0, 0x6}, &(0x7f0000001480)=0x8) sendmsg$inet_sctp(r2, &(0x7f0000001600)={&(0x7f00000000c0)=@in={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000100)="bf79740a2b08614d2b0c75efddc63e3989d71a95b11786a17717fc562be78bacb8fa6b15b16c14740d629f49a5f4807e443115cc60e48e07c5be9d77956d4e713be32ea756", 0x45}, {&(0x7f0000000340)="891db297726bd8f1b124c7a6ac2abde6650a0c7d5a85f87eff9d03c6321989ae275a6641eb44e863cd83f5773b2f0766fbf7eb25c19c4b2be245cda2bd8b6395739eb14c969100adc61deb9a6101f18a34b6e09d39b0fdcf44d1b852a7ed3ca5f54c6cdd2287c5f7a013b9f6c004981af2c479a0193026f611d066f4b73d53c4c3f939515d53dc4eec6bb854c1ff880054ea7b3021048aee051c2d775d8f2ed8ec3fc19b7bd0cfa00b9f2857d3f42af563ae0c29b2d785f9df4936c62bdce0645076e8780bf179594dace44fb540faf6aaba6a02db36c5ae2b0f50b2a296af52f01e6f1001d3123d3b07fbd48abe9c8056d4cf7b9b18577978204f5a2c3de08cba456206be6b774bb933fd27a956968563601a46d0c5d48a08a26bb659696f9aad539946fae36101201970e9a5a9e77732beb6dbfe210b950e798d4a5cd218868e6b5591f2da4438c80dde0041107c0e3ba83e4beff71e29d0084dc5152a96145a0f5dd11b99d9787278dd429d0d102717269a69013c703b4784fa4cb6728c0d2f33078f09706560f79d75e89957b6f2a437d1d2916130d8b8ad550d09f4c52ab588d3806d0365b5624bc2150d7313d6d6900e374dd57e91fec13f7c861914fbc9ebf6d740289155ae92e8a85d41fb8831d91e85dc6c194a0af4ef35e7b9f399ee3f0188647d1ed3c0c79c9a3e4117b65e25ae0887c41c5e6ccf9d185cc93e8f28d893507d06981976b552ca8524cdca1acb080c21f8b136c52e3e292f0aa4c191d850f70c0ffe5d6123371ccee00be6b1a9a9c42e868f1afc8c2f2155b91ef4d9d2075cd07fa050c72345ed2eebd9de442ce3ebff414c801bf7b5342fa8a3062cee3fb0b7c7e9d04d98affaefd211fc1f668cb8561418d816763e0f5c26bb37817d6785ade99f3ebe3cfb367bbed887051a58c92b559b48a6c43f3373fdec2a9156846764920ff6f6a348b60efa7efae195260d316ad3a9861a9d6a0349180822426e31be12cd1fa4b7b700801f3406bf428c0f07671fa32614879fe5b006bf826b2b7bd9b9ba05b6c248b13570b94784696f238cee6b23efed3efa296c1a03f61fc02ad9576427fd9426700c86bfa23d3501462802ff7863ac7c7da766881e41024314fe9b52ffe3aa7ef3692a014f7bfcdb2b2ed2bd2a6cb1d5dab27d33fb0521baab9840c4cb21f860badff23a74c9a94ea27427f81871167e712b0f779323a733a157768d05b3191e5f8bc52d0766463410758b51f173b94e09635f6cbe50b8ad879bb81539f28660e4b9439eeef5385966a7b97eadb74c875809944467f35aac4ba3708e635585c58143f00c28d2cfa2735f82bcdfff43685de1a50fd8093f6642a70ae34622645d3a771371302ebdab6f6d2f4e14a39f036e720d2d6339c7d2967f6dc716409bfd21f69ca3aaf7533dbddd099173b30bd051a5fb9b6fd058eadd26f2a4ce6fb2024b6d3d42f09304560eff58e862e93d11ad8a2181888e330c426fb958ad0b4b54dabfa3efbaf85f88208017e65df3d3e065ac5cc4f08e7d843fa94ca57ef2084c141cc9349120b42a416fb49e319abe10bd831e81624d5dfacba90d416ecec3e10496f8d9915e2cb4559a08ad5234f1434e6a3087bfe0b73e412074e8b214abd51ce96e461e68fa7cdc0d2bd311c521a8b59dd73877c0fd9429e5470a46d1fc3ab543e3728994d646ab8ceff0aa5a0bb9f529e7f638161280593b48530977af3d5830f2a22e3e95f7bd56bfe3f9bc6174b961334bf3ae964259590c6d0c519ed67f2d4b94337e9290feec1ab56edb80ce711ee3c735007bbba250ec008816fbc1df4c23f57c05f6651b47fa9b2be90d1c06958645653202361521cd778c1aa13d92cdbe2741cb1a4313a98e5d7fc292eb3a8bc662712523da61da3b1d9c203c8516d666a4495afea0112d1570956b3003768136cd2ab1e1de0399d4dc9cc5c12f1d4342c1bf974fa322cea885a41b4a41896a1f171a94a240b2f1ed0890fcb2e5ad796b7f02bbbbe36c13de9f5564ea85889a1c694b3f22a6141cd2f6f40926db87a8d74c01210ea00951de5f7b5d4f6e65c4ba779530c8789d2219f5a3c3796a45ba57ee5d7f4b23f5e58c3ac6c3c5b9a1b79cb1f2e7eb1d93766bf9d57f1c452dfdff22412b07fcea13d8ba2459d8f7df1471b3888e2add346e7a7e0bf3a00112612b0c9905a2ef1a240ccb00cb7f59a3845cfcffbb6c380d252a40be8f4648941a06b67322de71a3446fe21a2c1d10b09ffa2261089db0c28171a59e1abfb3e2d72e705ac563e1b76b6caed0a7f08e2b1171d574a144dbc703d1e3e0486e7c70b3c426612f08f0de5b8136c5dad76eb93ec5cb50f3a39112dc265690f06f24002c59d90f791cc3c1cad74afb64dd18910a3d5c0e8040fb8cb9b95c925eb1fea152ceae8aff696415c9bb0391b319e35fa62a3a995f1bd94916924d2e3e3e53045e9d4bd6c2e41d12a5cf6b299507c8d4764216cf14bd8c436ace3f4f7199e2a20ffdba1aed63c72bbe497cbef727d2e3043577e23ec030e2311d1e8b20938e3ac286fa475ed4d669245e24d916ad952af9586323ac85fc2a62781642b009d78995278b3a94b3298ecd0923fc1f03ffa9c765f9640a6537cbb0b27c33b9029d3dfb332da0f4999c9ddd36df801ee930d2c69e6471d5800531a36cf4c4cc69cfdb4f07eddb6b075f23c19ffdcded657412f7f8295863651d11abd30e506617693c786607966a37b73ba139a51923dcaaafc68fcaff33547d9dfce7746b37e9f3eef7ae86b60d205228a22a4fc7c261277fd720f85f6bdd6dfde9a558c952e23627a268ead2e8023da8f29c3768787fc8bd2375b8e07902960f00ad6068dc7bb44140f644d28bf72aa0220a23a439f7217dbf7949fa3c9378e4fdb53e86e5d2af7aba503799f1dfc981c191987bdb8ff953f43a1c2b0fd771f8831a02e85280f25081e8b5e26ecf7be1b79d3ed90869aa8f26471a7226b246a0f9c6dea3186430fda9e9a7256c074f4ba36ad6d60cb0e2b1aeaebcbccbd1ce0a175c41d22120fb92fdd2376914c49a2a3e6f6dc044250c54374b06a947a314854e015d8c1335f98f19ae6c4b37d50962818dee3a6e76c808369bc70f341bf938ac46d8c0d8d6be81de37e99062150be909abb81b5cc614055fcd2328fae8e756fa850a97363fd2da43fd8128685bbbc97f206b33a0c19c75ed6db8dd767a1519ce492c27d89d80f416fd8531fc3cc461e64ba9c546f40cbe7f9c04c4138684e35a7e9c82553898744c6d034963a1a942a00146f1a0c93256a5f5ea96b4cb29e0140ebfd6ba2e9357f14010de0f2dea17c8ef4498ef1b54689298b7caa0fb13e6b0f7ecb072eb0cba8de06107d6eedd05ea7685d5cbeb47353221cce6e69de98068c1f6f7699aeaa438a9f61a90a13bf2693b35587fb74bf4ea61f6e4ef10effda254b21dc91cafa27bc3859b5d7131e18e72fe7d8f13dfc1f5131376b16ea0ba14fdc1a73d0cb3c33c643cbba9d0b8d76e8cc6f7a909a9851f43a9bf116746af55fe7084852ca1630d4da88e2f5a0ba9f5f753f7fdaa52c9d36d56e58d866d679c8d71d24b0afd14dbf40323142db5b75374624f03824d4684e1fcb9857adac0495ab6e1af3ae2046d055211e565af260ea9465fe47db8709445cd6f27d19f93e8f9ca99d3d7f0d4be8fc7d299f2731c7c4b76385682ecb7cda92089e1a63deac529582013a35c945fd76a43c2ca9c35f1d39c26a79468cb33d7da9e9b4fd3dabb28fd6ba87a66028669babec5af1eaa12003dd18662eedfdf54d406f2019abf0c6b2388d87207ccdca04464b36af2a79be12dbb8774acd5e99635ac4da4112ba86d1517e1c01088ab9c397f7e00b94325ebd4cd581fbe6272f820078d77dbd033b05ee817a59ca75857acbd84ac91841fc2beb4aa9280d9af14f7f03243df59ab5384672cf63a6c773fb88dbb97e8eef58ac8e048131234b0a203383e0e6561fd2b343b26c2032c7e6e725ece9163e46c017612a7c43f41d1912d4dfacdbbaaac18417c9fb657fb6e166d35cae39a1eb3532c6b5a6f4cde41776d3d4caf0b4266a9724ed6d67702b453da1dc6a50723356eee9e142061db31639c7ec946aef6b48d56f25e4008b43836203e3f449174dc02199d34dad10bf870006f8aef9033b9d2d7f70019badf1fef33e434dc1863ae500412a32ddb9a65946ae460c650a29f87919fa6932e39b64b9d0b9b2aa9fca22d42e00229f643aa77821f1c678122051be23d6843c4f60c6813b1a9c969440b6909de9f629a86084e3b9cce73aa33d9d1e088d05a35fc9c35af546163256dcba9d1137b0bb72f7f8bb66afc5b51fdecb63205ecfcd64e99ec5ead08f7e6d4edc422de45d047236f272d83c61541b9e2dc86fc3e49274c8f7a205da70676b1a1ff0f3e27f1802a69c5fcfbbb384a36ab25257775588427d2459a826b02665fb7c9f976d1231dfbe4b10c6097a066507eec509dd8f624cfe1837582e3786dbca0faed3a6f16b09df906a5480fded77a6ea79bed7525af8f9bbf439961fd0b0d7e2f0b2e7aecd188884078148a71c6de8c067017b600c23a72d0d72caffcfc41763bae39340f5e621191e9395b6e0565249f99eb5b682c7cad643648cf3b12942342ed68a05723a34ae16e05b2448876b02ff1e251a62f76274cb2ee06c01b4515068c67fd7c301f92d2e1fdf8738fcddbe1c0b3d48c9463cbb80a346ab69f77e8c0848b24aa5f4846baf4ec24e3c71a854cac3a84e1779f7a1ce4b130579a607ba190318ebf22d761866a52a1865f220526673c35615df86a2252b792a4273fc174056e8b888c35cad67ed891d063648aec042039d5509b695710dbf1fb85d251f5fef7611838f6600fd16f4f9f231ad4e2778cf1c7121fb3673b702ba9fc8bcd9b12f65dc103f10608fd90486d4072b6f17ee104f1ef86db635d3eb99194fc4c7ba5843717dcf39e0f4ea1735ef2b0cfcd2d0c7a3cc4979932cf287dece3e1673e3dcdc62d7324edaed3c0375f6ecb66fa3aed825b3642927ec5a2e1cba737c6b442950f2d41940b913113b55763bacca6a633fa2cb6e66a30dd7d28a26f31fb1ec2c3dccacf3fdb4dd8279cecd8a492cbfeedcee8a16cb0596b9eb68d28d3838e2b4b9d1e687fedb5b8b325da8b73315b29618bc3bcbe0c10dbccb6c6f42bcbd63ae248ed91dd83208c4f12e4a213f6f379f26b61d62621298386d077a55129adca4af080f8bfc397dbd6f032b468aed8f13d408965c770806c7875c651c51ae4219f7e71f17be4af62f7a875e0a8b1f312884fe2e9d637a18b6892afccf73baf67500522edd337e8c3f5df1fe113e89d197d7b5be6bd771391311ae01a93abbd079d232ad9be9d3f7adf0655675189032bb2f276bd0ee4314735be436cecfb7129b4d954e3bf830b924f13a8a9343e37cbf895d267b364e2bee10fb199daf57ae0da42588ec777536939eb2d0893d194091e2b08477da31196a762ae80fbe77f349f44f28cec4d1f5f1ee23f04d80275707cf2cc958fcca0a4bf73401fa079bec327debbe24f90ed0ed3404594cf0d8c890e6edd505c968d55f605b25b8ad47a7f9e9dcbaa1de01616a76a98912b9ed5e84f2b672072dca7480b2e8a9230093f097ffd6360c64ddbd20dffd5e856eb81215601dc695b9d3767f59ccfb5a11cb7619e10db17b3acb57a1c39f61357e33fd0a12556bd572b48c3b5f164f23308e7957b95b35247cd4883e0d13dfaef752249f864364a8d25d9afa58903e134ec9bfa8874f667c417e1c290", 0x1000}, {&(0x7f0000000180)="22de7a532da6c8dabf23e04a4be0a8a5f6b0e3bc031071c505c2b284313f016269a723875a1706f027f9477be726cf0f70d20f62d04b9f2d352b77d1cd06d07ae6f6216cb6fa7a341e6a13c141e98a77cb8c440a80a93461a020feb35a17d7fbec4720f1bd5394a24c7f6e6a3676af778fedd04f66d93e1c2baa6eb4f1e3de57ee56d3684e873e375b774bb4cc35926b15bac921856d93e60e28945a6ee5bafdc48c33a09443b9216cd628a889d4f401b32d256369", 0xb5}], 0x3, &(0x7f00000014c0)=[@authinfo={0x18, 0x84, 0x6, {0x5}}, @authinfo={0x18, 0x84, 0x6, {0x6}}, @authinfo={0x18, 0x84, 0x6, {0x5}}, @dstaddrv6={0x20, 0x84, 0x8, @local}, @authinfo={0x18, 0x84, 0x6, {0x9f}}, @dstaddrv4={0x18, 0x84, 0x7, @local}, @sndrcv={0x30, 0x84, 0x1, {0x5, 0x6, 0x3, 0x200, 0x100, 0x7, 0x0, 0xfffffffffffffff7, r3}}, @sndrcv={0x30, 0x84, 0x1, {0x1, 0xfffffffffffffe01, 0x2, 0x6, 0x800, 0x7, 0x1, 0x1, r4}}, @prinfo={0x18, 0x84, 0x5, {0x20, 0x1ff}}], 0x110, 0x4000800}, 0x1) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x49) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = gettid() r6 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000400000000000000000000000f60d000000040000090003000030010000300100007802000000000000006078148f3a4f0000006803000068030000680300006803000068"], 0x1) ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x10010000000035) fcntl$setstatus(r1, 0x4, 0x2000) 15:10:37 executing program 1 (fault-call:0 fault-nth:81): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:37 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, 0x0, 0x0) tee(r1, r0, 0xf81c, 0x0) [ 973.553911][T28589] FAULT_INJECTION: forcing a failure. [ 973.553911][T28589] name failslab, interval 1, probability 0, space 0, times 0 [ 973.583383][T28589] CPU: 0 PID: 28589 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 973.591388][T28589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 973.601446][T28589] Call Trace: [ 973.604745][T28589] dump_stack+0x1d8/0x2f8 [ 973.609079][T28589] should_fail+0x555/0x770 [ 973.613501][T28589] __should_failslab+0x11a/0x160 [ 973.618436][T28589] ? vfs_parse_fs_string+0xed/0x1a0 [ 973.623637][T28589] should_failslab+0x9/0x20 [ 973.628137][T28589] __kmalloc_track_caller+0x79/0x340 [ 973.633448][T28589] kmemdup_nul+0x2a/0xa0 [ 973.637688][T28589] vfs_parse_fs_string+0xed/0x1a0 [ 973.642710][T28589] vfs_kern_mount+0x77/0x160 [ 973.647296][T28589] btrfs_mount+0x34f/0x18f0 [ 973.651810][T28589] ? legacy_parse_param+0x37b/0x880 [ 973.657092][T28589] ? cap_capable+0x250/0x290 [ 973.661688][T28589] legacy_get_tree+0xf9/0x1a0 [ 973.666366][T28589] ? btrfs_resize_thread_pool+0x290/0x290 [ 973.672083][T28589] vfs_get_tree+0x8f/0x380 [ 973.679039][T28589] do_mount+0x169d/0x2490 [ 973.683455][T28589] ? copy_mount_options+0x308/0x3c0 [ 973.688644][T28589] ksys_mount+0xcc/0x100 [ 973.692875][T28589] __x64_sys_mount+0xbf/0xd0 [ 973.697459][T28589] do_syscall_64+0xfe/0x140 [ 973.701958][T28589] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 973.707844][T28589] RIP: 0033:0x45c2ca [ 973.711736][T28589] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 973.731426][T28589] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 973.739929][T28589] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 973.747899][T28589] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 973.755869][T28589] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 973.763840][T28589] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 973.771978][T28589] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 15:10:37 executing program 1 (fault-call:0 fault-nth:82): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 973.800364][T28587] ldm_validate_privheads(): Disk read failed. [ 973.807475][T28587] loop4: p1 p2 [ 973.818844][T28587] loop4: partition table partially beyond EOD, truncated [ 973.826435][T28587] loop4: p1 start 1 is beyond EOD, truncated [ 973.832632][T28587] loop4: p2 size 327680 extends beyond EOD, truncated [ 973.906362][T28611] FAULT_INJECTION: forcing a failure. [ 973.906362][T28611] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 973.919682][T28611] CPU: 1 PID: 28611 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 973.927647][T28611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 973.927651][T28611] Call Trace: [ 973.927670][T28611] dump_stack+0x1d8/0x2f8 [ 973.927683][T28611] should_fail+0x555/0x770 [ 973.927698][T28611] should_fail_alloc_page+0x55/0x60 [ 973.941051][T28611] prepare_alloc_pages+0x283/0x470 [ 973.941063][T28611] __alloc_pages_nodemask+0xb2/0x5d0 [ 973.941078][T28611] kmem_getpages+0x56/0xa20 [ 973.941088][T28611] ? trace_lock_release+0x135/0x1a0 [ 973.941097][T28611] cache_grow_begin+0x7e/0x2c0 [ 973.941109][T28611] cache_alloc_refill+0x311/0x3f0 [ 973.984760][T28611] ? check_preemption_disabled+0xb7/0x2a0 [ 973.990459][T28611] kmem_cache_alloc_trace+0x2d0/0x2f0 [ 973.995810][T28611] ? btrfs_mount_root+0x12c/0x1050 [ 974.000910][T28611] btrfs_mount_root+0x12c/0x1050 [ 974.005836][T28611] ? vfs_parse_fs_string+0x13b/0x1a0 [ 974.011096][T28611] ? trace_kfree+0xa0/0x110 [ 974.015576][T28611] legacy_get_tree+0xf9/0x1a0 [ 974.020229][T28611] ? btrfs_control_open+0x40/0x40 [ 974.025229][T28611] vfs_get_tree+0x8f/0x380 [ 974.029653][T28611] vfs_kern_mount+0xc2/0x160 [ 974.034222][T28611] btrfs_mount+0x34f/0x18f0 [ 974.038708][T28611] ? legacy_parse_param+0x37b/0x880 [ 974.043882][T28611] ? cap_capable+0x250/0x290 [ 974.048449][T28611] legacy_get_tree+0xf9/0x1a0 [ 974.053100][T28611] ? btrfs_resize_thread_pool+0x290/0x290 [ 974.058804][T28611] vfs_get_tree+0x8f/0x380 [ 974.063289][T28611] do_mount+0x169d/0x2490 [ 974.067594][T28611] ? copy_mount_options+0x25e/0x3c0 [ 974.072771][T28611] ? copy_mount_options+0x308/0x3c0 [ 974.077972][T28611] ksys_mount+0xcc/0x100 [ 974.082201][T28611] __x64_sys_mount+0xbf/0xd0 [ 974.086784][T28611] do_syscall_64+0xfe/0x140 [ 974.091266][T28611] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 974.097135][T28611] RIP: 0033:0x45c2ca [ 974.101021][T28611] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 974.120609][T28611] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 974.129014][T28611] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 974.136987][T28611] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 974.145137][T28611] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 974.153108][T28611] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 974.161064][T28611] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 974.210543][T28587] ldm_validate_privheads(): Disk read failed. [ 974.217783][T28587] loop4: p1 p2 [ 974.221763][T28587] loop4: partition table partially beyond EOD, truncated [ 974.229091][T28587] loop4: p1 start 1 is beyond EOD, truncated [ 974.235354][T28587] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:37 executing program 1 (fault-call:0 fault-nth:83): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 15:10:37 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffc8f) tee(0xffffffffffffffff, r0, 0xf81c, 0x0) 15:10:37 executing program 4: syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02000e00000001000000ff07000000ffffffa90000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") 15:10:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = dup(r0) sendmsg$inet_sctp(r2, &(0x7f0000001680)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0xffffff1f], [], @remote}}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)='+', 0x1}], 0x1}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 974.480151][T28631] FAULT_INJECTION: forcing a failure. [ 974.480151][T28631] name failslab, interval 1, probability 0, space 0, times 0 [ 974.512740][T28631] CPU: 0 PID: 28631 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 974.520756][T28631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 974.530835][T28631] Call Trace: [ 974.534137][T28631] dump_stack+0x1d8/0x2f8 [ 974.538463][T28631] should_fail+0x555/0x770 [ 974.542864][T28631] __should_failslab+0x11a/0x160 [ 974.547783][T28631] should_failslab+0x9/0x20 [ 974.552609][T28631] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 974.558310][T28631] ? __kmalloc_node+0x3c/0x60 [ 974.562976][T28631] ? smack_sb_eat_lsm_opts+0x867/0xa20 [ 974.568468][T28631] __kmalloc_node+0x3c/0x60 [ 974.572973][T28631] kvmalloc_node+0xcc/0x130 [ 974.577548][T28631] btrfs_mount_root+0xe3/0x1050 [ 974.582373][T28631] ? vfs_parse_fs_string+0x13b/0x1a0 [ 974.587629][T28631] ? trace_kfree+0xa0/0x110 [ 974.592107][T28631] legacy_get_tree+0xf9/0x1a0 [ 974.596764][T28631] ? btrfs_control_open+0x40/0x40 [ 974.601775][T28631] vfs_get_tree+0x8f/0x380 [ 974.606184][T28631] vfs_kern_mount+0xc2/0x160 [ 974.610758][T28631] btrfs_mount+0x34f/0x18f0 [ 974.615247][T28631] ? legacy_parse_param+0x37b/0x880 [ 974.620441][T28631] ? cap_capable+0x250/0x290 [ 974.625022][T28631] legacy_get_tree+0xf9/0x1a0 [ 974.629676][T28631] ? btrfs_resize_thread_pool+0x290/0x290 [ 974.635393][T28631] vfs_get_tree+0x8f/0x380 [ 974.639814][T28631] do_mount+0x169d/0x2490 [ 974.644125][T28631] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 974.649646][T28631] ? copy_mount_options+0x5f/0x3c0 [ 974.654742][T28631] ? copy_mount_options+0x308/0x3c0 [ 974.659943][T28631] ksys_mount+0xcc/0x100 [ 974.664167][T28631] __x64_sys_mount+0xbf/0xd0 [ 974.668736][T28631] do_syscall_64+0xfe/0x140 [ 974.673216][T28631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 974.679097][T28631] RIP: 0033:0x45c2ca [ 974.682980][T28631] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 974.702651][T28631] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 974.711037][T28631] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 974.718999][T28631] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 974.726960][T28631] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 974.734922][T28631] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 974.742873][T28631] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 974.781240][T28637] ldm_validate_privheads(): Disk read failed. [ 974.787559][T28637] loop4: p1 p2 [ 974.791164][T28637] loop4: partition table partially beyond EOD, truncated [ 974.798592][T28637] loop4: p1 start 1 is beyond EOD, truncated [ 974.804877][T28637] loop4: p2 size 327680 extends beyond EOD, truncated 15:10:38 executing program 1 (fault-call:0 fault-nth:84): syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 974.951202][T28637] ldm_validate_privheads(): Disk read failed. [ 974.957537][T28637] loop4: p1 p2 [ 974.961499][T28637] loop4: partition table partially beyond EOD, truncated [ 974.969108][T28637] loop4: p1 start 1 is beyond EOD, truncated [ 974.982402][T28648] FAULT_INJECTION: forcing a failure. [ 974.982402][T28648] name failslab, interval 1, probability 0, space 0, times 0 [ 974.984408][T28637] loop4: p2 size 327680 extends beyond EOD, truncated [ 974.996429][T28648] CPU: 0 PID: 28648 Comm: syz-executor.1 Not tainted 5.3.0-rc6+ #96 [ 975.009848][T28648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 975.019898][T28648] Call Trace: [ 975.019915][T28648] dump_stack+0x1d8/0x2f8 [ 975.019929][T28648] should_fail+0x555/0x770 [ 975.019941][T28648] __should_failslab+0x11a/0x160 [ 975.019952][T28648] should_failslab+0x9/0x20 [ 975.019967][T28648] kmem_cache_alloc_trace+0x5d/0x2f0 [ 975.032048][T28648] ? btrfs_alloc_device+0x78/0x5a0 [ 975.032059][T28648] btrfs_alloc_device+0x78/0x5a0 [ 975.032067][T28648] ? blkdev_put+0x2c8/0x3b0 [ 975.032077][T28648] close_fs_devices+0x4ae/0x910 [ 975.032088][T28648] btrfs_close_devices+0x33/0x130 [ 975.032097][T28648] btrfs_mount_root+0xa9d/0x1050 [ 975.032111][T28648] ? vfs_parse_fs_string+0x13b/0x1a0 [ 975.032119][T28648] ? trace_kfree+0xa0/0x110 [ 975.032129][T28648] legacy_get_tree+0xf9/0x1a0 [ 975.032136][T28648] ? btrfs_control_open+0x40/0x40 [ 975.032146][T28648] vfs_get_tree+0x8f/0x380 [ 975.032156][T28648] vfs_kern_mount+0xc2/0x160 [ 975.032164][T28648] btrfs_mount+0x34f/0x18f0 [ 975.032179][T28648] ? legacy_parse_param+0x37b/0x880 [ 975.032190][T28648] ? cap_capable+0x250/0x290 [ 975.032202][T28648] legacy_get_tree+0xf9/0x1a0 [ 975.032215][T28648] ? btrfs_resize_thread_pool+0x290/0x290 [ 975.032224][T28648] vfs_get_tree+0x8f/0x380 [ 975.032233][T28648] do_mount+0x169d/0x2490 [ 975.032245][T28648] ? kmem_cache_alloc_trace+0x23a/0x2f0 [ 975.037990][T28637] kobject: 'loop4p2' (000000003c1cde24): kobject_uevent_env: uevent_suppress caused the event to drop! [ 975.042117][T28648] ? copy_mount_options+0x5f/0x3c0 [ 975.042127][T28648] ? copy_mount_options+0x308/0x3c0 [ 975.042137][T28648] ksys_mount+0xcc/0x100 [ 975.042147][T28648] __x64_sys_mount+0xbf/0xd0 [ 975.042157][T28648] do_syscall_64+0xfe/0x140 [ 975.042169][T28648] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 975.042178][T28648] RIP: 0033:0x45c2ca [ 975.042187][T28648] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 975.042192][T28648] RSP: 002b:00007f08bc38da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 975.042201][T28648] RAX: ffffffffffffffda RBX: 00007f08bc38db40 RCX: 000000000045c2ca [ 975.042206][T28648] RDX: 00007f08bc38dae0 RSI: 0000000020000080 RDI: 00007f08bc38db00 [ 975.042220][T28648] RBP: 0000000000000001 R08: 00007f08bc38db40 R09: 00007f08bc38dae0 [ 975.047958][T28637] kobject: 'holders' (0000000064f8c66d): kobject_add_internal: parent: 'loop4p2', set: '' [ 975.052576][T28648] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 975.052581][T28648] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 975.053268][T28648] ------------[ cut here ]------------ [ 975.058071][T28637] kobject: 'loop4p2' (000000003c1cde24): kobject_uevent_env