: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x4000000) 2033/05/18 03:33:38 executing program 0: r0 = socket(0x10, 0x3, 0x0) r1 = memfd_create(&(0x7f0000000040)='lo\x00', 0x2) write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0x9) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@ipv4_newrule={0x38, 0x20, 0x101, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd}, @FRA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14}}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe}]}, 0x38}, 0x1}, 0x0) 2033/05/18 03:33:38 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f00000000c0)='./file0/file0\x00', 0x80000, 0x0) setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f00000001c0)=0x79b, 0x4) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:38 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\t\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:38 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:38 executing program 2: r0 = getpid() r1 = socket$inet_smc(0x2b, 0x1, 0x0) dup(r1) sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r2, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x1, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) fcntl$setstatus(r2, 0x4, 0x0) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000604ffc)) dup2(r2, r4) 2033/05/18 03:33:38 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) io_setup(0x3, &(0x7f0000000040)) io_setup(0x2, &(0x7f0000000080)=0x0) set_robust_list(&(0x7f0000000280)={&(0x7f0000000240)={&(0x7f0000000200)}, 0x7}, 0x18) io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001000), 0x232}]) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x400040, 0x0) bind$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e24, 0x8, @mcast1={0xff, 0x1, [], 0x1}, 0x8001}, 0x9b665b2a78b3a0e0) 2033/05/18 03:33:38 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pkey_free(0xffffffffffffffff) r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = accept(r0, &(0x7f0000000080)=@l2, &(0x7f0000000100)=0x80) getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000240)={'broute\x00', 0x0, 0x3, 0x8e, [], 0x1, &(0x7f0000000140)=[{}], &(0x7f0000000180)=""/142}, &(0x7f00000002c0)=0x78) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000040)={'tunl0\x00', 0x8}) 2033/05/18 03:33:38 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/28, 0x84) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000340)={0x21, @time}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc08c5335, &(0x7f00000003c0)) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) 2033/05/18 03:33:39 executing program 1: r0 = socket$inet6(0xa, 0xfffffffffffffffe, 0xfffffffffffffffc) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f000069c000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0x40085112, &(0x7f0000b18000)={{0x59d}, {0xffffffb0}, 0x8000, 0x0, 0x7}) 2033/05/18 03:33:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:39 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) sendmsg$kcm(r1, &(0x7f0000001700)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000001580)="baa121e48d2911ee780b685da65127eed4ad1eb229d94dcdcc03d1f8102a3691a826fae7875a879ff238127e9434f34ef43ea7136b8aef437fe2fdc72ae2e07ec95f65795207984899f692d265980027b79b33cf4641b6db9617466c35b0eaaedb3e2a73acb454d001eb49aa6cd0d940c289cc2efb735b945c7a48248cb8138932c0825c3f422f546579e3d37829f682dcaff4428f3056118aa8ec30e39201d9ae27f2374f0dce36320c4e104d52892b36d705b31ec8d96c2305712482c50130dee2fe78dda3e63d90687103a7783cb45e4c3171651dd1ef00df12dcf4ac47e591068a7fd3687bafa8f8232710c3caa3d80eabeda058", 0xf6}], 0x1, &(0x7f0000001680)=[{0x60, 0x6, 0x5b, "1d217684845aa3f0f5e2a3fc013ab32e072aab42c78e747148d6171b4d37ce406f93a3c16516eac4269acd93a0871e02a28807d7b88d906022ebe16aa4465d5985eacb63a47579acf65e92"}], 0x60, 0x4000000}, 0x800) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f00000000c0)='./file0\x00') creat(&(0x7f0000000240)='./file0\x00', 0xfffffffffffffffc) truncate(&(0x7f0000000200)='./file0/file0\x00', 0x202) 2033/05/18 03:33:39 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) keyctl$update(0x2, 0x0, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:39 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x20, 0x6}, {0x80000000, 0xee}, {0x8, 0x8}]}) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0xc00) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000100)) dup2(r1, r3) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000000)) 2033/05/18 03:33:39 executing program 0: syz_emit_ethernet(0xfffffda3, &(0x7f0000001140)=ANY=[@ANYBLOB="477ce84204cd000000000000810015000011aaabd13503b04100026a4d586f512097f0d9a0d69db4109ab1d0f8e3c3867d911214a759666436e698086ccab3458c8f91f2e752c5d8f513d3be3c16d00cf158c482676b85b5573b6c1ed6c4ddba3b19bea35eac9db2fe2e300c779f87fdd511052f065af3e713abc4025233011c6e819339091a4f3e21b08c17c2ed735c8a67a94e7144995adec366b607876b6e4f2b87ffd298e6407c81c64a7db285f5c132b069a20051e6b399ae437619dcc2427380d9ae3eed25b15c48c83952d05e59727f5ab5a0bb9a793240b47a26f0911c513e6b5282c45eb8bf52a4301fddeda86e0789854867dbedf5ad2f4d338497f5700d25bd39a7c1e164467b2515ee2b8439b7e6b69cfdff72db689c2a860570ab304e43711a377455f12da1b77bc0f3f32d122d116d8737bfdf07275988f044104940285bbe8caa25204c7407ad6ff3ed44fe3ae70c1cfcd154334bb2203fdb98fe03e98a9a69c7e97123a4dbd88d26fcd82603114198b8af753257516ce3cd0043d6028c36970993fce5c65c60307a82c3bd9d29a64382c7f713f26ff2ff6ad4f3e9d2ca3b97174eee6aa7711e4f4def74ddaf9a523c5397e4372b7f35341a37a65fe03d051ddffe1f60959de4e5c37c5a348767f5eff2067f8fb547b97206d904daf0754c626f4d76faf0221cba602ac79e1e081cfcdb77f46988ed06d5d4d49a62c98494987a0b2329c250a12add3f5d0fd1ec6ee6c24245b5166c629ae91de4832ea909f24761b5e02590d30967c1111034217ae67b7eea78930cf570c9a3ff4bf174aa6aec799dad0fe79066d617133caa374df61baa6352f5e39808b1ccc5034d9a5cbd3304584329478355ec5ca802b32b56f9e40c3edb70fc4b29adbeedb1c6d9aef6a85261452a3a15f2605f13587e5cf29bcef02c0452900fa5bc0914b6a4f0ef7f38969bb5500840fef1c29976513d4ff0ef53ba0d416c4ed88a66ad183c5b37043b81c7f1aecb0632092b3cd5663a30ec308ac322b3c89e01544410933da1b73311a3929651a2ba16fc6e82534c340fa74133b42d02788d8b0a8cb2c671b7ee5c785c3e3fe63a72fc9606850404c9d57a4b14b9669fdc2d646c51c036be10da94981f8a0eef693cc1f35b9c3e39ce65a36c79a1695a4c806526b8007d62b7e5d89f3ad08ea9b2eae31837aa89d139db8558e127ccfb426b275c472438fae4de0ed87ff0df770bd1c48cea84abb9e9975c2f0f6cf56daf4cf4001caaec74cd63ca4fd539df92ecbc3e1ddbd01ac33461e5b6885a889eb32a5902aaa03bb43de89cc0ee3ca00c0000029301084e9db10deb518dcae76770481b96f0c58200eba717d960765ee819f975d5628db0297df4f0b4b0b31f431aaed3334c023e629dd23a802d70897e13f918841802aebde4e53afb08b7840543a224ebf057551d87cc26f52f9e5b9e20c7db7a7f6a6160c3f441f45d9369be1c6e8d333d66664109e6b5786b754f0384c1f0e0c685479eb3ffcd9b17ae3f55a9db439af8358db48631d5f1e274928c7707e190ed571e857fb3c15093a4587bb087beb7b399730d65d256907c0be91d9c6d4967b957f62469cba1514bdaa5bae1706eb254c2dcdfbde4ef928541b8b3b6112cdf0deeb4de48394ecdec875d86e11c26c28e6d9f4e5f53366a6f2e19017115e64a730133034623403183a408b1cf580455e9f96e41efa9d0f32eebc634783ff379ae57e58b23173be65b3342a733c214548ad7739d4315f5dd5a580c0f3246a5819b5438a02aac31c31a8db9b62298cea79eac641dd096be078d464193e78466a8936d78bc7ab03cdfc7ecf952412897a6bd98c82fc2bc4f4235c44f77b86f13cca172f617403b8d2818a2851535f15ac3e955e711702daeffe20fbfd8b11d4c81c1c42d7208a50f760a1a02126e42b4c8d573db2c1e8ed38b93eeac1ec53db79e3de3e01e6b4ae2abc54a00d99a27ef1506fffd63c0db2c2570889c99157eafa781b96648595f4e49df05a6df6cb68f8f97f3c6531919c7f87fd66a75bd8ca5f7fc6af2f72f861f31acdb557549964ee12e52100b833703b83c5569949c5303be3f81569e505c9f3ea37bdfc650232b6746112134615cf7ced318725f8204dcd788ecbd29269e9d949084b10fbad38259be83f1f98f664d3dc41b904cb72ae76b59ab98b5aa9a7d2578d562d884ad0767933a84511cf00f25f8c161ceb5cfd9c024b1887ce076db925ce49882c4bbae756a73ac7744b1c50c3c11bb0a2d389f18a8ce8fe21928b2b3428434abc9087369098eea23a2a701ad97d1f57d92d8a4158bc9b5d089b1f791a7017bdf5b2ba3f9a72499598ae099e630873be1a0206e8dc906cc987b6f1a81ce4bcb37914b0b632eb28e582bcef1dac0e6e637ccc4d5140e4ab416e7bd7243a8079522295700b35dcfc183733b703cce1924bc2ea08c734af9f3612ab83e4e93e20f4b050b0657811b6014823fef247f5b2f95d87c023855faef6a6db02ae456309e537ca8c76b45273a1d7c5c080cc2aa862325a11df55bf287371cd098d0e2cccc5fa4bc80d065c7ec885f7b8eac113e09da177726b5be78c6a76958d76b593b699591ca246498974fcc91d65435ea69f3cbc96a3c49c9a213d6237675df9af5c7dea2fbdf3dc40cec6079d73040fa84181b2f2fb106d7814a65d4de86c99a912437a5297f61ad54f9778cd8f42d56f778344f6ef8446b9e3bda941809b188b69c71d3fbe457e3b0173dc6296efd918e247d55decdcd275b2497fe3a44fcf4c3f9547a818cab88ea77d2a4ba49053154265a60e1f63e963eed2dcd56e73586cff3bfe31eb69372485db43d56ddaed62f7b25c9b4b38710e864b974d189ce29263b9c4c670c9a2c1b4e088434a8aabbc1a65ce022a0c4d6371f6aa49b8eb5e8181fcfb973824c476cfe0a6f2088d4254b6169b3a87abf51bc663ce4feb93128f10559fd42de6cc6e0ac27046126aa84cb9beb996ea2ac5056c1756a2e6ae5ba9c78ad9e4bc4facdba9ba33d70b439fa2a427f088a6738e95dc296faf7fda8165c5c9dc8369645415bd26756e4047f8bfb60d9067feaa31336d0d9ee686a5111ef7a3deffee462b71815808b5a2445c344c0caa972138c267292316578ddb181c539ed86c848d65b127fc63e00e8dcceea408b2d1e9618753dbb01849c4bf107ad34818603da9d623097770d663c17bcc2b194df52ab7f993fe1d92358d8acfaa2670d70d518e13a9f40908765ac4ab5105d0760217c1be4e03235c6f77850b150e3cfb4e0d5fe9398ba93a614d85cce0cd44d7045e6cc463bce28c3ae6e1cb735976674b9fffcdbb2d0e97cd323388d5786ddd6007b3367b64a1ad72e457ddb231f179461dae7d48a743ed1723b2d8f41bf9d4ebc411fec55f2b873d5419706c78ae73b895bcc00d5e5221188a30ee71f377414eeec55bd07033cbf2d4f5ebaf491f1a32ae3833b620262af429e55ba05ba43a72b48ad05cbef39f7013abe3b8a2263c689afd89912d20b0896b9d7359ae1691d37cf1f57a57853a5c4c9826df221e6b5ac80436c6eb547d978caa2e880e183f07e48453c9e0a2c8f1718c5cd59338490c3aa8f2fb17ca70392556a3b1e20bceb3da3403d5e363fcacc61a10dae65d788edcd04055cb3d7ef0ffcaaa5d8aa43b0aa1e6c3c80c588e98d4a5f2bc2ccb86b27d85914a3f00b7fa15c454c335a601a284110e4406c44ba05a24c5fc8f3d345e29aa74fb5becf4f7fd8003e8180ff3a3525b01ef4f418da5f272445ae117811d108888cea5f61d9fbaa67e367313d8fb648ac886712ca21cabacb00ec7934b7f25bb2356a2f089de6d8d42955e02a5f46d733dafdd76c911a2758f133b2598f6b251568a16e2ca9ac3b35e87e0a2bed2ec299355ba9cd02053ecf349237aaa0b37c117b2a0cce37aa43557ecdcc2765a050937a3d48a3b044cadb9162bdd081d4e1005e511e9686b35cdb0a8e24ddf6a44fd002c2e2e220e043d730740ba6853314fe53bc25753fb3a92f8b4e3a92f61f054242c15d38743b000357d95930478a48809dd3f7d2ee26a50721dc57ab0a17a67298f67d1464574d57e8b340cb3633097bb025d0f3aa674f585dbdd054f5c2fd7f8881ea85c6c7d08a50215034e01033b848d9889a2db2bbf6311afc81bef89d4ec45b1323104718619c7acda6f78fb2235f59508e9e4403472386ca50353226c36880840636e363b3f7496d748c3a2dacbe4e3ba9dfcc47b799b0d10115d08b126b5a5ae101eb4341fc736645b448fac36e1b7eba56a61426ef6b064c988c093a197e66ccfc8708fe490fbf705248238bf67d9ff8e64e9a85e04ca665fcca82e7cc4d8a1698c07298662cf1eb66a67ce9e3d5ceea78d9b8797111dd29de54536ba4cb0fcb3a08351722ac34ef3e766272b1f70937b13edde984395d4aaf90d0841fa70087e906ec72615560e76eb4a7d623159e80a7b9c18875086f2c09d97347dae7649bc00c085d07c2945841c2c703db3c58da95c3717662fb6501dffe7c70390d6171287811e7b9fdd368a89751b2f2b56792c46c8d6494f7dbe8ce38a09764cb9e0b934090620f175a1032cfda7578274fd4860fe3a1357749a8a9b1ea4ca1b367160906f18d66aa29e3d31e5918fdcabc33ddac5226a82eb0f6fcfcf5832a80e59f851072141368a0be3ff43e3ea5488604b3d55b3254293a1fb62a7cfe88cee930120ea68bb993a535d022e0ea883a7934c2d3f55b167057de19283fb2458ca2d1f0b7a9ec0ca9bb7ddd5a66ce95b19947757e5eb3e5eed49a8f8f0addaffa9bb97c7b196e4b410adf1f90902ed63e3e863a46e1f6008532568bbe85a99806f7be60ea90f1fd81aef4601dd7c603005ca34e6a3c93ab41548b78470509c53874cd1596c6c950bc2cad8c287f194431e05098cd7f33c310a8dd7f4f09eaa970cacbe912c37517d5c3111cd8b450bd34bf4872e398ed1fdf6b4fd3304f63f763ad159b579a34c385ac29b8dd6a3326294e94c8c5fd22a8622ce7db716d1d7310eecc7bf60eefa076d4a785ae2054dc7a0f83e38957959bddb8d5f065b7a7be2a4ebde71789527cc19ec659e3d63a4cc478c9fd5ac5403c8a95bb055c344b45e31c7b1f0514f2ce7cb60b2714ebaecec347f87705dd985813f6540ae6957f4cfc7e96ce7e7ca8c2a45e26e2b31a015a4ff281071600fabaf1a606a9a2775c7b6054d647acdf4723f27198fd08a7687e66f06f9819640203dbaa8d49b3897c9113cb96ac83815e40e0319301dab9b701ce70250bf27f4a02ad07db3d5cac9ec144b8ca568540e08823f8179226252dff47f07184ab9a397d8701cdea8f1f8e3721cf7f547a41a0afb438ac129a342a9f503d42d80dcdfd3029878b28344ea441879a760cdaacb61f7bcad57f2d235fd3dba2b239085aa2e77c5fa3e0264684207a85a2c474ec67acf5eeeba5cbdb30cf0efed5cdcbb8becac56a4778443077edb3da81d0eee72beb666d68da5e7432160116fa28722cbd217e72b2081d97152eb362cc09ea19f001f8d1354949243ac7d300316b2ab1d0d1fcc314505fb1a3cf447f0490aea2b98d60277728898c0097f59416a93d07f5b87bd18ac13cbbedf42038e126420671acbf5987e7af811e2d2b5a41150a37664c147ac1220cb869b19c87eca02560cb8c0d8d276cce8b82dd00cbf211387c4166ba7a83d617d0be33f606515c149d98bb2c7c62eac255228e94c51ee9910eede10440b0f417a3f963131d53d89fd61eb95cd713b3a74e93d522d833448c0d70c6c8594a248817cccf9da68cc4fd7d71"], 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001100)='/dev/ppp\x00', 0x40005, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000001080)=0x1, 0x4) 2033/05/18 03:33:39 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x4000) 2033/05/18 03:33:39 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={"62726f7574650200", 0x20, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, &(0x7f00000000c0), &(0x7f0000000c00)=ANY=[@ANYBLOB="5b6f5a24e89157ea4b852019cc39e7a37a7b5b3789caae2c4526d17c9f2d053e406f1747c70e72dd903a10775047e9b68b16137148b2d888b1eec1f72070f8133281d432f4700d97c48957fd06", @ANYPTR64=&(0x7f00000006c0)=ANY=[@ANYRES32=r0, @ANYBLOB="8b613184cadabf999f15215a92aede00adde52aec312ea39d3ef95f8a6b219cbfc0a23c62204f9c4504349084c699e509ab414d1af74afc7360ce675de539725c5dd72555716c1bbf19335a995f5ed64da8c5a1931b671b145d90bc3dc40d51ecd09fb80430820b0c7915f564b9e4c", @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYPTR, @ANYRES16, @ANYPTR, @ANYRES16=r0], @ANYRES64, @ANYRES16=r0, @ANYPTR=&(0x7f0000000140)=ANY=[@ANYBLOB="7db4100c72590bfb8728a6be84c5fe12065671944905670efceace3e02345c3e5b86ca760d67b82f1248cbd5583575205ee6069e927156d0ea7896620d62dad8682425718bd2dc7dc87dc42288c62308c60b385e01757cdf4faeba0eebaf0142a122f3fbd3f79fb625b4c0069b717fad6d840fb21e6598475841ff341cdc5322888c17af8883ea4de4c842af6bb5eeaff148fa3557b821a23d5c482c486ba24414ca6fb80cddd9ce8dbe78683f187e39be8bf891482d72ed9ddd03a98956250698532489b5"]], @ANYPTR=&(0x7f0000000a40)=ANY=[@ANYBLOB="3c297a6d424ec981596d74683358a28ab479a9e7c3b68a43e7830d92bd446968863450ac0dfca99ade37938d98a2d5f5de75ddd9b9388a052c93f1e03ef4e32bf757d91e163e85", @ANYRES32, @ANYPTR=&(0x7f0000000a00)=ANY=[@ANYRES16, @ANYRES64=r0, @ANYRES32=r0, @ANYRES16=r0, @ANYRES64=r0, @ANYRES16=r0, @ANYPTR], @ANYRES64=r0, @ANYRES32=r0, @ANYRES16=r0], @ANYPTR=&(0x7f0000000780)=ANY=[@ANYBLOB="9bb6dae7c749d25e12a40f2167c9a501a59b83968ca84d2bd75868357d383c0242987e0702355a379081c7a4e5b2408036a97f4b30995c7cfc2db0071863b2937cbf908fa542ec9c93e62e0b7309bcfd74bebe7c2d9e49664ea70970708837fc242aec9ce5c0021b4c4ddd29ab0f56a4a5767c1222d9c63dcad574e81e14133c8479f8ba3ae5e4b7cb3c6d7392db0c0fe71454ad7ff3b3eded052cb7bef4f87b50769d81f8efd8faf837738438e81fb2cd", @ANYRES16=r0, @ANYRES32=r0], @ANYRES16, @ANYRES64, @ANYPTR=&(0x7f0000000840)=ANY=[@ANYPTR64, @ANYRES16=r0, @ANYRES64=r0], @ANYPTR=&(0x7f00000008c0)=ANY=[@ANYRES32=r0, @ANYPTR, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYRES16, @ANYPTR64, @ANYRES32=r0, @ANYPTR64, @ANYRES32=r0, @ANYPTR64, @ANYRES16=r0, @ANYPTR], @ANYRES64=r0]]}, 0xf7) [ 267.269444] kernel msg: ebtables bug: please report to author: entries_size too small 2033/05/18 03:33:39 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000007000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000002000)}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x2011, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140), 0x1, 0x0, &(0x7f0000000180)="b1"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000000)=[@register_looper={0x630b}], 0x48, 0x0, &(0x7f0000000040)="5e28a928b7b064604e0e282c5e59178e911afbbf407f5d60c0018fc63978a8215812c8a9dd1f30dd744e464f514cbb5ddacf40c59a28a69893bd1d1d2ce267e600c0adadbea88e26"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12634840"], 0x0, 0x0, &(0x7f0000000240)}) 2033/05/18 03:33:39 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000009900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 267.333097] kernel msg: ebtables bug: please report to author: entries_size too small 2033/05/18 03:33:39 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x93) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:39 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000019fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x10001, 0x20000) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000000c0)=0x65d9) close(r1) connect$unix(r2, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) r3 = memfd_create(&(0x7f0000a98000)='y#\x00W', 0x0) ioctl$TIOCSBRK(r0, 0x5427) pwritev(r3, &(0x7f0000000000)=[{&(0x7f0000012000)="ca", 0x1}], 0x1, 0x0) fremovexattr(r1, &(0x7f0000000040)=@known='system.posix_acl_access\x00') pwrite64(r3, &(0x7f0000000240), 0x0, 0x0) close(r0) 2033/05/18 03:33:39 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f00000001c0)={0xfff, 0x2, {0x0, 0x0, 0x6a74, 0x3, 0x99}}) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) syz_open_dev$urandom(&(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x100) 2033/05/18 03:33:40 executing program 5: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x1ff) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x80000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x52, 0x8, 0x0, 0x6, 0x12, 0x4, "1ac7b587558d47da333bb38fbb48aaed59900959994ac82f48183085c66cff5634b4544edcd4bbb38740eca969f34943f3f2ef7561c37325d4917af455eb6aaf", "03b68dc6315537e3bb561ce3485683b65ea725d5fb5b58d8e10d6806e9092f9459b6d7e5a9b314a5674aa764ac7b51ebce4893fcbb1689d399ae4f9a796b3b93", "f5b08c2d4da29371acca5ca7a1fa44f3bb1fbb9cb597f5c1f7a6b07eb23904c8", [0x80000000, 0xc4ef]}) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x20800, 0x0) readahead(r1, 0x7, 0x5) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400000, 0x0) 2033/05/18 03:33:40 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001e00a01f1bbd331336c9e32a07e331d61200000000000000000000ace5f73300000000000000dec3edb0ea0a79f50000000000000000000000000000000000000000000000000000001c0017000004000000000000000000000000010000000000000021000000"], 0x5c}, 0x1}, 0x0) 2033/05/18 03:33:40 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r1 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, 0x0) keyctl$update(0x2, r1, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:40 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000a700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:40 executing program 5: r0 = request_key(&(0x7f00000000c0)='rxrpc_s\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000140)='^:\x00', 0xfffffffffffffffb) r1 = request_key(&(0x7f0000000200)='trusted\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000280)='--$^-:eth1/-mime_type$&keyringwlan0]\x00', 0xfffffffffffffffa) keyctl$search(0xa, r0, &(0x7f0000000180)='user\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, r1) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)="2f02726f75702e7374617000", 0x2761, 0x0) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0)='tls\x00', 0x4) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000000)=ANY=[@ANYBLOB="0000020000000000000041"]) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0xc0185879, 0x20000001) 2033/05/18 03:33:40 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x400}]}, 0x10) setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000340)=0xff, 0x2a9) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000008, &(0x7f0000000080)={0xa, 0x4e22}, 0x1c) r3 = accept(r1, 0x0, &(0x7f0000000040)) close(r3) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0xfe8c) setsockopt$inet_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet(r4, &(0x7f0000d9dff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) r5 = socket$packet(0x11, 0x2, 0x300) poll(&(0x7f0000000140)=[{r0, 0x4}, {r0, 0x1008}, {r5, 0x2400}, {r1, 0x4014}], 0x398fbefb68b5f47, 0x0) 2033/05/18 03:33:41 executing program 0: clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x5, 0x9ca9}, 0x8) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x22080, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r1, 0x2, 0xffffffffffffffff, &(0x7f0000000100)) execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000480), &(0x7f0000000680), 0x0) open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27a, 0x0) 2033/05/18 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000a900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:41 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000019fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x10001, 0x20000) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000000c0)=0x65d9) close(r1) connect$unix(r2, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) r3 = memfd_create(&(0x7f0000a98000)='y#\x00W', 0x0) ioctl$TIOCSBRK(r0, 0x5427) pwritev(r3, &(0x7f0000000000)=[{&(0x7f0000012000)="ca", 0x1}], 0x1, 0x0) fremovexattr(r1, &(0x7f0000000040)=@known='system.posix_acl_access\x00') pwrite64(r3, &(0x7f0000000240), 0x0, 0x0) close(r0) 2033/05/18 03:33:41 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x4) 2033/05/18 03:33:41 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) getpid() ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:41 executing program 5: r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) r1 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) keyctl$search(0xa, r0, &(0x7f00000001c0)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, r1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000440)='/dev/snd/pcmC#D#p\x00', 0x8, 0x40000) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000480)={{0x0, 0x3, 0x8, 0x1, 0xffffffff}}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:41 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000200)='ext3\x00', &(0x7f0000000240)='./file0\x00', 0x73, 0x8, &(0x7f00000017c0)=[{&(0x7f0000000280)="0b912afaa9a4d7826f6007e5b14b0fd19ab63b919fc0f57cf3cbead80e7d32ee26609751496cb121917c533a2683bd66aa3e82f98888c49c6007a352f2d4f86069d56de6aefde5664c640fb76f22232c87682c7fc96214d1b98cac9a7b0bf35b631a57e19e5fb48c91ffbd3c599eef81e44f21d59d77e0b9dbd960abcf9341cf17945426d7e47179bfcba3ea74b3cb10cb878972f1727c5e24f1f268ce340d4fc1b036ef4ab644df98c629398f004a847a6229cca361f12639d2770b6de85bd361c5598aeb303130c1c941b3b5", 0xcd, 0x6}, {&(0x7f0000000400)="0df5e58a08aeb65c25f004be452c4c4b44650a88ef258e8e4b41720e808344759f532dbf79f95f3b3553056df5c086276dc72ae94abe4c1f335fc974c1851f1a5cbb2b0017c59eb46c5f951e88fa90391840940384ac49dd7480faae1581273945793ba3002e5fb3864775930ab93469b8d18e3ce2643a74c65864f87a256a064bc9ac75c20933a19f1fe1", 0x8b, 0x8000000100000}, {&(0x7f0000000500)="ee8a7bad7a8de7e808ab00e9e828df88f50cae65357cc60044aff3f9e3496481112a6d413db5d6e9924f98e088230192ef4350fe8e64a9adb3c889c4251f79a70966b881dd407ce366ddfe6dbe8a25d783592c3f235327e4520d02b0eba603792e118b059ccd0b47b5cc69a0e745b51bfc256db72c61155a7d41", 0x7a, 0x800}, {&(0x7f0000000580)="7928d49974478c47e9e2d61bc8014c911abe9db5c13a18a8c1dca9f20c0b511394121392323e015634b08b8c61c249f21f40691e7025cecab59b6e71d11e2a519926583e296bab875a10d1e978db3861730816ccce08dc443c3c914681ae6c62c87049d06541f26472c67320d92c6d3b1ef5168d31040b5065afefa12fe523101953eb2eb3bf82e055bc4bc177c745d9638a2aac7c0d489ffc4955994970", 0x9e, 0x90}, {&(0x7f0000000640)="3ec7a97b81a8e5c588b57c601636153fbeff3646dd6d894df7fefbc020b1913016df4752263af13333b501348cd19ce0febdbe9dcc7217b6d6409686de13d40c3473e3a028cb5fdf538fbc5a99de9d22db09f2418558be75e79f0fe16bf872e0e206b3d34d2224045cfe06485de1e836f8", 0x71, 0x100000001}, {&(0x7f00000006c0)="75cba9bfe8393b9c4175653d9b1946dec91e02fa6f6694035be11fe0bcbd238c8aa5d55f6609fab759d7ab81f9797fd487778a2a178456b8f6ccc01a59d99d69c6adb47a244d524c52e4906a51bf7b0da7981b75b6c525c81ad13af05c6b97798d6e7dbe8a4fb72326ad21daf0b8f584d77d78e80ab6ad50bbf896514e462310224ee485d9c2fe3482e57685f99a78d0b9cf8d4a7cfd9da5a87f7b09bd8a49fffc7bd5c40eb03baac54bfff353309381999d1aa1467c36f4336a134cfab4e0bdaf637bc173b9a58b", 0xc8, 0x6}, {&(0x7f00000007c0)="0cc385a5cb02a51319bc286cc7ea8c4c7109c0d0fa0f6fc7307274ea7b6486ebadb9379e9d4614a625a86ccad9f3c6ca2e6b1580e488dac54e13f62ff5bebdf27db9f4b5eefde7cd8b489ff1600b4115475769cebad006b71b606dfbc96496d8b948f942d23774c1863c99347d716264861e4eb04c239f5e109ea1d8a2dbe35a252f84844a693c5e65fa0e2e8d82765c118ea2baabaea8f5c77cfcca5dc7521fb58a98ced89b2faf1d81d9c11b92ac0fe3461dfed6b711756235abccc980c9297e85832b64b153e19e4270be76bc06a706db9829185eafbdef01186ef29ce2eaf8851df29163f613bc8c10743aa0223853a49aec89495406fe1649f0b5d4c3c1faba21398e273e8002458847fc40101c0055095a8ebde61652e065a3ee6fcf52d5268620e63025ae862fa8bac7e8eed4e3acb4f7bf4ed745bd05f0bef114e5f9fee46c490cb525bac30cd193fc68d574c8be507a9402d2f301fe2b3f192c6b2168d613c367996d28932553ae8021230bbf5957dbadcba955a48def6c82a09666c08524960d2d0cd556d3d5d571bdd543229bfa2e4432a377fba770736c289cbd3adaaca4b41b153cf9225e1bab198475ab402f6d2d3ea52a6776598443150c2ce46abea829ed3b682e58026be722596793453238a689fea52ef1260029c77b81b5ae73b49fcf23d58509d3535f4e077a6385f49ab11cb2ae37e239314f2a5817bc2b2212d493000257ba0ee041031ae7d11c0806bf67e93db4842afeccf6da88ecba2497a50bbb83bcfa60e0adabf91951d2a25ce5f5e160594b7aa8ae1b1981557c4ace9905cb0d39f06f030bebc8c5b7ad47e80b806fca46c1b3785aa863e1374e641b7d3916ecaf296bf22aa679dd2b28a70dd2d7609d9a070fce13070dd0c4f6f7f522c171cefd1057c960496ac4d2d505091fe7f35ae84d03ca932eaf53fd1751e92c2bff2fbf9a99d07fae3ee314a3a96774bbd2319d671d278041f13ebea58201a5a2002b6600abd6f6a579924a321b0accc84b4c06d031a546ca7d7f9717c97da2e2e864a03c20b483a0238d0f57681f6248c5ea5281d3301ab16dbc04fc53cc36e0cccf2f10a455c4fc393c5eda29f8c9e60962380286d8600a2c986d55486db71349887f2543a1bad39de06485e33df554c8aa85d569527c9096f29f6fc434bfdb099dec69c0b548d0546c26ef69d317ee0bca2483e024d7cfacc27fd9e7d5104901710fcf09afb96ac4643741a9f2d8645068cd15cd5961faf94f04b1488e3ef785e7cd43c1d7b701dbf17c78eeb644f9062fd3edcf49dd454369a83f1e12bf45a2b767bae1003368a378114d92e5ebfe1e012eebdab3fdebd0a6ba28661100e2e36557f1159e48a34db09716802fcc4ef7a4b8566d2e768c0c39176fc92838d89ea220dca5a2621b0da01a92460db04559e30c10b08cdd1f5d5e67bcfb1c3b7884bf0db09d7f499f2619fc3469810bdb0a33468894e76ad1291ea71c8252e5054e37ba3a6d6efab972bfdda08deef6b6b97879a6256c693654538ed739830c19294eb45828c8a1840bfa77930a7550718a4080269b0fe0a1e8119748023d6617f1628533632227f1b77edf88dfa73dfa86b5f63aced6a593f2b11e5cd94efe94e70d632df67b055b134b21a60e2e841f58de3248eb6ff3d082316dc74788bc1007402042f1da34a60afb16ef2729922e10e9791a333ba8964adbc77568101f01ebce2b99de045a76c8fbce613639e861807e6c66c028a6567411a78f0ba3f13e1df5b4101fcd77e151de0f1d79e8102b3387ef23a639d1116e0ab76b7b7239b074197ea5e1303b1b027201112470d70da922262bd71ec03bdde4be7f350f230b077133f25f8a8de3637450c2274e1b31515507ebdfb338773809d7a71d30d1df1a59b49a5ba80c8dc364aaf7f79ccbd2047cd0888842790f4110f6cb5f41561c41b950247b5f0b1add47ebc040cc246f7929650b0bc32d548a24d328f597ba868206da39db89a9437457360299cea3c63e6de2cd80720c9c4db3bae6dbcd098dbd4548f2fd3440473ca920d69a5e76c8da2cc30167c8aae1698ad4fec5377393a020b982caeca56dfa821d706741746f6ab8e4f9f33fff53c6ccad17ef75316e484dc22e3e78298147f18a96464f9df76df0e38459fd12ba4af91e2e2f382eb2e29a41d124daa2748a7f584a51677157b1a2055959de1b0bc1bc9a68222552bb7300143cc920c20dec75fa3fae025d1bafbfc7a020d617991d7be319ea5f27b9d47131ad8d42cf4618539c1db5cd752ac2276a652738c769eb2b20a61332145091112c6d07d2e1a0283e44604c6a1c61508842e50ce630343885646e1326d173a73464d27a057d9f1468c56117ec4d73fefcad00a644bffe96032f6f85a5e8cd15f3c50b9522f71896c546c55c2c3f93cd3d6be302ddd62958d4f123140176672b5f5f27238eba615f4912b4a50231fa49965a87597080981f19def6bf66d55c7dcee6da74f89b139ee773bb457495894d7b96ae9e3148acb3b5b8d11e035fa5378d33d45e8da41db561e94657c1673e9c5bb5750ccd70ec5051f5c05a70685c26dd3ce35eb355e407901ed1a10b86d23ae067d4656f76361f930506e29f407a1064cfe76e97b768782c985d02fa8a5a40c495d8e65f543e50cfbf1790ee7dea4441cc4c956254cadcec3c4516eb40be73b83c038cc80dbf85e6bd796f707523d2837aa26f99c994a988478bbd2e5822c9af204486b27db6a9eb0fe291e8cb68cdb39608a9b2d2836241fa260c5178ec49e57b4d4d0f3138288c91a506b248804d1d62e6420ef7b470449531ef3870f091906b6aeb50e245863372084b6088b40124d0361003b3f4ef561b77c5622c14c9609b664c8194e9c659ce4e884f0152ce956e93e2df798555d48b523094cb3ad1fb8e9a9c096e0ea78a60ae7ecb55075e55de7f61b13b6b6f6dc25c01cee0d3150ad62f235d071bb0b4a80e46d279cf20fd0fa64c8ff1be28a9294c567f97ae6bf3e829e480510262965ac89531ad6df58295bab288d4debea819107e01462f8d499a262ab16e168777555f6a69a7b4bf87f406234ed5f93580266b7ccc8b25e399249a788732e7108da231eae5e72c94fa5cae8655f896094509c5b007138e8f3719be41701cbdae82e70e5921a109fe755383202fb05a766cedde0f2313980890026fcc73433039d4b3a858c0ac1824f562e57068f0f6ad4b9589f498d387b1af24767bd0014af81ec6a11dae2f42078f6b318844992baf0c1e2a7ac7e3ce9039787171b808d15a47f7a053a6fcf69a3023b229576ace57ba3e06b1b0c69e9db8dc38efe14a5a854d6481c3d72b5da1fbe54b28be70a503246fed82db5cc64bb7abadd8953ba573e07b484fb624cf3b9fc747b6899e07644cdcb289fc6f49c9aaf7a1872375242fb3697481e75e6d0cc92cf8d9809575a6a648f66af13be295275c59769a85f58d3a87080bbc479b89b380923130efab14a8eaa52c753f28f02ad3430dda934965c95d99b32ef158cf5c83ae20963bf8aaebc8fdfa9adf14c13b79df4b2def354133e65c4e8547e61c823272089608ecb8805f70d6b0e375c74439e898ee1f9ae2bd2d2671c000a13b48b7cd284d53638bf245d2f2959b792783ddb840ba7cc1b740b125ddc34830ecf320bb7f696c7915ef79e6d9c4968d86059a0e020c9cf001cac28a663964c7c36defed3ba3d639b0a1c429e4efecf4be3c6232ccbca836ffd172f83c832e2b5bba4a8d8d511b9179ff33acdd1af0f5caca3a645025974692c4fb5a7edf04cd9ea8295853c28fe492f1106b4361ba7378e3f84f55e09c46294eb48fc9e4c15cdfa4cda9e86858ad9eb786dd88a36ab28f71dc6513833352416f7080d6dae334aa85e485cbe1b851f27fdadc9bfa5e7ea16a82ae608facc36fff4b3267a14f9f9cb6419c2d212724b6679f6229daaa2a7f401dabf93b7e18795bb24a55bedd787023f3c03e918429dfec82de2e854f90d85406f93e450a02e673009ef3949f99ee7a06fde8f114f22ea51ec148f05c51c1ee62ed2fc299a54dc997d1a785dcbb83e9eb0b77f203493c9653b7223ac11676e8e46abd3dedce587742e2d81432f383296deb7665e857421efcedc02052be65d42bbc46952275d9719f8752d9118a26ed7c63bbbaf4ef00d0cbac0a447ea2867be1183a9d1d1432f673d3426ebf5c6e5d2e200ec6869f6a993c376b26aa0c138a52a53f240dcc8d1affd693ac72a65156b993eeb18b979e1e22fa7c4624addfa1276ba94106e8045bf45bc3f9676a47ce625b2ff5045269b8f5b523a284e4c7f810b837b316b45f3d6fab1f707534dd00d34fdbe9e692c16301dfbf95e7cea24367009ad2daeaf23d85360c1fdd1fec5c03278f7a3db4edaf71fa39d3a961d56859512ad827552615016d478fd779d4f4616a8437af5226ad396e828afba400bdd283f9968de6066abdc57823dbfd5e2eb60cb710a179c19d493577738d597760e2aea5f227a097f443d9b008513eb2868faa25b30f38645257784ce9679890c0fc7e7057abf6b9c35b31e66f0b411075681dbb11d6cdb5f62057c32f637d98d18ffaddb6fc8671dd9179ba9a5106c65e18dff75ab687cbc1c6dcf184a23c708bbb09b985f71d5c9a79a0da8113c25508fa7a2e382698d915c737bd7e6cdf4d401eb83ccb3c2ea11d48bf9ae4ff638894a2f8209060b56ce61af74e892305a5ba65e6d20f3b280132e3d8b9a3ca915487c832e25324cc69cc1921316b9e7f896f0b64b63c3dadb438e1d89c887245171705877351fcddbcc6772a47f1ba57b9f19f5aa6025028aed8f78f2d5f026bc8f37d11147ebf6cd28948eb4ac7b3b4526428f551c21288edc13c3cc9170c7cd37e5eca9fb9e55545b6b58cca0d59122d1473be6dbf595c01fc23fffe29a4eb817ccc737174a1e78c0c7a7d6ca885822af4e0255aa9e02e45f7d9f86bf522e7a706bc055fc50d3ea46dca51990d58b6daf11b5f7519cf8ff86b4819b6020fc82aecef76c4ad75f8ee284683e459239a3e372135174b4c588e4ce80aa57ddadb3c7c612d7fc36aa6c7dd54b3e544f113eeda3ae11d2e5ceecf6bbcaea4c02f745b5f4d54975ea7da46232d601edd50a9337bf37274e83b29285e27dd1a98d6e64eecca3a59ba8fa665aaee057b206c393d27cf3c3b89065b1b2c71979bbd2598578d407b448c94128cafb7b725142da5ae2ff318e3ef68b1aa58c0550b28e6a011568cb76f8f7700375ebc75107278e1e42dd088a2c60f0b6a4623fc1ba1862d068e7ff7f61d117f0a3b6aa689f9cda4a85400c509fe5aa8524ad2f2a147a5e4b0e0009736fc23a1cc8e2d516bf94e9a4889b561f88665a532e8467b5aea4b0b3c6a9c4112845234e150e494021d9aa089266b60ce6fa32ebb495a2cf3f09a3310a654dc47ee19014fafa4ab3909fb73accc763ee47b49db8459560f4d374ab77207b9313bd4b528af9648ad3347fca000176807da8f7c0374bfc308e132a0a6b12ef621aa9a80153eef95e55c867824276da5070596e930c4ad6988ea7b84f5cee020f0cc9b3e72413624bf20bec2cb52bd73138a80b496457088715aefa6822d7762d66c08bcd27ec479f1c0aaa7700f1cba42f4ad3c2b38183759fe82b88ff8e9b543da9fa4ccd1e2716aeed5f8401fa6e925f94745c05802cb98068c64959826651543c96b2d319a361cba54fcf849d8d5525a4984106308cbf76878752218a654541bdddcaa5be8741088b3fd781fb0280a006ce1543005", 0x1000, 0x1}, {&(0x7f0000000380)="1c5599ddd46f57303b36c7c6d57972c527f0ccaf86271d5ef928a70f", 0x1c, 0x1}], 0x204040, &(0x7f0000001880)={[{@noinit_itable='noinit_itable', 0x2c}, {@grpid='grpid', 0x2c}]}) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f00000001c0)) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:41 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r0 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0) r1 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r0) keyctl$update(0x2, r1, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700d500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 268.837516] BTRFS: device fsid ecf6f2a2-2997-48ae-b81e-1b00920efd9a devid 0 transid 0 /dev/loop5 2033/05/18 03:33:41 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r1) keyctl$update(0x2, r2, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:41 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/100, 0x64) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:41 executing program 5: r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) r1 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) keyctl$search(0xa, r0, &(0x7f00000001c0)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, r1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000440)='/dev/snd/pcmC#D#p\x00', 0x8, 0x40000) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000480)={{0x0, 0x3, 0x8, 0x1, 0xffffffff}}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:41 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f00000001c0)={&(0x7f0000ffe000/0x1000)=nil, 0x1000}) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:42 executing program 7: r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:42 executing program 5: r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) r1 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) keyctl$search(0xa, r0, &(0x7f00000001c0)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, r1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000440)='/dev/snd/pcmC#D#p\x00', 0x8, 0x40000) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000480)={{0x0, 0x3, 0x8, 0x1, 0xffffffff}}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67bf00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:42 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x80000, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000200)='fou\x00') sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80002}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r1, 0x20, 0x70bd29, 0x25dfdbff, {0x2}, [@FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_IPPROTO={0x8, 0x3}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x32}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44}, 0x480c0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:42 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000200)='ext3\x00', &(0x7f0000000240)='./file0\x00', 0x73, 0x8, &(0x7f00000017c0)=[{&(0x7f0000000280)="0b912afaa9a4d7826f6007e5b14b0fd19ab63b919fc0f57cf3cbead80e7d32ee26609751496cb121917c533a2683bd66aa3e82f98888c49c6007a352f2d4f86069d56de6aefde5664c640fb76f22232c87682c7fc96214d1b98cac9a7b0bf35b631a57e19e5fb48c91ffbd3c599eef81e44f21d59d77e0b9dbd960abcf9341cf17945426d7e47179bfcba3ea74b3cb10cb878972f1727c5e24f1f268ce340d4fc1b036ef4ab644df98c629398f004a847a6229cca361f12639d2770b6de85bd361c5598aeb303130c1c941b3b5", 0xcd, 0x6}, {&(0x7f0000000400)="0df5e58a08aeb65c25f004be452c4c4b44650a88ef258e8e4b41720e808344759f532dbf79f95f3b3553056df5c086276dc72ae94abe4c1f335fc974c1851f1a5cbb2b0017c59eb46c5f951e88fa90391840940384ac49dd7480faae1581273945793ba3002e5fb3864775930ab93469b8d18e3ce2643a74c65864f87a256a064bc9ac75c20933a19f1fe1", 0x8b, 0x8000000100000}, {&(0x7f0000000500)="ee8a7bad7a8de7e808ab00e9e828df88f50cae65357cc60044aff3f9e3496481112a6d413db5d6e9924f98e088230192ef4350fe8e64a9adb3c889c4251f79a70966b881dd407ce366ddfe6dbe8a25d783592c3f235327e4520d02b0eba603792e118b059ccd0b47b5cc69a0e745b51bfc256db72c61155a7d41", 0x7a, 0x800}, {&(0x7f0000000580)="7928d49974478c47e9e2d61bc8014c911abe9db5c13a18a8c1dca9f20c0b511394121392323e015634b08b8c61c249f21f40691e7025cecab59b6e71d11e2a519926583e296bab875a10d1e978db3861730816ccce08dc443c3c914681ae6c62c87049d06541f26472c67320d92c6d3b1ef5168d31040b5065afefa12fe523101953eb2eb3bf82e055bc4bc177c745d9638a2aac7c0d489ffc4955994970", 0x9e, 0x90}, {&(0x7f0000000640)="3ec7a97b81a8e5c588b57c601636153fbeff3646dd6d894df7fefbc020b1913016df4752263af13333b501348cd19ce0febdbe9dcc7217b6d6409686de13d40c3473e3a028cb5fdf538fbc5a99de9d22db09f2418558be75e79f0fe16bf872e0e206b3d34d2224045cfe06485de1e836f8", 0x71, 0x100000001}, {&(0x7f00000006c0)="75cba9bfe8393b9c4175653d9b1946dec91e02fa6f6694035be11fe0bcbd238c8aa5d55f6609fab759d7ab81f9797fd487778a2a178456b8f6ccc01a59d99d69c6adb47a244d524c52e4906a51bf7b0da7981b75b6c525c81ad13af05c6b97798d6e7dbe8a4fb72326ad21daf0b8f584d77d78e80ab6ad50bbf896514e462310224ee485d9c2fe3482e57685f99a78d0b9cf8d4a7cfd9da5a87f7b09bd8a49fffc7bd5c40eb03baac54bfff353309381999d1aa1467c36f4336a134cfab4e0bdaf637bc173b9a58b", 0xc8, 0x6}, {&(0x7f00000007c0)="0cc385a5cb02a51319bc286cc7ea8c4c7109c0d0fa0f6fc7307274ea7b6486ebadb9379e9d4614a625a86ccad9f3c6ca2e6b1580e488dac54e13f62ff5bebdf27db9f4b5eefde7cd8b489ff1600b4115475769cebad006b71b606dfbc96496d8b948f942d23774c1863c99347d716264861e4eb04c239f5e109ea1d8a2dbe35a252f84844a693c5e65fa0e2e8d82765c118ea2baabaea8f5c77cfcca5dc7521fb58a98ced89b2faf1d81d9c11b92ac0fe3461dfed6b711756235abccc980c9297e85832b64b153e19e4270be76bc06a706db9829185eafbdef01186ef29ce2eaf8851df29163f613bc8c10743aa0223853a49aec89495406fe1649f0b5d4c3c1faba21398e273e8002458847fc40101c0055095a8ebde61652e065a3ee6fcf52d5268620e63025ae862fa8bac7e8eed4e3acb4f7bf4ed745bd05f0bef114e5f9fee46c490cb525bac30cd193fc68d574c8be507a9402d2f301fe2b3f192c6b2168d613c367996d28932553ae8021230bbf5957dbadcba955a48def6c82a09666c08524960d2d0cd556d3d5d571bdd543229bfa2e4432a377fba770736c289cbd3adaaca4b41b153cf9225e1bab198475ab402f6d2d3ea52a6776598443150c2ce46abea829ed3b682e58026be722596793453238a689fea52ef1260029c77b81b5ae73b49fcf23d58509d3535f4e077a6385f49ab11cb2ae37e239314f2a5817bc2b2212d493000257ba0ee041031ae7d11c0806bf67e93db4842afeccf6da88ecba2497a50bbb83bcfa60e0adabf91951d2a25ce5f5e160594b7aa8ae1b1981557c4ace9905cb0d39f06f030bebc8c5b7ad47e80b806fca46c1b3785aa863e1374e641b7d3916ecaf296bf22aa679dd2b28a70dd2d7609d9a070fce13070dd0c4f6f7f522c171cefd1057c960496ac4d2d505091fe7f35ae84d03ca932eaf53fd1751e92c2bff2fbf9a99d07fae3ee314a3a96774bbd2319d671d278041f13ebea58201a5a2002b6600abd6f6a579924a321b0accc84b4c06d031a546ca7d7f9717c97da2e2e864a03c20b483a0238d0f57681f6248c5ea5281d3301ab16dbc04fc53cc36e0cccf2f10a455c4fc393c5eda29f8c9e60962380286d8600a2c986d55486db71349887f2543a1bad39de06485e33df554c8aa85d569527c9096f29f6fc434bfdb099dec69c0b548d0546c26ef69d317ee0bca2483e024d7cfacc27fd9e7d5104901710fcf09afb96ac4643741a9f2d8645068cd15cd5961faf94f04b1488e3ef785e7cd43c1d7b701dbf17c78eeb644f9062fd3edcf49dd454369a83f1e12bf45a2b767bae1003368a378114d92e5ebfe1e012eebdab3fdebd0a6ba28661100e2e36557f1159e48a34db09716802fcc4ef7a4b8566d2e768c0c39176fc92838d89ea220dca5a2621b0da01a92460db04559e30c10b08cdd1f5d5e67bcfb1c3b7884bf0db09d7f499f2619fc3469810bdb0a33468894e76ad1291ea71c8252e5054e37ba3a6d6efab972bfdda08deef6b6b97879a6256c693654538ed739830c19294eb45828c8a1840bfa77930a7550718a4080269b0fe0a1e8119748023d6617f1628533632227f1b77edf88dfa73dfa86b5f63aced6a593f2b11e5cd94efe94e70d632df67b055b134b21a60e2e841f58de3248eb6ff3d082316dc74788bc1007402042f1da34a60afb16ef2729922e10e9791a333ba8964adbc77568101f01ebce2b99de045a76c8fbce613639e861807e6c66c028a6567411a78f0ba3f13e1df5b4101fcd77e151de0f1d79e8102b3387ef23a639d1116e0ab76b7b7239b074197ea5e1303b1b027201112470d70da922262bd71ec03bdde4be7f350f230b077133f25f8a8de3637450c2274e1b31515507ebdfb338773809d7a71d30d1df1a59b49a5ba80c8dc364aaf7f79ccbd2047cd0888842790f4110f6cb5f41561c41b950247b5f0b1add47ebc040cc246f7929650b0bc32d548a24d328f597ba868206da39db89a9437457360299cea3c63e6de2cd80720c9c4db3bae6dbcd098dbd4548f2fd3440473ca920d69a5e76c8da2cc30167c8aae1698ad4fec5377393a020b982caeca56dfa821d706741746f6ab8e4f9f33fff53c6ccad17ef75316e484dc22e3e78298147f18a96464f9df76df0e38459fd12ba4af91e2e2f382eb2e29a41d124daa2748a7f584a51677157b1a2055959de1b0bc1bc9a68222552bb7300143cc920c20dec75fa3fae025d1bafbfc7a020d617991d7be319ea5f27b9d47131ad8d42cf4618539c1db5cd752ac2276a652738c769eb2b20a61332145091112c6d07d2e1a0283e44604c6a1c61508842e50ce630343885646e1326d173a73464d27a057d9f1468c56117ec4d73fefcad00a644bffe96032f6f85a5e8cd15f3c50b9522f71896c546c55c2c3f93cd3d6be302ddd62958d4f123140176672b5f5f27238eba615f4912b4a50231fa49965a87597080981f19def6bf66d55c7dcee6da74f89b139ee773bb457495894d7b96ae9e3148acb3b5b8d11e035fa5378d33d45e8da41db561e94657c1673e9c5bb5750ccd70ec5051f5c05a70685c26dd3ce35eb355e407901ed1a10b86d23ae067d4656f76361f930506e29f407a1064cfe76e97b768782c985d02fa8a5a40c495d8e65f543e50cfbf1790ee7dea4441cc4c956254cadcec3c4516eb40be73b83c038cc80dbf85e6bd796f707523d2837aa26f99c994a988478bbd2e5822c9af204486b27db6a9eb0fe291e8cb68cdb39608a9b2d2836241fa260c5178ec49e57b4d4d0f3138288c91a506b248804d1d62e6420ef7b470449531ef3870f091906b6aeb50e245863372084b6088b40124d0361003b3f4ef561b77c5622c14c9609b664c8194e9c659ce4e884f0152ce956e93e2df798555d48b523094cb3ad1fb8e9a9c096e0ea78a60ae7ecb55075e55de7f61b13b6b6f6dc25c01cee0d3150ad62f235d071bb0b4a80e46d279cf20fd0fa64c8ff1be28a9294c567f97ae6bf3e829e480510262965ac89531ad6df58295bab288d4debea819107e01462f8d499a262ab16e168777555f6a69a7b4bf87f406234ed5f93580266b7ccc8b25e399249a788732e7108da231eae5e72c94fa5cae8655f896094509c5b007138e8f3719be41701cbdae82e70e5921a109fe755383202fb05a766cedde0f2313980890026fcc73433039d4b3a858c0ac1824f562e57068f0f6ad4b9589f498d387b1af24767bd0014af81ec6a11dae2f42078f6b318844992baf0c1e2a7ac7e3ce9039787171b808d15a47f7a053a6fcf69a3023b229576ace57ba3e06b1b0c69e9db8dc38efe14a5a854d6481c3d72b5da1fbe54b28be70a503246fed82db5cc64bb7abadd8953ba573e07b484fb624cf3b9fc747b6899e07644cdcb289fc6f49c9aaf7a1872375242fb3697481e75e6d0cc92cf8d9809575a6a648f66af13be295275c59769a85f58d3a87080bbc479b89b380923130efab14a8eaa52c753f28f02ad3430dda934965c95d99b32ef158cf5c83ae20963bf8aaebc8fdfa9adf14c13b79df4b2def354133e65c4e8547e61c823272089608ecb8805f70d6b0e375c74439e898ee1f9ae2bd2d2671c000a13b48b7cd284d53638bf245d2f2959b792783ddb840ba7cc1b740b125ddc34830ecf320bb7f696c7915ef79e6d9c4968d86059a0e020c9cf001cac28a663964c7c36defed3ba3d639b0a1c429e4efecf4be3c6232ccbca836ffd172f83c832e2b5bba4a8d8d511b9179ff33acdd1af0f5caca3a645025974692c4fb5a7edf04cd9ea8295853c28fe492f1106b4361ba7378e3f84f55e09c46294eb48fc9e4c15cdfa4cda9e86858ad9eb786dd88a36ab28f71dc6513833352416f7080d6dae334aa85e485cbe1b851f27fdadc9bfa5e7ea16a82ae608facc36fff4b3267a14f9f9cb6419c2d212724b6679f6229daaa2a7f401dabf93b7e18795bb24a55bedd787023f3c03e918429dfec82de2e854f90d85406f93e450a02e673009ef3949f99ee7a06fde8f114f22ea51ec148f05c51c1ee62ed2fc299a54dc997d1a785dcbb83e9eb0b77f203493c9653b7223ac11676e8e46abd3dedce587742e2d81432f383296deb7665e857421efcedc02052be65d42bbc46952275d9719f8752d9118a26ed7c63bbbaf4ef00d0cbac0a447ea2867be1183a9d1d1432f673d3426ebf5c6e5d2e200ec6869f6a993c376b26aa0c138a52a53f240dcc8d1affd693ac72a65156b993eeb18b979e1e22fa7c4624addfa1276ba94106e8045bf45bc3f9676a47ce625b2ff5045269b8f5b523a284e4c7f810b837b316b45f3d6fab1f707534dd00d34fdbe9e692c16301dfbf95e7cea24367009ad2daeaf23d85360c1fdd1fec5c03278f7a3db4edaf71fa39d3a961d56859512ad827552615016d478fd779d4f4616a8437af5226ad396e828afba400bdd283f9968de6066abdc57823dbfd5e2eb60cb710a179c19d493577738d597760e2aea5f227a097f443d9b008513eb2868faa25b30f38645257784ce9679890c0fc7e7057abf6b9c35b31e66f0b411075681dbb11d6cdb5f62057c32f637d98d18ffaddb6fc8671dd9179ba9a5106c65e18dff75ab687cbc1c6dcf184a23c708bbb09b985f71d5c9a79a0da8113c25508fa7a2e382698d915c737bd7e6cdf4d401eb83ccb3c2ea11d48bf9ae4ff638894a2f8209060b56ce61af74e892305a5ba65e6d20f3b280132e3d8b9a3ca915487c832e25324cc69cc1921316b9e7f896f0b64b63c3dadb438e1d89c887245171705877351fcddbcc6772a47f1ba57b9f19f5aa6025028aed8f78f2d5f026bc8f37d11147ebf6cd28948eb4ac7b3b4526428f551c21288edc13c3cc9170c7cd37e5eca9fb9e55545b6b58cca0d59122d1473be6dbf595c01fc23fffe29a4eb817ccc737174a1e78c0c7a7d6ca885822af4e0255aa9e02e45f7d9f86bf522e7a706bc055fc50d3ea46dca51990d58b6daf11b5f7519cf8ff86b4819b6020fc82aecef76c4ad75f8ee284683e459239a3e372135174b4c588e4ce80aa57ddadb3c7c612d7fc36aa6c7dd54b3e544f113eeda3ae11d2e5ceecf6bbcaea4c02f745b5f4d54975ea7da46232d601edd50a9337bf37274e83b29285e27dd1a98d6e64eecca3a59ba8fa665aaee057b206c393d27cf3c3b89065b1b2c71979bbd2598578d407b448c94128cafb7b725142da5ae2ff318e3ef68b1aa58c0550b28e6a011568cb76f8f7700375ebc75107278e1e42dd088a2c60f0b6a4623fc1ba1862d068e7ff7f61d117f0a3b6aa689f9cda4a85400c509fe5aa8524ad2f2a147a5e4b0e0009736fc23a1cc8e2d516bf94e9a4889b561f88665a532e8467b5aea4b0b3c6a9c4112845234e150e494021d9aa089266b60ce6fa32ebb495a2cf3f09a3310a654dc47ee19014fafa4ab3909fb73accc763ee47b49db8459560f4d374ab77207b9313bd4b528af9648ad3347fca000176807da8f7c0374bfc308e132a0a6b12ef621aa9a80153eef95e55c867824276da5070596e930c4ad6988ea7b84f5cee020f0cc9b3e72413624bf20bec2cb52bd73138a80b496457088715aefa6822d7762d66c08bcd27ec479f1c0aaa7700f1cba42f4ad3c2b38183759fe82b88ff8e9b543da9fa4ccd1e2716aeed5f8401fa6e925f94745c05802cb98068c64959826651543c96b2d319a361cba54fcf849d8d5525a4984106308cbf76878752218a654541bdddcaa5be8741088b3fd781fb0280a006ce1543005", 0x1000, 0x1}, {&(0x7f0000000380)="1c5599ddd46f57303b36c7c6d57972c527f0ccaf86271d5ef928a70f", 0x1c, 0x1}], 0x204040, &(0x7f0000001880)={[{@noinit_itable='noinit_itable', 0x2c}, {@grpid='grpid', 0x2c}]}) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f00000001c0)) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:42 executing program 0: clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x5, 0x9ca9}, 0x8) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x22080, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r1, 0x2, 0xffffffffffffffff, &(0x7f0000000100)) execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000480), &(0x7f0000000680), 0x0) open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27a, 0x0) 2033/05/18 03:33:42 executing program 2: r0 = getpid() pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x68) sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r2, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r2, 0x4, 0x0) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000604ffc)) dup2(r2, r4) 2033/05/18 03:33:42 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0xf6ffffff00000000) 2033/05/18 03:33:42 executing program 1: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'vmac(aes-asm)\x00'}, 0x58) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = accept4(r1, 0x0, &(0x7f0000000000), 0x0) socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c50400aeb995298992ea5400c2", 0x10) sendto$ax25(r2, &(0x7f0000000040), 0xfffffffffffffdb1, 0x0, &(0x7f0000000180)={0x3, {"c52b2cdc4b4936"}}, 0x10) recvfrom(r2, &(0x7f00000001c0)=""/126, 0x7e, 0x0, &(0x7f0000000300)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x709000) 2033/05/18 03:33:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e678700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:42 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r1 = syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0x6, 0x12000) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000280)={0x3, {{0x2, 0x4e22, @loopback=0x7f000001}}}, 0x88) r2 = fcntl$dupfd(r0, 0x406, r0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f00000000c0)={0x7, 0x10000}) r3 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) setsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f00000001c0), 0x1) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:42 executing program 5: r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) r1 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) keyctl$search(0xa, r0, &(0x7f00000001c0)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, r1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000440)='/dev/snd/pcmC#D#p\x00', 0x8, 0x40000) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000480)={{0x0, 0x3, 0x8, 0x1, 0xffffffff}}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:42 executing program 7: r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:43 executing program 7: r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67009f00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:43 executing program 5: r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) r1 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) keyctl$search(0xa, r0, &(0x7f00000001c0)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, r1) syz_open_dev$sndpcmp(&(0x7f0000000440)='/dev/snd/pcmC#D#p\x00', 0x8, 0x40000) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:43 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000280)={0x0, 0x40, 0x200000000000, 0x11c6, 0x4, 0x6, 0x8001, 0x8, {0x0, @in={{0x2, 0x4e21, @broadcast=0xffffffff}}, 0x401, 0x8eaf, 0x9, 0x7, 0x53da}}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000001c0)={r1, 0x3ff}, 0x8) 2033/05/18 03:33:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'bridge0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}}) sendmsg$nl_netfilter(r0, &(0x7f0000000040)={&(0x7f0000791000)={0x10}, 0xc, &(0x7f0000dd0ff0)={&(0x7f0000000140)={0x20, 0x40013, 0xa, 0x1, 0x0, 0x0, {}, [@typed={0xc, 0x2, @u64}]}, 0x20}, 0x1}, 0x0) 2033/05/18 03:33:43 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0xfeffffff00000000) 2033/05/18 03:33:43 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x2) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$KVM_NMI(r2, 0xae9a) syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x80000) r4 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000100)="5820e43f8dc796cf488c5172f73b5ecd71bd17c2d986fff1ae50d0e0c48974e088d81a9c3888da8421a52d2aa5dbf0e1c616815c573597cd2765eeb0bd483440d68349e8c1ef13ceda77bbcea3f9485876361539f95af1caf7877bf074", 0x5d, 0xfffffffffffffffb) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) keyctl$chown(0x4, r4, r5, r6) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f00000002c0)=0x80000000, 0x4) dup2(r1, r3) 2033/05/18 03:33:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000080)=@ethtool_rxfh_indir={0x39}}) setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000240)={0x3, 0x36a, 0x1, 0x1}, 0x10) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x4000, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000200)=0x3) getsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000100)=""/253, &(0x7f0000000040)=0xfd) 2033/05/18 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67ee00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:43 executing program 1: prctl$setmm(0x23, 0x6, &(0x7f0000ffb000/0x4000)=nil) 2033/05/18 03:33:43 executing program 5: r0 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) r1 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) keyctl$search(0xa, r0, &(0x7f00000001c0)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, r1) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") r1 = socket(0x2, 0x80805, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') splice(r0, &(0x7f00000001c0), r1, &(0x7f0000000200), 0x55ca, 0x5) sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, r2, 0xf00, 0x70bd29, 0x25dfdbfd, {0xf}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7f}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000240)=@broute={'broute\x00\x00\x00\x00`\x00', 0x4000, 0x2, 0x5b0, [], 0x0, &(0x7f0000000080), &(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000001100000000000000000076657468305f746f5f7465616d00000069706464703061db00000000000000006272696467655f736c6176655f3000007465616d5f73ff5e76655f3000400000aaaaaaaaaaaa0000000000000180c2000000000000000000000070000000e8010000180200005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000000000000000000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a7573625f6465766963655f743a7330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000100000011000000000000000000626f6e645f736c6176655f300000000076657468315f746f5f6272696467650073797a5f74756e00000000000000000065716c00000000000000000000000000ffffffffffff000000000000ffffffffffff0000000000000000a8000000d8010000080300006d616300000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a7661725f73706f6f6c5f743a733000000000000000000000f864a21155000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a6273647074795f6465766963655f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3fbe32310a380fd670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000e42b5034108e90d1a116a40d6f7f12675dc623a61bdb243eba748a980b5df16012fb96e004b83e14025989d7e181e8c7ddeb6bea5065cdab66ff6"]}, 0x671) 2033/05/18 03:33:43 executing program 7: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:43 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x412a, 0x2, 0x7fff, 0x9, 0x0, 0x100000000, 0x7410, 0x2, 0x0, 0x27, 0x0, 0x8, 0xaf71, 0x6, 0x8, 0x100, 0x800, 0x8, 0x1, 0x8, 0x7, 0x6769, 0x2, 0x6, 0x1, 0xc38, 0x7, 0x0, 0x200, 0x0, 0x25, 0x0, 0x6, 0x9, 0x9, 0x1, 0x0, 0xee4, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x20040, 0x7, 0x3ff, 0x7, 0x5, 0x2, 0x2}, r0, 0x1, r1, 0x1) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000000)={0x3, 0x5}) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) getpgrp(r0) dup2(r1, r3) 2033/05/18 03:33:43 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) [ 271.233538] kernel msg: ebtables bug: please report to author: Wrong len argument 2033/05/18 03:33:43 executing program 5: add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000380)="beab9052a583ac737d00a953efbc39198a4f3225cc3626f24f0396f3f513ea3022167e001796870f2218ca1e0b1fa4c976da6d6b0e4a753dbeb3a1bb21c93bae7d67a98a203954a260aeadf0d69a94d50d363c2be940e825e66e7631ff2cffebd8bf2eb83ff844fc4023ed624b09e4c2b95e2fe7adc61eacce2a5d80fd81bcb94968bc8f2b40ed39895a", 0x8a, 0xfffffffffffffff9) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:43 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0xa00c0) r1 = accept(r0, 0x0, &(0x7f0000000080)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KDMKTONE(r0, 0x4b30, 0x1) sendto$inet6(r3, &(0x7f0000000100), 0xffffffffffffffd6, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r4 = socket$inet(0x10, 0x3, 0x4) ioctl$sock_ipx_SIOCAIPXPRISLT(r1, 0x89e1, &(0x7f00000001c0)=0x82) sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f00000000c0)) 2033/05/18 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:43 executing program 7: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) [ 271.319674] kernel msg: ebtables bug: please report to author: Wrong len argument 2033/05/18 03:33:43 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x6, 0x3, &(0x7f0000346fc8)=@framed={{0x18}, [], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r0, 0xfffffffffffffda2, &(0x7f0000000040)}, 0xfffffffffffffe5e) [ 271.390062] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 2033/05/18 03:33:44 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f00000001c0)='vfat\x00', &(0x7f0000000200)='./file0\x00', 0xe000, 0x259, &(0x7f00000003c0), 0x80001c, &(0x7f00000000c0)=ANY=[@ANYRES16=r0]) lseek(r0, 0x2b, 0x1) [ 271.561723] FAT-fs (loop6): Unrecognized mount option "" or missing value [ 271.587258] FAT-fs (loop6): Unrecognized mount option "" or missing value 2033/05/18 03:33:44 executing program 5: add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="fdbd9ddab32ceb075aa9e1243839be53f1e3a9df1fff5f27a568e8c47c5e2c12c2bd335c7097312b028f4c3816d6f093fe40e24eab983cbfdb2e0fd68f401e121f9fcc88c2a488a78b1bbe91e1dab19876e6c87ba48876d766557caef49dbcb21c4537d5cd1505692e3fd16cb02a4cef1a2b222135702d895aa58538d742", 0x7e, 0xfffffffffffffff8) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:44 executing program 7: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:44 executing program 0: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x0, 0x0) r1 = socket(0x2, 0x6, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000380), 0x4) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000200)) dup2(r1, r2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0), &(0x7f0000000140)=0x8) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f00000001c0)) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000180)={0x0, 0x100, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, 0x20) 2033/05/18 03:33:45 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='dctcp\x00', 0x36f) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x51, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000300)="4f62ff47", 0x4) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="17", 0x1}], 0x1) 2033/05/18 03:33:45 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f00000000c0)) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:45 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x40000000) 2033/05/18 03:33:45 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) getpid() ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000b900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:45 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:45 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0xfffffffffffffffd, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x28a2, 0x109802) connect$nfc_llcp(r1, &(0x7f00000003c0)={0x27, 0x0, 0x1, 0x6, 0x3, 0x3, "ca705b01960fb5554555743d3d8ee1b786097682e53253245c5a20a47e24c3bf5c3b2358618afd26dcb8a6cd2d1d6d01b08a644e1f96ce01ee357cb75a3ffd", 0x36}, 0x60) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000000)={0x2, 0x0, [{0x1}, {0x80000008, 0x873}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0xaaaaaaaaaaaaadf, &(0x7f0000000380)=[{&(0x7f0000000040)="eb3c906d6b6673bfd3712a800204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r4 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r4, 0x84, 0x12, &(0x7f00000001c0)=0x4, 0x4) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r4, 0x80045530, &(0x7f0000000280)=""/239) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:45 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000e100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:45 executing program 1: syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x400, 0x0) mknodat(r0, &(0x7f0000000040)="2e2f636f6e74726f6cff05", 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x0) mkdirat(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x0) 2033/05/18 03:33:45 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:45 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bind$netrom(r0, &(0x7f0000000040)=@ax25={0x3, {"64b406042c849e"}, 0x1f}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x800448f0, &(0x7f00000001c0)) fcntl$dupfd(r1, 0x406, r1) 2033/05/18 03:33:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67008700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:46 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:46 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000340)='/dev/full\x00', 0xfffffffffffffffe, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f00000000c0)={0x2, 0x7, 0x0, [{0xfffffffffffffff8, 0x5, 0x6, 0x8, 0x76, 0x1, 0x9}, {0x7fff, 0x1000100000000000, 0x0, 0x9, 0x9, 0x5, 0x4}, {0xdc7, 0xe1b, 0xff, 0x7, 0x9, 0x9, 0x5}, {0x5, 0x8001, 0x5, 0x75, 0x144, 0x2704, 0x1}, {0x2, 0x7aec, 0x3, 0x3, 0x7, 0x3ff, 0x9}, {0x6, 0x9, 0x10000, 0x2, 0x9, 0x3f, 0x8}, {0x0, 0x2, 0x5, 0xda0, 0xe15f, 0x1000}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil}) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x200000, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x11, r3, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000001040)=ANY=[@ANYBLOB="060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2033/05/18 03:33:46 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="0047fc2f07d82c99240970") syz_emit_ethernet(0x32, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa00f1ff450000240000000000219078ac1414deac1414aa000000000401907804e5a87daebf8182a5476842e725152aa940dd397126bb591a4f8ee4f23cc79fb66424988178148ac6ca0e48095c56a29478a1e142fb28fcac3dc58663bf72a3c717280db3c116629e00df0922000000000000000000000000000000"], &(0x7f0000000040)) 2033/05/18 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:46 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:46 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x2) 2033/05/18 03:33:46 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:46 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={"76657468300000000000000000000001", 0x0}) sendmsg$nl_route(r0, &(0x7f0000000580)={&(0x7f0000000500)={0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00faff180031130000000000000000020000caaba82a6100000820040000000000000000001b3cc4553750086c", @ANYRES32=r1, @ANYBLOB="ff47ba4fba1454008969e65c84a9afd92485d531cac668b1ff7ebce76217f3b71114ff3e35c8677649c98169c54d5e40236f074b8d5b5581f5b1f94865d581000031ed6979a4450bf0b6ff2d5b445e2920ac3ea8f9c73553f51d93d4ce8e4c77a0c82df05a8d51fffdfd6234579a7f7d105a69a4ccd572118913275f91a1d073ffed9c2195f85b4cc1cba3f8fb6f9c4fc4d7ddc26b184d0448ea9de3d7108286172fc2"], 0x2c}, 0x1}, 0x0) 2033/05/18 03:33:46 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:46 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:46 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67f700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:46 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet6(0xa, 0x1000000000006, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000200), &(0x7f0000000100)=0x4) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$TCSBRK(r4, 0x5409, 0x19) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000080)) 2033/05/18 03:33:47 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:47 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:47 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:47 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000300)='./file0/file0\x00', 0x20020000000) getsockopt$inet6_tcp_int(r0, 0x6, 0x5, &(0x7f00000000c0), &(0x7f00000001c0)=0x4) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:47 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0xfffffffe) 2033/05/18 03:33:47 executing program 0: r0 = socket$inet6(0xa, 0x4, 0x7ff) ioctl(r0, 0x8912, &(0x7f0000000200)="0047fc2f07d82c99240970") 2033/05/18 03:33:47 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) io_setup(0x7f, &(0x7f0000000000)=0x0) io_submit(r4, 0x2, &(0x7f00000011c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0xb, 0x4, r3, &(0x7f00000000c0)="bf4e2976bb2fa73b647962b5150e57f6bde1c40c111c3624cebbbcab5c724ed0381a09a48a56015f51d46ee7bbf4c342f7417128cce6ae4f87a33c8c6ac7a160bd3585b9708b745c873a9961fbbe9f62bfa611433684f5821abddfcc4277f3579ec94ffd213b1abd788e8c2aae8c84cc3ab8af5eaea21a3ddec4d9a27bf8fed18d963cb0d41564e58c580304df69f2ad081ed73a41ae7fcd", 0x98, 0x7, 0x0, 0x0, r1}, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x3, 0x76, r2, &(0x7f0000000180)="4e03e5647315215e47fc2404ea9120f68c20816dd0c09a165ffeb01ee307d5e08bf958338a1e07540ad115ae2a925a6b19310147021936e1cce223ffac9b356d7a6cbd46db67ae89cb2500c5cc19586d330c8fd97c659058fb34f36c9c3bfa5d8c3e5ab94597a7d5f6dd00692d89c318943ff83560ed2155a990d34aed300fc36216ac370b0c242e5fc2ac71e8bc650508f4e043d3412c1861f5d129f9f78b01a806efcac1dd86ea9cb7c035800f4fc77d23912a3bf4bb97b48fc777797e63d9dfcab5caa53769e3a56b7f243563556f49361631a2e1b4fb55e9afa840f10fd7e81d0c3552cf315d5f7ee29f1802efb6add6f556a68e8fcc3732d1320b60c943ab7b46047816d0a6887e0a023fa6358fbd2357777494e57066b8fab71fe85c89e6c12673a4ae24bea441c928887708db1e441a8645f5bee14e8fd2670461d43257fefeb6a0800816e4b107ec21fc2d511bf080c96262684c405d664be8eb180651960060cce7131efa52902aae50d4a2677770b9a0b332732f2bc0d485b657a65b605675cfd3c094ba63c33182165436dd7900d15c7e866f970f4967462217f9e947a6aed3d3daec678a6c8d58a133f07b0bbb04d919d443cc60c4d252b7331d833aceed9c8ac4f4b1bd3452cd7bdeb4ad4db270bf6979602516934b0ae4b3dd1385c381f944427131dba22034b44e9611817f08f3f231f10471c118230d850a738ca338cd9ae52e95862ff26d261d42d137a5f491fde30a5f38dcb8a559e3135396c5d37073667207a268cfcc84cde9e2eac506dc965b2ddd7c7b0ad60844043b4ec7323cd151d3191d9b12f1405baaed752072f1694a08385a58cd9b21787b540155f3df84c0af48656251dc08e1a426d304d02067fd731dab7074328331609cc0aafad8a8083d4444daea67e02170d75da7588f06b58d77dd6370ccb783cea29bc0dc380b07529497d516819f8f4a0579212314642bd6205af708c952fec02fd6c4019b81eeca21cdcaf15b15cfc85d7c6f2fdbbddf6e8485082183dd3e40cb5a85bd7de398d823d1887b086fe9bbd2f3c996c2265da36703059c17bfb6f69d004b41e67addcda8c5a7422873d5022d05b6df2c88329abd5dfda971d1fffc0c87024b2cfae18975de5c121cfbc92d4a6ac768b5246ebc5bb74ba9c1db5bb506ee1f17d50ef4bbabbf1b930cc6bef2da31a46ec1cc9e8805eb4fa772bb84072533799989c110d286425d9774d0b0359eac78ca88c4f52768431c82393991c8654c46a87f4526a1b4e6d3f9eb3b5e4fa5b646efef978957cd17acdf4c3b13796fd51348d9971c9a3f7eca856cfa089fbf2365233fa15747b0fae2be0199a5e0e106d9ee0a28822628b185a5599ef566379f9065b5cef41df6e1a24fa7b2bb2b28b3f23f039c529ad248b68a38d8131bbacc2be13b035230e86c38cf9e1f69d30278a29c6a9d12c42ed4905d3e4baf31015804255ababea92e6d97f9f95c90593cfcf35369f17de458f1afcb244f85ad4abef8c1b4a65a069f092a67f6cfd8dcb30debc1adf8969f98fed87f5e0f726d3686f6130a06fff92d6cd83fa192d0327e7e697109a6fa330f35ddbdcd8ffd553ecb280a966ccc6f0b63fb02f158e403cc6480e83def37fdc9d112e907062274b22b52233fdb72031e30f0aa01303f9a9d6de883c1416aa37469299e20a7e500ee8f4804b2239f55f5974c66a6e5755ca0151744a8ff519fad124bbfc6e33dcbb4e5d7f955079c9fd29925b8298afe9126e19a680ebd0c3862d1cc0930c9239288d00b8145b929c97835b88341bba7b6b67aa864ed4255e6c7be82b96e2d696e4c249bb6019673331e26dd5ab03c0bdf07c659a0a64885df77f85ef30ec924eed5ac2cce11495f0169601333a963905107cf7c75a44c7f7dd8288532d6e08aabd07ca4aee70a9bfea39d9bef3f14060f6e82c7dc8de7d3a8bed4af01b27694fd37355d96fa3b41b8900cde4e8ecd8c0add4016540578f5424e677617febb852e6e94cc350dabab93b5157ad4c562bc2962d243283134971dc339c3fd71c0221acb42dba94f5fc96f8ec4109b59a4af0b346828d1c6c3f62697522fc137561a140919df9f099d26b9e3c99584f958aca318fa8e563e7ca95086a69211f387daa4476dd189009715d94f0eb01845434293689b18e5186253684742ba257d4a5b66d91c9ee705448a06e1aa7d8453130e4b752513a5df83bc9ce4a4cc36f8a5a3427e972c0f6f9a657bc1194706a6c9f44ca1c8eb2f6a63e3324a20eb4b0bbd7e4a1d33b1b879f77c68ea10f723513fb38d2373190e4cf9cecad333fbd93bee45086873a821974b90011555cea95d43d0d1fa2b89c787771f9aa940d8039d147ad6c9d502cafb5f7e954b78cf6ce7d698383c5a55792ea44b43918d94d8e437d0f3b059e54d2e302dc4899b78648f41f2a19835b3e5504993d8a46c82de2b56faeed65c73bf3d9333018a935521191b5ae77989021c8f409bf08af5b29c8b1ccc5fce6b1dce32b17fc78177509441322178112ff093ca6b3b8a4279add1c02b443123b0a0cb08b8b8490094a8600af3a7fc7cf16046e756e437182c6a446890dfc2314c1f69ad7b238e360a5cf5c1f737ca2418003acd7bd3c74d8d2278cfca5c7c1cad4931e8932c5b6702a42d07b27435c5c5979efacfde44276dca6650bbae00b2bf2a1aa4c02dedf0b08eab1646ce4dcfc2134e6a1c2a07f97349dc728231a57e26f99a10e77989fbbd7382672e6582a5454ba7177add56bdd0aaa54c728268b4e0083c84caa2eee02d7cd3edea463e767736723401d9eb99399d2bdb243f2ad7f6cbad21920124e583bb10abb760d72fedb1783733d5816900ab53dc9f4ac87b46bf10c83ad3500504c978ff48462f3112934f02c9ce42004475c154644dedbaedd940f394dbca4e521406756f36799a4c82678effde509c2f56dfb62508b0155b9169e40e0fc701adb1649c1433f8bdbfa25ee556ccaa34c91b507c9b9b7e37f5a201d2e25423d6fea668bc125dc518359262943cfc749e2228227762194e5163ad9ce385d5bfefa4f11d795f062326c565099d615c1292bce78651ba894ce4fbd183e9cf98ec214179efa666cfd36e6a5564fef419c3aae6087e40e57883b557fdc49e94e2c767b5f4fce50000a5dbcdef543652947522db07b8c232f3afb11e99cdbec503ef4167e2fb6fabf6395560bd5225402cab65be875925268d29ad31b8acd8b6c921fa386c922a74d88622d0c0edb4147d65dd9addadafcf3bf689165fc2802f8d58de79a905034705e6226dd22a8a866d7f36d031405d6f5d0dd50d0bc0fac10068e3f15070fb100c8139177820a97fff99bdb4493d8069730264db8dd40f651d4d21855d5d839e13acae28886d6c0d6c969c83cf669300448176b9019b1a4c85fc09478332151f5e953fb2aa94f2c7bdedec5ae859ae5921376f452e1285c1f0921ceeb1a97e8884ad65e5369efebd97e57943b949ba02e3eb80b79b3ef82a5081c64e140f31b41b3e484cf6f8937dd90934321b44b79400b26505e79314633f8526b0871efe9080c271c56d03eae9cdfd638a43547da051745f4ffbce399eca2768d840ee878aa9336ff8d8cf27b50d86f1a4deb904acdd8c672b0d44b757035e925a6dca98f60eb26dbf8894c3591b27917ca484294272dcdcee1bf3bc8bab5203f1e1ddf8be478cfa878643f3d0436a688e452d0f45d987c7f828415a7ccf049e872c4885c698a414f72a909edda81d929647b2c1d08bcd9a87687b0247d7bae9b18a44d6ca79decdf8218f9af99c212c5f273a571ecf74f1d01b8ea2028fbf9b9dbe856de252dff712a41468516b245b383f2e441a07bca208e6088053e06de320ac755b17c8fc211319307bf49eefa3ee708b724a026ca2f6e9d97e683cc9ad255095a4bdb82677ca0f85f57176d2420e37d9d887dd65be424957d382d5ee3edd7aeaba4c73bfdfb4b3f9c25362740e715780d4ff0e5e8a6dbc7764097c743ce6a0c4ba0452b95a567f43964bcd253a9a122ffd8ca5c0d1078d475ac7485d8e73771330207bc83c9a414034e83710118b4a060485e8f4bdb2345ef9bcf13da2d52170a1e7ccfb5787e5dc55d8e2ad9f7b35dc18c1bc22ba74baaabf2c3586973b9b4afac6b6ae3b6cb1f2026fc70e8b1af1e8b434d74fecd8b81c519b627f137dcf234b63a0098c6af0c50da19b4c74e5da3feee1e4b6ba84e7b479859f8daab996c2cc58c7b5e42b755216ece97cf1b3863f76a0993eb622ae347c00f1a736272186aad0df421e4c8adba13b562823967ffeefc5f5276ca6dd9447e50493c1f4b7b6625c34424af4e047146a674f32f82634ed9e38f4777af3ac2312d429c222808835ef3e56ab806550f43d13b0a7572b5858bab7b8be42ea94a7d6d1f3d6c2b811c07d4e16863f0a773028c4abe8d2c7f4b48295da1737687bdfff10a0e9517ad191adb958ec96825c130643e3e2818f251d7e74332764cc9d33593774070c46cdd326732ae143097e03db53c7023bc0c58c6ca3939c57606d7eaec1cbff6df8e9a6fbc0d2d7731bacec9405cb0e59aadf6824ea6801b4ab4b42dda63ad3a02e5f068785f9aee414859121a33123f16c57925826613c4da77899eda7d32e7bf85d0af07f6636d7b2492e18221e075e6178a47a45d1123ada2ddd31fbf1c6e21bede041a5ec3a11ba46e6b20a5fcb0023fbd06a18d74a30fc619bf4d74b6fde6e824cb59b590791aa6ea0c201781733aef2d3385ce04c945ae3b93006c1d6f7edcf1510e12f83cec8df051da814010e9c90999de20d59cf96def90516038862bd82412841748fcb312ace41731e1141d24fd19f0c43c5a90de765907b7fc98345492a6f38cf8aa6a863e8007f710e1a3c435a78e645316e8a63454c38e23a794ff0e50735e02dde989556b6bfd2564a73fc6f8fef7e850cd11569ddd1a8a12fc94cc7352042f0e7900123248a45b6087d4621c2a9406d688fd4b1c7a83a6cbf3c661e490762ceee40aae760fb33ed1f63ac91e2406c3feef403e49098369bd781addc4483d13b03ffe8ce797d6fd6a02209cec5f75f7122c534cb8540b41961c2ef54981ffd03c083134d8471c8fff51ee422e5f3517cb6c5276f926a389f39b959c3b27a7b2cd770fc1f0f592a5755f5dc950a384ed560620fc40ab06908b8c5ffeccee02c013a17ab48615449fbaf97aa21791cb9ef8277543da26a364092ca083e0ff6b8c42af90124794122d7f4db9e03e227f711743b5039baf45534c62bfdc0a88f6c843ce6ba8b0af820b5026e03737be14c18955977946657a924d11c05a928e7dc140768e51bacc1b42a3055e6cb3b6947a7bc84c45a5a999252fcd6506d95ed8b8477e693b0058eaa762d84c8d3c2dca4b92e5bbf58a92cfba0e5090aa852b417df5b9ae197e95ca68f46b6ead2c6ad8585e74e41c675b451100500289154bea64486a857556fb663a685b954487bf95c4bab381d00f5589f44f75329d5a14c29292efff44092b0719601b15dd308848db507044e2d1a01200d7343d61e3af7735f90a648c2ce6a7c6a2bb4956905a52b5dfe9bb2a01fadc3286a31e45fbcd3244a9af118163e1b8269ef859d409bf0434c1f0eb3322b3a1719c5c3f0afe511aac5da53416de2cef664d057c49aa3b5e93c1a1adfc0a20d81837285af2cb5ef711849c027b8088569eaf720eea5b66cac8621efce75972c8a3770798056030bf3ee4f1f6dc5d9cca8ac8f3f30c953da1ff90fda2be0e8e7c924c51e6ad008a209", 0x1000, 0x401, 0x0, 0x0, r2}]) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:47 executing program 0: mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x80000001000007) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x12082, 0x188) accept4$unix(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x6e, 0x800) signalfd4(r0, &(0x7f0000000100)={0x1ff}, 0x8, 0x80000) 2033/05/18 03:33:47 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140), 0x0, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:47 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000009100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:47 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:47 executing program 6: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000500)={0x1, {{0xa, 0x4e22, 0x1, @loopback={0x0, 0x1}, 0x80}}, 0x1, 0x2, [{{0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x10001}}, {{0xa, 0x4e20, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0x7}}]}, 0x190) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r1 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) listen(r1, 0xe6ea) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:47 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140), 0x0, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:47 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000340)='/dev/snd/seq\x00', 0x0, 0x1) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0) ioctl$EVIOCSABS20(r1, 0x401845e0, &(0x7f00000002c0)={0x4, 0x4f6, 0x6, 0x6773f9e9, 0xffff, 0x2}) read(r0, &(0x7f0000000280)=""/28, 0x17f) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f000019ffe9)={0xc1}) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000080)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000140)={{}, 'port0\x00', 0x0, 0x80010}) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$BLKTRACESTART(r2, 0x1274, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000000)={{0x1f, 0x913}, {0x1, 0x8001}, 0x6, 0x0, 0x9}) 2033/05/18 03:33:47 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000), 0x0, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000d500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:48 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140), 0x0, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c) ioctl(r0, 0x100000008912, &(0x7f0000000400)="0047fc2f07d82c99240970") r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40, 0x0) setsockopt$inet_udp_int(r1, 0x11, 0x66, &(0x7f0000000040)=0xe7, 0x4) sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f0000000a80)="3a6e64e3eb2d22d27b9969e96cca6401bf6c82fdc135756dd8314e73973ff3a31b18b2166852ce134ad3a9393b9f802791cd917b071beab7bcef0e6022dc90e3eb15756297335c88212c6825c596b9a5dd1c59bea74b65598194a8d2a713da273a7fd8ad6be85e8eadf8fe897baec9cbd5de7bff502bb366de55c62f3748ff1c4beb0d768e2d3ce82b15bf256c7e7fd8e2eea1b1a81fc4ad7b5b11ecbaabc8e294ee02843fad9c202cd4fcbbbda95fe005f21024d68e9e57cd370c19185d88f442b44cc11929afef547a25fb2c12b1adceb6ef7b034a62fe4f8d454cfc2ccfaef6d791cde76e87e260eccafea8f77011501b3f4f240e22549692683c59edcabab1b9d852dff9c81f52a4ec7415b2ae2bb566f32c1d959c0618d50707efbf8ee63924b83a4793279470bb63d317a565193b4015e72338537eed04630eea48d26a93b641e1351808cc4c36731717056135cc6e7b78af686974950cf0f6cc50a3510754b34695e23973e63e504c351823bda32df081c548d542a17584c4617bf34c96be917152fab60f4c9d04de28dee76c9c6a3c9c5fe4e240852aa393dc81d01000933956403f9d5e952f8627134e7a26228818a26b090d367bcc3bb459eafc49e39f57dc63b7230065eae2b51b60eecd8e758dac79f04a3b416bff1e9698e4387539ec8a7277351151283c9566cbb5844a0b4db98028542f20420fadcecbc7cd8bf89b0f3c4135ad5830cd3f5df3246421b3c3a25bf7aac162599cc26e8c306acfa85b308f7fe9f2977ccc4a465b798ca18d476cf0585939bb0c1cf7643d15e6642be0494b76067716156bbeaeb2a47a3b33e8853e1d4787742dfffa41befc8ca3305267a6d13be40dfef55cc1315162be8a51747b0a4f12a534b2e78b28bb3ed5564359d4935b20164aaec064e1a3841a273a998c3cb273ff5afe26bab8c2d38111ccd3d0bc6c036dee4f69299627ad2c5951e1a2a6991ff23d012d3aed76b4a6fb36848ac998bb2e7956b66223b5d2285f9ea707161e02562c191afe1a7c39b99beb1bdab6d9765001916b9d1671c72717ea95aa3725b06c6215f6412fad49724d908d671c4980031cfdcd572eabccc09b1d729edb9902e5654ae69de5e767186d75dccb0be7ff3b8754c9d4203afe20be235f7bf17d387fdcc9c976160a7063335a2fda773bba26860bc4eed44e6502a37b04576eca9c0a7f52c5ac786d55341486c87f073d9a2b60a215adf0e9b2f2975d6ffd42d754ba1505e51c4f178b8776c59907a39fbfce0808c98df142f77feb3d66912811482479599909374c363a5c0870b19408fea97272162c1bed8e41fd8a7b3c393002105de41cb9cce82f02dfa0e7c4db197f5e428a37455eab1ae2977dfbcc5f0c3930b33eb732556f4b90b9d0f0a2be266a9f5a0a42f8e68718a3f5384bffbdf75fa0f4946ded6d26715a616e2bd54895bbe0f3892845bb56d0d28beffb967453c44d3fd057b753778f6b1778812ac1dcfeecc81a66468bb376dca61aeecd1646296a3ba6eb62b958b0370d4995d7b003cf61bb7230942c9a547cb1eddb572ea75bfc3634d98fb5a2da5e9db3b7468d1c23cdd8beafb8d1dd8e08f7b6e1bf2ac9a0f3c82311a2de5ab85a4ec8ecefe7356ed1865f4c4196dbb919cee2b5f161dd5bccea006d07a2d8a6235f3589dc98a0275e9038084cadb2886a23e1478ef91b7d2ca96db3d429a791bf9365314d781e3e0006baa54d0b2fa6b953541cf214edbfb4102a1660019d817025f0528e287f2284df73a399d5da8973cb535d2c543225c59d81c5fabab9082a70c908076cc1644def5ebe04151b53cbac4210d16e6787f8e120c416bb70fdcc081079c42f2f813ea3f6337a6d259fee0abe809748c3322b06e21880c3c56c11c8c1f5a4a68c972afba74302d3807fc722a3f4ccfc61703276b2b45f42750da20c3e54f7a1aeaa78fa038b073b8262767b105193df90018917be5c95a038f6fb7dd482ed", 0x585}], 0x1, &(0x7f0000000280)}, 0x0) 2033/05/18 03:33:48 executing program 6: r0 = memfd_create(&(0x7f00000000c0)='vfat\x00', 0x1) ioctl$void(r0, 0xc0045c77) syz_mount_image$vfat(&(0x7f00000001c0)='vfat\x00', &(0x7f0000000200)='./file0\x00', 0x3ff, 0x1, &(0x7f0000000380)=[{&(0x7f0000000280)="83535fcd19fd3683a60d256801464ce08c3871067cc6c01ba8a2275961149578beebb8cf9527ab6e50bb57e7f2f8ffdc323d9d080be8d312d71c5c8cc778bf10c337a7c3066e5f0ff27a742c7aac700334446fc0dfc7fbbb5d12125afb86f146a5eefed45d83023ecf740e013d39fac793085cd376cadc545e833bd7bc2c349cf8de0bd2c26ff789e239e020e7de5a95b741ca9410b37cb117bfcec4ebf1aa31391e6724170d5e074caa685a8f40fdae9a85d633253ee6b4176ede40aa8c77f689afad4d69f8fcb12ee3b4f186a264abb429e20239a0bb9ac6f48a38c6059e71954daad828c58348fa1f22c62b73088d", 0xf0, 0x2c14}], 0x100800, &(0x7f0000000440)=ANY=[@ANYBLOB="7569643d3333313131352c1e47d1e0aec3533552951b4e120b636865636b9625981c617865642c7379735f696d6d757461626c652c00"]) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) write$binfmt_script(r0, &(0x7f0000000500)={'#! ', './file0/file0', [{0x20, 'systemvboxnet1'}, {0x20, 'em1@]em0$systembdevprocwlan1system@!'}, {0x20, 'vfat\x00'}, {0x20, 'sys_immutable'}, {0x20, 'uid'}, {0x20, 'vfat\x00'}, {0x20}, {0x20, 'uid'}, {0x20, 'check=relaxed'}], 0xa, "a77ca46250795108f215f29c3883b5728d2f5a3c0296c3e8a918f93f85c1b227b7d20cc25855895e1c029fddf84b4dd76a7613f7c9fa50f3a854fe26f76c162a219024cbdbfac6cc8474e15b936a19a75f0a547b6d31b5a35fed35a6c312641dc188eb78d28d5a21783956044e6bdafd198b0de47448fe5c4e0e127f9ac7fff4eee1043ce759b16402f1cff0403a836d8e68f2f600d6a8f9cbe3861aed90f5ed5b3a16e9775a47a9a705f46b9ad79112ad4cbf279f3aaa27db7be859aeb04114bdec8ad195d2cd20ba190172395cd44f414070a2e09daebea7aa1579bb55f14abc6790b560cf7abd5c2dc85735a4e826b46d59004e2e0a1b3a58e8ead6c8f340ee83046a406ffd33918a67a9598ffc5f52678c689af83c58765224e516acaf301ffd328f807256a2afa5d35752971baeada919b2b0562ae7e11f406f51074c8b11643ea7ff26cdc7bd84a95daa3243d356552d1ca9e6cc883b7bfec394738a0085ba9f0cbd38c5c556dc9f4d6692d6500f6cb925973ab1722fd741a3aeb6c5693d1639a8694a7b239b35c22aee7808aa8066d78eeb95a61b5dffa2fdd4f52b0a10f213a71fe3d9e19a877d4d0f77c9bbf3faacab3622336f6e2b4def8abc9dbd85b5d997a22410d767da93a2617c684c7322fbc7786f21690b0b567553c29004340adabff485ddb2aabec68b8a2f91ccdb38b396baec2d4baa7eef790f8d2188de3d40104d1a9e61b9d8863b6ce544378d06275fc140cd627a9db7db0b731164df71f4ca493fa1b0e94900546e5f22cae049259003c207c44f5e3851e61737f38ef00b8fec3669d6617b3ab07aa0fdd0b449670f9c27cf851b8fc2dbce410ceb4ffbb87e95fbeebf9d2e1736464ae6182fe0f6a2a280206fde4f1c240e18b98e221c2e127a2198cd74ceb439eefc8d30e0510d02a3ba3e23789a5bba9604a2293ba432b288b2612b903e5a3568ed9c8b14646e81d9d58739ced02d405f74958b44df737f399143aba9c52f9b5a65b9b648939a4de0a0815fe57a5a2e6a6171562d775fe2202ad3245adbfc97afd7301e6c2601db969c7fa99531d9b31c801ced06f2212af00195d5509ee98a50a19fcfd49d64df4af84279dca13235ecaefa012418d7bd318e61877c7c10f037dfc252a54f14d568f7fe485afec2bca960a9df3171ff85607d7f64f118b66ef5cf3dec61e8f15abdf651a42f4a6510796de0eb54b8b3a77f995a611083391b6acaa15f52db635276d2536411c2132ee3f67b0616626f7714f822d015b1a76ebb2ac667373ccedf69a4087aecb53e06403b889e951ef80d297182fba821f705ecd9d8f97f68c1dc98543a9da68e02efa9f2ee2246b4702bb99e9ade166e1d93d236c4a4f7fe040bb9ea047382ea68de5220cef7cc813c03985bc41c94a8a448a6730bf1bd05064b78c7453123fdd9d08ddbe1401180ce20bf707d1a31137fe92ae63c10e8b39e584c237104009e8d7446ee5f2585ad3507045bcfaa54704494b254fb6d241fe04f2c52f76c93d2f164b3c8e3f65d7f0f095b46a9a907208a4deb3a2c8517e407b9718dc92ae3e192c6fb17571b29a1f83f755c570b7db585d2f6bda56ef17c1874e84cfbd5fec75e448f7c2f80d147a6ac9218823cad1216818d06c05b4f3bf372391cbd722f4e038d85f31e555843cbbb16d37b6af62665b8a63d0c3ce7fc2e9435f8f79d8b6afdc547f9c527f438e657d78714d7cbbdc5483a8f0b1e023c5712abda0e792e32922bac8cc5e7c126107f2c51b77842372457dbdf51af48da84e0bed67f3cb6ef623b4d499d4696efb78ffdd9f2d56f7e3241bd2967f6a57f01a7f546a94cea5e54df5dc07280ef5c32d7ea90cf1ac92f3ae8d900a5a7b81ffb15a785bab524ae9eaff523ab28e58402007a007752488f6aa13be4e7501d5e5ba5a5dbf03fdbe0d4a7cd08283377390ff7ba076319c9cd6be3689ae62bb88e814338b7d534acafeb7181f0bfc987c83a490349d477510fb8962352cfd5d0e51d0fa49160dd3b70cec0e237e5f2cd4ec153f0b981ae8be5bcf85cc3e07f3e499d89b26877aab45c37df26872961f59ba4ad2e90590820c4866890e9581703578b5d292aeb269adeeca83fb595218072b46b0bceaa232bd5a04e5573f3fc238f06792434cca42d803e6492637ee6ce40e8ad5240d2275daef54f1525421caf58cb50e438769864716ddc34ab4cadaa16abbb469024bfba07f2271521656a7ef467ebc1ee035204320d8c09a8f77229f52394706ba14e5ec9f745220114682eecd07ac8bf319a4f215ff87d1d25f8d0ec7f1a1523f521535ac9ff8d091810e616915c1b2b0b63b85741b2d2c7bf6bd9ee95859e07612aa5f1439dc67c5ee4e96718679cfab6674a43736c5e07492c55dfef78554d3b67fec5bdbafa0ebdfcd6d40833e1b9e464901dabb810b3de0a21368912e50a73f460392e2e9dccf61add0d0f8cfa2a6558d07f0816e4bf6a2a5faa041e75ac679938b0607aaf0011e55d74e5ee88c840da712e62254273c84b40ee4a1d4da09ec2cb9339e4a29fa066e3fcd51ea649de5e925b733d49da4c365596afa2d7f80f425629baa86b3fc94eea01295695550a53f14c339fb4db0826908f74943d796646892889e86c5a573f4daed5e16bf0a8573ec105448ebf48ab57e57bcd54bb95a11882631d21e413cb78d1937560bf6fdf7fa83926bf008a086c19ed7cecea45d592f23f1ab3776e788bd5033d0b59bd86d844a039c071a54369ec689367134dfef7b5e4ae504557678ab0859453458d1648d36d8ac223423536e6ccc23a44d3ad32fc011452f7df9799a279c1caba3e20a44babaf1f5c967de3175712d6cea1b76788162c69b3953a0f7cb9a8b0d589a20a077042b194f2de331ec7d5a70977cbbf2e27bfe822f30695de77fc85c44a531e02725f6ccc00950188aa03ae0052ff2219c30427a1f1508ee0f3d8cdc31eaa2042d2f95d01604ac19e6d352440783528929b8912a8d82cb5970999c90a1d94c6c78d1c4cea412580355c28213e18060534101a69d1dcf70322365f05ca53f912865e97c96d91bde1238cda05857e2ae672d04f48246a09fdd405ae6af03c4a07a07f49c3abe9986eae6974a9aca71b50d089c23bd5d9d32f3966305299ae9c2056ad62cc763e275409ca9bb84966e17112d2fa94db33284bc842e7ee46a88c0473afd3db1263b8862e2818c92be5e411e8e8722c7d417fe4fc7ef30d8c35ecfadaf47434b3e0ea1afff40ef6eb3d8868c7c26b506f91c9b33c51a98f8b6e08e96be63772c72c143d1ef15d06f9b9aa8c4d310f2c63e7dda21015a42d1358227e2b2fa7c491cc51fa92fe6884345d575a80bc81f96fe6bdbea68cf6fe651aea638bb7ddfddbf3181affb4563967cce928ffac30bbec51252255530271009caa61797259f4b607318db2c50e57150caa23cc2ec9d693bc7cbf0b7a212f10d870771a11842a514afb9871684328d136c6739189eba41bea3647448fd4645204e6dc55141782838031b9ab07baebe83ac71e8474cf46df41b6f9e77e2b5a2828e689ab3992fb1fe3a04238442ed2341c3a7e448e624a4a8bee8d896c337187b1be28b221a8e3d1c1aa6b4c8fe6075a8b2da2df8945ba8b1a6a9a9f9448548402865bd552848e92a4c8af7fff8cee6239a004ea80392e515fc5b7b6e0bb18451a5ef638fc506cc2e0caf5fa23eb72cfcbc0ab9458985b59ccdccdb33bae3e0ed6685fcbc36e16eb4e1adc867b34007531da188a4aa000f0e189f792fc3a1b83bbebec9a5f19fcbb8152adcc590202c4ffbfc3247d99fbe6069611818b92d276c02dedf5c68ccb37dd7d1a2d409f62a845000312a3242c027d0092a10a314d4566fd8e00add5d6e5416b6ca36cb1127d580a1bed6f7ee95e7b8454f00a0d853fe14d4d7c1b3d3dd89d23da85c284b0d9520f5959fa81b66528e17447e7af1f0e7f23dbfe8d510d34e3f99cf6fe16e019a2018eb2755c7dbda4f1e3d27de280b5f7ab83504155bbf9b36e74643a4c91ba6573982ed0e75fc2bbef90f166edd396ee3d14b3be5b4b920ae5f4dfcfaae6fd2a2c46deaa29cdad41c5c774ee3077a8bcc59aa0098c4c3c43e6dbc2c2329a7c963e2f213713dda8b501562e300ac06e7e1a46ffc2bd682c041fa8e9ef0333d42e47381daa8b7ce3992463c27187155be77deaf3cc422ac737012810ea10c630cd1aaeaa77c0fcb2f59c24a7233e057c92a88bbaefa0ff201b980047f84499192e8efc3b3169c2270b63c1c0a6deb1af27b9838d476435f08f093719fe612392e9051a7c46f2d0f9545d2e55a7f194884ac9296bde25d30160c053dc8a0f8156d5f2b565ea316cf86b2a3e2ccb6268e4007f56a3caf7e0feee5d9ceb8c68cbbb7d1530f81f8834fcafac56f38f9575baa1ef1ed2c0cb064362fe28d4203822efd16d81a31509a5d780976f6113413198bb52de68878efa8e58ad12575bf58b02d65fa524e6c41766a7dd856f0b16b69c03f21382a6c6a68270648055bb1e6df90f8205c638f10fc7f2bcd588a408484e322480356d164d5dae8f1f86ade456e01b9212438c289bf6a305b564bf291e9d982ce671188eac4accd2229fdb23b43656ab33d65bef90e1a9122afc8113c854051a285b552d25447ab8301ac2a8a2b06eebde0126424a3b86a18ac3acd1d7e3bfd6fbe0091229ae776f8a6ff50a99da894ddccc8f0b285001f3625e0ed755e75363f3623bc017ad63d7cdaadedee0c1ef1b6cc621b3565b83434da6f812a8ac08ca924b355d61d21f8a321978406ec8cafa49195476302e25d6450f844047a113ad6b0ef4233d89d11d8e6d78f45ad399490453c4054b9f803c7f8f3adbab82ae59afe779a1bdcbd51b42c0bb9cd11b0f9c20e36a058862710155e7438eb55b362436c421848319ade79ba5328b05727a79032b5e3ac48f2376040db7258d13a6b6331ccfd864dedd7ec7779659a5b5dbc84e1e85f637614c230053aa9b9232519daaf593c41c950051fb1affb5e7f69c3d38d3e7d111be69dd7ba1a1d804892e58deab43510a823dafb275d37301a5fe6e8073a105c41f4a9b16aeaefa862c821508cc6d8e2b43e8013a5aa2a7f18475509f24ccfde8221124987388908d087a73a8b42a56a3e665bb5c4c081ba491b12247d93d0657b62f4ee0da0a0cc9b991f365273f277891ef78b3d01f05961c94c8125540611ba9b30f495ad0e1d95a53f0ecce4ba5043afc1c270cf805962898de52cf70ae9e6d782c0fd2563057720b2e6ee0af7049eb609ad67620667e86c9b8c74ccdc75b03b11c49afe66423c0c558e18ab958c91d3c35cd5f02422863724cda19e1e73e0cbc63edd28e4df6a9a8ef4bf4e52b78a8c5cd79bc711795a2b55663e2e6a28c0f51d6daa02348031a1b1c72a5ea342fbf4e88632985f8b81f1c419b6bd4df48ae87f214729ef11099d2e4df99014d5091f16d3bf2d16330ddd7b6eb64bcfd70d55613febb6d6afcf69f9eacf452f14162db413f5a1c2b41fcf35975cff675922a88ef7e091de0fe6468ad0350eb67b4ce26b9bdd5e4a4e752066ec0f4326777798452d6c1a875ece980872b4d16570f7f8080b92838b0a2c876c0b60e81a101877d4ac31f1ea0b29ff32a2a872cd180bef8aa458713c4f8216c5448c257e09f6ec2a6aa5ab66707913335c6bc6f0b502c203f89c2a44137bd0acaaca68f04f74959bbc5073baec5d6bd213353bb9eb21427ff24a96f60690545c8d3b5fa6d8eeaa91bb5bd4b2773ccc6eb1a85666abb39f7ed"}, 0x1076) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:48 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, 0x0) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:48 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x15) 2033/05/18 03:33:48 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000100)=0x4) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80800) listen$netrom(r2, 0x8001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f00000000c0)={@empty, @rand_addr=0x1}, 0x8) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x2e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x42, &(0x7f00000001c0)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @rand_addr=0x80000000, {[@timestamp={0x44, 0xc, 0x5, 0x1, 0x0, [{[@broadcast=0xffffffff]}]}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f00000002c0)) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000040)={{0x7fffffff, 0x9, 0x0, 0x3339, 0x7ff, 0x80000001}, 0x9}) open(&(0x7f0000000000)='./file0\x00', 0x200, 0x4) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r3, r3) 2033/05/18 03:33:48 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, 0x0, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) 2033/05/18 03:33:48 executing program 0: r0 = socket$inet6(0xa, 0x1000000000003, 0xb) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") mlockall(0x5) munlockall() 2033/05/18 03:33:48 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000b000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:48 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:48 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000000200", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:48 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:48 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r1 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000280)=0x0) perf_event_open(&(0x7f00000001c0)={0x0, 0x70, 0x80000001, 0x3ff, 0x17, 0x7, 0x0, 0x1, 0x80000, 0x8, 0xffffffff, 0x3, 0x401, 0x1, 0xdc1, 0x81, 0x3, 0x0, 0x8, 0x9, 0x5, 0xd23, 0x2, 0x8000, 0xf641, 0x7fffffff, 0x8, 0x80000000, 0x7, 0x9, 0x3, 0xabed, 0x0, 0x8001, 0x4, 0x8001, 0x8, 0x4, 0x0, 0xc8d, 0x5, @perf_bp={&(0x7f00000000c0), 0xc}, 0x80, 0x3f, 0x0, 0x7, 0xbb, 0x10001}, r2, 0xb, r0, 0x1) 2033/05/18 03:33:48 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140), 0x0, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700d300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:49 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000100)=0x4) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80800) listen$netrom(r2, 0x8001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f00000000c0)={@empty, @rand_addr=0x1}, 0x8) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x2e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x42, &(0x7f00000001c0)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @rand_addr=0x80000000, {[@timestamp={0x44, 0xc, 0x5, 0x1, 0x0, [{[@broadcast=0xffffffff]}]}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f00000002c0)) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000040)={{0x7fffffff, 0x9, 0x0, 0x3339, 0x7ff, 0x80000001}, 0x9}) open(&(0x7f0000000000)='./file0\x00', 0x200, 0x4) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r3, r3) 2033/05/18 03:33:49 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:49 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67ed00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:49 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e", 0x60) 2033/05/18 03:33:49 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0xfffffff6) 2033/05/18 03:33:49 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140), 0x0, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:49 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'vcan0\x00', 0x0}) bind$bt_hci(r0, &(0x7f0000000300)={0x1f, r1, 0x1}, 0xc) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x200) 2033/05/18 03:33:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000f400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:49 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140), 0x0, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000000500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:50 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r1 = pkey_alloc(0x0, 0x1) pkey_free(r1) pread64(r0, &(0x7f00000001c0)=""/86, 0x56, 0x0) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) fanotify_init(0xc, 0x800) 2033/05/18 03:33:50 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0xffffffff00000000) 2033/05/18 03:33:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt(r1, 0x400, 0xfffffffffffffffd, &(0x7f0000000000)=""/128, &(0x7f00000000c0)=0x80) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r2, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r2, 0x4, 0x0) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000604ffc)) dup2(r2, r4) 2033/05/18 03:33:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e3a798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f3a9c1f60660bd4fd2fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef2358ccdff02226021384b0c235f114ed9ade92767aecc256acdeb610df42e7169f240357f735ae5fe29017e51e27252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3cc24bd3c036e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3e2528e4fdac32bcaefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) lseek(r0, 0x0, 0x4000000003) shutdown(r0, 0x1) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000000)={{0xe53, 0x4}, {0xa55, 0x1}, 0x9, 0x0, 0x81}) 2033/05/18 03:33:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67008e00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:50 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a903393", 0x30) 2033/05/18 03:33:50 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:50 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) removexattr(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000001c0)=@random={'security.', ':vboxnet1\x00'}) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) chroot(&(0x7f0000000200)='./file0/file0\x00') creat(&(0x7f0000000240)='./file0/file0\x00', 0x40000400000) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:51 executing program 0: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r0, 0x50, &(0x7f0000000040)}, 0x10) socket$inet6(0xa, 0x0, 0x10000000004f) socket(0x2000000011, 0x82, 0x8) r1 = shmat(0xffffffffffffffff, &(0x7f0000ffd000/0x2000)=nil, 0x4000) shmdt(r1) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") sendto$inet6(r0, &(0x7f0000000100)="957a88cae59c5fd2c4b929f72305bc00f1ebb6e7", 0x14, 0x0, &(0x7f0000000140)={0xa, 0x20008100, 0x4}, 0x1c) syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x5, 0x200000) 2033/05/18 03:33:51 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a903393", 0x30) 2033/05/18 03:33:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67009d00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:51 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:51 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000280)='./file0/file0\x00', 0x0) fanotify_mark(r0, 0x2, 0x40020000, r0, &(0x7f0000000200)='./file0/file0\x00') truncate(&(0x7f0000000240)='./file1\x00', 0xd63) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)={0x3, [0x9, 0x1, 0x0]}, &(0x7f00000001c0)=0xa) 2033/05/18 03:33:51 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:51 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x108, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x401) mq_notify(r0, &(0x7f0000000180)={0x0, 0x28, 0x2, @thr={&(0x7f0000000080)="1f50aab3947623c2f0b1d411", &(0x7f00000000c0)="a2943d414b282b3678e7146115af3f70653c1ccbbd992b1323878e3c38eda8988acdab366f741864927d1d38f5c41ae894ff659ec76e103d6014614dafee3e3f0774652063099831ad"}}) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:33:51 executing program 2: openat$zero(0xffffffffffffff9c, &(0x7f0000001180)='/dev/zero\x00', 0x80, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$amidi(&(0x7f00000011c0)='/dev/amidi#\x00', 0x10, 0x100) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0xc0505350, &(0x7f0000001240)={{0x2, 0x1}, {0x8, 0x9}, 0xfff, 0x7, 0x5}) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa}) r5 = request_key(&(0x7f0000000000)='cifs.spnego\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000000c0)='vmnet1-%em0]-\x00', 0xfffffffffffffffb) keyctl$read(0xb, r5, &(0x7f0000000100)=""/4096, 0x1000) fcntl$setstatus(r1, 0x4, 0x2000) setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000001200)={0x0, 0x2}, 0x8) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000001140)={0x4, 0x9}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) sched_getparam(r0, &(0x7f0000001100)) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r4) 2033/05/18 03:33:51 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700ec00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:51 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a903393", 0x30) 2033/05/18 03:33:51 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:51 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x0, 0x400) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x7, 0x4, 0x480, 0x0, 0x258, 0x0, 0x398, 0x398, 0x398, 0x4, &(0x7f00000001c0), {[{{@arp={@empty, @remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0xffffffff, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, {[0x0, 0xff, 0x0, 0x0, 0xff, 0xff]}, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, {[0xff, 0xff, 0xff, 0x0, 0x0, 0xff]}, 0xbf, 0x8001, 0x7f, 0x5, 0x9, 0xffffffff, 'ipddp0\x00', 'bridge_slave_0\x00', {}, {}, 0x0, 0x40}, 0xf0, 0x118}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@arp={@local={0xac, 0x14, 0x14, 0xaa}, @loopback=0x7f000001, 0xffffffff, 0xff000000, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, {[0x0, 0x0, 0xff, 0xff, 0x0, 0xff]}, @empty, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}, 0xffffffff, 0x8, 0x9, 0xad, 0xfffffffffffffffb, 0x0, 'irlan0\x00', 'rose0\x00', {0xff}, {}, 0x0, 0x40}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=0xffffffff, @rand_addr=0xfffffffffffffc3b, 0x8, 0xffffffff}}}, {{@arp={@broadcast=0xffffffff, @empty, 0xffffff00, 0xffffffff, @empty, {[0xff, 0x0, 0xff, 0xff]}, @mac=@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, {[0x0, 0xff, 0x0, 0x0, 0xff]}, 0x9d, 0x1, 0x5, 0xffff, 0x2, 0x1, 'bcsf0\x00', 'bcsh0\x00', {0xff}, {0xff}, 0x0, 0x20c}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2}, @empty, @local={0xac, 0x14, 0x14, 0xaa}, 0xf, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4d0) r1 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000280)={0x0, 0x8, 0x100, 'queue0\x00', 0x1}) 2033/05/18 03:33:51 executing program 0: 2033/05/18 03:33:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:52 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\t\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:52 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:52 executing program 0: 2033/05/18 03:33:52 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x7, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000400)='./file0/file0\x00', 0x10001) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0), &(0x7f00000001c0)=0xfffffe7b) r1 = shmget(0x3, 0x1000, 0x54000000, &(0x7f0000ffe000/0x1000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000ffe000/0x1000)=nil) shmctl$IPC_INFO(r1, 0x3, &(0x7f0000000280)=""/242) ioctl$IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f0000000200)={0x10000, 0x5}) 2033/05/18 03:33:52 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67a900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:52 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000000040)='./bus/file0\x00', 0x2023ff, 0x200000000) 2033/05/18 03:33:52 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) pwritev(r1, &(0x7f0000000400)=[{&(0x7f0000000040)="be6273", 0x3}, {&(0x7f00000000c0)="f6bb6b0d3cf7b093d2c59c27a38f42fc7977bf8a08435a8c0e5043f546d5236e035f0381609e36ac987450bf420f2dfb07315b0c23dd0a552ca7ab9660c47c29ff795fa11d9aa7909da662a80c91f8bf287e2047f44677cde66f127cc73c8375e8ba58c1c6452c3edc0d434be407fa529e57b7bd3360de55b0247d22735dec497790515d0703e6572828e34249fa87cab249979a178ca8890df5701eb361ef2fdaaa447b0e07d571d447f17b3a04a19554b0be89dabba83b266bfb22732c95", 0xbf}, {&(0x7f0000000180)="15f2d3f3d39b6d9282c282d62c5af1b73c243eae693979e31f6cedc24be2910ec7a73c776b9b925ac3b7c9ce704d49c93a455435b3a061c9fdc9a3fa110afa786c14f5e196153ce36a9afea6965a34e7e0d3b72c89ce5fbda2092fa2734665503fda009ff44d8aa72bf76d3eb5b417fea15ccda59f64326197d44e5bb140057b2a45", 0x82}, {&(0x7f0000000240)="dde189673b240d145ae1e4539fd2875b4c9b16682aa63c01cdef549ff2e4561ffde34361b000f82f1df72251b113718f87e680a1f69ae5cb59ec3cdf35e3683e511c0c80f08236abae0d463b52d41f5deb114c8807e19a1b0f132abf1954f749c0acfa30b9b50a98a7f8e6d525580e2507d0013b8694283b68f18848537a8c6a59123a3b28ec4f71508c3cb779cb3b4ff06e782fea9127dc920a482f335606c3149342116483f115a79a36b60cd986cc29983f9ecae8addf4ba7cb24ce3c38b028c15d", 0xc3}, {&(0x7f0000000340)="191b7841de2f1a84b45eb98efa1bedc92a2df10128d2e6588cb96cc73fd2c37ddc526847a0fc2455a55def7808c1eda6a7596aac6e2dfba75598b34b4619b3b4d7ce3c3a6d91ebae80", 0x49}, {&(0x7f00000003c0)="92b1aacb6af987813c1ad89fbeac0f7e0be06edc05514acb44ca68cb5f7ded9a798af294a4a5", 0x26}], 0x6, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0x2, &(0x7f0000000000)=0x7, 0x4) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:52 executing program 0: 2033/05/18 03:33:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:52 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67ad00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:52 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175", 0x18) 2033/05/18 03:33:52 executing program 0: [ 280.282777] attempt to access beyond end of device [ 280.287879] loop6: rw=2049, want=114, limit=112 [ 280.292878] Buffer I/O error on dev loop6, logical block 113, lost async page write 2033/05/18 03:33:52 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, &(0x7f00000000c0)) [ 280.347578] attempt to access beyond end of device [ 280.352731] loop6: rw=2049, want=115, limit=112 [ 280.357482] Buffer I/O error on dev loop6, logical block 114, lost async page write 2033/05/18 03:33:52 executing program 0: 2033/05/18 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700f700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 280.421556] attempt to access beyond end of device [ 280.426696] loop6: rw=2049, want=116, limit=112 [ 280.431428] Buffer I/O error on dev loop6, logical block 115, lost async page write [ 280.501921] attempt to access beyond end of device [ 280.507085] loop6: rw=2049, want=117, limit=112 [ 280.511832] Buffer I/O error on dev loop6, logical block 116, lost async page write [ 280.520951] attempt to access beyond end of device [ 280.525979] loop6: rw=2049, want=130, limit=112 [ 280.530789] Buffer I/O error on dev loop6, logical block 129, lost async page write [ 280.538992] attempt to access beyond end of device [ 280.544180] loop6: rw=2049, want=131, limit=112 [ 280.548907] Buffer I/O error on dev loop6, logical block 130, lost async page write [ 280.557558] attempt to access beyond end of device [ 280.562619] loop6: rw=2049, want=132, limit=112 [ 280.567354] Buffer I/O error on dev loop6, logical block 131, lost async page write [ 280.575576] attempt to access beyond end of device [ 280.580623] loop6: rw=2049, want=133, limit=112 [ 280.585364] Buffer I/O error on dev loop6, logical block 132, lost async page write [ 280.593347] attempt to access beyond end of device [ 280.598338] loop6: rw=2049, want=254, limit=112 [ 280.608480] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000641a) [ 280.615703] FAT-fs (loop6): Filesystem has been set read-only 2033/05/18 03:33:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:53 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:53 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175", 0x18) 2033/05/18 03:33:53 executing program 0: 2033/05/18 03:33:53 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000001c0)={0x2, &(0x7f00000000c0)=[{0x4b, 0x2, 0x110f, 0x40}, {0x5, 0x4, 0x1, 0xfffffffffffffffd}]}) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\x00\x00\x00\x00\x00\x00\r\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:53 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000040)='./bus\x00', 0x80) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:33:53 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) read(r3, &(0x7f0000000000)=""/109, 0x6d) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:53 executing program 0: 2033/05/18 03:33:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:53 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:53 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x3af, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000009a00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:53 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:54 executing program 0: 2033/05/18 03:33:54 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:54 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000ae00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:54 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02754677212dfc3e2acc26", 0xc) 2033/05/18 03:33:54 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f00000001c0)='./file0\x00', 0x7, 0x6, &(0x7f0000000540)=[{&(0x7f0000000280)="f7bdbecb6138b6f124d03f7ee27ebc9469a29f5bafa01efdf401d4101f100f4977efaaf43c5dcc70075f3940afc5fa4a49dc56a4ca2d7fb3c5bf95639459d22f17e5726a95ee59dcabc7fe4e1436b3efd2", 0x51, 0x100}, {&(0x7f0000000300)="aa46d05728b5ebc81a80bae692edd8d0421b5ca1af8952b059eb39ee951e3f17e6d24e9d791440c02921ed8cda44aa3c7cbd7091c86735eb1177f8523679bb501a56842b32b2efb1944ff83ccb777bf81eb97d2ef011e4b6990ee401a2f2f72abbca7da9aa9fa6b2b4afd4758488c9ed606174b7b9bcf9f93e5115b27a2b82ba03b974dab40964412fb81faf6ca8703041e392278b200441b2947aec26021f0f7327baa16dffb8ce69706512bb1c38e12a305c7f0e436245a45aae56270584", 0xbf, 0x50bb541f}, {&(0x7f0000000200)="d8f724dbd7a4c9bced10cbbfbfa4855414cc8156a1b7755ae0582eaddaad324a33dbec329a56e5aec6783c44535cc706ebd2cdc6", 0x34, 0x6}, {&(0x7f0000000400)="abd7cb00f49d742fb830f358f4a8cb04776ef70369c311a4e0975a1855270e66f01eb34e4fada00ba0e13d5dd139e9a8194ca6c8db8674e8a8105936aca4cec29b2eeb2c45b3b6440865ee758dc402a38a888f832c4a0bbd65a53937cedc7a6b6379c9dffe948342e6fbca75d3b1cef5e2e713f8afa950", 0x77, 0x3}, {&(0x7f0000000480)="95645d36d167b8c4ce7829058c24957f9d9e8c327badfa08dd2390d8ca840576418204623cbc21a7e2888ad053dfcace83", 0x31, 0x2}, {&(0x7f0000000500), 0x0, 0x2daa2aea}], 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:54 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000100)={0x80000001, 0x6, 0x6c9a, 0x1}) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000040)={0x808000000000000, {{0xa, 0x4e21, 0x100000001, @empty, 0x1}}}, 0x88) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:33:54 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) fsync(r1) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0xfff, @mcast2={0xff, 0x2, [], 0x1}, 0x83}, 0x1c) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:54 executing program 0: [ 282.226587] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop6. 2033/05/18 03:33:54 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000009100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:54 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:54 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:54 executing program 0: 2033/05/18 03:33:54 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) recvmmsg(0xffffffffffffffff, &(0x7f0000003300)=[{{&(0x7f00000001c0)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/166, 0xa6}], 0x1, &(0x7f0000000500)=""/221, 0xdd}, 0x7}, {{&(0x7f0000000340)=@alg, 0x80, &(0x7f0000001740)=[{&(0x7f0000000400)=""/73, 0x49}, {&(0x7f0000000600)=""/90, 0x5a}, {&(0x7f0000000480)=""/56, 0x38}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/133, 0x85}], 0x5, &(0x7f00000017c0)=""/10, 0xa, 0x7f}, 0x2}, {{&(0x7f0000001800)=@pptp={0x0, 0x0, {0x0, @local}}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001880)=""/207, 0xcf}, {&(0x7f0000001980)=""/46, 0x2e}, {&(0x7f00000019c0)=""/90, 0x5a}, {&(0x7f0000001a40)=""/185, 0xb9}, {&(0x7f0000001b00)=""/20, 0x14}, {&(0x7f0000001b40)=""/184, 0xb8}, {&(0x7f0000001c00)=""/242, 0xf2}], 0x7, 0x0, 0x0, 0x7}}, {{0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f0000001d80)=""/252, 0xfc}, {&(0x7f0000001e80)=""/166, 0xa6}], 0x2, &(0x7f0000001f80)=""/57, 0x39, 0x47}}, {{0x0, 0x0, &(0x7f00000031c0)=[{&(0x7f0000001fc0)=""/215, 0xd7}, {&(0x7f00000020c0)=""/236, 0xec}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x3, &(0x7f0000003200)=""/227, 0xe3, 0x3000000000000}, 0x1}], 0x5, 0x40002101, &(0x7f0000003440)={0x0, 0x989680}) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000003480)={0x5, {{0xa, 0x4e21, 0x7fff, @empty, 0x6}}}, 0x88) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:55 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:55 executing program 0: 2033/05/18 03:33:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700d400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:55 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:55 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275467721", 0x6) 2033/05/18 03:33:55 executing program 0: 2033/05/18 03:33:55 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x40000080) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:55 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) r2 = semget(0x3, 0x3, 0x400) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000040)=""/162) 2033/05/18 03:33:55 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3) ptrace$getsig(0x4202, r0, 0x401, &(0x7f0000000000)) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000040)=0x3) fcntl$setstatus(r2, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r2, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) r4 = dup2(r1, r3) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f00000000c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) 2033/05/18 03:33:55 executing program 0: 2033/05/18 03:33:55 executing program 5: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679a00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:56 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:56 executing program 0: 2033/05/18 03:33:56 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x0, 0x0) recvmsg$kcm(r0, &(0x7f0000000380)={&(0x7f00000001c0)=@un=@abs, 0x80, &(0x7f0000000340)=[{&(0x7f0000000280)=""/186, 0xba}], 0x1, &(0x7f0000000400)=""/138, 0x8a, 0xffff}, 0x12000) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000500)='veth0_to_bridge\x00') creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x206) 2033/05/18 03:33:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000f900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:56 executing program 5: 2033/05/18 03:33:56 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:33:56 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r1, &(0x7f0000000000)="1a60440c57a83154fc8c9eaf4b", &(0x7f00000000c0)="4bf3e00f0a973a23a64023f1306a9e9e4ad9aec4cc921cc98a0a6284a46f76cab7f5386840fc8b4c54ac10167d57d1e04735e6fe00a4621b3cce941566699f1ddc7101b87375d8984d6b9e10e535f3bd12aa1aa7a6601ce1e804", 0x3}, 0x20) dup2(r1, r3) 2033/05/18 03:33:56 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f00000001c0)={{0x11, @loopback=0x7f000001, 0x4e23, 0x3, 'lblcr\x00', 0x14, 0x100000001, 0xd}, {@broadcast=0xffffffff, 0x4e24, 0x2002, 0x6, 0xfffffffffffffffa}}, 0x44) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000440)={{{@in6=@ipv4={[], [], @loopback}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@rand_addr}}, &(0x7f0000000540)=0xe8) sendto$packet(r0, &(0x7f00000003c0)="a55138d725fcc86240a6939ddd5959de6dd18e1baac94d070a15c2c885907f96da5aafad4a174340b8d79f4aa644db7ba757a3ebd97038e75d54e5f5558f10e706e40bbafe6506883cbb65c3", 0x4c, 0x24000000, &(0x7f0000000580)={0x11, 0xff, r1, 0x1, 0x4, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x17}}, 0x14) r2 = getpgid(0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) sched_setscheduler(r2, 0x1, &(0x7f0000000140)=0x8) write$eventfd(r0, &(0x7f0000000280)=0x6, 0x8) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f00000002c0)={0x3, 0x0, 'client0\x00', 0x5, "f743f09605b4eb1d", "f21e435ad2d195aa90655202c976e328e7a1431c9e44975a7fc250f5f8653066", 0x100, 0x9}) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r3 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) io_setup(0x8, &(0x7f0000000040)=0x0) io_cancel(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x9, r3, &(0x7f0000000080)="c531b9cd14dc4bf34b84efe0c014879373b9bc09eb805b017d26015f3ee7674c91662238a13d8e21d4a57af8223b11cf1d6d293eb8e5492766424a1accf90b4bf4bdb7b5a7de3d", 0x47, 0x2, 0x0, 0x1, r3}, &(0x7f0000000180)) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f0000000240)=0x1f, 0x4) 2033/05/18 03:33:56 executing program 0: 2033/05/18 03:33:56 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x7, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000400)='./file0/file0\x00', 0x10001) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0), &(0x7f00000001c0)=0xfffffe7b) r1 = shmget(0x3, 0x1000, 0x54000000, &(0x7f0000ffe000/0x1000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000ffe000/0x1000)=nil) shmctl$IPC_INFO(r1, 0x3, &(0x7f0000000280)=""/242) ioctl$IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f0000000200)={0x10000, 0x5}) 2033/05/18 03:33:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000ff00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:56 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) bind(r0, &(0x7f00000001c0)=@vsock={0x28, 0x0, 0x2711, @my=0x0}, 0x80) faccessat(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x100, 0x300) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:57 executing program 0 (fault-call:0 fault-nth:0): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:57 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:33:57 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f00000000c0)) [ 284.584209] attempt to access beyond end of device [ 284.589303] loop5: rw=2049, want=130, limit=112 [ 284.594784] Buffer I/O error on dev loop5, logical block 129, lost async page write [ 284.675418] attempt to access beyond end of device [ 284.680540] loop5: rw=2049, want=131, limit=112 [ 284.685273] Buffer I/O error on dev loop5, logical block 130, lost async page write [ 284.701442] attempt to access beyond end of device [ 284.706533] loop5: rw=2049, want=132, limit=112 [ 284.729183] attempt to access beyond end of device [ 284.734258] loop5: rw=2049, want=133, limit=112 [ 284.743994] attempt to access beyond end of device [ 284.749210] loop5: rw=2049, want=142, limit=112 [ 284.755514] attempt to access beyond end of device [ 284.760690] loop5: rw=2049, want=143, limit=112 [ 284.765781] attempt to access beyond end of device [ 284.770798] loop5: rw=2049, want=144, limit=112 [ 284.776270] attempt to access beyond end of device [ 284.781320] loop5: rw=2049, want=145, limit=112 [ 284.786418] attempt to access beyond end of device [ 284.791406] loop5: rw=2049, want=258, limit=112 2033/05/18 03:33:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67ae00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:57 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) readlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)=""/219, 0xdb) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:57 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600), 0x0) 2033/05/18 03:33:57 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="627472667302", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000080)=ANY=[@ANYBLOB="1500080000000000876e7cfc4bc1c940457c2f7d"], &(0x7f0000000340)=0x1) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0x5, 0x4b1b123b, 0x101, 0x6, 0x8, 0x4, 0x9, 0xffffffff, 0x40d9, 0x8, 0x57b4, 0x4050}) tee(r0, r1, 0x100, 0x8) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x0, 0x0, &(0x7f0000000040), 0x0) write$binfmt_aout(r0, &(0x7f0000000580)={{0x10b, 0x7f, 0x1, 0x2f5, 0x278, 0x1, 0x2cd, 0x81}, "b37a183135f849c07cd80c56d63d6e4aed827ea7978b8054", [[], [], [], [], [], [], []]}, 0x738) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2033/05/18 03:33:57 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x100000000000011c, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:33:57 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x2}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) ioctl$KVM_GET_EMULATED_CPUID(r2, 0xc008ae09, &(0x7f0000000240)=""/104) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x802, 0x80) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000040)=0x1a4b) dup2(r1, r3) 2033/05/18 03:33:58 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:58 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:58 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02", 0x2) 2033/05/18 03:33:58 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000b600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:58 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x41}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:58 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000280)={0x50, 0x9, "d885aad42b3dc307e039a4a3647cbc58e7966b06989c475e813e9dd47679b2e3e0d9c3544843c49920bdd02dce091b64239ebbc44f115a73fb3fadf87f2f57ebd80cc9c343de1baf"}, 0x101002) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:58 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:58 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pselect6(0x40, &(0x7f0000000040)={0x6, 0x80, 0x577, 0x101, 0xfffffffffffffffd, 0xffff, 0x7, 0x8}, &(0x7f00000000c0)={0x2, 0xff, 0x100000000, 0x3cca, 0x5, 0xffff, 0x200, 0x1}, &(0x7f0000000100)={0x6, 0x0, 0x8, 0x3c, 0x5, 0x8, 0xfffffffffffffffa, 0x100000001}, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f00000001c0)={&(0x7f0000000180)={0x3}, 0x8}) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000000)={0x1, 0x400}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x2000000) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:59 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02", 0x2) 2033/05/18 03:33:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000000600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:59 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000280)={0x50, 0x9, "d885aad42b3dc307e039a4a3647cbc58e7966b06989c475e813e9dd47679b2e3e0d9c3544843c49920bdd02dce091b64239ebbc44f115a73fb3fadf87f2f57ebd80cc9c343de1baf"}, 0x101002) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:33:59 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="627472667303", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f00000000c0)='./file0/file0\x00', 0x202) 2033/05/18 03:33:59 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x4000, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$DRM_IOCTL_ADD_BUFS(r2, 0xc0206416, &(0x7f0000000000)={0x4, 0x5, 0x401, 0x6, 0x1c, 0x6}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000001c0)={@in6={{0xa, 0x4e23, 0x4, @mcast2={0xff, 0x2, [], 0x1}, 0x7}}, 0x5, 0xffff, 0x91a0, "fcd7bdd2d0108f69d337fc2c8cda81585d00360ab254c494e7b64532e92961a35c0b20c9f2565b15c63c76d917dbb2e387dcdf366d3ea309fa8bf02226e9e1d4a3c8eb5720d309ac74851cad618b4286"}, 0xd8) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:33:59 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r2 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) write$binfmt_aout(r2, &(0x7f0000000180)={{0x10f, 0x6, 0x7fff, 0x8f, 0x3e4, 0x8, 0x315, 0x5}, "20a5c2c9d2d1b7346808167734e8704003caa013c286b8a1f5113f56f2f3b58668", [[], [], []]}, 0x341) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:33:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000009000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:33:59 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df02", 0x2) 2033/05/18 03:33:59 executing program 5: r0 = fcntl$getown(0xffffffffffffff9c, 0x9) ptrace$setsig(0x4203, r0, 0x5, &(0x7f0000000080)={0x27, 0x0, 0x3, 0x698}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r1, 0x540a, 0x2) open(&(0x7f0000000000)='./file0\x00', 0x2, 0x10) ioctl$TCXONC(r1, 0x540a, 0x3) 2033/05/18 03:33:59 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 1 (fault-call:0 fault-nth:0): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0xaaaaaaaaaaaabed, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0xf}], 0x90001c, &(0x7f0000000240)=ANY=[]) r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x20200) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f00000001c0)=0x4, 0x4) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0x9) [ 286.982643] FAULT_INJECTION: forcing a failure. [ 286.982643] name failslab, interval 1, probability 0, space 0, times 0 [ 286.994012] CPU: 0 PID: 19805 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 287.000996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.010364] Call Trace: [ 287.012989] dump_stack+0x1b9/0x294 [ 287.016638] ? dump_stack_print_info.cold.2+0x52/0x52 [ 287.021841] ? perf_trace_lock_acquire+0xe3/0x980 [ 287.026716] should_fail.cold.4+0xa/0x1a [ 287.030795] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.035917] ? lock_downgrade+0x8e0/0x8e0 [ 287.040085] ? proc_fail_nth_write+0x96/0x1f0 [ 287.044607] ? find_held_lock+0x36/0x1c0 [ 287.048692] ? __irqentry_text_end+0x500d8/0x1f98a8 [ 287.053747] ? check_same_owner+0x320/0x320 [ 287.058089] ? rcu_note_context_switch+0x710/0x710 [ 287.063028] __should_failslab+0x124/0x180 [ 287.067273] should_failslab+0x9/0x14 [ 287.071076] __kmalloc+0x2c8/0x760 [ 287.074630] ? strncpy_from_user+0x500/0x500 [ 287.079033] ? fput+0x130/0x1a0 [ 287.082304] ? __x64_sys_memfd_create+0x139/0x5a0 [ 287.087232] __x64_sys_memfd_create+0x139/0x5a0 [ 287.091890] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 287.097419] ? memfd_fcntl+0x15d0/0x15d0 [ 287.101472] ? do_syscall_64+0x92/0x800 [ 287.105440] do_syscall_64+0x1b1/0x800 [ 287.109320] ? finish_task_switch+0x1ca/0x840 [ 287.113806] ? syscall_return_slowpath+0x5c0/0x5c0 [ 287.118723] ? syscall_return_slowpath+0x30f/0x5c0 [ 287.123735] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 287.129095] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.133936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.139116] RIP: 0033:0x455a09 [ 287.142289] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.161671] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 287.169375] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455a09 2033/05/18 03:33:59 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673fc", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:33:59 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x20003, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000140)={0x0}) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000100), &(0x7f0000000280)=0x4) setsockopt$inet_dccp_int(r1, 0x21, 0x3, &(0x7f0000000380)=0x7, 0x4) ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000180)={r2, 0x2}) ioctl(r0, 0xff, &(0x7f0000000240)="0047fc2f07d82c99240970") ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000340)) syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x7, 0x10001) ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000440)) r3 = getpgid(0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dsp\x00', 0x0, 0x0) r4 = syz_open_procfs(r3, &(0x7f0000000000)='stat\x00') sendfile(r0, 0xffffffffffffffff, &(0x7f0000000040)=0x4000000, 0x4000000000000000) ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000000480)) [ 287.176633] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baaee [ 287.183888] RBP: 000000000072bea0 R08: 0000000020000218 R09: 0000000000000000 [ 287.191145] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 287.198489] R13: 000000000000074f R14: 0000000000700008 R15: 0000000000000000 2033/05/18 03:34:00 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f00001aaff3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue0\x00'}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000040)={'team_slave_0\x00', {0x2, 0x4e24, @multicast2=0xe0000002}}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = memfd_create(&(0x7f0000857fff)='\t', 0x0) r3 = syz_open_dev$sndseq(&(0x7f000011c000)='/dev/snd/seq\x00', 0x0, 0x8000000000102) dup2(r3, r2) write$sndseq(r2, &(0x7f0000d81fd0)=[{0x26, 0x0, 0x0, 0x3fd, @tick, {}, {0x1}}], 0x30) 2033/05/18 03:34:00 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000b500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:00 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:00 executing program 1 (fault-call:0 fault-nth:1): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:00 executing program 7 (fault-call:5 fault-nth:0): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:00 executing program 4: shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffc000/0x3000)=nil) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200080}, 0xc, &(0x7f0000000080)={&(0x7f0000001000)={0x114c, 0x16, 0x1, 0x70bd25, 0x25dfdbff, {0x1e}, [@generic="fa86ec7b95998f5f6b8817b8726de3f1a466406551560c36e96522f3214bf66dab755da25123d4261c8294c60678625794a17fd0bec44678b55780174ecf7fe39c91e875cfd698c07b1c44c79e0e88c36d99f2ee7dab9224e941de9fa296c203f0275fea98b2a898a13193a86f0ac99330fab13801", @generic="21ed2faade3bd29a584571152268908053e19f98c3b8d5203d7aa7dc6dd867695cd8bf45dd54019f21af6736cc2e847210f14178419464d6e91dd17e73cfa68d33ea6176850a4cb2f544daecfad899eef11bc2e0eb2a96c22798a9e280af8ca3b41a24d2ce3e0c877521394f9fc9e04b90238ab9d21881840163084fa1e9aff3be80a0e4f7d1341952937294299d702e5b166c5e89a9ba49f7f1170e7732388d78d08b9abcaad569b3aa12c023eea3b288213d48efe9ae37133e123bfcaa0242f8aa9e3e9054806d6c566905603d5b21d36405ca2e920f37bb3bdc8eb9aa5140171f071e37d6f6e618528f477d8d939908f5fbdd04a91fffbf56ea62eb1954320a2d263cee59742c5a1b6f4d1938a050263f30b4340520afdaefd694749b7d22ff0c9475b26f7f81310107ce7245e89bb42e8e6119f99d0661acad3c066d12fe3cf97e6d06489f1ee8823a15bd5b13599a18db1898324ac1e20dbc136442aa03dbe7dd3c75618e0d83737f49081a61a20f3c86e57a94ca49b1fcf01771bf6fa31563f542ee3a2198fb354b7990a4b34f0780065886ede3746f4486271a917f2253491fe80ab7209126537a82a983e19ec62d95dbc05102b348307846f6de19743a797d72a18b49ce23c59b649070a731ece43c3f0c168fc3736a030daf7dc455e3a0c6d15c0b080abea7b77228490abcc82fd7798c1bc89a4c58b8e09d8ac37dff2be81c29fa16ca741cf83c86bf4070b59ff32cb451b008cedaeb2d1260b155a8a6577f83b3e9bc41c264a66a0d5bf93e44d432843a32ed1b23f0847a0569d1dc93ce30f7dcfc8e2ec09646eeae05b32fcfa2ed77d0dbcf199aba3c49d1ce3546cac2b9546acda2065423de7bf4c3fee57a80a0f44a82cc872a4fec217084be7bce82643a7c34ebf81833bd46f6327f9456db36d653100ab6ccb3bf483732e73a69f78c63d29fd8b849308100b480713d15290b13a079472acf35fa32352696b9eb006419ccd977d58180170fd629a997c5334f8b23104a312b143c4d3f6465b28cc83411402fe156e5ff2cab20ac206b4ffe507a1655fffcd5b52fa460d6828d54c9942461847b455e18dbcf403d4c9e3c73d706d7322a088757f5e78801391a53dd848034bf1c5e37e04b6b6d8285baad71861293eba4f81d511e50bc4d731946620b097a204a3faa6b6e110d9e71c7d870d2d916dbbce51922826043e110e0560b9046ebfd36ea89e7d474ea21f574777ef6bf7419a891dde9987af916c20a79f0321074ccb3ce8ff9c231090b38ed092f9b5dd8839597a655392a58f46e7812c3e27f7572f98cf1e1701a5b90ccff15828fbfad9382e6755c94c3abb85b591b529e6ca2aefdbaa9183e1493d835d23fd17bf9e4168a74c699f2d77f793f0c8d072189acbc0b7f7da5a5e0008f6ce5b9e54e21f4b49f26dd0d1abe2b42ff698b3708089aa87c5276585fb385ff9db0233089e62615cdacbda50ebae8b578c51caf156350a555efa3ebe8658ebaee1d5793ea9a10f73287614590c930c26525817ece911a9daa4cb08f7a675b7916a2f1bfee27d1156da3f78b08f8d58b9d9db0f59acdf0e14fd9dd55a941a0b396afd483c0e1f7f3cb10d6b7f9352540ca9cccf701aaa8315a6bf68353a5d6f25506deac756d4361e7d7be1373c79adbe8ccbb3927775a67b2552eec44e7300c243e1a003bb25b458b93472e2b41e990d796c1cfd6fa8c4f9ad60a54d88986a99dd6d9bc46e9ef6e36270a953aaf9852530455a40cf72dcf0fa3a783e0e809fe0e95e8c3de759ab673d8323deddc12e8c9d5dd454820c1cd6de8565e0dcf3f9c801592964ba982e2d24b88718a95da1bb889b0874a56bf9eea4e2cd5b5e5e4924d3df86b3a38739ad78104df3827caf36c7ae58ca42acaf14e18878ef0b075502eb524d2f9e4e71a997f01df33da3edd076a6c85e450ac4c5accbbd35a49352229da1088fc71ff1be9d630d23d3143d9cee98d5804f4a0145103f1212367b7abfa770e520a94964d2a78bc14d410f34a0c9b69eab5ef8e8ea192422c2581660ca3c03c8d133e53174ccb78b04c87c840ed7a4aaa4727b09130157b1ba21563de054f15b88e4a1434e177bfa3ced29f49b317c60cccbbb6a33dc521ccc744bbd13f5c34f102e47bc267b5f9e0ae38dc78762159ca4354e7934364baa358496ddfe7df576c04f5b443b4e345eb21b8879af69c683103ed587f9c7b64c7861e6d10eef85a2c802e6c4a12b0e81ead345f239fda451af5e6f57f195526a9c039b636d9265f33ad98df69172b25a14d1bf375b9b9ed2dda938c636d10d76093b8dadb8d2a9bf56c0a6579f91871ca8e43ffaee7458926ec4c17540a8dc11938cbec31f6257d77f314ecd39bb34881eb53291dd07cf5dce425314199db07367c2f8a09ecfd5b58118705fb31981d4b25fa0c04a954b5d65a041fa2f02a2122f2ed3a5ef0c2fd0a8c3e1a7ba206cd7550c8562d7bd1461663377c6e9fd7fb1348a5c5f45092c43c790f1d9e7afbd895946220a39dfa965b685d4c2d1896a23dc7de4500b79021947d9e9973278a92e5e441da4476a9af2d6691454e1abe371e74a8622571cf58ae1bf25b8ea7a7119f771e70c114439c6724aefd7ceeb934c806b7326db9879e238f909d68574c921486d321800cb66ba8546f664d526e8a33708cb8738b4c5038d75d755eaff68162f56dd492643eb2e54b2ca84fc825ee27af72d64cebe0b1c45f5fe6efd50e6dfa4003bf59acdcb121a2be053aec2242393260a457d2f44eeec1cb3fcbc09abb3b11ba0d917458823fa8bed45fc8ed6c78955b1c36debadcb148591f097921fd5f5335c709487e1b01ff2d526c7f9328f0dc087350a4892450abfa84a7e75ceccf243befd18fb97c7a2c089ebe30bd28fd17fb6fc464da87aa99bb7498f99146efc4901f327a023b69bc2d30ca88a2a635fb4820e0948b623e787ac526c6d96106f014f1153c38db256ad1969853c873d8e432f0af1e48349f4b9f716532e799e201e330a98e1252e1777723e0cd11efea5ef3b3095f6323709d08b21a31975aacebf827ae10f37e54252fdc12da13be0780637dc28bbf6b3313b876bb00b0449b5b0e96752630fba7ab54dfff44fcb82e33f73a987f0c0f5fba82281d6611c48f5525d55d11bf2129824e2faddb98fb4ef4eb969abb0f4eef490d37cd783ab7fabc9409047c68e0c8fd60ae29973a3a362a4067be2ec5f60f15ec01ee20c7151344052544cd9a650875dd3b1d82ee9369ffae44dcceeb118e013103cf574e094df823ff191819b1e2aeb95e64c21ab339dcfeef10f5770dc7a7d6a8d2d05617f6fe51759bb2daa2c675f5e965fec1edaaabb50941a801745534876f10942c5e083b04d58eaab5a39dfc97cc8afbd42461c146e3e73ab0a7d08011ea4a6a60f7d42c393829b30f918901e357ccd968b5cf544d1d987e68a2994781bd83b9ebb33526f125910628268fe11135657434784b538e7c4ffdc4548b3748bd364bd7103e025577464feab464ce20d07a8cf044351c0d9960aa61f7f886f8acdea35cfaf1bbc87efad96df49a1bf25dfff26661676c93e0f4e52e2c4028e44f833804347a39ea99139ae0e798cd1b26ed1162014774e85df7381c8926d4b5a9fcb83d2aa5230c3fb834512ab94cd591ccbcc3c79ea8155aded3f4cbfa3ccdc2d785c079076fa308388e10790cf5fa432766f946f4ff72a21a25d62b4ec1fa9cd1c2eb9112e69b8699fb247ba05dd346a0cebc297503aac83968315f3d597030c51b42c3e9f2e0795ee9751a63fdb1db73ed1196f31c4c19ccb4164d0a04c70a1da63b6fa6e346635ad15a8d0c6bdd19104c2dc4976716a043da3ac7722e5376674d0e17792e83370b6150a6cb025b298a483ac26e31b55ed7aa725a526c813b0112e69c302d43bca95428b61d28630b87f261647b55388b09ba44a1085292ad5db03702bd7602080625e0d5d79407e3947ff03368727382181faa40a11bf6398dfed5f2566c49456eb75a450c7403628494b38b1e91b9a7fbc8834174c784a2090674bd8432b119d746b4bdc95aeaf75912c0f6a447d66136fe841f8ef9f6e964ef7b0c8afa24b670b58bdfa12bfc171ec0555490c02a7755840cb37cd161a29defd70a229802c3e1531a140df6b8d5f3e0cf7ba0e8e1f06ed6f63dc23aa684abc90507944492e8cca757dcc3ffee2c09de94e51a5bed880c5b45afc294dbeeae3caa36ff9b3ca44af97ed8c30afbdd723c7270d8c0126b71bc092027dceca693eb400eeea76ade12e63cfc5c35c44d146ac8b5f17e4adc3a11f6c2fd9ee5e7c572a5968a6c7aca9131e1d4821a87f822922982554cf25106cb796b0d20513e2f6c902f35bde9b9d202d40e0fc1eb70c57e430a0e6405aaf0d0af53cc0421e105e18fa546e70fb48169bc1d5c672484956f68db2a1712a6fe0573f4e5adaa6d305e463b2f8ee0eafb17e51dedaa1fe3fac7f1c38072571cee8c3eb2b356d5f8d05beafa789c00e3aca7aec6ff52622d5f60b676b337f3e197d51f1450dbb98f5bb359d6ea43f01a7f7e4f0332bc7eceeaa40ff90706e7ac0da2d2a59dbe9cbfeef46fa6cbb6e2868431d6e50d95da7cbd6b661f39a964760d7c58bb32343ac0f9b4005b63b9397054e7d66c1dd8b75f93a481332b3ac13793283446012340e1f34fd96e9938e2a4ad959f032ddbb8f633f2363cfda00dbea4ccf95302d590ef4531a9a2b1d884feb35672456d6949dc87692efe61ea1cc064445d267b90fded83ab1b74385221affe1886cc7b3010a9d467450afa7f72196fc60ac570ef148234cc7126522d2019ccdfdb4b89ec913fed2191afada211f80aa6588638e3e3ade2d0b9482fcab8c6d449d24a26b6b9598d83e6098b3244fbac2fe8228d84f46b34d31e3aa86450ca284b92e96f3ad212a11ba9fe1ec1a52718039edefc29a5e2be66b19af32cbc5761988173d19ad6ba7f44480066f62d380a90e453b76e37786b957588b83c6c45ca279166b2ea092ea1c82fa04345aaa8464b2598a7c45c632898ac1678bd238ddeeb04f846f05049c08835f4ca86c0ee00f345619709ca6633de2936d83a4558b723a4bc5efdb3032bb7a18263c443f5babc7799215a0fddc8c7781ca6cbc92ea7a041b95b3fde11574b610cf3822f5cc0f5da846a6117d51b79fdcf767449034b509a8ddff8e737155d4fc772457f26e5454be96cdb2bc0ab7d50c76c965ce3fbdeb467482453a92b26dbc8ad3575a896839d9f4f4898bf3a1c282df09be6c564694c4489b2088adb9caf4951bb0b4fcf9b40789619a80371e856d88dffaba13efd208b881c0ca0aaaf29310d4a48abe3a04a35caa693a6156a3fc09d66dadadfb957e4a51a9c96d8210b28c0ac1e031bea3be1416b7964e1fb9f19e4335f2927964e5755259247083891b41c5f693030b091a2b7e2af3f3d2f2e01aaac0d4420d6d952f6728587d19afe63df3db152d50fded6f199beacb72b12053c9c3498dd91299471d9baa38249faa45768025d57dce742dd9c20d26130b9fb45d527ddf15ff8086022584ac852b6fb708433eecf44a39d6370e72d68bf0001a0f643337d578ab952b5b8b22ada7cb1b28957c028590530f84511d755469a131bcee473c11d4f18cf5ff26c267f2622ac62b4558b6f2ebd349e353c574dc2017772d5d72fabe7ca65285895240397037b9ef7b6479684596e6cc9ef7064f759fcc5101cf5b6ea71eb84002029fc73caf2e1628609c7dce5689a86d16af75cb48d1176464fae", @nested={0xc0, 0x10, [@typed={0x8, 0x8a, @u32=0x20}, @typed={0x14, 0x0, @ipv6=@loopback={0x0, 0x1}}, @generic="9c2f83853095f8d8e417d5042a90c12eeaf01c4623b69f4c837b7a667590c0fac75f74e6cb554ae6447be3022ad158ce3ce33c2f5f72617bf5e1495cd52d322de5e05a9724838205c427d036c190112a888b29f1888e36b5dcea117400029a167312e40a4163c5e3ecfef0f4f1ac1362938079a3f7227d7cb7ff616912606fd6576922b7538d964b2aa5699ca2", @typed={0x8, 0x3a, @ipv4=@multicast1=0xe0000001}, @typed={0x8, 0x18, @ipv4=@rand_addr=0xfffffffffffffeb3}]}]}, 0x114c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:00 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f00000000c0)='./file0\x00', 0x202) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x1) 2033/05/18 03:34:00 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f00000000c0)={"c75cbaff033223a6cdae8b23afd59de59e3c233670cd931c69148f95f62f91b40bb1d56ab5d5e397d502c8291074f8949ad138541ed90fe3fe2bf4c3279fc634b8751edbac163a4bf50412756bbe417af8fe96d41eae5bb961660428def7ad91b1a36561507dd446512381e14c30b904e7a2d85fb0d4efebeaf3301a0cf80ca7f804e22fb9b10d60258bbf70c8479a95f0763ea4b7c36bf1f41aa6d9cbbdf56b212d7297b505305fa399b627fefbcba469f22f7f18192544d1d4533ab73a24724cce07713382868106d11068a5c871ed61b02fa247799be897fd21b79faabe1fda30d0dc4cc4d3c371d0383cd04c784981f2689a228928983ebec546a0b3b34b42d2120ff5d7c115bc5aff146e0f78de7d5c4664f1dcf709235e193b89e1c713bbc296b0e2baba2c9ab50f577f75cec9baa248a7072f534353ac597ed4f9ce9a36f4effb4b0804f2d6f4b178f7f64a4106b347327341ffec54ad294b352e846a2a35d94e9df807e112f88c1407b3fe783f4949b76badb899316e084a46bd7a4ce720ddd8d56b2160c546aca15309303ba3d0c1b4ffca4077335c88ebfda3c8f3f2f1ac49560c88ffd9ab5fd9c3f41f99c82d4d3c8a0c604626e0108f3fdaadaf2b46d266ec57bc2f3e5dc47561a01cf91615ba5f92078c33f58beebdca310bf7ce6291fff281ed2aeb679f8eb79c097a8cdf47c557928a90a44efd59f72c0ed3d833df0a908e326986e453ed0402a5339bcbb30e21545d4ceda36f0ce80912e2ac57fb9293882432b857e5bd54300f44d6e59300540c5c78a56036f11d6a98d01cfc08738e0b1270c2ebf5b3ecf35800d426bbabd028272393dc9451a3d225129ec0b24a6497e7cd9ae0d0d920d21422a74d6b4a1c311571f5a28e83449967092914b4ff8d4e458d9bf99818bf3e51141d1f75fbb2e44f208bb909d341193de8b1c1ac6ecb3916357b45d1f4aa3f1ec0f288c6caf7b2c5e965ddd33dd17085d13c2d8e9eba5f52b169a8c15cbff8de955204a6823adc43a7226e78d16e6d4715fdf84474109f67b1bfb4fcb70465c6fc6d0c0649c35e72e14492416a4cac082ba7fe77fccb88f22e2a5a75fc54c3d078c608b2f823b5d2043eda1f0a282975f101a33ce690a8d6631efd0c14d559f77492dbf9420c2e70bc2fd90f84681350ea74a7c1e0c527cfce49de9c063d96b319c385962afdb7a4502e88329566a03e9bd3e736b083913ee37d93f103611cb1a26fe425a4275ba00a2cb41c5abbe8e6cfe53efe4e05d65daf2605fa0ef8126221ac71bbbb2ee0929839f5776c128dd887090d1bc004b7d725143c3101ca8c5a439bf8f420afcb266be3a59106232ea948f6ccd764c3fe93d8e2f2f2dbf1cfe9c51b86e4f94c72f8832072f2081a3a45c6b52fdc7bee5b3c08edce0fcbda9ea9ebe6bfad433e51179b0d48a0f95acc58b8"}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000004c0)={"3a01082cce190e3aeab4d60172fcbe996f9f4fe0e41061034f80aa44228b07bb02ceee1ddbcbef0cbad645e050c5d624dbecc4f9595c24cf68c621718edcc9bb6d18734fb8741d463794334b6a8c4da28f26b830202b35827537970cd3da6686f65705e1de2b87eca0d90d73fe5df96a77b82c4c8e59621172718aca2cbcb4783f525b624f02105df6177891e37e1eb4e54ac7415055842fa864606b8eadaec5b9ebe92bda6b02a98ed5d4ef9ff9044e4358b89798c14cb47fb2d9375151966216f395d86f897b7075367459d913d9cf8571489100937db88bb1466b4f63e52b2b8e5f3d7bc8c1f7a251e418865aac922d787d558793e0df3c4a38788d4a41b3e34d0f1b35c32a60e13c76e43d82fde694f4615bdd37c2d097a9adb596c500641ba97b9287067edad4bdedf25a1f834b2f126e55ce9b80ebc3bf3b0cdcbdd1dd6d9e4a36da9eee6639b573299c35da40b838a1657ee2cf93438b5704c33095ff9ab3dc8b345f05548c9d600cfed47da26d86ffdb45fc299401753204e79139f3ac83e79d08be337196da84dab4a1637558047a2b3098e1ac6333ae2caba603b5dfe2016b927eddb6c40f049e066195e4763c7d270e57fef3adeff185920edd2af26bb458a1c575680f3a9abf06368f94b11ccaf288968f757e6d49d67b8585958bb451da2a3a88f4259d3f1ff3587001eb2f4536639005f2f86cdd3f5b2253a1b3dd43a3c16a3872e65f79e2c084161917a74ca3f317b51c3bd30b5fa95808e2e0e06759dffeaab5d8b1e3f27b4cf5dde00a05b89a74d58ea5af5c97dd40de308e6e6385f0dce321e51e8c93c4cad7273ac3e9a8836742596b9821b9faf52b1542c0646f7f8d1db9481a8dca0082ca049eea94c09b966254d537e2829705907f715ba4dba73409e36a465683c9beb514df707d40f92c8d9b38b74c12b77e5dd08ecc54329f4ddf1841977f18b8f84993dc98122296c70053ed5b1bd7786ce88b3b7b1e5b5396449eccba63efe28c7855e21fb743b204d7e7d99905c67bbbafcfe70c7e19f598f3858cf7ff2c559a3a6ae052f6a22fae6930598608cdcda11e29edd55a20a1663a93c7cc5c7c38607197f96b74dc650d1fb824bf96ca3457e62c0cad7fbb2c6e882a53af2de47283278e54287267ec5cb735661f1d32556177206c3f4881815b6b77df8ac7e3f18ad30ca80cc4ea18d1bc206b1e961ade067ebb7549de1e6badc82495e17d5e3bf7dbbf0aa31c42a7415db462f5cf238f01e7e5ad1a7c1bc71a703712c3293da21a50c091dfb173762720cda3a65232409b9b23b329a758dfe892c751abe1e84892bf15092f31d2156fe022a3989b43494ef8e447b82347819c1c8df14e6719acf50e56123b5763577c2a4514ffbf4a811b7f25d9cabcc001e5756dc25d74ba67df3108d36238aeb1d64557b93b23aad3594f19"}) dup2(r1, r3) [ 287.744687] FAULT_INJECTION: forcing a failure. [ 287.744687] name failslab, interval 1, probability 0, space 0, times 0 [ 287.756081] CPU: 1 PID: 19847 Comm: syz-executor7 Not tainted 4.17.0+ #86 [ 287.763038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.772433] Call Trace: [ 287.775042] dump_stack+0x1b9/0x294 [ 287.778697] ? dump_stack_print_info.cold.2+0x52/0x52 [ 287.783906] ? perf_trace_lock_acquire+0xe3/0x980 [ 287.788762] ? find_held_lock+0x36/0x1c0 [ 287.792849] should_fail.cold.4+0xa/0x1a [ 287.796927] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.799817] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'. [ 287.802043] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 287.802060] ? proc_fail_nth_write+0x96/0x1f0 [ 287.802096] ? find_held_lock+0x36/0x1c0 [ 287.824602] ? check_same_owner+0x320/0x320 [ 287.828955] ? rcu_note_context_switch+0x710/0x710 [ 287.833906] __should_failslab+0x124/0x180 [ 287.839105] should_failslab+0x9/0x14 [ 287.842939] __kmalloc+0x2c8/0x760 [ 287.846488] ? ksys_write+0x1a6/0x250 [ 287.850312] ? keyctl_update_key+0x5f/0x140 [ 287.853222] FAULT_INJECTION: forcing a failure. [ 287.853222] name failslab, interval 1, probability 0, space 0, times 0 [ 287.854648] keyctl_update_key+0x5f/0x140 [ 287.854669] __x64_sys_keyctl+0x330/0x3b0 [ 287.854690] do_syscall_64+0x1b1/0x800 [ 287.854713] ? finish_task_switch+0x1ca/0x840 [ 287.882511] ? syscall_return_slowpath+0x5c0/0x5c0 [ 287.887439] ? syscall_return_slowpath+0x30f/0x5c0 [ 287.892379] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 287.897745] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.902585] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.907765] RIP: 0033:0x455a09 [ 287.910942] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.930371] RSP: 002b:00007efdce0b3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 287.938077] RAX: ffffffffffffffda RBX: 00007efdce0b46d4 RCX: 0000000000455a09 2033/05/18 03:34:00 executing program 5: r0 = socket$inet(0x10, 0x3, 0x0) r1 = socket(0xa, 0x200000000001, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x101000, 0x0) ioctl$SG_GET_TIMEOUT(r2, 0x2202, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="240000002e0007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) ioctl$PPPIOCGFLAGS(r1, 0x8004745a, &(0x7f0000000080)) [ 287.945339] RDX: 0000000020000600 RSI: 000000003851f9f7 RDI: 0000000000000002 [ 287.952602] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 287.959866] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000014 [ 287.967131] R13: 00000000000004ad R14: 00000000006fc0d8 R15: 0000000000000000 [ 287.974419] CPU: 0 PID: 19858 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 287.981362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.990726] Call Trace: [ 287.993332] dump_stack+0x1b9/0x294 [ 287.996981] ? dump_stack_print_info.cold.2+0x52/0x52 [ 288.002186] ? perf_trace_lock_acquire+0xe3/0x980 [ 288.007827] should_fail.cold.4+0xa/0x1a [ 288.011899] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.017029] ? find_held_lock+0x36/0x1c0 [ 288.021129] ? check_same_owner+0x320/0x320 [ 288.025475] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 288.030502] ? rcu_note_context_switch+0x710/0x710 [ 288.035441] __should_failslab+0x124/0x180 [ 288.039711] should_failslab+0x9/0x14 [ 288.043517] kmem_cache_alloc+0x2af/0x760 [ 288.047669] ? lock_downgrade+0x8e0/0x8e0 [ 288.051814] __d_alloc+0xc0/0xd30 [ 288.055258] ? do_raw_spin_unlock+0x9e/0x2e0 [ 288.059700] ? shrink_dcache_for_umount+0x290/0x290 [ 288.064707] ? __lock_is_held+0xb5/0x140 [ 288.068768] ? llcp_sock_create+0xe0/0x110 [ 288.073007] ? _raw_spin_unlock+0x22/0x30 [ 288.077150] ? __alloc_fd+0x346/0x700 [ 288.080949] ? exit_files+0xb0/0xb0 [ 288.084576] ? lock_downgrade+0x8e0/0x8e0 [ 288.088715] d_alloc_pseudo+0x1d/0x30 [ 288.092507] __shmem_file_setup+0x1ed/0x6e0 [ 288.096820] ? shmem_fill_super+0xa30/0xa30 [ 288.101133] ? get_unused_fd_flags+0x121/0x190 [ 288.105704] ? __alloc_fd+0x700/0x700 [ 288.109510] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 288.115041] ? _copy_from_user+0xdf/0x150 [ 288.119194] __x64_sys_memfd_create+0x2a7/0x5a0 [ 288.123853] ? memfd_fcntl+0x15d0/0x15d0 [ 288.127917] ? do_syscall_64+0x92/0x800 [ 288.131886] do_syscall_64+0x1b1/0x800 [ 288.135764] ? finish_task_switch+0x1ca/0x840 [ 288.140251] ? syscall_return_slowpath+0x5c0/0x5c0 [ 288.145169] ? syscall_return_slowpath+0x30f/0x5c0 [ 288.150108] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 288.155480] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 288.160329] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.165509] RIP: 0033:0x455a09 [ 288.168683] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 288.188058] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 288.195757] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455a09 [ 288.203022] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baaee [ 288.210283] RBP: 000000000072bea0 R08: 0000000020000218 R09: 0000000000000000 [ 288.217538] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 288.224796] R13: 000000000000074f R14: 0000000000700008 R15: 0000000000000001 2033/05/18 03:34:01 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x4}, 0x1c) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x4, 0x400000) write$eventfd(r1, &(0x7f0000000040), 0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0x0, @empty, 0x8001}}, 0x6, 0x101}, &(0x7f0000000080)=0x90) setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000000c0)={r2, 0x70, 0x5, 0x86}, 0x10) sendmmsg(r0, &(0x7f000000ac80)=[{{&(0x7f0000000500)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000440), 0x0, &(0x7f0000000140)}}, {{0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000580)=[{0x10, 0x29, 0x3e}], 0x10}}], 0x2, 0x0) 2033/05/18 03:34:01 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffff, 0x80000) open_by_handle_at(r0, &(0x7f0000000280)={0xf2, 0x0, "aa1ab4ad44b90894ad4a6a799a7ba51c5618ac1429c1d74ee26dc8c34f3d8412589f61c996e62b4087a76b66b2ac190627f9f2a65397cb16dbdfdaf710d6ed93813236f2d3fe5392900ee26298457d13a4cb66c179432e8de7197d74b7c44f0635d36c5149a09041d99c00e95ff8abf041cdc9198dfe86f66cfd13a8ce0d45ecc6a60744af8b678e839e000091bab60ff8378b08d5b0d1b0c0d894c4bcc1fdda1a0d13f6f7c833b0d40c31d7a4ae66f46b09fdebb835e491c2dc47363c043cf7fb757f43cbb7a4d6750a58a5f1bdb46d2f64c6c8e90bd57d0bc27be29d85d007c54b3faea2c073979842"}, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000200)={0x1e, &(0x7f00000001c0)="4462b976e13965cbd19f18640d9199a3d32a3b098538a93f041b785d6df4"}) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:34:01 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:01 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000d800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:01 executing program 7 (fault-call:5 fault-nth:1): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:01 executing program 1 (fault-call:0 fault-nth:2): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:01 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x7, 0x0, 0x1, 0x7}) ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f0000000080)={r2, 0x1f}) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="fd0000000800000000000000688e9bb2ffd7ebe0cf29859b6b14e7ef09cf33b299c246cdfbd2b2c4d12de9d0ab5ec5c312276fe362bd509f65b648b7fb3a5fa85a1400b089a9106b12325a80f7eb15441bcee37cd2cbac2691dafe8c10e26c22108898cf308f4ae430e7a5e0467a51feaa89b70297b25a26275468cce708b1faf04bf19b59c22a3ef70f7e00fa7cc98f19896386cd0615c974474e8b80da0fdb48aceffd90a9b999dcb29863be281c0461a402dcd231fd609c20bf21cae4364449c35f7e9c493f099ba8b42b8a291613a833e6095d4212de8f267d8df198aa4c992cf7128f996b3baf5f487373e52fc4efab249aacef6aba6375d6c61a2f33361e134005cdad7baf30"]) sched_setscheduler(r1, 0x3ffffffe, &(0x7f0000000140)=0x40000008) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f00000000c0), &(0x7f0000000100)=0x40) mknod(&(0x7f00000002c0)='./bus/file0\x00', 0x1000, 0xfffffffc) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:01 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000000)={0x0, 0x5, 0x0, 0x0, 0x1000000003}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0)='team\x00') ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'ifb0\x00', 0x0}) accept$packet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000180)=0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r4, 0x0, 0x70bd27, 0x25dfdbfd, {0x3}, [{{0x8, 0x1, r5}, {0x3c, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r6}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x20004000) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) [ 288.816909] FAULT_INJECTION: forcing a failure. [ 288.816909] name failslab, interval 1, probability 0, space 0, times 0 [ 288.828230] CPU: 1 PID: 19885 Comm: syz-executor7 Not tainted 4.17.0+ #86 [ 288.835171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.843803] FAULT_INJECTION: forcing a failure. [ 288.843803] name failslab, interval 1, probability 0, space 0, times 0 [ 288.844957] Call Trace: [ 288.844981] dump_stack+0x1b9/0x294 [ 288.845005] ? dump_stack_print_info.cold.2+0x52/0x52 [ 288.845023] ? perf_trace_lock_acquire+0xe3/0x980 [ 288.845041] ? perf_trace_lock_acquire+0xe3/0x980 [ 288.845067] should_fail.cold.4+0xa/0x1a [ 288.881353] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.886465] ? lock_downgrade+0x8e0/0x8e0 [ 288.890613] ? find_held_lock+0x36/0x1c0 [ 288.894693] ? check_same_owner+0x320/0x320 [ 288.899010] ? __might_sleep+0x95/0x190 [ 288.902989] ? rcu_note_context_switch+0x710/0x710 [ 288.907922] __should_failslab+0x124/0x180 [ 288.912154] should_failslab+0x9/0x14 [ 288.915949] __kmalloc+0x2c8/0x760 [ 288.919486] ? security_key_permission+0x94/0xc0 [ 288.924235] ? user_preparse+0x96/0x1a0 [ 288.928206] user_preparse+0x96/0x1a0 [ 288.931998] ? logon_vet_description+0x50/0x50 [ 288.936574] key_update+0x253/0x550 [ 288.940208] ? key_set_timeout+0xd0/0xd0 [ 288.944291] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 288.949825] ? _copy_from_user+0xdf/0x150 [ 288.953973] keyctl_update_key+0x10e/0x140 [ 288.958209] __x64_sys_keyctl+0x330/0x3b0 [ 288.962397] do_syscall_64+0x1b1/0x800 [ 288.966280] ? finish_task_switch+0x1ca/0x840 [ 288.970771] ? syscall_return_slowpath+0x5c0/0x5c0 [ 288.975696] ? syscall_return_slowpath+0x30f/0x5c0 [ 288.980627] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 288.985989] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 288.990844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.996056] RIP: 0033:0x455a09 2033/05/18 03:34:01 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000040)="940a00d2f937cddfd6", 0x9) socketpair$inet6(0xa, 0x80a, 0x8, &(0x7f0000000000)={0xffffffffffffffff}) r2 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x3, 0x402282) ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000000140)=0x3) getsockopt$inet6_tcp_int(r1, 0x6, 0x1f, &(0x7f0000000080), &(0x7f00000000c0)=0x4) socket$inet_udp(0x2, 0x2, 0x0) [ 288.999234] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.018635] RSP: 002b:00007efdce0b3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 289.026340] RAX: ffffffffffffffda RBX: 00007efdce0b46d4 RCX: 0000000000455a09 [ 289.033610] RDX: 0000000020000600 RSI: 000000000d33d077 RDI: 0000000000000002 [ 289.040872] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 289.048136] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000014 [ 289.055397] R13: 00000000000004ad R14: 00000000006fc0d8 R15: 0000000000000001 2033/05/18 03:34:01 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 289.062682] CPU: 0 PID: 19892 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 289.069620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.078977] Call Trace: [ 289.081582] dump_stack+0x1b9/0x294 [ 289.085226] ? dump_stack_print_info.cold.2+0x52/0x52 [ 289.090430] ? perf_trace_lock_acquire+0xe3/0x980 [ 289.095285] ? __kernel_text_address+0xd/0x40 [ 289.099801] should_fail.cold.4+0xa/0x1a [ 289.103872] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 289.108985] ? save_stack+0xa9/0xd0 [ 289.112621] ? save_stack+0x43/0xd0 2033/05/18 03:34:01 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000008800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 289.116255] ? kasan_kmalloc+0xc4/0xe0 [ 289.120145] ? kmem_cache_alloc+0x12e/0x760 [ 289.124474] ? __d_alloc+0xc0/0xd30 [ 289.128105] ? d_alloc_pseudo+0x1d/0x30 [ 289.132087] ? __shmem_file_setup+0x1ed/0x6e0 [ 289.136576] ? do_syscall_64+0x1b1/0x800 [ 289.140628] ? find_held_lock+0x36/0x1c0 [ 289.144696] ? check_same_owner+0x320/0x320 [ 289.149013] ? rcu_note_context_switch+0x710/0x710 [ 289.153935] ? kasan_check_read+0x11/0x20 [ 289.158071] ? rcu_is_watching+0x85/0x140 [ 289.162209] __should_failslab+0x124/0x180 [ 289.166436] should_failslab+0x9/0x14 [ 289.170225] kmem_cache_alloc+0x2af/0x760 [ 289.174362] ? __raw_spin_lock_init+0x1c/0x100 [ 289.178935] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 289.183941] ? shmem_destroy_callback+0xc0/0xc0 [ 289.188601] shmem_alloc_inode+0x1b/0x40 [ 289.192654] alloc_inode+0x63/0x190 [ 289.196278] new_inode_pseudo+0x69/0x1a0 [ 289.200330] ? prune_icache_sb+0x1a0/0x1a0 [ 289.204553] ? shrink_dcache_for_umount+0x290/0x290 [ 289.209610] new_inode+0x1c/0x40 [ 289.212967] shmem_get_inode+0xe5/0x8f0 [ 289.216935] ? shmem_encode_fh+0x340/0x340 [ 289.221166] ? exit_files+0xb0/0xb0 [ 289.224783] ? lock_downgrade+0x8e0/0x8e0 [ 289.228921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 289.234444] ? d_set_d_op+0x31d/0x410 [ 289.238238] __shmem_file_setup+0x249/0x6e0 [ 289.242550] ? shmem_fill_super+0xa30/0xa30 [ 289.246862] ? get_unused_fd_flags+0x121/0x190 [ 289.251434] ? __alloc_fd+0x700/0x700 [ 289.255225] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 289.260756] ? _copy_from_user+0xdf/0x150 [ 289.264898] __x64_sys_memfd_create+0x2a7/0x5a0 [ 289.269559] ? memfd_fcntl+0x15d0/0x15d0 [ 289.273610] ? do_syscall_64+0x92/0x800 [ 289.277580] do_syscall_64+0x1b1/0x800 [ 289.281452] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 289.286285] ? syscall_return_slowpath+0x5c0/0x5c0 [ 289.291205] ? syscall_return_slowpath+0x30f/0x5c0 [ 289.296130] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 289.301487] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.306327] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.311503] RIP: 0033:0x455a09 [ 289.314674] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.334045] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 289.341753] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455a09 [ 289.349192] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baaee [ 289.356477] RBP: 000000000072bea0 R08: 0000000020000218 R09: 0000000000000000 [ 289.363744] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 289.370999] R13: 000000000000074f R14: 0000000000700008 R15: 0000000000000002 2033/05/18 03:34:01 executing program 1 (fault-call:0 fault-nth:3): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:01 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000380)='vfat\x00', &(0x7f0000000400)='./file0\x00', 0xe000, 0x0, &(0x7f00000003c0), 0x80001c, &(0x7f00000001c0)=ANY=[@ANYBLOB="2deb4629f8b55e00975a6811cb02ccad70ec8e4fe8d28f13a94a2ab80ad588875eca946e453602000000000000f03affd518ee4404eb890eaf16b6fab87fc152a718308947596565"]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:34:02 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:02 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000008600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 289.506761] FAULT_INJECTION: forcing a failure. [ 289.506761] name failslab, interval 1, probability 0, space 0, times 0 [ 289.518108] CPU: 1 PID: 19917 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 289.525041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.534400] Call Trace: [ 289.537016] dump_stack+0x1b9/0x294 [ 289.540663] ? dump_stack_print_info.cold.2+0x52/0x52 [ 289.545860] ? perf_trace_lock_acquire+0xe3/0x980 [ 289.550713] ? graph_lock+0x170/0x170 [ 289.554524] should_fail.cold.4+0xa/0x1a [ 289.558598] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 289.563738] ? find_held_lock+0x36/0x1c0 [ 289.567806] ? graph_lock+0x170/0x170 [ 289.571618] ? find_held_lock+0x36/0x1c0 [ 289.575706] ? check_same_owner+0x320/0x320 [ 289.580029] ? graph_lock+0x170/0x170 [ 289.583842] ? rcu_note_context_switch+0x710/0x710 [ 289.588780] ? kasan_check_read+0x11/0x20 [ 289.596770] ? do_raw_spin_unlock+0x9e/0x2e0 [ 289.601186] __should_failslab+0x124/0x180 [ 289.605439] should_failslab+0x9/0x14 [ 289.609248] kmem_cache_alloc+0x2af/0x760 [ 289.613404] ? find_held_lock+0x36/0x1c0 [ 289.617478] get_empty_filp+0x125/0x520 [ 289.621464] ? proc_nr_files+0x60/0x60 [ 289.625366] ? kasan_check_read+0x11/0x20 [ 289.629523] ? do_raw_spin_unlock+0x9e/0x2e0 [ 289.633941] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 289.638535] ? kasan_check_write+0x14/0x20 [ 289.642778] ? do_raw_spin_lock+0xc1/0x200 [ 289.647026] alloc_file+0x24/0x3e0 [ 289.650576] ? clear_nlink.part.9+0x65/0x80 2033/05/18 03:34:02 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000080)) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x8, 0x9686, 0x34}, 0xc) 2033/05/18 03:34:02 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700e400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 289.654913] __shmem_file_setup+0x304/0x6e0 [ 289.659247] ? shmem_fill_super+0xa30/0xa30 [ 289.663582] ? get_unused_fd_flags+0x121/0x190 [ 289.668170] ? __alloc_fd+0x700/0x700 [ 289.671999] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 289.677545] ? _copy_from_user+0xdf/0x150 [ 289.681706] __x64_sys_memfd_create+0x2a7/0x5a0 [ 289.686383] ? memfd_fcntl+0x15d0/0x15d0 [ 289.690448] ? do_syscall_64+0x92/0x800 [ 289.694432] do_syscall_64+0x1b1/0x800 [ 289.698322] ? finish_task_switch+0x1ca/0x840 [ 289.702822] ? syscall_return_slowpath+0x5c0/0x5c0 [ 289.707757] ? syscall_return_slowpath+0x30f/0x5c0 [ 289.712680] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 289.718039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.722881] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.728065] RIP: 0033:0x455a09 [ 289.731234] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.750513] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 289.758228] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455a09 [ 289.765502] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baaee [ 289.772771] RBP: 000000000072bea0 R08: 0000000020000218 R09: 0000000000000000 [ 289.780044] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 289.787311] R13: 000000000000074f R14: 0000000000700008 R15: 0000000000000003 [ 289.826818] FAT-fs (loop6): Unrecognized mount option "-ëF)øµ^" or missing value 2033/05/18 03:34:02 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:02 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67b200", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:02 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000013000/0x1000)=nil, 0x1000, 0x2, 0x32, r1, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1}) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000040)={0x9, 0x8718, 0x5d8, 0xfffffffffffffff8}, 0x10) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) recvfrom$unix(r1, &(0x7f0000000000)=""/54, 0x36, 0x40012100, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) 2033/05/18 03:34:02 executing program 7 (fault-call:5 fault-nth:2): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:02 executing program 1 (fault-call:0 fault-nth:4): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:02 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0xb69, 0x2081) close(r0) 2033/05/18 03:34:02 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f00000000c0)={'tunl0\x00', 0x400}) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) utime(&(0x7f0000000100)='./bus\x00', &(0x7f0000000180)={0xe8, 0x8d5f}) 2033/05/18 03:34:02 executing program 6: recvmmsg(0xffffffffffffff9c, &(0x7f0000004200)=[{{&(0x7f0000000400)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, 0x80, &(0x7f0000001900)=[{&(0x7f0000000500)=""/178, 0xb2}, {&(0x7f0000000200)=""/41, 0x29}, {&(0x7f00000005c0)=""/135, 0x87}, {&(0x7f0000000680)=""/122, 0x7a}, {&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/131, 0x83}, {&(0x7f00000017c0)=""/154, 0x9a}, {&(0x7f0000001880)=""/66, 0x42}, {&(0x7f0000000380)=""/34, 0x22}], 0x9, &(0x7f00000019c0)=""/83, 0x53}, 0x200}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000001a40)=""/161, 0xa1}, {&(0x7f0000001b00)=""/229, 0xe5}], 0x2, &(0x7f0000001c00)=""/224, 0xe0, 0x101}, 0x3}, {{&(0x7f0000001d00)=@ethernet, 0x80, &(0x7f0000003440)=[{&(0x7f0000001d80)=""/207, 0xcf}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000001f40)=""/234, 0xea}, {&(0x7f0000002040)=""/198, 0xc6}, {&(0x7f0000002140)=""/177, 0xb1}, {&(0x7f0000002200)=""/69, 0x45}, {&(0x7f0000002280)=""/233, 0xe9}, {&(0x7f0000002380)=""/4096, 0x1000}, {&(0x7f0000003380)=""/56, 0x38}, {&(0x7f00000033c0)=""/108, 0x6c}], 0xa, &(0x7f0000003500)=""/212, 0xd4, 0x47}, 0x9}, {{&(0x7f0000003600)=@ipx, 0x80, &(0x7f0000003780)=[{&(0x7f0000003680)=""/87, 0x57}, {&(0x7f0000003700)=""/121, 0x79}], 0x2, &(0x7f00000037c0)=""/68, 0x44, 0x7}, 0x2}, {{&(0x7f0000003840)=@nl=@unspec, 0x80, &(0x7f0000003a40)=[{&(0x7f00000038c0)=""/157, 0x9d}, {&(0x7f0000003980)=""/20, 0x14}, {&(0x7f00000039c0)=""/24, 0x18}, {&(0x7f0000003a00)=""/6, 0x6}], 0x4, &(0x7f0000003a80)=""/138, 0x8a, 0x8}, 0x40}, {{&(0x7f0000003b40)=@ethernet={0x0, @local}, 0x80, &(0x7f0000003d00)=[{&(0x7f0000003bc0)=""/87, 0x57}, {&(0x7f0000003c40)=""/155, 0x9b}], 0x2, &(0x7f0000003d40)=""/158, 0x9e, 0x80000000}, 0x8}, {{0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f0000003e00)=""/214, 0xd6}], 0x1, &(0x7f0000003f40)=""/209, 0xd1, 0x4}, 0x9}, {{&(0x7f0000004040)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x80, &(0x7f0000004140)=[{&(0x7f00000040c0)=""/113, 0x71}], 0x1, &(0x7f0000004180)=""/91, 0x5b, 0xfffffffffffffffd}, 0x8000}], 0x8, 0x10140, &(0x7f0000004400)={0x0, 0x989680}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r1 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000004480)={0x2, [0x0, 0x0]}, &(0x7f00000044c0)=0xc) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000004500)={r2, 0xf0, "d77c117175470a6e6bd5f2035e245cda27e7cf4b67dedb7a65302d4e4dcafbd0ca8b508ba2c1d6509cfae488592351f1bec97bf0d28f45899e205b75f66099361842b8016bd5b131181c5fad9842558fcd52b0dc9806d6caecdd498fd70818c50cb0b864e3c45d5a4f6d10c2292d37a90de38053a73100f8182e92e575e0b12cf144dbf581e76819e4e40601e9bbd1ddac2bb5efeb2fbe796e824e7043366057d04d39ed7ccc9fd3bb98d595ba3a6ff748475719bf1f7a7b03acb557b2d0fd30a35cf598d50f99cf21b4028b190f45a27d1632548ee82b4c554e5ea8d13ad069a91282141e0bc83ba7736ef26db0a7f2"}, &(0x7f0000004600)=0xf8) sendmsg$alg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)="1eb1ed1603967e537ad9627519918930d44dcbf1953c24052b287d0ce1b8baff8872201807d6f4a676686dc7e56b2970f46d8497c0bfdffe06c2f21f6c62b8d48e97a8e5ddafa67c6df50aaf5486b879591e992401100b81f4b07fb591dcaaa2eaeb3cfbe2ccf1cffcb9398efee48f9809edd8e4abf6db754d5189ddd9d46fc514b01ac606ea2bf7b9abe963f18f321d86a78a72aa80dd1c40189871cc80b91682183cd8031399ebbf179081d1db6676b56e1aaa6800977ecc9acb8e5526af52fee5ed5dc4ed1d52983c2783be565cd3340678863bf8e76158226f2573b0587d14", 0xe1}], 0x1, 0x0, 0x0, 0x8040}, 0x4000000) [ 289.951581] FAULT_INJECTION: forcing a failure. [ 289.951581] name failslab, interval 1, probability 0, space 0, times 0 [ 289.963071] CPU: 0 PID: 19960 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 289.970016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.979378] Call Trace: [ 289.981990] dump_stack+0x1b9/0x294 [ 289.985642] ? dump_stack_print_info.cold.2+0x52/0x52 [ 289.990850] ? perf_trace_lock_acquire+0xe3/0x980 [ 289.995720] ? graph_lock+0x170/0x170 [ 289.999551] should_fail.cold.4+0xa/0x1a [ 290.003634] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.009561] ? find_held_lock+0x36/0x1c0 [ 290.013639] ? graph_lock+0x170/0x170 [ 290.017475] ? find_held_lock+0x36/0x1c0 [ 290.021583] ? check_same_owner+0x320/0x320 [ 290.025912] ? graph_lock+0x170/0x170 [ 290.029714] ? rcu_note_context_switch+0x710/0x710 [ 290.034633] ? kasan_check_read+0x11/0x20 [ 290.038769] ? do_raw_spin_unlock+0x9e/0x2e0 [ 290.043168] __should_failslab+0x124/0x180 [ 290.047394] should_failslab+0x9/0x14 [ 290.051188] kmem_cache_alloc+0x2af/0x760 [ 290.055342] ? find_held_lock+0x36/0x1c0 [ 290.059395] get_empty_filp+0x125/0x520 [ 290.063356] ? proc_nr_files+0x60/0x60 [ 290.067246] ? kasan_check_read+0x11/0x20 [ 290.071391] ? do_raw_spin_unlock+0x9e/0x2e0 [ 290.075790] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 290.080366] ? kasan_check_write+0x14/0x20 [ 290.084588] ? do_raw_spin_lock+0xc1/0x200 [ 290.088813] alloc_file+0x24/0x3e0 [ 290.092345] ? clear_nlink.part.9+0x65/0x80 [ 290.096659] __shmem_file_setup+0x304/0x6e0 [ 290.100971] ? shmem_fill_super+0xa30/0xa30 [ 290.105281] ? get_unused_fd_flags+0x121/0x190 [ 290.109850] ? __alloc_fd+0x700/0x700 [ 290.113646] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.119172] ? _copy_from_user+0xdf/0x150 [ 290.123311] __x64_sys_memfd_create+0x2a7/0x5a0 [ 290.127972] ? memfd_fcntl+0x15d0/0x15d0 [ 290.132029] ? do_syscall_64+0x92/0x800 [ 290.136000] do_syscall_64+0x1b1/0x800 [ 290.139894] ? finish_task_switch+0x1ca/0x840 [ 290.144379] ? syscall_return_slowpath+0x5c0/0x5c0 [ 290.149302] ? syscall_return_slowpath+0x30f/0x5c0 [ 290.154238] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 290.159599] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.164441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.169619] RIP: 0033:0x455a09 [ 290.172796] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.192136] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 2033/05/18 03:34:02 executing program 5: r0 = socket(0x11, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000000)) keyctl$read(0x10, 0xfffffffffffffffd, &(0x7f0000000040)=""/4, 0xffffffffffffffd0) 2033/05/18 03:34:02 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673eb", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 290.199839] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455a09 [ 290.207098] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baaee [ 290.214355] RBP: 000000000072bea0 R08: 0000000020000218 R09: 0000000000000000 [ 290.221613] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 290.228886] R13: 000000000000074f R14: 0000000000700008 R15: 0000000000000004 2033/05/18 03:34:02 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67d100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:02 executing program 5: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000200)='/dev/urandom\x00', 0x400000, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f00000002c0)=""/169) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000000)={{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6d50}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe33, 0x0, 0xb461}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x81}, {0x0, 0x3000, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0xc8, 0x0, 0xdb0}, {0x0, 0x16000, 0xf}}) write$binfmt_elf64(r3, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0xffffffff, 0x80, 0x47, 0x337, 0x3, 0x7388e9a55e413192, 0x8, 0xe2, 0x40, 0x264, 0x6, 0x7fffffff, 0x38, 0x1, 0x3, 0x7ff, 0x7}, [{0x60000000, 0x5, 0x8, 0x6, 0x800, 0x3, 0x100000000, 0x8}, {0x1, 0x4, 0x7fffffff, 0xb9, 0x81, 0x7fff, 0x200000000, 0x2}], "a7017a58cb41b5e0bf23d86e01a7d2f661d100658a6dc6af90f75cdfaf8ddc33f440e7c336e285510c05de219d9aaba701ebedd8b5f7fce1c49978e0fe29063812e435146c557ddd1e18b223c1498e48138e0513233dca5261a88c658b4eaa03ddeb7a09b60f2cf5a361e9592756dc18b69afed2c9080dc52ad0cf82f9002541"}, 0x130) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r3, 0xae45, 0x7f) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f00000003c0)={'filter\x00'}, &(0x7f0000000240)=0x44) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r2, 0x0, 0x2d, &(0x7f0000000140)={0x2, {{0x2, 0x4e22, @loopback=0x7f000001}}}, 0x88) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2033/05/18 03:34:02 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:02 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) getsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f00000000c0)=""/4096, &(0x7f0000000000)=0x1000) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:02 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:02 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:02 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000aa00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:03 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:03 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) socketpair(0x5, 0x7, 0x5, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000200)) r2 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x819b9b155b4337a2, 0x90010, r2, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) clock_settime(0x2, &(0x7f0000000540)) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) getsockopt$packet_int(r2, 0x107, 0x0, &(0x7f0000000380), &(0x7f0000000400)=0x4) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000440)={0x0, 0xa}, &(0x7f0000000480)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000500)=@assoc_id=r3, 0x4) fallocate(r2, 0x2, 0x5, 0xfff) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000000c0)=0x0) r5 = getpgid(0x0) setpgid(r4, r5) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000280)=[@in6={0xa, 0x4e20, 0x9, @remote={0xfe, 0x80, [], 0xbb}, 0x4}, @in={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e20}, @in6={0xa, 0x4e24, 0x4, @local={0xfe, 0x80, [], 0xaa}, 0x2}, @in={0x2, 0x4e22, @multicast1=0xe0000001}, @in6={0xa, 0x4e24, 0x7, @mcast1={0xff, 0x1, [], 0x1}}, @in6={0xa, 0x4e22, 0x9, @remote={0xfe, 0x80, [], 0xbb}, 0xf53}, @in6={0xa, 0x4e21, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x200}], 0xc8) 2033/05/18 03:34:03 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f00000002c0)=[{&(0x7f00000004c0)="04", 0x1}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xc1, 0x2) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)={0x0, 0x6, 0x0, &(0x7f00000000c0)=0x2}) ioctl(r1, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") socket$netlink(0x10, 0x3, 0x1e) write(r0, &(0x7f0000000240)="2300000014000707030f00c0f635c63f280f550b00120f0a0811000100f5fe0012ff00", 0x23) r3 = getpgid(0xffffffffffffffff) ptrace$getenv(0x4201, r3, 0x1, &(0x7f0000000000)) 2033/05/18 03:34:03 executing program 1 (fault-call:0 fault-nth:5): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:03 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x5, r3, &(0x7f0000000600)="df0275", 0x3) [ 290.664608] FAULT_INJECTION: forcing a failure. [ 290.664608] name failslab, interval 1, probability 0, space 0, times 0 [ 290.676297] CPU: 1 PID: 20020 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 290.683233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.692590] Call Trace: [ 290.695181] dump_stack+0x1b9/0x294 [ 290.698807] ? dump_stack_print_info.cold.2+0x52/0x52 [ 290.704162] ? zap_class+0x720/0x720 [ 290.707879] should_fail.cold.4+0xa/0x1a [ 290.711931] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.717029] ? __perf_event_task_sched_in+0x247/0xb80 [ 290.722204] ? perf_trace_lock+0xd6/0x900 [ 290.726338] ? graph_lock+0x170/0x170 [ 290.730134] ? print_usage_bug+0xc0/0xc0 [ 290.734193] ? lock_downgrade+0x8e0/0x8e0 [ 290.738329] ? print_usage_bug+0xc0/0xc0 [ 290.742389] ? __lock_acquire+0x7f5/0x5140 [ 290.746615] ? print_usage_bug+0xc0/0xc0 [ 290.750672] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 290.755732] __should_failslab+0x124/0x180 [ 290.759970] should_failslab+0x9/0x14 [ 290.763761] kmem_cache_alloc+0x47/0x760 [ 290.767818] ? radix_tree_node_alloc.constprop.19+0x310/0x310 [ 290.773703] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 290.779408] __radix_tree_create+0x4ce/0x820 [ 290.783813] ? radix_tree_maybe_preload_order+0x110/0x110 [ 290.789341] ? perf_trace_lock+0x900/0x900 [ 290.793575] ? perf_trace_lock_acquire+0xe3/0x980 [ 290.798406] ? print_usage_bug+0xc0/0xc0 [ 290.802461] ? perf_trace_lock+0x900/0x900 [ 290.806685] ? perf_trace_lock+0xd6/0x900 [ 290.810822] ? perf_trace_lock_acquire+0xe3/0x980 [ 290.815657] ? zap_class+0x720/0x720 [ 290.819366] __radix_tree_insert+0xff/0x8d0 [ 290.823680] ? graph_lock+0x170/0x170 [ 290.827474] ? __radix_tree_create+0x820/0x820 [ 290.832049] ? lock_acquire+0x1dc/0x520 [ 290.836017] ? shmem_add_to_page_cache+0x494/0xdf0 [ 290.840946] ? lock_release+0xa10/0xa10 [ 290.844922] ? kasan_check_write+0x14/0x20 [ 290.849148] ? do_raw_spin_lock+0xc1/0x200 [ 290.853377] shmem_add_to_page_cache+0x96d/0xdf0 [ 290.858120] ? rcu_report_qs_rnp+0x790/0x790 [ 290.862522] ? shmem_put_link+0x270/0x270 [ 290.866658] ? percpu_ref_put_many+0x132/0x230 [ 290.871234] ? percpu_ref_tryget+0x2b0/0x2b0 [ 290.875636] ? find_lock_entry+0x2db/0x8a0 [ 290.879866] ? mem_cgroup_try_charge+0x52f/0xa40 [ 290.884614] ? mem_cgroup_low+0x1d0/0x1d0 [ 290.888763] ? security_vm_enough_memory_mm+0x9d/0xc0 [ 290.893942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.899469] ? shmem_alloc_and_acct_page+0x312/0x800 [ 290.904565] ? shmem_alloc_hugepage+0x5e0/0x5e0 [ 290.909226] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 290.914229] ? __radix_tree_preload+0x173/0x1d0 [ 290.918894] shmem_getpage_gfp+0x800/0x4190 [ 290.923204] ? rcu_report_qs_rnp+0x790/0x790 [ 290.927617] ? shmem_mfill_atomic_pte+0x1c40/0x1c40 [ 290.932724] ? __lock_acquire+0x7f5/0x5140 [ 290.936943] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 290.941946] ? print_usage_bug+0xc0/0xc0 [ 290.946005] ? __lock_acquire+0x7f5/0x5140 [ 290.950237] ? print_usage_bug+0xc0/0xc0 [ 290.954290] ? print_usage_bug+0xc0/0xc0 [ 290.958342] ? __lock_acquire+0x7f5/0x5140 [ 290.962575] ? check_noncircular+0x20/0x20 [ 290.966804] ? __lock_acquire+0x7f5/0x5140 [ 290.971030] ? debug_check_no_locks_freed+0x310/0x310 [ 290.976212] ? __lock_acquire+0x7f5/0x5140 [ 290.980433] ? print_usage_bug+0xc0/0xc0 [ 290.984496] ? debug_check_no_locks_freed+0x310/0x310 [ 290.990024] ? print_usage_bug+0xc0/0xc0 [ 290.994083] ? print_usage_bug+0xc0/0xc0 [ 290.998141] ? perf_trace_lock+0x900/0x900 [ 291.002366] ? perf_trace_lock+0xd6/0x900 [ 291.006502] ? perf_trace_lock_acquire+0xe3/0x980 [ 291.011330] ? graph_lock+0x170/0x170 [ 291.015123] ? zap_class+0x720/0x720 [ 291.018825] ? perf_trace_lock+0x900/0x900 [ 291.023050] ? zap_class+0x720/0x720 [ 291.026754] ? perf_trace_lock+0x900/0x900 [ 291.030979] ? graph_lock+0x170/0x170 [ 291.034776] ? find_held_lock+0x36/0x1c0 [ 291.038838] ? print_usage_bug+0xc0/0xc0 [ 291.042910] ? lock_downgrade+0x8e0/0x8e0 [ 291.047048] ? lock_release+0xa10/0xa10 [ 291.051024] ? mark_held_locks+0xc9/0x160 [ 291.055166] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.060693] ? iov_iter_fault_in_readable+0x23d/0x460 [ 291.065883] ? iov_iter_get_pages_alloc+0x1510/0x1510 [ 291.071079] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 291.076084] ? ktime_get_coarse_real_ts64+0x23b/0x390 [ 291.081355] shmem_write_begin+0x110/0x1e0 [ 291.085588] generic_perform_write+0x39a/0x6a0 [ 291.090174] ? add_page_wait_queue+0x2a0/0x2a0 [ 291.094746] ? file_update_time+0xdc/0x640 [ 291.098970] ? current_time+0x180/0x180 [ 291.102932] ? lock_acquire+0x22/0x520 [ 291.106818] ? down_write+0x87/0x120 [ 291.110522] ? generic_file_write_iter+0xe5/0x850 [ 291.115353] __generic_file_write_iter+0x26e/0x630 [ 291.120281] generic_file_write_iter+0x430/0x850 [ 291.125552] ? __generic_file_write_iter+0x630/0x630 [ 291.131254] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.136780] ? iov_iter_init+0xc9/0x1f0 [ 291.140745] __vfs_write+0x64d/0x960 [ 291.144452] ? kernel_read+0x120/0x120 [ 291.148340] ? __lock_is_held+0xb5/0x140 [ 291.152405] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.157939] ? __sb_start_write+0x17f/0x300 [ 291.162250] vfs_write+0x1f8/0x560 [ 291.165784] ksys_pwrite64+0x174/0x1a0 [ 291.169660] ? __ia32_sys_pread64+0xf0/0xf0 [ 291.173970] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 291.179495] ? fput+0x130/0x1a0 [ 291.182766] ? do_sys_ftruncate+0x44e/0x560 [ 291.187076] __x64_sys_pwrite64+0x97/0xf0 [ 291.191216] do_syscall_64+0x1b1/0x800 [ 291.195093] ? finish_task_switch+0x1ca/0x840 [ 291.199589] ? syscall_return_slowpath+0x5c0/0x5c0 [ 291.204508] ? syscall_return_slowpath+0x30f/0x5c0 [ 291.209430] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 291.214787] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.219623] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.224797] RIP: 0033:0x40fcc7 [ 291.227968] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 291.247340] RSP: 002b:00007f787067fba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 291.255041] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 000000000040fcc7 [ 291.262299] RDX: 0000000000000048 RSI: 0000000020000140 RDI: 0000000000000014 [ 291.269553] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 291.276810] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000014 [ 291.284071] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000005 2033/05/18 03:34:04 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f0000012000/0x4000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0], 0x4) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:04 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xfffffffffffffff8, 0x200000) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) fcntl$setpipe(r0, 0x407, 0x5700) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) setsockopt$ax25_buf(r0, 0x101, 0x19, &(0x7f0000001000)="3df6939e184ecb67a9250acfbad58f09010dcc2d1ad559322bc95cdb174822c36563aeb9008e0a861c001c7a216eafbea073b5a7a7d16f2ec7238280279358439cbf581487e60ca6904056b8442cafd971f312562548139713abc28f939d4afc1c4c96551fe53074a3252ae2695ab596da8e61657c978a8284e66a17b23b9ae9cf23eddb25028abfa6460a4d5facb2ee0e19635ad9784ed2f9e6a8abaf99f6102d41b205eec83960277c464b0b134b11bad60375b18893263ae2cd4607cc1028a6b97476a7f3fd693e85c18904818ce88d90c3e90de4a3dc7ef34edfbf85814451f63d7eb0afe6f536e7b7391bed2559c9ff6814e119339468da154fb1a830fd243d23d354cc41c04ef72c77239298d427a0b4bcba1db0706985f83bcd1b71afc923d7b0635e1f1d92a965a51a21e3cb7891eed8cf13363d6d265e5f8d00fed53b2d644e52f46a9c25dab31cec6343b88c10333e434cd5b7cb2aed4622fe8f25af380e41895b6627d718786f0b42cd66b43c9107e511af8b013543851e5cf58f74ff429ed8ac923042ef18e824c933cbd07503335577580f921a4ffaaa0fb94027bd78bc17652561246417d8db6a07d20d211ab6a53c019ac5f3f69c2a3f661decf4ba25b2e20f1102b5e2090905bb64ecfc430beb7faa3aa45832d379acc2aa7935a66a09f60dde2664e0d5ae60ce5f380646a001c81f6701234a6f712cf773b42e45de75aed31e77999dc591f6d216a6eebe84f7bf7db79f6cd99d7a7351f809c5c99ab50de3a12797e95796bc049c063e218ca70ea36b7b099b15d3646de23910a977f2da188b85b6c23c1b42d6b1793573554866536538f344acd80ff280af1fae4b8c0fb37eddd6faa71bb20890327b652916e38e92f033f490b82e0533c963f69295ef97cc8c1daf64f3ce1a96022aa7ea6f48db5954c4703f7b7d0dcf8a29898b1a621ee950e9d294265ae82a3339149d052bfc390ce6f3aa752566241fa3763a9cd6b1a4c0efd55ff6e0d541ab4e5937bd3c6593f76ccd9444a4ef8b87dad8680e763f5081afa5927f2c9bd1c4dd8f7fe357c907c4cf10906fa470fca1eb0b34693b2946e4486f5682bd3eb24ab7a4f66608d40d0044e0a592a21f78d01b656578f429bb3d60f5de1e075cde88ccaed67e59e961957577a9dd1700569344bcd23c8d03da533242b703f9be37e2a1258a90256f80669a0674e44b40fbef9d08c8218926a25d646a673e70e4192163db68693c801d04d611c7c38d62d1b30a2cc8883500203c56d90eb19bf97ec4b73bc5a6cc2d04f2ea7d3c65f1a355c46778f9dfdae4013407e05ca2be3699dfbd67cdd7f01ae9133d2ff592b67f9762427a9ef86c52d4528456feec438c1b61b0aa5b4c4b61b2d90374f4bbec6f4941eeed32e44f6da7830f54f15e776fc0008b0e2edf6686d26bd1a950a1386cc28f3c99a7e408b9ed6bdca7ecfb77777e1dbba1b0716ad6ef39dae49a95e9da2ba604dd56d97519d7c3e24deaab4e070b75132651e5222fce136f336f8be1b1d6142f37b8cd8c3710c6764b2509ac77395dd9e4be9b5bf505fe9ea2b3e4fa6c7265287f9b396444e61a0360976ab662e6eaad21ff889e41c50e3701e5da8f68eddfeafd91754ddea7b4ee2ea784c82a680fd597d3d62ca17b2ad76bac731e7e328f6d2f2da0be57b2bbb427987f3ca31d8a37bcc05f32401df578b3b86c953fe5b98e09f4dc8a6ff7bf0de54ba79a47b212c86b918186ff430746140e2cf276557e5743404be417edd0896868c2d6827274e8d95c7bbfa9c26bf34fd06f6b47fae98a162890fd50d6bb3d65d0aa8a63a0fca3d99fd2e142c5d45f861d12629b962294f63d86220f96df0f39db7a6a2b8679003c9a933e0911449077928e9ad98ee54e7c34c72472b17db902b29b26b376b3a3ae1a109694fcdfd606bac979a81824680e4ef9c4a2d94d6df4247122adb62a091ee6a30d71442bfaa9f23a892f33014f139af4b15a7e25041520ec366ef1ba8ec17cea5fae741d2b970bbf851ebdaccca7d360da07f4ae6c8f6ea5315561d4b5f8c0520f3fbd4cc1290be4bf3792ba93ffdd4a85d59d8160dff22950af604895f672315ca773ced1d5a8d80a6cfbbc3e90f3c782a73b9ae055c5aa26703a0db91de90c78e80ad84dc5ce5a662c46d9ece1b83760c1ddc94b50f28ea50427b85157ed18abe76314ea33f7872a21c6e27741d20b25b594492a5d73609e7dfd47cdf04289e8d4e99a5404f5c7eab46c74663320ea00e58c209882d50afe5ada1af37c5c9b4df7dd822709a3ea08e942b24c4b9323c98400d987c3013141f8c6d4c61980b9cfb4dcb332088a0e4b4d53bb0860f85bbde5342778e554414295a54728a0f8bc24806eee5873a1019e0c8220f1468e09226f75ea6850a0b737be7c97918b432e55e005925020736911a4bb895450312496f659c1ac5993c247a6223fdc93877c8b4be4d48246ba82913d8f4b46266cbf10045b61fc795a7003727bd15312672068fed113058dc8e4285800a83ce7bda8632aa4beffe6450afd83b77e96ad40eb777db7557d04bc87cd8abdb5c146337787a2a671f935db92cfdc348e4d08c3580a69bddb5e398a66d6f3fb548b0d3b26a1d6a57202bcc6cc4a5c28544dc3aee093c351807069f24151f84464301c0d5aeb23b21be7f7b42d4da8e6e68cec1e75668e585f5fa4d563cdd71a5aca04a0a2c86693eced0d82f539d1c753f7a2f33665ce29c59f0b74ef1bd17bf3c35d681d2fd5fd27f00a0fc7b514c026cf0b56249e1f4f4cf1231a1a5f50e3e4a6df8507d12e2e738775919517c8cfc5a83af33f95db21546b9f941df17aa87153768839d70a70e8e9a232f1f083f71d0cc211cb6e842187f80739df8fc01f4879267242275dac3ea27432fa3a8a2db5a0fc3acde7217765e80bcb05428f3d4a7d73f8c6c014fe1735702d0c372ed352ac3477901ffa707847a10ee5fecb99731e41cf460046039e3024e3b0d71101b5727419b40fabaff238d0162cf89036153505fa0ea1718d9dd062f7974679b096bb1e34b8414f379c4fdf7fdf4f138a5d285ef7432afbd883bcd30574e1ca1fe74b0d8d8877b200e7f0e3d56caaa6462d87178df41cf2efc2487515724af5eb6f6f20f8b5140d58243194f517b1f7c70c71632f20a89ef8d60ff3545b122525a9fe269855bcade2607b1183dde36a83d725a096b024ca039a39c0e0d6b396c1d0124c32adb945f8c95c8aa4d1fe73a4e9639bcc333ae46f8ad898be709e0b58b0d4bc55c8222cf0fc5e16de449ff6138105d220d1c341e324bf7cce12ab64cf19de05f08411a5e8815deff3bf4ac67a197918f487947b5c6df1a11211587a9cec8586613844d15a092bf9080c09d7b93d9c2f1d7ddeb36aaed97edb14afaf0eccc375f1718c58c70aa28ceac522042e72dcef95bc5be8c131d22b724ebc83a1d865ecb702ade7d636bc4639db68dc1faaf587332e5f1c2403a4b6af1fc9d2fa94f135f721b76e725f2b3bb6666b8f5a1b8b7d7ae4d9c7293f1ce5c243c097dd54f890d895af01fd587be55722332d80f0ad9ec961bb4f9ad06efe07bdafaabe7a7a19d7fb7f4e90a2a5aeaffca72e8a852d7a696183b66de8d46b5259e6be9973f5babf6a538a3061adf3b21ec182f0ff9059c426f750a07771f0abf50c6ebbbcbbf911b6ade5954ec35399bf8c54d52290673ec78e828dd22390e0e34342e387dc8ae3630cb60254742a81a2d277c31613f8c88895f00ffd7d5ef44396368d5a3ad7fd059f561952baa4831da3edfa8c40bb3bb1868a70fc7bcf9922f3f657dba7537fb5b7cc6008d3e010701a55f7c0193532b749b086075aa0f710ec6992911f0f3b43d90e0f5dd3bae2a8b0ffe82f9aeb449992440b42c223d3fcdf1c25153ac035bc331064781f9cc411574af406b2f0d402908784b92c805938ed5215cbfd3b274013bc378ab3436bb163f5d84592070ef4ed6e11d918ba20f9f1929ef9a5262f7e6fdbdb9e7cc9830451adcb0bd724da68084b614054014ec543e62bee2529ae80d4d9b11b89f5cd8e609045e15d52aa3681b07fcf0ea42a4d564e24e86ec214f70d864be95dc862de57e72b4722a9be1e477b40dbed339b1fad2a2897d268c0ebb586ec6d135ca39339aab7932c5ba8c146837ad9ce88b72f817206d991303f4d566e0bceec6e8fe4e86d10d0f39bdb1430133951aae5f269ebb7417c477b6d7688a3b9b10063ac00e8a6a72fc13c8d1af743bde8dbafce9258becbaba58b5dd0f2594fadcfade8f6010e8e0205d07c90a5f44236a391eb8095f9225af269f381ea66be4100655cc2140cfd0a533169865d38bfdb41636234835e89c97b8928c56260ce3c14ce208c884bae2976200a0846981bf8833e0d439c2f01c39bafba896a05a4dc25ab2482f2c3d7d98cee8b6ad06fa91f1990b37c391e0abffb354e2a851253247dbea0d17ce0d35262d82497ae7a6f2055b021489cf05b2002e21311a877dcedcea0515da19d29b9f1978fb73c55fd5e5ebe52af01f567738c3e1255a6dcd23e2c6848438357959740d0f8cdcfe4412f5fcc52d326ccf5ed5bd6fee7cb3268ad7c2b87c4e1aecd55740f03036798a03710f5a742367500e106bf422c701096778d5fcc727f524b0b67e13de35b6256cb7d69cfdcec58e936558585335c06fd1517b40205d68cb93c8f24213c31706e18e1f776492ba79e1c198e7443946c969396240b12336c8d24b4c022bb0a6ea2905fe7cb00a8ae61e8eaacdd3e19aa103a944850648e9135b4b46fb24a11eebfd05d7fe311d5088fd414b32f9f2608f95d628441177211649cc609293b9896eb6bde9eb892641ada7979925794728a19ecead9b573f567fc3245dd4b1c5d09b731ef1d659444cd8c4fe2a0186491ed7187532b4db24046d7c4c53774940626abe1e356b59e92a83f045a54c706541bce9ff7c1aba9ba5214179619f545630b0d55e1174a35ef0946a0bd35fbb9895406b494b388e0eded082c3daf8088b0ebea64ff448e4ee4862cdd3ca62e9452673142390d4db749fc29ddd1319ab5479658a7fb091dedbc170900b7fc9baae0eb226f7c8df75fefd3d66059a6a96b875155724265b664d1ff1833af119115155a1b723d48ddcc0f37b067b9663c82335ce1b4cb7fc9e55db1eb271ea8f19db1cf30bf36ba42f81dd212e2057e3a8cd7e6e33ac0c4b9c575fbdae026efcf8c9c66d2003aff2a41de13445199849b9d2c8d839c2bf71c51a2f72b98e1ff67b52102e6dddc149f58581ba7193e6d0be8d33b0c8b1707a787d14a05d2f91361f9a65a4a289f8328317f65fba2dc7fec7680c43b244f1909489a167316faaa2b9dbd3ff9dbf53275ecd319c238374ded370e86b26472e66389d65460956a4f042764822916cc478812a57a1d6cad3574fd789397900f8ce074843fea84b3d01865e7af44d4d282cdfe9c896d7d10bb0002428123336423d02dd4f0b4dd1f9bd3197c1dc8e2d10ed736b71d0b7f14ecf5ed786b2599dc0c24ca25f96d06ec3e9a99883071f868cd859f7217ed7b4b3fe4230d1fe811b7ad036da0bcee2c717ac1cef86e797a5eccd7ec3103208fa049abdafa3ff632e70600d2ef3ffb2efd76c2b5483cc817e57b5babe3d7abe008944a78a3e1d2435cc0257560e8efbbcc6d0c32f1cd996e0f591e199836e7ccdc234ffa8f92c529c657168c4c5ade743534135f0199b025fd048dffb09648b8f445c689a67471e9f85bc7b9ba5f68a5d84fb17f24800e068fc099a3d0ad18", 0x1000) 2033/05/18 03:34:04 executing program 1 (fault-call:0 fault-nth:6): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:04 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:04 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000d100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:04 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x7, 0xaebf, 0x103d}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x6, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0x3bc, &(0x7f00001a7f05)=""/251}, 0x2e) pwrite64(r0, &(0x7f0000000000)="2eba6e36724733922c75ed5284c9afbb40b39fadb8268dad92bdae00f5ba001157bf7a7d0d5b0c7699eaa6c62ff9b04c2f3a2cc5089613fb2804fd9c17ff28812db01e6401b6f6133174e10225f73ea203f4375f263499a027b1dcead90ced00fd71159f9bdf969362f9b1c4b3c20c85d5fd018bf7a3b38f6675ccf5e36b8e64454034e1f007f4b286f1e63c", 0xfffffffffffffdd8, 0x400000000002) socketpair(0x1b, 0x4, 0x5, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000100)={0xf4, 0x5, 0x8, 0x1f, 0x10}) 2033/05/18 03:34:04 executing program 6: r0 = socket$inet6(0xa, 0x6, 0x81) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000000c0)=0x9, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x3, 0x200) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000440)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x98, r2, 0xf14, 0x70bd2a, 0x25dfdbfb, {0xe}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffff8d6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}]}, @IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3ff}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8fa0}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@loopback={0x0, 0x1}}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x24000000}, 0x4) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:34:04 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x9, r3, &(0x7f0000000600)="df0275", 0x3) [ 291.493517] FAULT_INJECTION: forcing a failure. [ 291.493517] name failslab, interval 1, probability 0, space 0, times 0 [ 291.504840] CPU: 1 PID: 20035 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 291.511776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.521143] Call Trace: [ 291.523741] dump_stack+0x1b9/0x294 [ 291.527375] ? dump_stack_print_info.cold.2+0x52/0x52 [ 291.532586] ? add_page_wait_queue+0x2a0/0x2a0 [ 291.537186] should_fail.cold.4+0xa/0x1a [ 291.541245] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.546340] ? up_write+0x72/0x210 [ 291.549866] ? up_read+0x110/0x110 [ 291.553394] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.558959] ? __generic_file_write_iter+0x1bd/0x630 [ 291.564058] ? find_held_lock+0x36/0x1c0 [ 291.568135] ? check_same_owner+0x320/0x320 [ 291.572450] ? rcu_note_context_switch+0x710/0x710 [ 291.577363] ? lock_downgrade+0x8e0/0x8e0 [ 291.581502] __should_failslab+0x124/0x180 [ 291.585734] should_failslab+0x9/0x14 [ 291.589525] kmem_cache_alloc+0x2af/0x760 [ 291.593669] getname_flags+0xd0/0x5a0 [ 291.597464] ? __sb_end_write+0xac/0xe0 [ 291.601426] getname+0x19/0x20 [ 291.604605] do_sys_open+0x39a/0x740 [ 291.608317] ? filp_open+0x80/0x80 [ 291.611851] ? do_sys_ftruncate+0x44e/0x560 [ 291.616163] __x64_sys_open+0x7e/0xc0 [ 291.619951] do_syscall_64+0x1b1/0x800 [ 291.623825] ? finish_task_switch+0x1ca/0x840 [ 291.628311] ? syscall_return_slowpath+0x5c0/0x5c0 [ 291.633231] ? syscall_return_slowpath+0x30f/0x5c0 [ 291.638151] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 291.643507] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.648362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.653537] RIP: 0033:0x40fc61 [ 291.656711] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 291.676046] RSP: 002b:00007f787067fba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 291.683744] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 000000000040fc61 2033/05/18 03:34:04 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 291.690998] RDX: 00007f787067fbfa RSI: 0000000000000002 RDI: 00007f787067fbf0 [ 291.698343] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 291.705595] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 291.712851] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000006 2033/05/18 03:34:04 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700ed00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:04 executing program 1 (fault-call:0 fault-nth:7): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:04 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673f6", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 291.866394] FAULT_INJECTION: forcing a failure. [ 291.866394] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 291.878260] CPU: 1 PID: 20065 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 291.885195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.894550] Call Trace: [ 291.897156] dump_stack+0x1b9/0x294 [ 291.900813] ? dump_stack_print_info.cold.2+0x52/0x52 [ 291.906025] should_fail.cold.4+0xa/0x1a [ 291.910101] ? iov_iter_advance+0x2e4/0x14c0 2033/05/18 03:34:04 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 291.914528] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.919644] ? graph_lock+0x170/0x170 [ 291.923466] ? debug_check_no_locks_freed+0x310/0x310 [ 291.928659] ? check_same_owner+0x320/0x320 [ 291.932990] ? shmem_write_begin+0x110/0x1e0 [ 291.937413] ? find_held_lock+0x36/0x1c0 [ 291.941496] ? perf_trace_lock+0xd6/0x900 [ 291.945651] ? perf_trace_lock_acquire+0xe3/0x980 [ 291.950605] ? zap_class+0x720/0x720 [ 291.954335] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.959883] ? should_fail+0x21b/0xbcd [ 291.963805] __alloc_pages_nodemask+0x34e/0xd70 [ 291.968483] ? zap_class+0x720/0x720 [ 291.972210] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 291.977242] ? find_held_lock+0x36/0x1c0 [ 291.981335] ? check_same_owner+0x320/0x320 [ 291.985669] cache_grow_begin+0x6e/0x6c0 [ 291.989730] kmem_cache_alloc+0x689/0x760 [ 291.993883] getname_flags+0xd0/0x5a0 [ 291.997681] ? __sb_end_write+0xac/0xe0 [ 292.001647] getname+0x19/0x20 [ 292.004848] do_sys_open+0x39a/0x740 [ 292.008568] ? filp_open+0x80/0x80 [ 292.012103] ? do_sys_ftruncate+0x44e/0x560 [ 292.016420] __x64_sys_open+0x7e/0xc0 [ 292.020212] do_syscall_64+0x1b1/0x800 [ 292.024088] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 292.028920] ? syscall_return_slowpath+0x5c0/0x5c0 [ 292.033847] ? syscall_return_slowpath+0x30f/0x5c0 [ 292.038772] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 292.044128] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.048966] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.054142] RIP: 0033:0x40fc61 [ 292.057316] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 292.076673] RSP: 002b:00007f787067fba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 292.084372] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 000000000040fc61 [ 292.091626] RDX: 00007f787067fbfa RSI: 0000000000000002 RDI: 00007f787067fbf0 [ 292.098888] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 292.106140] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 2033/05/18 03:34:04 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 292.113396] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000007 2033/05/18 03:34:05 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0xf, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:05 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000e100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x5, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:05 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) sendmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f00000000c0)=[{&(0x7f0000000200)="0186bb41b77b18a578e6e9c50f308f649faf0cf341771c47d31ae549204de0bbdf1530a9ec4a36cfa1315ec03416b1347ac5d310099fa6b5953af9f61129f19397ae61b85ccffec988f931fb48d3a109fe9eb9434773caf53a07f9e418d4075933c81e931573160ebcacb0eb", 0x6c}], 0x1, &(0x7f0000000280)=[@rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}], 0x30, 0x40000}, 0x800) utime(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080)={0x7, 0x5a}) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000000100)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:05 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:05 executing program 1 (fault-call:0 fault-nth:8): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:05 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f0000000300)=0x3, 0x4) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0xfa}], 0x80001c, &(0x7f0000000240)=ANY=[]) r1 = memfd_create(&(0x7f0000000100)='em1Avboxnet0\x00', 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e22, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in6={0xa, 0x4e22, 0x3, @loopback={0x0, 0x1}, 0x1000}], 0x4c) r2 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x20) truncate(&(0x7f00000000c0)='./file0\x00', 0x202) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r2, 0x4008af23, &(0x7f0000000280)={0x3, 0xfffffffffffffff9}) 2033/05/18 03:34:05 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffd, 0x2}, 0x40000000000000) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) ioctl$TCFLSH(r2, 0x540b, 0x40) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:05 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 292.579761] FAULT_INJECTION: forcing a failure. [ 292.579761] name failslab, interval 1, probability 0, space 0, times 0 [ 292.591096] CPU: 0 PID: 20104 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 292.598035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.607390] Call Trace: [ 292.609990] dump_stack+0x1b9/0x294 [ 292.613637] ? dump_stack_print_info.cold.2+0x52/0x52 [ 292.618837] ? perf_trace_lock_acquire+0xe3/0x980 [ 292.623698] should_fail.cold.4+0xa/0x1a 2033/05/18 03:34:05 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000000300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 292.627773] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 292.632890] ? debug_check_no_locks_freed+0x310/0x310 [ 292.638088] ? perf_trace_lock_acquire+0xe3/0x980 [ 292.642939] ? do_writepages+0x1a0/0x1a0 [ 292.647010] ? set_page_dirty+0x367/0x6d0 [ 292.651176] ? find_held_lock+0x36/0x1c0 [ 292.655279] ? check_same_owner+0x320/0x320 [ 292.659616] ? rcu_note_context_switch+0x710/0x710 [ 292.664559] ? graph_lock+0x170/0x170 [ 292.668371] __should_failslab+0x124/0x180 [ 292.672628] should_failslab+0x9/0x14 [ 292.676438] kmem_cache_alloc+0x2af/0x760 [ 292.680600] ? debug_check_no_locks_freed+0x310/0x310 [ 292.685811] get_empty_filp+0x125/0x520 [ 292.689800] ? proc_nr_files+0x60/0x60 [ 292.693707] ? lock_downgrade+0x8e0/0x8e0 [ 292.697874] ? perf_trace_lock+0xd6/0x900 [ 292.702035] ? perf_trace_lock_acquire+0xe3/0x980 [ 292.706891] ? rcu_is_watching+0x85/0x140 [ 292.711057] path_openat+0x116/0x4dc0 [ 292.714885] ? unwind_get_return_address+0x61/0xa0 [ 292.719825] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 292.724850] ? path_lookupat.isra.44+0xbd0/0xbd0 2033/05/18 03:34:05 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:05 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000240)='/dev/sg#\x00', 0x1, 0x2) finit_module(r0, &(0x7f0000000040)="24af00", 0x1) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2321200c2f66696c65300a6bd00abc35482ba9e9a3122c9a3dc635dcbdc15f3b2f82bcb42098deffc36c2b5f0e25bb42f3"], 0x24) r1 = syz_open_dev$admmidi(&(0x7f0000000440)='/dev/admmidi#\x00', 0x9, 0x3) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e22, 0xfffffffffffffffc, @remote={0xfe, 0x80, [], 0xbb}}}}, &(0x7f0000000000)=0x84) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000340)={r2}, &(0x7f0000000380)=0x8) setsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000000100)=0xe42, 0x4) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000140)={0x0, 0xae, 0xb73e1603a4966939}, &(0x7f0000000180)=0xc) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f00000001c0)={r4, 0x80000000, 0x6, 0x7499, 0x3f, 0x4d9e}, &(0x7f0000000200)=0x14) [ 292.729622] ? find_held_lock+0x36/0x1c0 [ 292.733702] ? lock_downgrade+0x8e0/0x8e0 [ 292.737868] ? kasan_check_read+0x11/0x20 [ 292.742033] ? do_raw_spin_unlock+0x9e/0x2e0 [ 292.746456] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 292.751047] ? __lock_is_held+0xb5/0x140 [ 292.755129] ? _raw_spin_unlock+0x22/0x30 [ 292.759289] ? __alloc_fd+0x346/0x700 [ 292.763094] ? usercopy_warn+0x120/0x120 [ 292.767173] do_filp_open+0x249/0x350 [ 292.770983] ? may_open_dev+0x100/0x100 [ 292.774961] ? strncpy_from_user+0x3b6/0x500 [ 292.779382] ? mpi_free.cold.1+0x19/0x19 [ 292.783456] ? get_unused_fd_flags+0x121/0x190 [ 292.788045] ? getname_flags+0xd0/0x5a0 [ 292.792028] ? getname_flags+0x26e/0x5a0 [ 292.796099] ? __sb_end_write+0xac/0xe0 [ 292.800084] do_sys_open+0x56f/0x740 [ 292.803810] ? filp_open+0x80/0x80 [ 292.807359] ? do_sys_ftruncate+0x44e/0x560 [ 292.811695] __x64_sys_open+0x7e/0xc0 [ 292.815509] do_syscall_64+0x1b1/0x800 [ 292.819404] ? finish_task_switch+0x1ca/0x840 [ 292.823910] ? syscall_return_slowpath+0x5c0/0x5c0 [ 292.828852] ? syscall_return_slowpath+0x30f/0x5c0 [ 292.833799] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 292.839177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.844042] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.849235] RIP: 0033:0x40fc61 [ 292.852424] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 292.871879] RSP: 002b:00007f787067fba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 292.879599] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 000000000040fc61 [ 292.886871] RDX: 00007f787067fbfa RSI: 0000000000000002 RDI: 00007f787067fbf0 [ 292.894143] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 292.901423] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 292.908694] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000008 2033/05/18 03:34:06 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000d500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:06 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x4, 0x4, 0x5, 0x0, 0x1}, 0x2c) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r0, &(0x7f0000000040)="023a", &(0x7f0000000100)=""/198}, 0x18) syz_read_part_table(0xd6e9, 0x3, &(0x7f00000002c0)=[{&(0x7f0000000080)="a1de8881379478", 0x7, 0x5}, {&(0x7f00000000c0)="a1bafec9f0ad514783eed18cf54162e9b4cc7d0ca64704fb217b8808d367bdb68aa4c301f1788df3ad", 0x29, 0x9}, {&(0x7f0000000240)="59c4868d56211ed1e23beae2b496f7379ea2e19ec8624dd001a6b41d4437d8381e9587c1df7aba1c31d4f5550f504a0d2ee8a6b4380c0bd818475e02cf5305f30180ea9e0c9bb9db7583a1b8c35c410389be", 0x52, 0x2}]) r1 = syz_open_dev$midi(&(0x7f0000000340)='/dev/midi#\x00', 0x6, 0x802) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f0000000380)={0x8001, 0x1, 'client1\x00', 0x0, "8e80604c2f02b925", "b273fc65b8a044a0d0ac9970e09f658bf16b55777d0dd27b8885d1f61e1dd7f6", 0xffffffffffff11f1, 0x1}) 2033/05/18 03:34:06 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:06 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x12, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:06 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0xbd8, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x10000, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000280)={{{@in=@rand_addr, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000001c0)=0xe8) bind$bt_hci(r0, &(0x7f0000000200)={0x1f, r1, 0x1}, 0xc) r2 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) fcntl$setlease(r2, 0x400, 0x2) 2033/05/18 03:34:06 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) ptrace$setsig(0x4203, r1, 0x3, &(0x7f0000000040)={0x2a, 0x0, 0x5, 0x7}) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:06 executing program 1 (fault-call:0 fault-nth:9): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:06 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) close(r0) r1 = getpid() sched_setattr(r1, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}, 0x3ffc) syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0xec, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r3, 0x4, 0x4800) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f0000013000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000140)=ANY=[@ANYRES32=0x0, @ANYBLOB="033bdf9dc324a459e3883daeea9e7f57d25a06f7b8bef8dab9ef06fbaa47ddb3921f8a7c9c2a9b0135e3d5a786f16daf53a1f074e292896dfffc67e71dcd2b02542562302a4ff92745384079f35b90e685ad3cb1edda8ab86735dd76a26be59efaab21429c3692beb0dbc4c26941b138e50887eaa2d2fa3d56ba36144ab86c339ccf832ec4180edaded3b6746bf008a4fc26e1b4aff99b1d6a03e2eacfd425c5e4b93acdf0acc49117d5e8af7b5ea9d65904959504040f4cf5fc7ee545dbc060f84669d15791bdd877e09b7836cfb6affa9924dae70c3d1136f90b97f25ea38b3d79200588e5ad76"], &(0x7f0000000040)=0x12) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000000c0)={r4, 0x8, 0x1, 0x7}, &(0x7f0000000100)=0x10) fcntl$setstatus(r0, 0x4, 0x1000000) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r3, r3) [ 293.711038] FAULT_INJECTION: forcing a failure. [ 293.711038] name failslab, interval 1, probability 0, space 0, times 0 [ 293.722796] CPU: 1 PID: 20149 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 293.729747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.739115] Call Trace: [ 293.741727] dump_stack+0x1b9/0x294 [ 293.745378] ? dump_stack_print_info.cold.2+0x52/0x52 [ 293.750584] ? perf_trace_lock_acquire+0xe3/0x980 [ 293.755448] ? graph_lock+0x170/0x170 [ 293.759277] should_fail.cold.4+0xa/0x1a [ 293.763357] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 293.768485] ? graph_lock+0x170/0x170 [ 293.772305] ? find_held_lock+0x36/0x1c0 [ 293.776385] ? __lock_is_held+0xb5/0x140 [ 293.780466] ? check_same_owner+0x320/0x320 [ 293.784782] ? perf_trace_lock+0x900/0x900 [ 293.789013] ? rcu_note_context_switch+0x710/0x710 [ 293.793945] __should_failslab+0x124/0x180 [ 293.798174] should_failslab+0x9/0x14 [ 293.801966] kmem_cache_alloc+0x2af/0x760 [ 293.806109] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 293.811129] __kernfs_new_node+0xe7/0x580 [ 293.815268] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 293.820022] ? lock_downgrade+0x8e0/0x8e0 [ 293.824163] ? lock_release+0xa10/0xa10 [ 293.828134] ? lock_downgrade+0x8e0/0x8e0 [ 293.832282] kernfs_new_node+0x80/0xf0 [ 293.836161] kernfs_create_dir_ns+0x3d/0x140 [ 293.841255] internal_create_group+0x110/0x970 [ 293.845833] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 293.850848] sysfs_create_group+0x1f/0x30 [ 293.854989] lo_ioctl+0x1771/0x2190 [ 293.858617] ? lo_rw_aio_complete+0x430/0x430 [ 293.863102] blkdev_ioctl+0x9b6/0x2020 [ 293.866978] ? blkpg_ioctl+0xc40/0xc40 [ 293.870857] ? lock_downgrade+0x8e0/0x8e0 [ 293.875022] ? kasan_check_read+0x11/0x20 [ 293.879161] ? rcu_is_watching+0x85/0x140 [ 293.883297] ? rcu_report_qs_rnp+0x790/0x790 [ 293.887707] ? __fget+0x40c/0x650 [ 293.891157] ? expand_files.part.8+0x9a0/0x9a0 [ 293.895729] ? trace_hardirqs_off+0xd/0x10 [ 293.899959] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 293.905059] block_ioctl+0xee/0x130 [ 293.908680] ? blkdev_fallocate+0x400/0x400 [ 293.912992] do_vfs_ioctl+0x1cf/0x16f0 [ 293.916871] ? rcu_pm_notify+0xc0/0xc0 [ 293.920750] ? ioctl_preallocate+0x2e0/0x2e0 [ 293.925149] ? fget_raw+0x20/0x20 [ 293.928593] ? putname+0xf2/0x130 [ 293.932036] ? rcu_read_lock_sched_held+0x108/0x120 [ 293.937044] ? kmem_cache_free+0x25c/0x2d0 [ 293.941284] ? putname+0xf7/0x130 [ 293.944728] ? do_sys_open+0x3c3/0x740 [ 293.948612] ? security_file_ioctl+0x94/0xc0 [ 293.953028] ksys_ioctl+0xa9/0xd0 [ 293.956474] __x64_sys_ioctl+0x73/0xb0 [ 293.960359] do_syscall_64+0x1b1/0x800 [ 293.964236] ? finish_task_switch+0x1ca/0x840 [ 293.968720] ? syscall_return_slowpath+0x5c0/0x5c0 [ 293.973637] ? syscall_return_slowpath+0x30f/0x5c0 [ 293.978559] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 293.984004] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.988845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.994035] RIP: 0033:0x455877 2033/05/18 03:34:06 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:06 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x3, r3, &(0x7f0000000600)="df0275", 0x3) [ 293.997217] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 294.016624] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.024335] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 294.031594] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 294.038851] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 294.046106] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 294.053367] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000009 2033/05/18 03:34:06 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) sched_getscheduler(r0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:06 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000ad00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:06 executing program 1 (fault-call:0 fault-nth:10): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:06 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x4, 0x4, 0x5, 0x0, 0x1}, 0x2c) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r0, &(0x7f0000000040)="023a", &(0x7f0000000100)=""/198}, 0x18) syz_read_part_table(0xd6e9, 0x3, &(0x7f00000002c0)=[{&(0x7f0000000080)="a1de8881379478", 0x7, 0x5}, {&(0x7f00000000c0)="a1bafec9f0ad514783eed18cf54162e9b4cc7d0ca64704fb217b8808d367bdb68aa4c301f1788df3ad", 0x29, 0x9}, {&(0x7f0000000240)="59c4868d56211ed1e23beae2b496f7379ea2e19ec8624dd001a6b41d4437d8381e9587c1df7aba1c31d4f5550f504a0d2ee8a6b4380c0bd818475e02cf5305f30180ea9e0c9bb9db7583a1b8c35c410389be", 0x52, 0x2}]) r1 = syz_open_dev$midi(&(0x7f0000000340)='/dev/midi#\x00', 0x6, 0x802) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f0000000380)={0x8001, 0x1, 'client1\x00', 0x0, "8e80604c2f02b925", "b273fc65b8a044a0d0ac9970e09f658bf16b55777d0dd27b8885d1f61e1dd7f6", 0xffffffffffff11f1, 0x1}) 2033/05/18 03:34:06 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:06 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000000400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 294.277173] FAULT_INJECTION: forcing a failure. [ 294.277173] name failslab, interval 1, probability 0, space 0, times 0 [ 294.288500] CPU: 0 PID: 20183 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 294.295431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.304787] Call Trace: [ 294.307386] dump_stack+0x1b9/0x294 [ 294.311025] ? dump_stack_print_info.cold.2+0x52/0x52 [ 294.316230] ? perf_trace_lock_acquire+0xe3/0x980 [ 294.321089] ? __account_cfs_rq_runtime+0x600/0x600 [ 294.326119] should_fail.cold.4+0xa/0x1a [ 294.330194] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 294.335312] ? graph_lock+0x170/0x170 [ 294.339122] ? enqueue_entity+0x343/0x2110 [ 294.343371] ? find_held_lock+0x36/0x1c0 [ 294.347443] ? __lock_is_held+0xb5/0x140 [ 294.351525] ? check_same_owner+0x320/0x320 [ 294.355862] ? perf_trace_lock+0x900/0x900 [ 294.360105] ? rcu_note_context_switch+0x710/0x710 [ 294.365054] __should_failslab+0x124/0x180 [ 294.369299] should_failslab+0x9/0x14 [ 294.373108] kmem_cache_alloc+0x2af/0x760 2033/05/18 03:34:06 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 294.377271] ? graph_lock+0x170/0x170 [ 294.381084] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 294.386113] __kernfs_new_node+0xe7/0x580 [ 294.390278] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 294.395048] ? lock_downgrade+0x8e0/0x8e0 [ 294.399206] ? lock_release+0xa10/0xa10 [ 294.403198] ? rcu_note_context_switch+0x710/0x710 [ 294.408144] kernfs_new_node+0x80/0xf0 [ 294.412055] kernfs_create_dir_ns+0x3d/0x140 [ 294.416476] internal_create_group+0x110/0x970 [ 294.421073] ? trace_hardirqs_on_caller+0x421/0x5c0 2033/05/18 03:34:07 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 294.426106] sysfs_create_group+0x1f/0x30 [ 294.430265] lo_ioctl+0x1771/0x2190 [ 294.433909] ? lo_rw_aio_complete+0x430/0x430 [ 294.438414] blkdev_ioctl+0x9b6/0x2020 [ 294.442319] ? blkpg_ioctl+0xc40/0xc40 [ 294.446218] ? lock_downgrade+0x8e0/0x8e0 [ 294.450384] ? rcu_is_watching+0x85/0x140 [ 294.454541] ? rcu_report_qs_rnp+0x790/0x790 [ 294.458966] ? __fget+0x40c/0x650 [ 294.462435] ? expand_files.part.8+0x9a0/0x9a0 [ 294.467022] ? trace_hardirqs_off+0xd/0x10 [ 294.471268] ? _raw_spin_unlock_irqrestore+0x63/0xc0 2033/05/18 03:34:07 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 294.476382] block_ioctl+0xee/0x130 [ 294.480016] ? blkdev_fallocate+0x400/0x400 [ 294.484353] do_vfs_ioctl+0x1cf/0x16f0 [ 294.488246] ? rcu_pm_notify+0xc0/0xc0 [ 294.492144] ? ioctl_preallocate+0x2e0/0x2e0 [ 294.496558] ? fget_raw+0x20/0x20 [ 294.500015] ? putname+0xf2/0x130 [ 294.503477] ? rcu_read_lock_sched_held+0x108/0x120 [ 294.508496] ? kmem_cache_free+0x25c/0x2d0 [ 294.512737] ? putname+0xf7/0x130 [ 294.516197] ? do_sys_open+0x3c3/0x740 [ 294.520097] ? security_file_ioctl+0x94/0xc0 [ 294.524520] ksys_ioctl+0xa9/0xd0 2033/05/18 03:34:07 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="627472667314", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 294.527985] __x64_sys_ioctl+0x73/0xb0 [ 294.531883] do_syscall_64+0x1b1/0x800 [ 294.535778] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 294.540631] ? syscall_return_slowpath+0x5c0/0x5c0 [ 294.545568] ? syscall_return_slowpath+0x30f/0x5c0 [ 294.550509] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 294.555883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.560739] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 294.565929] RIP: 0033:0x455877 [ 294.569114] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 294.588521] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.596226] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 294.603493] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 294.610763] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 294.618039] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 2033/05/18 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67aa00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 294.625310] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000000a 2033/05/18 03:34:07 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x12, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000f900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:07 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'\x00', 0x1}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:07 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x70000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {0x4}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000) r2 = getpgid(0x0) sched_setscheduler(r2, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000080)={0x8, 0x6, 0xffffffff, 0x1ff, 0xfffffffffffffff8, 0x100, 0x3ff}, 0xc) mknod(&(0x7f0000000040)='./bus\x00', 0x1001, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) msgget(0x0, 0x8fd6a03a941861d8) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:07 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0xb, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:07 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:07 executing program 1 (fault-call:0 fault-nth:11): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:07 executing program 6: perf_event_open(&(0x7f00000001c0)={0x7, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x8) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) [ 295.141241] FAULT_INJECTION: forcing a failure. [ 295.141241] name failslab, interval 1, probability 0, space 0, times 0 [ 295.152566] CPU: 1 PID: 20233 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 295.159500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.168852] Call Trace: [ 295.171448] dump_stack+0x1b9/0x294 [ 295.175096] ? dump_stack_print_info.cold.2+0x52/0x52 [ 295.180292] ? perf_trace_lock_acquire+0xe3/0x980 [ 295.185156] should_fail.cold.4+0xa/0x1a [ 295.189223] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 295.194336] ? find_held_lock+0x36/0x1c0 [ 295.198403] ? graph_lock+0x170/0x170 [ 295.202212] ? find_held_lock+0x36/0x1c0 [ 295.206290] ? __lock_is_held+0xb5/0x140 [ 295.210373] ? check_same_owner+0x320/0x320 [ 295.214704] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 295.219645] ? rcu_note_context_switch+0x710/0x710 [ 295.224590] __should_failslab+0x124/0x180 [ 295.228835] should_failslab+0x9/0x14 [ 295.232644] kmem_cache_alloc+0x2af/0x760 [ 295.236856] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 295.241798] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 295.246828] __kernfs_new_node+0xe7/0x580 [ 295.250983] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 295.255748] ? mutex_unlock+0xd/0x10 [ 295.259473] ? kernfs_activate+0x20e/0x2a0 [ 295.263717] ? kernfs_walk_and_get_ns+0x320/0x320 [ 295.268565] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 295.274092] ? kernfs_link_sibling+0x1d2/0x3b0 [ 295.278667] kernfs_new_node+0x80/0xf0 [ 295.282545] __kernfs_create_file+0x4d/0x330 [ 295.286944] sysfs_add_file_mode_ns+0x21a/0x560 [ 295.291611] internal_create_group+0x282/0x970 [ 295.296192] sysfs_create_group+0x1f/0x30 [ 295.300328] lo_ioctl+0x1771/0x2190 [ 295.303952] ? lo_rw_aio_complete+0x430/0x430 [ 295.308437] blkdev_ioctl+0x9b6/0x2020 [ 295.312316] ? blkpg_ioctl+0xc40/0xc40 [ 295.316193] ? lock_downgrade+0x8e0/0x8e0 [ 295.320334] ? kasan_check_read+0x11/0x20 [ 295.324472] ? rcu_is_watching+0x85/0x140 [ 295.328605] ? rcu_report_qs_rnp+0x790/0x790 [ 295.333011] ? __fget+0x40c/0x650 [ 295.336465] ? expand_files.part.8+0x9a0/0x9a0 [ 295.341038] ? trace_hardirqs_off+0xd/0x10 [ 295.345261] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 295.350354] block_ioctl+0xee/0x130 [ 295.353980] ? blkdev_fallocate+0x400/0x400 [ 295.358290] do_vfs_ioctl+0x1cf/0x16f0 [ 295.362162] ? rcu_pm_notify+0xc0/0xc0 [ 295.366046] ? ioctl_preallocate+0x2e0/0x2e0 [ 295.370441] ? fget_raw+0x20/0x20 [ 295.373882] ? putname+0xf2/0x130 [ 295.377320] ? rcu_read_lock_sched_held+0x108/0x120 [ 295.382321] ? kmem_cache_free+0x25c/0x2d0 [ 295.386541] ? putname+0xf7/0x130 [ 295.389982] ? do_sys_open+0x3c3/0x740 [ 295.393861] ? security_file_ioctl+0x94/0xc0 [ 295.398257] ksys_ioctl+0xa9/0xd0 [ 295.401703] __x64_sys_ioctl+0x73/0xb0 [ 295.405588] do_syscall_64+0x1b1/0x800 [ 295.409464] ? finish_task_switch+0x1ca/0x840 [ 295.413957] ? syscall_return_slowpath+0x5c0/0x5c0 [ 295.418882] ? syscall_return_slowpath+0x30f/0x5c0 [ 295.423817] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 295.429173] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.434012] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 295.439193] RIP: 0033:0x455877 [ 295.442362] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.461695] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.469389] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 295.476650] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 295.483903] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:07 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x1d, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:07 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:08 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:08 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:08 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x12, r3, &(0x7f0000000600)="df0275", 0x3) [ 295.491154] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 295.498406] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000000b 2033/05/18 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700de00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:08 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f00000000c0)=ANY=[@ANYRES64=r0]) r1 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) connect$unix(r1, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) [ 295.693640] FAT-fs (loop6): Unrecognized mount option "" or missing value [ 295.729500] FAT-fs (loop6): Unrecognized mount option "" or missing value 2033/05/18 03:34:08 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x4, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:08 executing program 1 (fault-call:0 fault-nth:12): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:08 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="627472667310", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\x00\x00\x00\x00\x00\x00\f\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:08 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x12, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:08 executing program 4: r0 = request_key(&(0x7f0000000040)='blacklist\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000000c0)='/dev/usbmon#\x00', 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$reject(0x13, r0, 0x1, 0x96, r1) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r3 = getpgid(0x0) sched_setscheduler(r3, 0x1, &(0x7f0000000140)=0x8) preadv(r2, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:08 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x80000, 0xaf) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00000001c0)={0x5, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}, {0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e24, @broadcast=0xffffffff}, 0x1, 0x0, 0x5, 0x8, 0x80, &(0x7f00000000c0)='erspan0\x00', 0x0, 0x1000, 0x9}) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) removexattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=@known='user.syz\x00') 2033/05/18 03:34:08 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f00000000c0), &(0x7f0000000100)=0x30) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x0, &(0x7f0000000000)={@loopback=0x7f000001, @loopback=0x7f000001}, 0xc) ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000140)) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) r4 = dup2(r1, r3) ioctl$PIO_UNIMAPCLR(r4, 0x4b68, &(0x7f0000000040)={0x4, 0x14b2, 0xffffffffffff0001}) getpeername$packet(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000280)=0x14) r6 = getuid() setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in=@multicast1=0xe0000001, @in6=@remote={0xfe, 0x80, [], 0xbb}, 0x4e20, 0x0, 0x4e22, 0xff, 0xa, 0x20, 0x20, 0x67, r5, r6}, {0x0, 0x20, 0x7f, 0xfffffffffffffffb, 0x0, 0x8, 0x8, 0xb7}, {0x7, 0x7ff, 0x3bc, 0x3}, 0x7fffffff, 0x6e6bb8, 0x0, 0x1, 0x3, 0x2}, {{@in6=@local={0xfe, 0x80, [], 0xaa}, 0x4d3}, 0x2, @in6=@remote={0xfe, 0x80, [], 0xbb}, 0x3502, 0x0, 0x3, 0x5, 0x28, 0x7, 0x8}}, 0xe8) [ 296.237162] FAULT_INJECTION: forcing a failure. [ 296.237162] name failslab, interval 1, probability 0, space 0, times 0 [ 296.248577] CPU: 0 PID: 20303 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 296.255514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.264868] Call Trace: [ 296.267471] dump_stack+0x1b9/0x294 [ 296.271117] ? dump_stack_print_info.cold.2+0x52/0x52 [ 296.276316] ? perf_trace_lock_acquire+0xe3/0x980 [ 296.281164] ? perf_trace_lock+0xd6/0x900 2033/05/18 03:34:08 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:08 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x800000000004, 0x4, 0x9}, 0x2c) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vcs\x00', 0xc000, 0x0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f00000002c0), &(0x7f0000000300)=0x4) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000080)="17a24b910c5fd2ff359902653eda3aa9a6", &(0x7f00000000c0)="a345fdf461eb58f91ccd0ae901a8da52ee872146799b6a8d6c7e48eca1b70e5681a68a796249dd026f46817e23a50b3a0da85f1a78ccd40cd15d84189710addd41075fd78f9556f749819b0c4dba6e9e3c5724f0227594210c4b17a02510cce14674f66bd6d79c0b7636e65d0f619ec986403afed3ceb23bc288f33bb4082d63a462fcf88a2e55345383a2478a0514cf91069735fd53af9ef1d31e3969a1aa594858c37cde3b60e0a087a43547513b93c6b79d60c84eb8a1d19672", 0x3}, 0x20) r2 = dup2(r0, r0) sendmsg$nl_crypto(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@delrng={0x10, 0x14, 0x106, 0x70bd28, 0x25dfdbfc, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4}, 0x4000001) [ 296.285330] should_fail.cold.4+0xa/0x1a [ 296.289406] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 296.294523] ? find_held_lock+0x36/0x1c0 [ 296.298595] ? graph_lock+0x170/0x170 [ 296.302418] ? find_held_lock+0x36/0x1c0 [ 296.306502] ? __lock_is_held+0xb5/0x140 [ 296.310592] ? check_same_owner+0x320/0x320 [ 296.314927] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 296.319874] ? rcu_note_context_switch+0x710/0x710 [ 296.324820] __should_failslab+0x124/0x180 [ 296.329091] should_failslab+0x9/0x14 [ 296.332907] kmem_cache_alloc+0x2af/0x760 2033/05/18 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000ec00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 296.337111] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 296.342091] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 296.347123] __kernfs_new_node+0xe7/0x580 [ 296.351287] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 296.356063] ? mutex_unlock+0xd/0x10 [ 296.359784] ? kernfs_activate+0x20e/0x2a0 [ 296.364035] ? kernfs_walk_and_get_ns+0x320/0x320 [ 296.368895] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 296.374440] ? kernfs_link_sibling+0x1d2/0x3b0 [ 296.379528] kernfs_new_node+0x80/0xf0 [ 296.379567] __kernfs_create_file+0x4d/0x330 [ 296.379590] sysfs_add_file_mode_ns+0x21a/0x560 [ 296.379618] internal_create_group+0x282/0x970 [ 296.379649] sysfs_create_group+0x1f/0x30 [ 296.379667] lo_ioctl+0x1771/0x2190 [ 296.379691] ? lo_rw_aio_complete+0x430/0x430 [ 296.379707] blkdev_ioctl+0x9b6/0x2020 [ 296.379724] ? blkpg_ioctl+0xc40/0xc40 [ 296.379741] ? lock_downgrade+0x8e0/0x8e0 [ 296.379766] ? rcu_is_watching+0x85/0x140 [ 296.379783] ? rcu_report_qs_rnp+0x790/0x790 [ 296.379811] ? __fget+0x40c/0x650 [ 296.379836] ? expand_files.part.8+0x9a0/0x9a0 [ 296.379853] ? trace_hardirqs_off+0xd/0x10 [ 296.379878] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 296.379902] block_ioctl+0xee/0x130 [ 296.379920] ? blkdev_fallocate+0x400/0x400 [ 296.379939] do_vfs_ioctl+0x1cf/0x16f0 [ 296.379954] ? rcu_pm_notify+0xc0/0xc0 [ 296.379976] ? ioctl_preallocate+0x2e0/0x2e0 [ 296.379993] ? fget_raw+0x20/0x20 [ 296.380006] ? putname+0xf2/0x130 [ 296.380021] ? rcu_read_lock_sched_held+0x108/0x120 [ 296.380037] ? kmem_cache_free+0x25c/0x2d0 [ 296.380056] ? putname+0xf7/0x130 [ 296.380077] ? do_sys_open+0x3c3/0x740 [ 296.490845] ? security_file_ioctl+0x94/0xc0 [ 296.495251] ksys_ioctl+0xa9/0xd0 [ 296.498699] __x64_sys_ioctl+0x73/0xb0 [ 296.502580] do_syscall_64+0x1b1/0x800 [ 296.506462] ? finish_task_switch+0x1ca/0x840 [ 296.510950] ? syscall_return_slowpath+0x5c0/0x5c0 [ 296.515871] ? syscall_return_slowpath+0x30f/0x5c0 [ 296.520792] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 296.526147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.530981] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 296.536157] RIP: 0033:0x455877 [ 296.539327] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 296.558688] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 296.566391] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 296.573645] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 296.580898] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:09 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x6, r3, &(0x7f0000000600)="df0275", 0x3) [ 296.588151] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 296.595403] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000000c 2033/05/18 03:34:09 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:09 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x4, 0x6, &(0x7f0000000540)=[{&(0x7f0000000100)="4701fb1794365aa25f2acdb554e5b67926f55f5175d1b266b26f01a3c9bfe849860c97d6ada12de4645eff28df20e63975765675e337c451ab6affc725fb0b8acaf9b0466f", 0x45, 0x5}, {&(0x7f0000000180)="76c01723ad30c32b88d52309c587c467dbc8c28a7d882a61a9a8509c53147801c0f19632b6a89d6a9580dd02d316012c9e364f13840caea5b9c9bbfa092f696ccca2fc55", 0x44, 0x2}, {&(0x7f0000000200)="b552d44981483ab6daf3036c3098272aca12cdc543b69dad0ce4f3f5a0d209a9ecb236ddb0d53e7f97abda50da66e1d252b95041b1c7c14c1e9d680b83e6502acd575944a4df34b5d448ee4b0b0b36e9a2804a4a47ecba4aa3afd8b1d1dbeec871612cae6a1eeb3bf0f7cd237f6ece588d791ef0922311044352cf1ffa53098111ba40516093eefef82ab46e87e1b84b929fbc4fb417dbf5b7470a9000a80264191f76d105160e7e61c671b3d8c03478527e45cfcf0f0a0133a46aa543c5845240185665277df153011e8285c059827f1fa5a4d1d57ed57a0419ae6eaa9ff6cbb49cb4f43a89cea1380a29227e7407a0f613e8312563cb68bd8f4d82", 0xfc, 0x3f}, {&(0x7f0000000300)="e4719a2f465f51550bcbaa974f38f584e7731c59f04494adc678f1eba7a94d2da5e43d41e253362f89678aa609b501ef7e826bb0be0389d37033413c76f63151b8dc4608", 0x44, 0x1}, {&(0x7f0000000380)="7d8628202a5bd3b3aa5b032b0c518b90a25254b4e3225d731cb6c679dfd3415a6a13b1b4f39e2808acec9418fb1c61062f7b49fc2ab018dbdc7093142c0fb4ab6e0798e084aaee33890589ff5a662f66d9b78cb468e8b53ec88ab06385b57a3d455e6a13926c7a7e5968e135c6c0b3c960339994a70238d569ab3379eb6ca15a59bbace2778133dcd2", 0x89, 0x8}, {&(0x7f0000000440)="12ce5332855714d2784794634ea0bb06804d97f9990012f36369ee877280a079f4573e6448bf5230ed88c673475a463327eb13c7d8d35b885a31b152f490148193a1cda014bfb9ebc33bdee36eccbf0f6f214288fbbdc62f65d5d47498fbd39a1fe867a8ddcb021c1db9bac34310377929fdfc377f269abe847e435d33a44f8dff8533d8fd6aaba30e6a844f07983deab2bb6d64227a26d9fa20299bba6f80a54a0457c6e892a473678843976f68d58242d981359a3edc78d927fa0efb1faff605d63b5ff125288923e95e4d774a6672654f7c37d6ffafd46f896b3a881457916905b7c0", 0xe4, 0x5}], 0x101008, &(0x7f0000000600)={[{@fmask={'fmask', 0x3d, [0x32, 0x31, 0x36, 0x33]}, 0x2c}, {@dos1xfloppy='dos1xfloppy', 0x2c}, {@check_strict='check=strict', 0x2c}, {@showexec='showexec', 0x2c}]}) 2033/05/18 03:34:09 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:09 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x11, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:09 executing program 1 (fault-call:0 fault-nth:13): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:09 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000280)={0x0, 0x9ff, &(0x7f00000000c0)="a9805862728b", &(0x7f00000001c0)="a470168ee326fc9e14972f67eec2a383b9656c89a6988e72ffd6557c087d73385858fb94784fad704874b966ad112ee704666705e5fd612656e3d61f11c9780ecb0ea4d7833ee0098f41f8c5ce75601aaa6800819c163027056a7a454cfbc300dcd13292c92e3009c4adddbbe164ef7399e71e080f0409137a15d34c", 0x6, 0x7c}) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x80001c, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x202) 2033/05/18 03:34:09 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffff9c, 0xc0184900, &(0x7f0000000000)={0x100000001, 0x2, 0x1, 0xffffffffffffff9c}) open_by_handle_at(r1, &(0x7f00000000c0)={0x99, 0x0, "a61566448464a84cb6814914a2144fd545f3c5f853248a986c360246f8fd768d7a792fef8075f8d0b244957aebefc0774bdf674d4912fa13c4fa072db594e3e9526e841cec44b9f939d59713112e345cbd067863995227e519a49c2ff6e6818e317e9a9f456205333c4391c96c940d14cb2b52deed41659330697c8f7af2388b592457c8db6e4f480a2c875988fdf5c864"}, 0x408080) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r2, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r2, 0x4, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000604ffc)) dup2(r2, r4) 2033/05/18 03:34:09 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000000f00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 297.328143] FAULT_INJECTION: forcing a failure. [ 297.328143] name failslab, interval 1, probability 0, space 0, times 0 [ 297.339443] CPU: 1 PID: 20358 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 297.346375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.355720] Call Trace: [ 297.358307] dump_stack+0x1b9/0x294 [ 297.361933] ? dump_stack_print_info.cold.2+0x52/0x52 [ 297.367116] ? mutex_trylock+0x2a0/0x2a0 [ 297.371169] should_fail.cold.4+0xa/0x1a [ 297.375220] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 297.380356] ? __kernfs_new_node+0xe7/0x580 [ 297.384671] ? graph_lock+0x170/0x170 [ 297.388458] ? find_held_lock+0x36/0x1c0 [ 297.392510] ? find_held_lock+0x36/0x1c0 [ 297.396564] ? __lock_is_held+0xb5/0x140 [ 297.400625] ? check_same_owner+0x320/0x320 [ 297.404931] ? graph_lock+0x170/0x170 [ 297.408723] ? rcu_note_context_switch+0x710/0x710 [ 297.413645] ? kasan_check_write+0x14/0x20 [ 297.417869] __should_failslab+0x124/0x180 [ 297.422095] should_failslab+0x9/0x14 [ 297.425885] kmem_cache_alloc+0x2af/0x760 [ 297.430036] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 297.435047] __kernfs_new_node+0xe7/0x580 [ 297.439185] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 297.443931] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 297.449453] ? kernfs_link_sibling+0x1d2/0x3b0 [ 297.454034] ? kernfs_add_one+0x16f/0x620 [ 297.458172] ? kernfs_activate+0x2a0/0x2a0 [ 297.462396] kernfs_new_node+0x80/0xf0 [ 297.466279] __kernfs_create_file+0x4d/0x330 [ 297.470695] sysfs_add_file_mode_ns+0x21a/0x560 [ 297.475357] internal_create_group+0x282/0x970 [ 297.479940] sysfs_create_group+0x1f/0x30 [ 297.484077] lo_ioctl+0x1771/0x2190 [ 297.487698] ? lo_rw_aio_complete+0x430/0x430 [ 297.492191] blkdev_ioctl+0x9b6/0x2020 [ 297.496069] ? blkpg_ioctl+0xc40/0xc40 [ 297.499949] ? lock_downgrade+0x8e0/0x8e0 [ 297.504089] ? kasan_check_read+0x11/0x20 [ 297.508225] ? rcu_is_watching+0x85/0x140 [ 297.512357] ? rcu_report_qs_rnp+0x790/0x790 [ 297.516762] ? __fget+0x40c/0x650 [ 297.520215] ? expand_files.part.8+0x9a0/0x9a0 [ 297.524785] ? trace_hardirqs_off+0xd/0x10 [ 297.529019] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 297.534117] block_ioctl+0xee/0x130 [ 297.537731] ? blkdev_fallocate+0x400/0x400 [ 297.542051] do_vfs_ioctl+0x1cf/0x16f0 [ 297.545924] ? rcu_pm_notify+0xc0/0xc0 [ 297.549803] ? ioctl_preallocate+0x2e0/0x2e0 [ 297.554199] ? fget_raw+0x20/0x20 [ 297.557636] ? putname+0xf2/0x130 [ 297.561077] ? rcu_read_lock_sched_held+0x108/0x120 [ 297.566080] ? kmem_cache_free+0x25c/0x2d0 [ 297.570303] ? putname+0xf7/0x130 [ 297.573747] ? do_sys_open+0x3c3/0x740 [ 297.577626] ? security_file_ioctl+0x94/0xc0 [ 297.582032] ksys_ioctl+0xa9/0xd0 [ 297.585479] __x64_sys_ioctl+0x73/0xb0 [ 297.589353] do_syscall_64+0x1b1/0x800 [ 297.593227] ? finish_task_switch+0x1ca/0x840 [ 297.597712] ? syscall_return_slowpath+0x5c0/0x5c0 [ 297.602630] ? syscall_return_slowpath+0x30f/0x5c0 [ 297.607557] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 297.612919] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.617754] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 297.622928] RIP: 0033:0x455877 [ 297.626099] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 297.645434] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 297.653218] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 297.660470] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 297.667723] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:10 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="627472667306", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 297.674980] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 297.682236] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000000d 2033/05/18 03:34:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$EVIOCGSND(r3, 0x8040451a, &(0x7f0000000080)=""/181) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r3, 0x408c5333, &(0x7f0000000140)={0x5, 0x0, 0x0, 'queue0\x00', 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000060000007897c03c0732154b"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000008600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:10 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="6274726673fe", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:10 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x17, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700a700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:10 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:10 executing program 1 (fault-call:0 fault-nth:14): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:10 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x6) sendmsg$nl_generic(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000100)={0x1c, 0x1c, 0x101, 0x0, 0x0, {0x7}, [@generic="46c28834ec"]}, 0x1c}, 0x1}, 0x0) r1 = dup3(r0, r0, 0x80000) sendmsg$nfc_llcp(r1, &(0x7f00000015c0)={&(0x7f0000000140)={0x27, 0x1, 0x1, 0x7, 0x200, 0x4, "e0e3b024b3d3f58c30b2c6363321c79b4d0b1ae9afe45f371102ba864816ac813670424b01bf3575c56c0ce1c1695d3fa1b16f240fac00623f2861bf428e18", 0x1a}, 0x60, &(0x7f0000001480)=[{&(0x7f00000001c0)="af221e5f1977e0d268bc45f27b3a7e7ec65a6ff090787f4eb25a5b188740cc866c7d73f297bdf0cfa64b12e3b10b3bfbbc9c4a8d26f5f2d3512d416071f91e68c428b82e3a72c0dae9f82cd391562376d7f90fa2c0bba72724024ad1f747622dafca23b7258d93a2836ae8a1f71c013168f09f80d486100dfdc72b8fa42657f0b52f6d62b2336ba6cc04d4853f795d8d379e1ce82f171dc0912921d0fa243f9ec44b2ada4e3db8b57622e9e2f0ef50bf66c52f42482500faaf478c97d9470045ec10dfbf3d47de27b353d8d4a0f2e36fb077759033136c3e5fedd7e57293db2cc7b52a41dd949ec2202ac07c2c9f4723e7c8ceacee06e620076a7a51bf10a4e795ccaa9600bb2c55f98bc38087dbe94d14889db61b6cfa6c929d327b1e538f5aae36d7d237252462e25612d998b9ced55793cb86566e1062b99094a863d8a282da41f413c53b38949271b54e1e1044e890412e62af93d432661874d044a8e4079cd398243af02396e9c886033763d109c63e3c228d7a0a9b20f6a241faf2b17a801660e7f48eedbd1f2baf30f50b2b3ced1655c34688537d704513a093e451e0cc17a7ac2928ddeb36f144cc38fba5dcb5f5722f45c98305b13923c6b4238119ee96cff4ef26e0e15f9eba267ef8500f4af62359d41094f6cf8dcb2994c08c47b987fbbd5c72999154f3f2d84a1c7869f330158f94dc0a0b0a87a7dd09833a89ba7a02e25940a0ae41e05d95d15c7337901eee22a8f5450d39aaaf76547c6819ffdabfd0d7e2074877ad87e15f7d8aa15d68bd20e9e4a75ad325a11398ce2f944163758cf0b4aeb11428b5a355643ae2aa3c0037a2dea647a9b0af012b056df30aaea047d990653cefab0af00ac227ab610cc4289dba3ed5f145e00d4403e93e873931d4e07d49b0e732d9534c35ed6e17cba387dde6613eea618b21291473f064a545903506633d759c19a4f6b75a29d9dcba6868d15002ee80c33b149b2954a6d8ac97bdd86c06709ada1ae3b654e9098e16a47bff34dda98a2d5f4cd5e8063fb759d68d40b761fba4120ba3f14ec3e6d66f2bd579322aba76c3edfc8aba3db41d0a64cc4d92802df46998cc5943a04feabc4b075a3a4ff5ce7736ddd1a160486fde2b6a861df860117e4f6837ec1991756af2e3442167354f92f9753baa515787aa9ab587a6c88493a1ceb3e0f1165c10106492d6d4b51c8e7974b4f94bd0af54d200f2cf33a0d26c3137dd1452817ca765bbb3d4fcf8da212729439a1cd5e239dffc4ec11d212c031e78c713d940d152c08742f1e003417bda3d2cefb7c8af0cdf69c3157bf4b0a0afa9316efc04319307f4230a39c956ea6c5d4ddbbff7fd7201f4598b6739ca7483fb9ee6a4ef92e3fb3a12c7738cfd12dbd40c9430d5ff6a760a3268bd540858bb236a7812d51c947b9f5ee0bd27a60e45a6f0f5d11ada8d829953b265681cff42fbe8a1667033274c4f2d505343ba50ba1dbc4e7332361fdeac72e83b99edb0f4f62f2ee1ec566cc8b33cfe7dec862c3a1210f47fa5a08c32c7657dd6755a2727dd15eea59e816c163f77bf92b14f2c70ab52ed69ac915ff269a43284169579234bd02731dbee9d767af538dc6c4a82e385b4452e525b3b773c9ebb1c73a6610386a6ce3b793e9f59c8e0f51bf046cd17b747f6a81ba447deb03bf1a3f42bf71f2fa166d16104af438147695d24a45fa1daaf9f6106b2d2dae0848946287561da771f75872003c19a9eae9761587eaa82c8ff87242b28c4b7dbb85c785bbed666270afa0348a0a3f253f194a7a8b59479e537de68777b6124b0a5c21e32c4bfb33c5e4a1eabf794f6eb6aa3b553e8e03a569611f60c48e0bf09279956c3dd946a9ed310387dc04dc359aca6c6e5241a0f41cc173420a3b04256f3f36078919837de045eb7657b0fb7074197a791eb1d152367d02c59bb8cd1e38d0940c0a5b9c53c05958eb8964daafac4de827ae50db0011d72887a4bccc8e00012313d7dc9d24cbca05ebfc7c62e5b80bf2251c3395b79c2511f9201e83a0e5087bda083e89bca97390d052cb4ab718710a6bf82a56bd329ed3680b5d6b036517a0a3091d5977eef0120dead178e8eb58082204a9c8a1e123b4a6959e2bde85fcbb98d5c9d2349dcd9c8f67ee94bfacc985fbad798139216c1c3b2547f0cb5696c885749653eab5333e29a0a825648bbde8b741d311d00181d421b1df8894f76d2dd7fc86cdbd83c3b0189f0441ad2d19b2553d6b869773304e637e83657f6c269fbcf3edf3d79b9deec51b51f4fa137b01b0786d63f27d3d57992f3fea90bbaa6ffc4902e19fdc5cd405f8107dcfe34e04cfa105fd6818b78c8c4d875fa1de200786f2ad903df30ff5edfe6148004df7effb769b8dbe2413b46ff4cfa8e93d857357d79ea16706767efa1ff1828b1cee3380dcdf393eeb701e59e641f1e50a40b273c38a6f03cfb5bc9251d2b50a66e2de654b2755b4bc41d547c1a25542c49d1f428824e2330ec4eb58809b3ab9ede7bbbff5b73546a4084f56c3d5c9987eb6f8c8bb1f6c8b5f8e822c7629801541fc6902db7ea3fed4ab43a956ce563dad1010701d5f7a83c759f3d45dcb79638e7d72a5c2a4a35da5f60672a4da71fd22f49f7e42a3cdf7372364c86dbda8a498b6a12b063b8c47558225668b2dad0f46355e3dfc73a139d72f1817127e9e913af6ffae8a4ca84b00fbcda893f411104988aa42a8f7bfdaa92c3f688119ccea6c3a8e59c8a391acff6641f028f286a73f83ff79150a196df41f9a1c10e0402cf2b80e8209b8e0e7d4193c1ab2ed0fcb5bb0fa3ddc69230988346ba7cec0f1ae22f27850c49e9a70eae83d514f2e60c51b8a06b641d84c117ec23dc1c434981d5eb6c23b761ddc7e5820ce1b67143c2fc259b1c3ee7f73deca34d892121e9ce2098922f0e301ccaf2a32f68d89e12ce52cf29f722034f692eef6b93e7adfb74185b5422529d5f15bb78c00997289aa0f604a06587fa4e9411b32857e51399a1ec6a8f03ce7c3ecef63535e8a106e890f3b513c25b15a26317a83abc61ea08228bd3efca0010e43b2bbab40c9e69b03960e68defc3547fa2c1ec1045cacd5914e29fbede7ae2f9f231af78fbdebf6992910fbe77247cc8b3d4aee3b6d421decaa12314477e688fc86ab5bb8b94c0b70fbc762b44784eb58cd34b81f243b20acf3096080ab43d9d14bb114c0a92f1e62cfde2a796afe64cc8d70d0d62bc2872ebebd0b858d41cf967025332222916d2dd592c20ea9ca2774e2e4c72aee0cf9af590df5ea9e9327be5f5ed89ebee413f3a732cbfce68b42159c54d6c558604efb83d80b67da9975e9b2e4c44e7ad0d0127bee9507ca5a1c09001092d49124bd3387e72bfa0c0fa4eb8d496a8949442ad208d5cf71ab4c545f3c7de58fc4b39073cafba46407946558fadcce2d029464de3f48ddbf09ff8b920b1cbf8fae95600e8203810e9190e895a0222533a9371ed2c442c97a208b6c26d6567fbffd6b849b21efb226fdbdc413d0bf6054b68aef1d32df707f30eb87b2c3b5b362cb27eaacbbf2c7113e842d3659b90250a3284c40e68ba3a329a2f3b47a67e07d41c2ec08cf0a5c84421e9011cbf3c2c10f1e593e5e42bc749a876b3d9a9fbf4f4312d18a108d91441852bb0f58fc20e1ddcb1cb50b09f833b6f7c6213693ba705d8fd5b22699ab2cb17515c2f07492381486d104171ddeb1a9b2e5876875128602bf68ed6132b0c08de8268a6130eeae4ba550dcf5d1a8efe88b7373a5c2220cab57e11ceb81f8b064bd18f3797f747309b5d07590cd8b16943c9af837f195fca7d24bb663e48b02e8eff0d749871d4902283f6f6ecc09d97e367a29b0e2a79394e2c13d997d330651f4685b8a29a509d05be483d6831bd7d847d4059e646b2663671d17da71cc10804f3f3a7e7ef68d59563b70ab14c1c356768e59451acd5efd88b99a6ae2699b41593216cf71f79e59485c1519caf1decc1e99dd5cba2f20131d0af3409f87245b1373e1d8f648789b5e83dd518331e8d8f3ab7844011b551d0e781fbe6b9aa37790d911d24b5463af7be2a5804113161b16419343c15acdfa9ba59fb112935c03795955bcab9735276fdd3e8033315a9aa56d197f385bccbb3554b9dafbbc37831039d2c27e60d0e0bf5b884fa78edf3ba6c2a5585034dce348a1645dac2565a00a264ddd0c3010dd87e4c79508ec555cf4f900f7dc6bae7dbf6bb7569ac605e9232207731b6bf0e7bfb4da0368eeee52b643a4d97fa979bd60cfbf8f7af7237c3d90dee26c916dcad8455c50a820d6100bd14a472e0e9512b964cd743c2363543f1c2e8b7a5e76961c5b8ddd345c9a26bd70087d3f31e4f9edd38df4cbe1ef9c80327a9cbd0ee5bb023a3dc2c11ec81fd2d647979c59039075fb4fc018a4707d063a05314651be7d694f5e9b621eb4466b454389b2b8a6268b74b1afecc56524bb280d97069259ec43da03d26d873de36ea6e3e56bfaea47f8f9fdcc218759bd45b4b605a01a2987d7ea5fb3d32f733f593160668cfebe60c6717221fac430545179b329fa884953c44cb8722c5dcf2895918eb2ff8232c0467555fa45c96a4d838f5a31d68ab753de8c61990f7abe916c96c7d995281758c8dc906c0c19439b6bb9cd144de2a32f8de6607d0a818b600735d8c078694930168ea930ebab19b610d32ad1647700cd5228d3998e05a199de58cd01230df3595749f4fb103abe8e8f090a3212390230ee71aa111093ca276085c0def7e3624cd82a14af9ed19f074f1d44c69e29b269dbf6a65481dbfae6fb5f8f200ea55f4736f3ba40f4fd601d888204b5715111ee82a08e7c91cb9183be8874c7c636b576e7372aa35991e25157508fea3dd48638dbd64b810e0a505d68cdf8c710f53727ffe7a8bb4e869704086b13bbbae09e3a436bf1c34500ef56a5f4bd8484b872e4f9540dcb1588613871eb4e2a5a24b9a2ad74f5992b90641faa9d0e929d9345eca888675d55470dcecb3f69463a7608c6b4511c47eadb54fa5e11121d591ad5fbd0f2340c92703195864502d5008936d124de23a22d41081eaf11db073d12f4c029098f6e6f93fec4cbe5dbe87d23e5b31e315d5dd9fe8d64d233d279eb9be66300adf12518341ff7c84f682d7065ae3a92248abcd064f19ae8895472c5334c6bde996ad287f5302a0329daf98e753b6b92b4d0ee9d9f141d8d90ff43e7564affc210954a6e715821b6391531c6abf1c7b12509ebb211a1c527aef82c4331750c241b9664257e7766876e0f4f28df7290775e830ada02ccf2595be4d664510729af050bde98aa25aa8eb38bc426de94c6bf0d267b52436bcfef65d0ba15447ca29cab411710755db9c46092bebcb72b1dd6f84c4a7cc87657003b95e644f8d6df483683171c1b3fa664114b0c95926e9a488964606a6198d7271507f26743597d468ac8697b978e8bae0943a181e466c35c8a928ee91e255b6b93cf6100848cbe8fbe9d59772d99f91eaf58206c9ebb7449612b0bb693a4172d911fe086c9a5c4c93b656667fa1b027e035ac8e9d6009e94a232f8e8299f1e82c02b0df771ce92b587afe1194c1da32697c3118cf99739717c31a5ee28a8b8a787181d1528f8c9e1c5d498cd5128f0d27c758645f5ab50f2da702840106562c6069e0de47816a994219f78084a1055846e116627864f99ca2d81ad9a2a3de423037b41fadc558bfdd9b0700d44a4c3107f400e8eab7d5878d82c4f2170c2b677bd27b3b3e3ef2b058fb39ac113dc8ec213e750d6e3232a3", 0x1000}, {&(0x7f00000011c0)="9c8180b71d59b2195cfc5188767ee465489e8cbaa0ac2754f622710e5f6f24c13f409dfb72918bc9be144c7d11f5bb3e7f7c5e6ece08ac4d9f9d7195b311fabf67834cc17e80a20bca14b328a8c667d7dbd7bf8392a6c30761069cd9ada92eced92b76008ca14490a97dbde9629981400928cd6ee5b045eb8a831ed24ecc412e579efa6b0ffe70911aead635ca7d7629149e9fe2061081fb48882c3639afe6", 0x9f}, {&(0x7f0000000080)="4fdbeec018a36ef3ac9825179fa6dacf81d703a689ca0f01c732fe3b96e75103d072c67ade673a208cc727", 0x2b}, {&(0x7f0000001280)="a6f77e01ef24be42d483531fdfca406a0f7c56291bf09cc72089", 0x1a}, {&(0x7f00000012c0)="003a7a1641f3c41cd98e75a14870c408326846679889a9d9d9e1635eab6ea5bb1de0cc22f471892724da5f08926e5ccae69df367", 0x34}, {&(0x7f0000001300)="1b6dd548b8970932f64a6a3c382a23363347957997b99bb6b48986fd5b817980e54b04c4ded2c20bb2ef2bde8936792b3129374728c09453d5243a9ccc315daddd82f14cf604f6432dd53b", 0x4b}, {&(0x7f0000001380)="1556b56593a35ebb6c367ea9c8c32a1e2b43a92f9a0b23249eec3cfb93cceaba49b516c5ca7799fcf9f4f297e3d68e7a608f27e57ed8e155e0217f04b4228883cc663d2eaaf18b15a14e4ffc900ca20f62c2d569521ac9ecd38c7bef79e41b299410e56397924df8e45b9852ef253abf77ddc056618b7baf37b35654a6af6b685dc859082b3babfdc38e79ee188fb54aa7be4477c62230bad50b284e0c8a9d0288818f092d7bde39a940c1d11d1f", 0xae}, {&(0x7f0000001440)}], 0x8, &(0x7f0000001500)={0xa0, 0x19c, 0x5, "0a8f3e5dd102584cefb7227ac08c0a1be0023fc4c5ace8284a54c0e0138b16f1f3c879adb37db22cf789cdb10010371820225d823dd616adb2e055a1dbdaf14f26acb11bb096a64c6a3c91f81d59ec669fe49ba3d2d795f5038e16f04636f492f545d51fda69c2258d09da2cd1ec8cd96d297ffbb4091d9a128bf6199f05bf064b0c7f55e2386bfea4016b8719e7"}, 0xa0, 0x20000000}, 0x4008004) 2033/05/18 03:34:10 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0xd, r3, &(0x7f0000000600)="df0275", 0x3) [ 298.031248] FAULT_INJECTION: forcing a failure. [ 298.031248] name failslab, interval 1, probability 0, space 0, times 0 [ 298.042682] CPU: 0 PID: 20397 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 298.049635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.058991] Call Trace: [ 298.061595] dump_stack+0x1b9/0x294 [ 298.062256] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 298.065235] ? dump_stack_print_info.cold.2+0x52/0x52 [ 298.065256] ? mutex_trylock+0x2a0/0x2a0 [ 298.065278] should_fail.cold.4+0xa/0x1a [ 298.065297] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 298.092069] ? __kernfs_new_node+0xe7/0x580 [ 298.096399] ? graph_lock+0x170/0x170 [ 298.100197] ? find_held_lock+0x36/0x1c0 [ 298.104251] ? find_held_lock+0x36/0x1c0 [ 298.108308] ? __lock_is_held+0xb5/0x140 [ 298.112374] ? check_same_owner+0x320/0x320 [ 298.116684] ? graph_lock+0x170/0x170 [ 298.120478] ? rcu_note_context_switch+0x710/0x710 [ 298.125396] ? kasan_check_write+0x14/0x20 [ 298.129624] __should_failslab+0x124/0x180 [ 298.133848] should_failslab+0x9/0x14 [ 298.137637] kmem_cache_alloc+0x2af/0x760 [ 298.141778] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 298.146789] __kernfs_new_node+0xe7/0x580 [ 298.150930] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 298.155675] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 298.161203] ? kernfs_link_sibling+0x1d2/0x3b0 [ 298.165775] ? kernfs_add_one+0x16f/0x620 [ 298.169911] ? kernfs_activate+0x2a0/0x2a0 [ 298.174139] kernfs_new_node+0x80/0xf0 [ 298.178032] __kernfs_create_file+0x4d/0x330 [ 298.182441] sysfs_add_file_mode_ns+0x21a/0x560 [ 298.187102] internal_create_group+0x282/0x970 [ 298.191680] sysfs_create_group+0x1f/0x30 [ 298.195817] lo_ioctl+0x1771/0x2190 [ 298.199449] ? lo_rw_aio_complete+0x430/0x430 [ 298.203933] blkdev_ioctl+0x9b6/0x2020 [ 298.207808] ? blkpg_ioctl+0xc40/0xc40 [ 298.211685] ? lock_downgrade+0x8e0/0x8e0 [ 298.215832] ? kasan_check_read+0x11/0x20 [ 298.219965] ? rcu_is_watching+0x85/0x140 [ 298.224102] ? rcu_report_qs_rnp+0x790/0x790 [ 298.228516] ? __fget+0x40c/0x650 [ 298.231966] ? expand_files.part.8+0x9a0/0x9a0 [ 298.236539] ? trace_hardirqs_off+0xd/0x10 [ 298.240761] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 298.245863] block_ioctl+0xee/0x130 [ 298.249480] ? blkdev_fallocate+0x400/0x400 [ 298.253789] do_vfs_ioctl+0x1cf/0x16f0 [ 298.257922] ? rcu_pm_notify+0xc0/0xc0 [ 298.261799] ? ioctl_preallocate+0x2e0/0x2e0 [ 298.266196] ? fget_raw+0x20/0x20 [ 298.269636] ? putname+0xf2/0x130 [ 298.273074] ? rcu_read_lock_sched_held+0x108/0x120 [ 298.278075] ? kmem_cache_free+0x25c/0x2d0 [ 298.282296] ? putname+0xf7/0x130 [ 298.285737] ? do_sys_open+0x3c3/0x740 [ 298.289616] ? security_file_ioctl+0x94/0xc0 [ 298.294019] ksys_ioctl+0xa9/0xd0 [ 298.297468] __x64_sys_ioctl+0x73/0xb0 [ 298.301343] do_syscall_64+0x1b1/0x800 [ 298.305215] ? finish_task_switch+0x1ca/0x840 [ 298.309702] ? syscall_return_slowpath+0x5c0/0x5c0 [ 298.314620] ? syscall_return_slowpath+0x30f/0x5c0 [ 298.319548] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 298.324901] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.329734] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.334918] RIP: 0033:0x455877 [ 298.338093] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.357420] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 298.365121] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 298.372381] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 298.379634] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 298.386886] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 298.394138] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000000e [ 298.428346] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 2033/05/18 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000000e00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x8, 0x200000) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000001c0)={0x3, 0x1000, 0x3, 0x9, 0x5, 0x100, 0x9, 0x2, 0x3, 0x6}) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000080)=""/214, &(0x7f0000000180)=0xd6) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x3) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000000)={0x7d}) 2033/05/18 03:34:11 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) pipe2(&(0x7f0000000000), 0x0) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:11 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:11 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r2 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f0000000180)=@ioapic) getsockopt$inet_mreq(r0, 0x0, 0x27, &(0x7f00000000c0)={@dev, @local}, &(0x7f0000000100)=0x8) r3 = open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) connect$unix(r3, &(0x7f0000000040)=@file={0x1, './bus\x00'}, 0x6e) 2033/05/18 03:34:11 executing program 6: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)={0xaa, 0x40}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x5) mremap(&(0x7f0000182000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f00000be000/0x2000)=nil) close(r0) readv(r0, &(0x7f00000022c0)=[{&(0x7f0000000000)=""/144, 0x90}, {&(0x7f00000001c0)=""/203, 0xcb}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000000c0)}, {&(0x7f00000012c0)=""/4096, 0x1000}, {&(0x7f0000000100)=""/22, 0x16}, {&(0x7f0000000140)=""/14, 0xe}], 0x7) 2033/05/18 03:34:11 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x7, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:11 executing program 1 (fault-call:0 fault-nth:15): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 298.580829] FAULT_INJECTION: forcing a failure. [ 298.580829] name failslab, interval 1, probability 0, space 0, times 0 [ 298.592270] CPU: 0 PID: 20425 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 298.599200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.608556] Call Trace: [ 298.611143] dump_stack+0x1b9/0x294 [ 298.614777] ? dump_stack_print_info.cold.2+0x52/0x52 [ 298.619963] ? mutex_trylock+0x2a0/0x2a0 [ 298.624023] should_fail.cold.4+0xa/0x1a [ 298.628076] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 298.633175] ? __kernfs_new_node+0xe7/0x580 [ 298.637486] ? graph_lock+0x170/0x170 [ 298.641272] ? find_held_lock+0x36/0x1c0 [ 298.645334] ? find_held_lock+0x36/0x1c0 [ 298.649390] ? __lock_is_held+0xb5/0x140 [ 298.653455] ? check_same_owner+0x320/0x320 [ 298.657774] ? graph_lock+0x170/0x170 [ 298.661562] ? rcu_note_context_switch+0x710/0x710 [ 298.666481] ? kasan_check_write+0x14/0x20 [ 298.670704] __should_failslab+0x124/0x180 [ 298.674929] should_failslab+0x9/0x14 [ 298.678719] kmem_cache_alloc+0x2af/0x760 [ 298.682859] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 298.687868] __kernfs_new_node+0xe7/0x580 [ 298.692011] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 298.696759] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 298.702285] ? kernfs_link_sibling+0x1d2/0x3b0 [ 298.706858] ? kernfs_add_one+0x16f/0x620 [ 298.710996] ? kernfs_activate+0x2a0/0x2a0 [ 298.715228] kernfs_new_node+0x80/0xf0 [ 298.719107] __kernfs_create_file+0x4d/0x330 [ 298.723506] sysfs_add_file_mode_ns+0x21a/0x560 [ 298.728171] internal_create_group+0x282/0x970 [ 298.732750] sysfs_create_group+0x1f/0x30 [ 298.736884] lo_ioctl+0x1771/0x2190 [ 298.740503] ? lo_rw_aio_complete+0x430/0x430 [ 298.744985] blkdev_ioctl+0x9b6/0x2020 [ 298.748861] ? blkpg_ioctl+0xc40/0xc40 [ 298.752736] ? lock_downgrade+0x8e0/0x8e0 [ 298.756875] ? kasan_check_read+0x11/0x20 [ 298.761013] ? rcu_is_watching+0x85/0x140 [ 298.765154] ? rcu_report_qs_rnp+0x790/0x790 [ 298.769558] ? __fget+0x40c/0x650 [ 298.773006] ? expand_files.part.8+0x9a0/0x9a0 [ 298.777585] ? trace_hardirqs_off+0xd/0x10 [ 298.781816] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 298.786913] block_ioctl+0xee/0x130 [ 298.790527] ? blkdev_fallocate+0x400/0x400 [ 298.794837] do_vfs_ioctl+0x1cf/0x16f0 [ 298.798720] ? rcu_pm_notify+0xc0/0xc0 [ 298.802601] ? ioctl_preallocate+0x2e0/0x2e0 [ 298.806998] ? fget_raw+0x20/0x20 [ 298.810441] ? putname+0xf2/0x130 [ 298.813878] ? rcu_read_lock_sched_held+0x108/0x120 [ 298.818887] ? kmem_cache_free+0x25c/0x2d0 [ 298.823120] ? putname+0xf7/0x130 [ 298.826572] ? do_sys_open+0x3c3/0x740 [ 298.830454] ? security_file_ioctl+0x94/0xc0 [ 298.834851] ksys_ioctl+0xa9/0xd0 [ 298.838294] __x64_sys_ioctl+0x73/0xb0 [ 298.842173] do_syscall_64+0x1b1/0x800 [ 298.846046] ? finish_task_switch+0x1ca/0x840 [ 298.850536] ? syscall_return_slowpath+0x5c0/0x5c0 [ 298.855453] ? syscall_return_slowpath+0x30f/0x5c0 [ 298.860375] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 298.865730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.870568] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.875743] RIP: 0033:0x455877 [ 298.878916] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.898511] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 298.906210] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 298.913466] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 298.920810] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:11 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000008a00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:11 executing program 5: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000080)="c626262c8523bf012cf66f") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) close(r0) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000005380)) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f00000000c0)={0x100}, 0x4) openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x0, 0x0) io_setup(0x8, &(0x7f0000000100)=0x0) ioctl$KDDISABIO(r1, 0x4b37) io_submit(r3, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000040)="1000000005", 0x5}]) [ 298.928086] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 298.935351] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000000f 2033/05/18 03:34:11 executing program 1 (fault-call:0 fault-nth:16): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:11 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)="627472667304", &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:11 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x15, r3, &(0x7f0000000600)="df0275", 0x3) [ 299.103932] FAULT_INJECTION: forcing a failure. [ 299.103932] name failslab, interval 1, probability 0, space 0, times 0 [ 299.115330] CPU: 0 PID: 20451 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 299.122260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.131620] Call Trace: [ 299.134218] dump_stack+0x1b9/0x294 [ 299.137865] ? dump_stack_print_info.cold.2+0x52/0x52 [ 299.143068] ? mutex_trylock+0x2a0/0x2a0 [ 299.149751] should_fail.cold.4+0xa/0x1a 2033/05/18 03:34:11 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./fi/e0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000c200", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 299.153828] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 299.158950] ? __kernfs_new_node+0xe7/0x580 [ 299.163286] ? graph_lock+0x170/0x170 [ 299.167092] ? find_held_lock+0x36/0x1c0 [ 299.171158] ? find_held_lock+0x36/0x1c0 [ 299.175228] ? __lock_is_held+0xb5/0x140 [ 299.179310] ? check_same_owner+0x320/0x320 [ 299.183642] ? graph_lock+0x170/0x170 [ 299.187459] ? rcu_note_context_switch+0x710/0x710 [ 299.192399] ? kasan_check_write+0x14/0x20 [ 299.196649] __should_failslab+0x124/0x180 2033/05/18 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 299.200914] should_failslab+0x9/0x14 [ 299.204725] kmem_cache_alloc+0x2af/0x760 [ 299.208886] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 299.213919] __kernfs_new_node+0xe7/0x580 [ 299.218077] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 299.222843] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 299.228388] ? kernfs_link_sibling+0x1d2/0x3b0 [ 299.232987] ? kernfs_add_one+0x16f/0x620 [ 299.237145] ? kernfs_activate+0x2a0/0x2a0 [ 299.241380] kernfs_new_node+0x80/0xf0 [ 299.245264] __kernfs_create_file+0x4d/0x330 [ 299.249671] sysfs_add_file_mode_ns+0x21a/0x560 [ 299.254359] internal_create_group+0x282/0x970 [ 299.258945] sysfs_create_group+0x1f/0x30 [ 299.263081] lo_ioctl+0x1771/0x2190 [ 299.266703] ? lo_rw_aio_complete+0x430/0x430 [ 299.271187] blkdev_ioctl+0x9b6/0x2020 [ 299.275062] ? blkpg_ioctl+0xc40/0xc40 [ 299.278941] ? lock_downgrade+0x8e0/0x8e0 [ 299.283082] ? kasan_check_read+0x11/0x20 [ 299.287224] ? rcu_is_watching+0x85/0x140 [ 299.291377] ? rcu_report_qs_rnp+0x790/0x790 [ 299.295784] ? __fget+0x40c/0x650 [ 299.299230] ? expand_files.part.8+0x9a0/0x9a0 [ 299.303797] ? trace_hardirqs_off+0xd/0x10 [ 299.308025] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 299.313119] block_ioctl+0xee/0x130 [ 299.316734] ? blkdev_fallocate+0x400/0x400 [ 299.321046] do_vfs_ioctl+0x1cf/0x16f0 [ 299.324921] ? rcu_pm_notify+0xc0/0xc0 [ 299.328798] ? ioctl_preallocate+0x2e0/0x2e0 [ 299.333195] ? fget_raw+0x20/0x20 [ 299.336634] ? putname+0xf2/0x130 [ 299.340072] ? rcu_read_lock_sched_held+0x108/0x120 [ 299.345080] ? kmem_cache_free+0x25c/0x2d0 [ 299.349304] ? putname+0xf7/0x130 [ 299.352750] ? do_sys_open+0x3c3/0x740 [ 299.356631] ? security_file_ioctl+0x94/0xc0 [ 299.361033] ksys_ioctl+0xa9/0xd0 [ 299.364477] __x64_sys_ioctl+0x73/0xb0 [ 299.368355] do_syscall_64+0x1b1/0x800 [ 299.372227] ? finish_task_switch+0x1ca/0x840 [ 299.376707] ? syscall_return_slowpath+0x5c0/0x5c0 [ 299.381623] ? syscall_return_slowpath+0x30f/0x5c0 [ 299.386543] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 299.391898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 299.396734] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.401909] RIP: 0033:0x455877 [ 299.405081] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 299.424403] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 299.432100] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 299.439356] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 299.446609] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:12 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./fily0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 299.453872] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 299.461128] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000010 2033/05/18 03:34:12 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000000)) dup2(r1, r3) 2033/05/18 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e678800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:13 executing program 1 (fault-call:0 fault-nth:17): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:13 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) utimes(&(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)={{}, {r2, r3/1000+10000}}) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:13 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x7, 0x4, 0x8, 0x8}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x5, 0x381b, 0x8, 0x8, 0xffffffffffffffff, 0x1}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000380)=""/200}, 0x18) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000040)={{0x11, @dev={0xac, 0x14, 0x14, 0x1a}, 0x4e21, 0x1, 'lblcr\x00', 0x2, 0x6, 0x75}, {@rand_addr=0x1f, 0x4e23, 0x0, 0x6, 0x5, 0x10000000}}, 0x44) 2033/05/18 03:34:13 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e671000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:13 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x200000, 0x0) r3 = userfaultfd(0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000000)=0xce47, 0x4) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000000000)) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r3, r3) 2033/05/18 03:34:13 executing program 5: sendmsg$alg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000340)="d2d2b7bf3c547ca55b450a644a37857b2f9bff4e396c33167db2d8bf001a851c6e16b60c822e4198df9c6c648c52c87c6fa0a3f1040e1a1737263d96938142152040ececd644274603d1ab4f7097267aa1db8803d6eccb5780b4f28986dd9fce416007dd58736289d698a35aaf37f515e3c52f77b6d6dda5a41ec9d5a594465e984a7d40251b74c78b01bc9a69946e3f69b27b6655ee980e440d0306d0edcdc9d99f93229b62f4ec56826b43a331b1fe3d29c68f458761c0527610a00b12a2b8ec4e26f63745038436d3817e8590250170d46bdf7196fe94c1c862d8f68ff3f096e2e8a86d506a3c5719ab9f665ed30530d3c08b6c4966f77fe13c51aa640a4a4ac6109424b72ee2280b8eaf000e18c67b6fdf479800b6f0b79707a7f49ae0a2c9867ad155b314b3a771752284b3c46dc0eed6af666a1f48c212b0acef45ca6fb4fd4e2121ab7fd4cf5179fea647f01b395b13b6e15ba547bd8a0d50f93cf2b3104a84a4783da0a96156b8f70559a50eccf33302706af387a408db5660c934c6398ed7463dfd1f218294f3798e499092a8837d25a243b29a9c2fc7ef1c51e956075b9d2e7c0bbbd9dcf6e1e79164472367fa5252cfcad312b9cfe2cdfab319a5cc9c794338ad8f8cbac04c627129990fdb2670ede015de9808d06188af8967398a55804ce019131bcbdebc30647c526a0e7cc3c45360a0cf793815a9a34af98901a6bf1500af7f7de7fc0e567bade21ac1d74f26da08584a0f7d77b1ec5d74808253ecfba43222abe84e4b5a24aa162d150a75ccc5c16949f09602e09e6d01cbdedfcade5776ce87d313d5d1811a1a362b2f4847fd676c91bf539259209bd8c3eef11b500a5d00018cc8ee58877fb7214e0f98be10ac541d5c3a15b8118b7614248300b530b103d324106d68a92946a467dc80dc5558145647bf2b87fbd15fb0d3946f5469ca89b66b477f378743cb8a31905f731a48633c8dcf7f68c4313288836fd8aac63254aaaa5d2a9105efc9fd6afc142f1a165333ab8395f1f6b78831595967960955dd6999c46bca1c1ec9d0ec06bbd53a78275728cee58c1e31452b09a29f5e26484cf752e47cb9db554837b3c835049d626fd2f3f79d1a691e66cf68e7cd876bde8c8e1d91fbfd41125fe455ed335e91a2c7e4734b2742ea189bac10feb3e21c2ffdc1639b36693e7273319e9f6a3628be6e4e6810647f368c6565fc3bc36dff2c49959d4e03926739625332cd38b450c14eb8989470e3f2672281a8c9e1ed71255ffb8fd15c9a6cd6f83602fb33661f4ff9c5e6d4bd5cad7398faa1b5fea188d42ce3a8c1bed1ceecec990ce64a51af0f114740799779747af6dcd4b534d7b1bbf1c49246c685c16a3fff7cb6724815bab9f8b386b48b5a39b6028b4243522d3937d5c89ffd243b864a30b4d77e0adabbef799960b4881b0574d02c8a3438e1f651044e09b676f06654ad265bf56e29fa5a06c634b1776cf4fb15d32c0b6eb22cee2a9240590e44032d42f6d9d5ae9d4976945f7e19ab86a84ce939d63a1377a5be92c2307b8bbe3c83a929d3c20742bdff76f97944d9b438fc75d75db46be5a73c554a7767df2d19a7273c4c629e755776591215fff0f0dbbae5a71fc9dce7736c3706e4ef958e0995388b1e96a6aedb6f4f9292b1fb076da1d715cdd98addeed6cdd9bba63f77c8aac429eafdfc09f466eb373a1ade6da6b0db8a283755afb0109e102fd21ff82c9c45ec6d74458305d94dffa8ffd810377e64827d6ca2fa188ddd0920ef5db4a0dd1ddf0c1f98aa42907f95f326f8f69a371dc5242be8d464725bc118983ccbe790a6618bfd4f804432dfd3cd727aa723efd81dfe06bba17da40563f0c5b66636f26612e85c268405609aad283150c6cc34879b5d70df037ab20f59ca4935c94f7939f0f5ac748b9ffce661a7bc9abd04678c4cc832e94f8fb4515a7632202efd70af3d0d6151cd55792f4ce792d0fe93e80f0f0ad4cd7c01e594ea0e1241024fc00fd2da7e5b7fae57e0822e26d9ae29b5a6363f00b3d6ac9cd2ebc8fcf06e7b9f40767f0302484b3c3fdd3d3bddccdd2da700ed57fc29528903393bcd8218d0fae2a8c2dc8816fd68a9338112c5861bae450ecd5be56be201681f5b426bae096d815fb5e38cf2f3de73b2c77d9dd14d9b7fd3ddada76cd626384153c4f4e4e33343030f75dbf7e6abb3d458910cb6c2c4655c9662af0a7209c4259a5333e5e7236b8f8f471c755b76578c187c20f01d387ea9563a8a5fbcda2839ab4d6cd710fce95e19674a9bf3f44b700d52653b3e20a5c3252d8d6adda34af0171ead0011b18de841375be3a9957b850ced9e152a1244dc497c137dbc7f0c6fa5f5d6d32bd5dfe9e5b97116f396441304b999ea4e39f9e60cedf6003e411910feb9e51531d2df7af9464370d522964b2fa1b0286af0779d2beae9a984a086b7441d68f673046af4628bcd54a0ac9c18392bbd5ed2b5a102729fc4fb83356f8d2216a0ce1c533a63a5740ac0da3293fad0574ad94fe1834e393fc17ac9c1b72f5907f5667c11c46ad1dab69cd2c25d735b32329b94bebe6b3b65248b0885bce2a6778a395307b0d2d0dbe6b5e3c0086c2472636b634ba5e9fb32413503397f787b7530c1ce3b178ac8eee4ccf03b701b5fa343070e2dc10d8a013cae0d4eb564084a1e4dcce48130c174aed19dbc76186292c6d1efeacf8ceffdd9d988aef86b4bc354d50790252c396f0119de562c35a1f5bba208b3703c59c4bdecc903ef0f5c3a83e9638829ee92817995fc24a2c1cd9876e97dbe1ea8ace395d224267d0c7d50d0ad991a2e85ff7cb83e23b4ec6e49151bfcdf831375c82f08ce393497ab2b7a2d0d1ee2887c81cd1f735264b79db4fcc5c984c28a7963584ab65dac1d5bf6c0c5c5788f5702523b880cb6099ef56a36d3d2942412b2c2cd030926d6fc9841de4b029677678148c37b22f3b2b83ef56bfea6e798167d2db547c8b64cdf64af90206dd8e5ab5acc8724351377eb47f619477e5c4d0ff537705abbf2297cc3e05488273b5230d18365f9225ac0220ef51501e11131401893707f20da62e2116b9677adf45b795fd40b73344fdf3b11e86cb3720e86397b66c3cfbdf30690d7820ecccb9ff1128aa4a35fb0e01573fd62c275c109094b4e1c1fec56384715badf7b99889b0ba660e008c63f67a0ac8afa1c65fac0ddf7780113fa74bd302492631fe847d1be6cf82e3a46fb657e479b64c4647c4617c9956a77cd5db46c74b5579912f69c633d84bfa7c81fd9f3f84dfda7e930b6f02d82ed3be50cac3dc0e313d32d47d7ff18743d8f21a3b6c3ee35c4ff3c1eb7387ad9210cbeff58623fda5496391bfa21fbbcf2377621fb4a47b0bbf969704e5c34e49a8e02eef6cba6454eeb7fc38f21b8e0cfee0d2d7d4f9dd8f612f01de5f9be6b36a8f101a717a3c986804f54e9c10411f3792563e0e2cf0783cf01dbf8994475911640766dce58b787182d81ad2510026a4b8fbff96322f07bc616dbf861ff9c8ce0526cfe96797c48800f41a68b3a0cc3caf18913af60784ca54c89726a97965db9e24fee600bf74d4ff16d8ae60a31e7022cd8cbea65c5881fc2f1fa42fbc6bdeb2610fe558da4d6e8adc80470065b17e30dca82572d424ecd838fb4bb0cea67557aed465600759dcd55824ae4752dffa67908c099ab0af82ecf0ccaeb74e1a4455e5bd84d6e19aff10c5b0040b4fba6407f10630ffff4d71a5fbede849b5e143ceed4ce18a53e7181bee200a65e8620229ab8f795c0107b22be14e8a2d47aaed3f833037ae8deb7411486944d7a062fb2cbe5b360559835852636ec003f31c73b42dcafc0477e97a43cdac0a3f411fcb64c54ed59164ed0ce968acfbc1b4872c40682e97627034504ed512d293282028503ac2d21a56f9249622173e7a3cd7d42eacbebf6c1cb0ec35240e4ecca6ca1d0ee312f2971f36400c1fff3c36270f4b7bf20df5cc2e7d455eb61e20dcda0691c9c07257252ef674caab6d14fbf227b033a461298110cbde7561e9a5b1cecf32e94e28df2e1fb9202c71560425d7640fa1b3738e52b0f29e176a1cb37e4a31beb41c3d920e9d3de136e5273cad51e73749e347cd8c4578ee911fc211b085b06dd5cc7c8c765a2e55ab175d22e284cc2052e46f6b879d3e4a96995130016110ad077aef6f2afacdef45fccbe0f269b13edb12347f33aaa2e6fa12058e7bc31693d5d3d26f670027701158b36f5888e9ffea4421f949e643a509226ac879deb377ff284d2864e1d163521d24bec95692bf487abc3d1eb2cefe19d4be377f89747a3a5cbaebafd449b109f4bda29615b82e1475b0087e0f80c91826e2503c5ccbc8477b983024c3dadea30e4c2e2aa5981bc899b9d9fee9a70778e51420b5c82ec6c8d4ef672105eb10a70c98932f179a6d57d824299ea2e4a846f52fc6a7345786dd3e6219eaab42eecd270e3c7fda18f41fb3f1867c4bfbb8bdc72c37925ec01803e218ba91a13241179c5b82e0570b080cba31ec93d026f3addfc5a475b28f23c0eefe0a1c27102b3b5348187e1bb57682b4ffb640c5f9eea4f600d720bcddc92fe143247e812c48e2d7fa4f446d06e5712", 0xcc4}], 0x1}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="920fb0"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x4000000000000000, 0x107000, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$ARPT_SO_GET_INFO(r3, 0x0, 0x60, &(0x7f0000000140)={'filter\x00'}, &(0x7f0000000000)=0x44) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f000001bfc8)={&(0x7f0000db4000)={0x10}, 0xc, &(0x7f00006bcff0)={&(0x7f000013e000)=@ipv6_newroute={0x2c, 0x18, 0x301, 0x0, 0x0, {0xa}, [@RTA_ENCAP_TYPE={0x8, 0x15, 0x6}, @RTA_ENCAP={0x8, 0x16, @nested={0x4}}]}, 0x2c}, 0x1}, 0x0) 2033/05/18 03:34:13 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:13 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x16, r3, &(0x7f0000000600)="df0275", 0x3) [ 300.580793] FAULT_INJECTION: forcing a failure. [ 300.580793] name failslab, interval 1, probability 0, space 0, times 0 [ 300.591200] netlink: 'syz-executor5': attribute type 21 has an invalid length. [ 300.592144] CPU: 1 PID: 20517 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 300.606364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.615718] Call Trace: [ 300.618307] dump_stack+0x1b9/0x294 [ 300.621925] ? dump_stack_print_info.cold.2+0x52/0x52 [ 300.627105] ? perf_trace_lock_acquire+0xe3/0x980 [ 300.631941] ? mutex_trylock+0x2a0/0x2a0 [ 300.636003] should_fail.cold.4+0xa/0x1a [ 300.640064] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 300.645160] ? graph_lock+0x170/0x170 [ 300.648954] ? find_held_lock+0x36/0x1c0 [ 300.653017] ? __lock_is_held+0xb5/0x140 [ 300.657083] ? check_same_owner+0x320/0x320 [ 300.661390] ? graph_lock+0x170/0x170 [ 300.665178] ? rcu_note_context_switch+0x710/0x710 [ 300.670096] ? kasan_check_write+0x14/0x20 [ 300.674321] __should_failslab+0x124/0x180 [ 300.678546] should_failslab+0x9/0x14 [ 300.682336] kmem_cache_alloc+0x2af/0x760 [ 300.686480] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 300.691487] __kernfs_new_node+0xe7/0x580 [ 300.695625] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 300.700371] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 300.705893] ? kernfs_link_sibling+0x1d2/0x3b0 [ 300.710470] ? kernfs_add_one+0x16f/0x620 [ 300.714609] ? kernfs_activate+0x2a0/0x2a0 [ 300.718835] kernfs_new_node+0x80/0xf0 [ 300.722713] __kernfs_create_file+0x4d/0x330 [ 300.727110] sysfs_add_file_mode_ns+0x21a/0x560 [ 300.731775] internal_create_group+0x282/0x970 [ 300.736353] sysfs_create_group+0x1f/0x30 [ 300.740489] lo_ioctl+0x1771/0x2190 [ 300.744110] ? lo_rw_aio_complete+0x430/0x430 [ 300.748595] blkdev_ioctl+0x9b6/0x2020 [ 300.752471] ? blkpg_ioctl+0xc40/0xc40 [ 300.756357] ? lock_downgrade+0x8e0/0x8e0 [ 300.760498] ? kasan_check_read+0x11/0x20 [ 300.764632] ? rcu_is_watching+0x85/0x140 [ 300.768766] ? rcu_report_qs_rnp+0x790/0x790 [ 300.773173] ? __fget+0x40c/0x650 [ 300.776619] ? expand_files.part.8+0x9a0/0x9a0 [ 300.781189] ? trace_hardirqs_off+0xd/0x10 [ 300.785409] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 300.790502] block_ioctl+0xee/0x130 [ 300.794116] ? blkdev_fallocate+0x400/0x400 [ 300.798425] do_vfs_ioctl+0x1cf/0x16f0 [ 300.802299] ? rcu_pm_notify+0xc0/0xc0 [ 300.806177] ? ioctl_preallocate+0x2e0/0x2e0 [ 300.810574] ? fget_raw+0x20/0x20 [ 300.814013] ? putname+0xf2/0x130 [ 300.817456] ? rcu_read_lock_sched_held+0x108/0x120 [ 300.822458] ? kmem_cache_free+0x25c/0x2d0 [ 300.826684] ? putname+0xf7/0x130 [ 300.830126] ? do_sys_open+0x3c3/0x740 [ 300.834005] ? security_file_ioctl+0x94/0xc0 [ 300.838412] ksys_ioctl+0xa9/0xd0 [ 300.841860] __x64_sys_ioctl+0x73/0xb0 [ 300.845747] do_syscall_64+0x1b1/0x800 [ 300.849622] ? finish_task_switch+0x1ca/0x840 [ 300.854105] ? syscall_return_slowpath+0x5c0/0x5c0 [ 300.859027] ? syscall_return_slowpath+0x30f/0x5c0 [ 300.863947] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 300.869305] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 300.874139] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.879311] RIP: 0033:0x455877 [ 300.882483] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.901813] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 300.909534] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 300.916786] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 300.924039] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:13 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:13 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x7, 0x4, 0x8, 0x8}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x5, 0x381b, 0x8, 0x8, 0xffffffffffffffff, 0x1}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000380)=""/200}, 0x18) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000040)={{0x11, @dev={0xac, 0x14, 0x14, 0x1a}, 0x4e21, 0x1, 'lblcr\x00', 0x2, 0x6, 0x75}, {@rand_addr=0x1f, 0x4e23, 0x0, 0x6, 0x5, 0x10000000}}, 0x44) [ 300.931293] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 300.938546] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000011 2033/05/18 03:34:13 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\x00\x00\r\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:13 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:13 executing program 5: r0 = socket$pptp(0x18, 0x1, 0x2) r1 = dup2(r0, r0) bind$nfc_llcp(r1, &(0x7f000026b000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "7c44d240ab8b4d93290d9b59ae51e68e08a5b49ce171bdb5e883fc5b72ea271156cc197842b4c0c711546634080344d9f496c94237eee17cc6556a858096cb"}, 0x60) bind$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x0, @loopback=0x7f000001}}, 0x20) 2033/05/18 03:34:13 executing program 6: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") socket$packet(0x11, 0x2, 0x300) io_setup(0x20, &(0x7f0000000200)) eventfd2(0x0, 0x0) r1 = perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0xffff, 0x0, 0x0, 0x40000000000, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x332, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) ioctl$sock_inet_SIOCADDRT(r2, 0x890c, &(0x7f0000000600)={0x1, {0x2, 0x4e20, @rand_addr}, {0x2, 0x4e23}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x21}}, 0x44, 0x5, 0x7fff, 0x9976, 0x0, &(0x7f0000000480)='bridge_slave_1\x00', 0x4, 0x7, 0x800}) ioctl$sock_inet_SIOCADDRT(r2, 0x890c, &(0x7f0000000100)={0x5084f74d, {0x2, 0x4e22, @rand_addr}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14}}, {0x2, 0x4e21, @broadcast=0xffffffff}, 0x0, 0x6, 0x0, 0x40, 0x0, 0x0, 0xcf39, 0x80000001, 0x4}) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000180)=""/193, &(0x7f0000000280)=0xc1) r4 = fcntl$dupfd(r3, 0x406, r2) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)="766574683100000000ffffffffffef00", 0x10) r5 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000080)={@remote={0xfe, 0x80, [], 0xbb}, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000800)=0x1, 0xf183b495660287cb) connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x88d9, @loopback={0x0, 0x1}}, 0x1c) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000006c0)={{{@in=@loopback, @in6=@mcast1}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f00000007c0)=0xe8) r6 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x9, &(0x7f0000000880)="c626262c1c95348523bfbb012c0e70ff69c5ffca11458c31fd7cd492d59cdc030cbfcc36e3f71ee3a3b8df4a3eee1db5eab12a8c2fbc616a5a02934542638a418891d7a154145fc5a1a44211f8c76bae820000006a9a4a482161ff00000069447aee43826ae5cb1713db8aa247085b71") sendmmsg(r5, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0c6a756b355c3fc0fbdfffffcd6108f63600ef8076ae5f3ed18c405e334a36bb35c3a0196cfcb2"], 0x10}}], 0x1, 0x0) r7 = geteuid() getpeername$packet(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000440)=0x14) ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f0000000540)={@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, @empty, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x5ec7, 0x20, 0x2, 0x0, 0x2, 0x1400000, r8}) r9 = getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f00000003c0)=0xe8) setresuid(r7, r9, r10) sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2}, 0x10) [ 301.142706] hrtimer: interrupt took 25379 ns [ 301.170999] IPVS: length: 193 != 8 [ 301.252739] IPVS: length: 193 != 1048 2033/05/18 03:34:14 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x10, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67008800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:14 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:14 executing program 5: socket(0xa, 0x2, 0x0) syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x7, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x9, 0x0, 0xfffffffffffffc35) r0 = memfd_create(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0) getsockopt$ax25_buf(r0, 0x101, 0x19, &(0x7f0000000100)=""/20, &(0x7f0000000140)=0x14) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$ASHMEM_GET_NAME(r0, 0x81007702, &(0x7f0000000080)=""/74) 2033/05/18 03:34:14 executing program 1 (fault-call:0 fault-nth:18): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:14 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:14 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x31, 0x0, 0x0, 0x0, @msi={0x3ff, 0x20, 0x3f}}]}) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:14 executing program 6: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") socket$packet(0x11, 0x2, 0x300) io_setup(0x20, &(0x7f0000000200)) eventfd2(0x0, 0x0) r1 = perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0xffff, 0x0, 0x0, 0x40000000000, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x332, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) ioctl$sock_inet_SIOCADDRT(r2, 0x890c, &(0x7f0000000600)={0x1, {0x2, 0x4e20, @rand_addr}, {0x2, 0x4e23}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x21}}, 0x44, 0x5, 0x7fff, 0x9976, 0x0, &(0x7f0000000480)='bridge_slave_1\x00', 0x4, 0x7, 0x800}) ioctl$sock_inet_SIOCADDRT(r2, 0x890c, &(0x7f0000000100)={0x5084f74d, {0x2, 0x4e22, @rand_addr}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14}}, {0x2, 0x4e21, @broadcast=0xffffffff}, 0x0, 0x6, 0x0, 0x40, 0x0, 0x0, 0xcf39, 0x80000001, 0x4}) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000180)=""/193, &(0x7f0000000280)=0xc1) r4 = fcntl$dupfd(r3, 0x406, r2) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)="766574683100000000ffffffffffef00", 0x10) r5 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000080)={@remote={0xfe, 0x80, [], 0xbb}, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000800)=0x1, 0xf183b495660287cb) connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x88d9, @loopback={0x0, 0x1}}, 0x1c) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000006c0)={{{@in=@loopback, @in6=@mcast1}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f00000007c0)=0xe8) r6 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x9, &(0x7f0000000880)="c626262c1c95348523bfbb012c0e70ff69c5ffca11458c31fd7cd492d59cdc030cbfcc36e3f71ee3a3b8df4a3eee1db5eab12a8c2fbc616a5a02934542638a418891d7a154145fc5a1a44211f8c76bae820000006a9a4a482161ff00000069447aee43826ae5cb1713db8aa247085b71") sendmmsg(r5, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0c6a756b355c3fc0fbdfffffcd6108f63600ef8076ae5f3ed18c405e334a36bb35c3a0196cfcb2"], 0x10}}], 0x1, 0x0) r7 = geteuid() getpeername$packet(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000440)=0x14) ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f0000000540)={@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, @empty, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x5ec7, 0x20, 0x2, 0x0, 0x2, 0x1400000, r8}) r9 = getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f00000003c0)=0xe8) setresuid(r7, r9, r10) sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2}, 0x10) [ 301.666346] FAULT_INJECTION: forcing a failure. [ 301.666346] name failslab, interval 1, probability 0, space 0, times 0 [ 301.677745] CPU: 0 PID: 20574 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 301.684677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.694038] Call Trace: [ 301.696639] dump_stack+0x1b9/0x294 [ 301.700280] ? dump_stack_print_info.cold.2+0x52/0x52 [ 301.705480] ? perf_trace_lock_acquire+0xe3/0x980 [ 301.710342] should_fail.cold.4+0xa/0x1a [ 301.714428] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 301.719552] ? graph_lock+0x170/0x170 [ 301.723369] ? find_held_lock+0x36/0x1c0 [ 301.727444] ? __lock_is_held+0xb5/0x140 [ 301.731510] ? check_same_owner+0x320/0x320 [ 301.735816] ? graph_lock+0x170/0x170 [ 301.739606] ? rcu_note_context_switch+0x710/0x710 [ 301.744524] ? kasan_check_write+0x14/0x20 [ 301.748747] __should_failslab+0x124/0x180 [ 301.752976] should_failslab+0x9/0x14 [ 301.756767] kmem_cache_alloc+0x2af/0x760 [ 301.760909] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 301.765920] __kernfs_new_node+0xe7/0x580 [ 301.770062] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 301.774819] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 301.780343] ? kernfs_link_sibling+0x1d2/0x3b0 [ 301.784932] ? kernfs_add_one+0x16f/0x620 [ 301.789070] ? kernfs_activate+0x2a0/0x2a0 [ 301.793295] kernfs_new_node+0x80/0xf0 [ 301.797173] __kernfs_create_file+0x4d/0x330 [ 301.801574] sysfs_add_file_mode_ns+0x21a/0x560 [ 301.806238] internal_create_group+0x282/0x970 [ 301.810905] sysfs_create_group+0x1f/0x30 [ 301.815043] lo_ioctl+0x1771/0x2190 [ 301.818667] ? lo_rw_aio_complete+0x430/0x430 [ 301.823166] blkdev_ioctl+0x9b6/0x2020 [ 301.827054] ? blkpg_ioctl+0xc40/0xc40 [ 301.830931] ? lock_downgrade+0x8e0/0x8e0 [ 301.835076] ? rcu_is_watching+0x85/0x140 [ 301.839236] ? rcu_report_qs_rnp+0x790/0x790 [ 301.843646] ? __fget+0x40c/0x650 [ 301.847109] ? expand_files.part.8+0x9a0/0x9a0 [ 301.851682] ? trace_hardirqs_off+0xd/0x10 [ 301.855905] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 301.861000] block_ioctl+0xee/0x130 [ 301.864621] ? blkdev_fallocate+0x400/0x400 [ 301.868934] do_vfs_ioctl+0x1cf/0x16f0 [ 301.872807] ? rcu_pm_notify+0xc0/0xc0 [ 301.876686] ? ioctl_preallocate+0x2e0/0x2e0 [ 301.881082] ? fget_raw+0x20/0x20 [ 301.884553] ? putname+0xf2/0x130 [ 301.888252] ? rcu_read_lock_sched_held+0x108/0x120 [ 301.893258] ? kmem_cache_free+0x25c/0x2d0 [ 301.897484] ? putname+0xf7/0x130 [ 301.900930] ? do_sys_open+0x3c3/0x740 [ 301.904809] ? security_file_ioctl+0x94/0xc0 [ 301.909210] ksys_ioctl+0xa9/0xd0 [ 301.912657] __x64_sys_ioctl+0x73/0xb0 [ 301.916539] do_syscall_64+0x1b1/0x800 [ 301.920414] ? finish_task_switch+0x1ca/0x840 [ 301.924896] ? syscall_return_slowpath+0x5c0/0x5c0 [ 301.929816] ? syscall_return_slowpath+0x30f/0x5c0 [ 301.934735] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 301.940092] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 301.944929] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.950112] RIP: 0033:0x455877 2033/05/18 03:34:14 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 301.953285] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 301.972647] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 301.980350] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 301.987611] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 301.994868] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 302.002126] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 302.009880] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000012 2033/05/18 03:34:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 302.027173] IPVS: length: 193 != 8 2033/05/18 03:34:14 executing program 1 (fault-call:0 fault-nth:19): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:14 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 302.148340] FAULT_INJECTION: forcing a failure. [ 302.148340] name failslab, interval 1, probability 0, space 0, times 0 [ 302.159835] CPU: 0 PID: 20591 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 302.166769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.176125] Call Trace: [ 302.178719] dump_stack+0x1b9/0x294 [ 302.182355] ? dump_stack_print_info.cold.2+0x52/0x52 [ 302.187560] ? kasan_check_write+0x14/0x20 [ 302.191797] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 302.196745] should_fail.cold.4+0xa/0x1a [ 302.200801] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 302.205910] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 302.210832] ? graph_lock+0x170/0x170 [ 302.214627] ? find_held_lock+0x36/0x1c0 [ 302.218681] ? __lock_is_held+0xb5/0x140 [ 302.222742] ? check_same_owner+0x320/0x320 [ 302.227054] ? rcu_note_context_switch+0x710/0x710 [ 302.231988] __should_failslab+0x124/0x180 [ 302.236218] should_failslab+0x9/0x14 [ 302.240019] kmem_cache_alloc_trace+0x2cb/0x780 [ 302.244683] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 302.250220] ? sysfs_add_file_mode_ns+0x22c/0x560 [ 302.255084] ? sysfs_add_file_mode_ns+0x23c/0x560 [ 302.259928] ? device_create_file+0x1e0/0x1e0 [ 302.264412] kobject_uevent_env+0x20f/0xea0 [ 302.268755] ? internal_create_group+0x347/0x970 [ 302.273509] kobject_uevent+0x1f/0x30 [ 302.277299] lo_ioctl+0x17ec/0x2190 [ 302.280918] ? lo_rw_aio_complete+0x430/0x430 [ 302.285400] blkdev_ioctl+0x9b6/0x2020 [ 302.289275] ? blkpg_ioctl+0xc40/0xc40 [ 302.293168] ? lock_downgrade+0x8e0/0x8e0 [ 302.297311] ? rcu_is_watching+0x85/0x140 [ 302.301455] ? rcu_report_qs_rnp+0x790/0x790 [ 302.305859] ? __fget+0x40c/0x650 [ 302.309315] ? expand_files.part.8+0x9a0/0x9a0 [ 302.313892] ? trace_hardirqs_off+0xd/0x10 [ 302.318115] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 302.323209] block_ioctl+0xee/0x130 [ 302.326826] ? blkdev_fallocate+0x400/0x400 [ 302.331135] do_vfs_ioctl+0x1cf/0x16f0 [ 302.335015] ? rcu_pm_notify+0xc0/0xc0 [ 302.338905] ? ioctl_preallocate+0x2e0/0x2e0 [ 302.343300] ? fget_raw+0x20/0x20 [ 302.346741] ? putname+0xf2/0x130 [ 302.350181] ? rcu_read_lock_sched_held+0x108/0x120 [ 302.355191] ? kmem_cache_free+0x25c/0x2d0 [ 302.359412] ? putname+0xf7/0x130 [ 302.362853] ? do_sys_open+0x3c3/0x740 [ 302.366739] ? security_file_ioctl+0x94/0xc0 [ 302.371138] ksys_ioctl+0xa9/0xd0 [ 302.374585] __x64_sys_ioctl+0x73/0xb0 [ 302.378463] do_syscall_64+0x1b1/0x800 [ 302.382338] ? finish_task_switch+0x1ca/0x840 [ 302.386825] ? syscall_return_slowpath+0x5c0/0x5c0 [ 302.391743] ? syscall_return_slowpath+0x30f/0x5c0 [ 302.396663] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 302.402025] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.406863] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 302.412038] RIP: 0033:0x455877 [ 302.415210] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 302.434713] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 302.442419] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 2033/05/18 03:34:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530fc", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 302.449685] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 302.456940] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 302.464194] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 302.471447] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000013 2033/05/18 03:34:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:15 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x13, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:15 executing program 5: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x10000008912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x100000001, 0x10040) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x97a, @dev={0xfe, 0x80, [], 0x10}, 0xfffffffffffffffa}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000340)={r4, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x20}}}, 0x6f, 0x9, 0x40, 0x4, 0x3}, &(0x7f0000000180)=0x98) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000040)=0x800, 0x4) r5 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xd93a, 0x20000) ioctl$TUNSETFILTEREBPF(r5, 0x800454e1, &(0x7f0000000200)=r3) bind$packet(r1, &(0x7f0000000000)={0x11, 0x19, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) close(r1) 2033/05/18 03:34:15 executing program 1 (fault-call:0 fault-nth:20): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:15 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, r1, 0x2) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$DRM_IOCTL_SET_MASTER(r3, 0x641e) dup2(r1, r3) 2033/05/18 03:34:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530ff", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:15 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x400, 0xffffffdfffffffff) 2033/05/18 03:34:15 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x800, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000300)={0x0, 0xb4, "b6aef2dae341e7d8b0b39016eeeff0f76f7d5c1558c1d43ce5886701d20b0367eb64d8dbc090e4989a7f39d266095ae59e666dbaaacaf8067c9d828732fbf7ff9b405c0c5958b7a050485d867036d79871acb136b0020960b4818c529e9a702f9d11f02e1232294d0917c6ece0e119b69b46ffd586d49b345a44cf3d1cf3caecda1739355073d304f710e3bdda9bb500c0f948683a15d93c2d71c65785bd12dd177815385cced26624144a31372633939f6d51d2"}, &(0x7f00000000c0)=0xbc) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000001c0)={r4, 0x38, &(0x7f0000000140)=[@in6={0xa, 0x5, 0x2, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, @in6={0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, [], 0x1e}, 0x7}]}, &(0x7f0000000200)=0x10) ioctl(r2, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=@ipv4_newaddr={0x20, 0x14, 0x11d, 0x0, 0x0, {0x2, 0x3, 0x0, 0x0, r1}, [@IFA_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14}}]}, 0x20}, 0x1}, 0x0) [ 302.780991] FAULT_INJECTION: forcing a failure. [ 302.780991] name failslab, interval 1, probability 0, space 0, times 0 [ 302.792814] CPU: 1 PID: 20620 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 302.799753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.809209] Call Trace: [ 302.811838] dump_stack+0x1b9/0x294 [ 302.815482] ? dump_stack_print_info.cold.2+0x52/0x52 [ 302.820686] ? perf_trace_lock_acquire+0xe3/0x980 [ 302.825553] should_fail.cold.4+0xa/0x1a [ 302.829637] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 302.834759] ? __might_sleep+0x95/0x190 [ 302.838750] ? graph_lock+0x170/0x170 [ 302.842568] ? __mutex_lock+0x7d9/0x17f0 [ 302.846637] ? kobject_uevent_env+0x62e/0xea0 [ 302.851142] ? find_held_lock+0x36/0x1c0 [ 302.855217] ? __lock_is_held+0xb5/0x140 [ 302.859302] ? check_same_owner+0x320/0x320 [ 302.863631] ? rcu_note_context_switch+0x710/0x710 [ 302.868551] ? put_dec+0xf0/0xf0 [ 302.871908] ? format_decode+0x1a9/0xae0 [ 302.875962] __should_failslab+0x124/0x180 [ 302.880186] should_failslab+0x9/0x14 [ 302.883973] kmem_cache_alloc_node+0x272/0x780 [ 302.888550] __alloc_skb+0x111/0x780 [ 302.892253] ? skb_scrub_packet+0x580/0x580 [ 302.896565] ? rcu_report_qs_rnp+0x790/0x790 [ 302.900988] ? netlink_has_listeners+0x2ff/0x4c0 [ 302.905741] ? netlink_tap_init_net+0x3c0/0x3c0 [ 302.910407] kobject_uevent_env+0x801/0xea0 [ 302.914717] ? internal_create_group+0x347/0x970 [ 302.919473] kobject_uevent+0x1f/0x30 [ 302.923261] lo_ioctl+0x17ec/0x2190 [ 302.926881] ? lo_rw_aio_complete+0x430/0x430 [ 302.931365] blkdev_ioctl+0x9b6/0x2020 [ 302.935307] ? blkpg_ioctl+0xc40/0xc40 [ 302.939183] ? lock_downgrade+0x8e0/0x8e0 [ 302.943326] ? kasan_check_read+0x11/0x20 [ 302.947462] ? rcu_is_watching+0x85/0x140 [ 302.951616] ? rcu_report_qs_rnp+0x790/0x790 [ 302.956045] ? __fget+0x40c/0x650 [ 302.959492] ? expand_files.part.8+0x9a0/0x9a0 [ 302.964071] ? trace_hardirqs_off+0xd/0x10 [ 302.968291] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 302.973386] block_ioctl+0xee/0x130 [ 302.977006] ? blkdev_fallocate+0x400/0x400 [ 302.981319] do_vfs_ioctl+0x1cf/0x16f0 [ 302.985191] ? rcu_pm_notify+0xc0/0xc0 [ 302.989069] ? ioctl_preallocate+0x2e0/0x2e0 [ 302.993462] ? fget_raw+0x20/0x20 [ 302.996898] ? putname+0xf2/0x130 [ 303.000343] ? rcu_read_lock_sched_held+0x108/0x120 [ 303.005352] ? kmem_cache_free+0x25c/0x2d0 [ 303.009575] ? putname+0xf7/0x130 [ 303.013063] ? do_sys_open+0x3c3/0x740 [ 303.017047] ? security_file_ioctl+0x94/0xc0 [ 303.021445] ksys_ioctl+0xa9/0xd0 [ 303.024890] __x64_sys_ioctl+0x73/0xb0 [ 303.028771] do_syscall_64+0x1b1/0x800 [ 303.032646] ? finish_task_switch+0x1ca/0x840 [ 303.037128] ? syscall_return_slowpath+0x5c0/0x5c0 [ 303.042046] ? syscall_return_slowpath+0x30f/0x5c0 [ 303.046965] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 303.052326] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.057160] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 303.062333] RIP: 0033:0x455877 2033/05/18 03:34:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530eb", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:15 executing program 6: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="5780d01c", 0x4) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0x7d1, 0x4) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000000c0)=0x3, 0x4) sendto$inet6(r0, &(0x7f0000000280)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e602721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a0e1d0607f57f626a5b8d476636ef1ee76307524009ae49be4db0ab2c8ea0c5ebd1e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408cc4c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669c24c206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb25c89074fcb1bba20c41bddd9ca5cd2f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2ebdfad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c5912a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c906a38cbda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe9bc88fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f400582bd95e5ad802050d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60be632697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20f4774d66c5ae0a0adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5b4967904daf833d91ae9461ef10036f8be", 0x5ad, 0x0, &(0x7f0000809000)={0xa, 0x1000000000004e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x1c) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000200)=""/80, 0x50}, 0x0) 2033/05/18 03:34:15 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x14, r3, &(0x7f0000000600)="df0275", 0x3) [ 303.065505] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 303.084840] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 303.092539] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 303.099791] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 303.107051] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 303.114314] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 303.121570] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000014 2033/05/18 03:34:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000da00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:15 executing program 1 (fault-call:0 fault-nth:21): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:15 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0], 0x4, 0x3, 0x1, 0x1}) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$SG_EMULATED_HOST(r2, 0x2203, &(0x7f0000000180)) dup2(r1, r3) 2033/05/18 03:34:15 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="0047fc2f07d82c99240970") r1 = syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$int_in(r1, 0x80000080044d76, &(0x7f00000000c0)) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x28000, 0x0) read(r1, &(0x7f0000000100)=""/120, 0x78) 2033/05/18 03:34:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") bind$can_raw(r0, &(0x7f0000000140)={0x1d}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0x9, 0x400) ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f00000001c0)) setsockopt$sock_int(r1, 0x1, 0x1000000f, &(0x7f0000000040)=0x8000000100, 0x14d) listen(r1, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200040, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x4) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r4, r1) 2033/05/18 03:34:15 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0xa, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700f400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:15 executing program 6: r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$assume_authority(0x1d, r0) getresuid(&(0x7f0000000000)=0x0, &(0x7f0000000040), &(0x7f0000000080)) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x100) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x200000, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000180)={0xf002, &(0x7f0000000100), 0x8, r3, 0xa}) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4f0, 0x398, 0xc8, 0x2b0, 0xc8, 0x2b0, 0x458, 0x458, 0x458, 0x458, 0x458, 0x6, &(0x7f0000000240), {[{{@uncond, 0x0, 0x98, 0xc8}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1, 0x7, @multicast2=0xe0000002, 0x4e20}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x1, [0xa23, 0x3ff, 0x6, 0xfffffffffffffff7, 0x188, 0x80000000], 0xffffffffffffff90, 0x101, 0x3ff}}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x8}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x34}}}, {{@ip={@broadcast=0xffffffff, @multicast1=0xe0000001, 0xffffffff, 0xff000000, 'veth1_to_team\x00', 'bridge_slave_1\x00', {}, {0xff}, 0xff, 0x2, 0x11}, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@inet=@length={0x28, 'length\x00', 0x0, {0x2e31, 0x4, 0x1}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0x5}}}, {{@ip={@loopback=0x7f000001, @remote={0xac, 0x14, 0x14, 0xbb}, 0xffffffff, 0xffffff00, 'tunl0\x00', 'veth0_to_team\x00', {}, {}, 0x11, 0x2, 0x22}, 0x0, 0x98, 0xc0}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0x0, 0x1}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x550) keyctl$get_persistent(0x16, r1, r0) 2033/05/18 03:34:16 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 303.437856] FAULT_INJECTION: forcing a failure. [ 303.437856] name failslab, interval 1, probability 0, space 0, times 0 [ 303.449189] CPU: 0 PID: 20672 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 303.456131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.465487] Call Trace: [ 303.468102] dump_stack+0x1b9/0x294 [ 303.471750] ? dump_stack_print_info.cold.2+0x52/0x52 [ 303.476955] ? perf_trace_lock_acquire+0xe3/0x980 [ 303.481810] ? kernel_text_address+0x79/0xf0 [ 303.486240] ? __unwind_start+0x166/0x330 [ 303.490408] should_fail.cold.4+0xa/0x1a [ 303.494487] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 303.499609] ? graph_lock+0x170/0x170 [ 303.503419] ? save_stack+0x43/0xd0 [ 303.507054] ? kasan_slab_alloc+0x12/0x20 [ 303.511215] ? find_held_lock+0x36/0x1c0 [ 303.515293] ? __lock_is_held+0xb5/0x140 [ 303.519383] ? check_same_owner+0x320/0x320 [ 303.523734] ? rcu_note_context_switch+0x710/0x710 [ 303.528697] __should_failslab+0x124/0x180 [ 303.532950] should_failslab+0x9/0x14 [ 303.536764] kmem_cache_alloc_node_trace+0x26f/0x770 [ 303.541890] __kmalloc_node_track_caller+0x33/0x70 [ 303.546822] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 303.551566] __alloc_skb+0x14d/0x780 [ 303.555272] ? skb_scrub_packet+0x580/0x580 [ 303.559587] ? rcu_report_qs_rnp+0x790/0x790 [ 303.563996] ? netlink_has_listeners+0x2ff/0x4c0 [ 303.568764] ? netlink_tap_init_net+0x3c0/0x3c0 [ 303.573428] kobject_uevent_env+0x801/0xea0 [ 303.577739] ? internal_create_group+0x347/0x970 [ 303.582490] kobject_uevent+0x1f/0x30 [ 303.586281] lo_ioctl+0x17ec/0x2190 [ 303.589904] ? lo_rw_aio_complete+0x430/0x430 [ 303.594386] blkdev_ioctl+0x9b6/0x2020 [ 303.598263] ? blkpg_ioctl+0xc40/0xc40 [ 303.602138] ? lock_downgrade+0x8e0/0x8e0 [ 303.606288] ? kasan_check_read+0x11/0x20 [ 303.610423] ? rcu_is_watching+0x85/0x140 [ 303.614557] ? rcu_report_qs_rnp+0x790/0x790 [ 303.618961] ? __fget+0x40c/0x650 [ 303.622424] ? expand_files.part.8+0x9a0/0x9a0 [ 303.626993] ? trace_hardirqs_off+0xd/0x10 [ 303.631228] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 303.636322] block_ioctl+0xee/0x130 [ 303.639934] ? blkdev_fallocate+0x400/0x400 [ 303.644243] do_vfs_ioctl+0x1cf/0x16f0 [ 303.648119] ? rcu_pm_notify+0xc0/0xc0 [ 303.652000] ? ioctl_preallocate+0x2e0/0x2e0 [ 303.656409] ? fget_raw+0x20/0x20 [ 303.659862] ? putname+0xf2/0x130 [ 303.663303] ? rcu_read_lock_sched_held+0x108/0x120 [ 303.668305] ? kmem_cache_free+0x25c/0x2d0 [ 303.672528] ? putname+0xf7/0x130 [ 303.675973] ? do_sys_open+0x3c3/0x740 [ 303.679855] ? security_file_ioctl+0x94/0xc0 [ 303.684253] ksys_ioctl+0xa9/0xd0 [ 303.687699] __x64_sys_ioctl+0x73/0xb0 [ 303.691577] do_syscall_64+0x1b1/0x800 [ 303.695448] ? finish_task_switch+0x1ca/0x840 [ 303.699931] ? syscall_return_slowpath+0x5c0/0x5c0 [ 303.704849] ? syscall_return_slowpath+0x30f/0x5c0 [ 303.709776] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 303.715132] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.719965] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 303.725139] RIP: 0033:0x455877 [ 303.728309] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 303.747652] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 303.755350] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 303.762603] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 303.769856] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 303.777109] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 2033/05/18 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000009d00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:16 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) futimesat(r0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000480)={{}, {r2, r3/1000+30000}}) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) r4 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) ioctl$ASHMEM_GET_PIN_STATUS(r4, 0x7709, 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) r5 = msgget(0x0, 0x221) getresuid(&(0x7f0000000040), &(0x7f0000000440), &(0x7f0000000400)=0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000001c0)={{{@in=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f00000002c0)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000340)=0xc) msgctl$IPC_SET(r5, 0x1, &(0x7f0000000380)={{0x3, r6, r7, r8, r9, 0x9, 0x12}, 0x40, 0x9, 0xfffffffffffffff8, 0x7, 0x1, 0xd8d, r1, r1}) 2033/05/18 03:34:16 executing program 6: sendmmsg(0xffffffffffffffff, &(0x7f000000f580)=[{{&(0x7f0000000040)=@ax25={0x3, {"30a8a921a78c98"}}, 0x80, &(0x7f0000000340), 0x0, &(0x7f00000001c0)}}], 0x1, 0x0) r0 = getpid() getpgrp(r0) r1 = gettid() ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) rt_tgsigqueueinfo(r1, r2, 0x4, &(0x7f00000000c0)={0x2, 0x1, 0x7, 0x2}) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f3, &(0x7f0000000180)={"76e6090079334050bd32b239a300", &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000003917af032a8d34d9b8ecaf1ddeac1c888f8584cf31eadd5314e54c6cf520514a8f5418fa04c25e36a6de38571a5ab2da7bf1cc1bdb67c1991bd88f096cd599eed6bdd750e071311b8f7d98442a783ded5eca9978d334233823aab207"]}) 2033/05/18 03:34:16 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 303.784362] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000015 2033/05/18 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000da00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:16 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:17 executing program 1 (fault-call:0 fault-nth:22): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x19) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r1, &(0x7f0000000000)={0x3}) 2033/05/18 03:34:17 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = dup2(r0, r0) sendto$ax25(r1, &(0x7f0000000040)="e0d656f422ee5f255ccd7dcfb3d298402777deb9b2053e0aed9e3bda13cf9309da3e3e9e3fa3bdd15515b44ded24983c89f349e41beb69f81b1bffe5fc2d8b02370c9d4d23495928f12b629a104fc52b20e2b724d42da0e490153dd21e723be6e6694a23c0a38a2945a90e934138572192c738ee", 0x74, 0x80, &(0x7f00000000c0)={0x3, {"83f215dd9df5c3"}, 0x1}, 0x10) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r2 = syz_open_pts(r0, 0x20201) fcntl$setstatus(r2, 0x4, 0x102800) fdatasync(r1) ioctl$TCXONC(r2, 0x540a, 0x0) write(r2, &(0x7f0000000000)="d5", 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000698000)=0x3) dup3(r2, r0, 0x0) 2033/05/18 03:34:17 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x8, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:17 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c653010", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700da00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:17 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) readahead(r0, 0x9f28, 0x3ff) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:17 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x800) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x7912, @dev={0xfe, 0x80, [], 0x18}, 0x7}}, [0x4, 0x1, 0x0, 0xffffffffffff0d33, 0x10000, 0x6, 0x8, 0x1f44e095, 0x6, 0x100000000, 0x2, 0x10000, 0x10001, 0x0, 0xfffffffffffff0cd]}, &(0x7f00000000c0)=0x100) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0xffffffffffff7fff, 0x1, 0xff, 0xffffffff, r4}, 0x10) r5 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000002c0)={'vcan0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f0000000400)=0xe8) accept4$packet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000480)=0x14, 0x80800) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in6, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f00000005c0)=0xe8) getpeername$packet(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000640)=0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000940)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80100400}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)={0x24c, r5, 0x10, 0x70bd29, 0x25dfdbfe, {0x3}, [{{0x8, 0x1, r6}, {0x7c, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r8}, {0x1ac, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x401}}}, {0x7c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x4c, 0x4, [{0x1, 0xffffffffffffffdb, 0x9}, {0x100, 0x2, 0x2c25, 0x450}, {0x40000000000000, 0x2, 0xb91, 0x2f19}, {0x1, 0x7, 0x1, 0x401}, {0x1, 0x4, 0x4, 0x1ff}, {0x5, 0x5, 0x1, 0xf11}, {0x7fff, 0x3, 0x2, 0x8}, {0x5, 0x3, 0x200, 0x7}, {0x32d, 0x0, 0x7, 0x8}]}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r10}}, {0x8, 0x7}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}]}}]}, 0x24c}, 0x1, 0x0, 0x0, 0xc000}, 0x10) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) [ 304.987935] FAULT_INJECTION: forcing a failure. [ 304.987935] name failslab, interval 1, probability 0, space 0, times 0 [ 304.999294] CPU: 1 PID: 20731 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 305.006230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.015600] Call Trace: [ 305.018210] dump_stack+0x1b9/0x294 [ 305.021860] ? dump_stack_print_info.cold.2+0x52/0x52 [ 305.027064] ? perf_trace_lock_acquire+0xe3/0x980 [ 305.031932] should_fail.cold.4+0xa/0x1a [ 305.036008] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 305.041113] ? graph_lock+0x170/0x170 [ 305.044906] ? kernel_text_address+0x79/0xf0 [ 305.049306] ? __unwind_start+0x166/0x330 [ 305.053444] ? __kernel_text_address+0xd/0x40 [ 305.057927] ? find_held_lock+0x36/0x1c0 [ 305.061985] ? __lock_is_held+0xb5/0x140 [ 305.066060] ? check_same_owner+0x320/0x320 [ 305.070370] ? blkdev_ioctl+0x9b6/0x2020 [ 305.074433] ? block_ioctl+0xee/0x130 [ 305.078222] ? do_vfs_ioctl+0x1cf/0x16f0 [ 305.082270] ? rcu_note_context_switch+0x710/0x710 [ 305.087185] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 305.092537] __should_failslab+0x124/0x180 [ 305.096777] should_failslab+0x9/0x14 [ 305.100574] kmem_cache_alloc+0x2af/0x760 [ 305.104735] skb_clone+0x1ed/0x4f0 [ 305.108263] ? refcount_add_not_zero+0x2b0/0x320 [ 305.113007] ? skb_split+0x11d0/0x11d0 [ 305.116890] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 305.121895] ? netlink_trim+0x1b2/0x370 [ 305.125864] ? netlink_skb_destructor+0x210/0x210 [ 305.130717] ? cleanup_uevent_env+0x40/0x40 [ 305.135042] netlink_broadcast_filtered+0x1024/0x1580 [ 305.140228] ? __netlink_sendskb+0xd0/0xd0 [ 305.144459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 305.149985] ? refcount_inc_not_zero+0x1dd/0x2d0 [ 305.154734] ? refcount_add_not_zero+0x320/0x320 [ 305.159484] ? cleanup_uevent_env+0x40/0x40 [ 305.163797] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 305.168802] kobject_uevent_env+0x6e4/0xea0 [ 305.173111] ? internal_create_group+0x347/0x970 [ 305.177868] kobject_uevent+0x1f/0x30 [ 305.181657] lo_ioctl+0x17ec/0x2190 [ 305.185277] ? lo_rw_aio_complete+0x430/0x430 [ 305.189761] blkdev_ioctl+0x9b6/0x2020 [ 305.193636] ? blkpg_ioctl+0xc40/0xc40 [ 305.197512] ? lock_downgrade+0x8e0/0x8e0 [ 305.201670] ? kasan_check_read+0x11/0x20 [ 305.205816] ? rcu_is_watching+0x85/0x140 [ 305.209953] ? rcu_report_qs_rnp+0x790/0x790 [ 305.214358] ? __fget+0x40c/0x650 [ 305.217806] ? expand_files.part.8+0x9a0/0x9a0 [ 305.222376] ? trace_hardirqs_off+0xd/0x10 [ 305.226595] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 305.231694] block_ioctl+0xee/0x130 [ 305.235309] ? blkdev_fallocate+0x400/0x400 [ 305.239619] do_vfs_ioctl+0x1cf/0x16f0 [ 305.243492] ? rcu_pm_notify+0xc0/0xc0 [ 305.247379] ? ioctl_preallocate+0x2e0/0x2e0 [ 305.251777] ? fget_raw+0x20/0x20 [ 305.255214] ? putname+0xf2/0x130 [ 305.258653] ? rcu_read_lock_sched_held+0x108/0x120 [ 305.263660] ? kmem_cache_free+0x25c/0x2d0 [ 305.267887] ? putname+0xf7/0x130 [ 305.271331] ? do_sys_open+0x3c3/0x740 [ 305.275213] ? security_file_ioctl+0x94/0xc0 [ 305.279612] ksys_ioctl+0xa9/0xd0 [ 305.283057] __x64_sys_ioctl+0x73/0xb0 [ 305.286935] do_syscall_64+0x1b1/0x800 [ 305.290820] ? finish_task_switch+0x1ca/0x840 [ 305.295305] ? syscall_return_slowpath+0x5c0/0x5c0 [ 305.300224] ? syscall_return_slowpath+0x30f/0x5c0 [ 305.305149] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 305.310513] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 305.315348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 305.320533] RIP: 0033:0x455877 2033/05/18 03:34:17 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000012000)='/dev/snd/controlC#\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000), 0x2}, 0x100000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x100, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f0000000040)={{0xffffffffffffffff, 0x0, 0x0, 0x2, 0xe7}, 0x3f, 0x6, 'id0\x00', 'timer1\x00', 0x0, 0x4, 0x2ea6, 0x9, 0x7}) ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x0, 0x3, 0x9, 0x9, 0x7, 0x7, 0x80000000, 0x4, 0x1f, 0x81}) r3 = dup3(r1, r2, 0x80000) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={r3, 0x6, 0x0, 0x6, &(0x7f0000000340)=[0x0], 0x1}, 0x20) sendmsg$nl_netfilter(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xa0008}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xf0, 0x7, 0x0, 0x10, 0x70bd25, 0x25dfdbfe, {0x1, 0x0, 0xa}, [@generic="393ccb23b9dbb3a312e70418cd20ed2b91e66f649dc543d589cd4084f4292f2a8b", @generic="3c1ddbb1302881681c6f2a8b8b628e05fcd64d103aa61c89ac1488454962ab7407f2145ede0e4d0b38b4d8b3c4b7e9fe897e3fbbea2fae4fba6b15546c4d25ac4d726d4795532dd444e30f39786451c72daf36d46a3c5f1f44601b60bda641d13445f69c9c", @typed={0xc, 0x6d, @u64=0x8}, @generic="0d93d6a86659726b2f52ee8ce88ac873b8e12d9826046f2101833aca34c377db1a864bf9588c1037268fb6c61a05d9f1d21c1619e83f6e35a2fcaf9006cdac7b5031f65273332e"]}, 0xf0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000004) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105517, &(0x7f0000001000)) 2033/05/18 03:34:17 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530ff", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 305.323717] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 305.343058] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 305.350754] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455877 [ 305.358014] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 305.365273] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 305.372528] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 305.379790] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000016 2033/05/18 03:34:17 executing program 2: r0 = getpid() socket$vsock_stream(0x28, 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x807fc) memfd_create(&(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x2) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0xfffffffffffffffd}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000013000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f0000000040)={0x2, "ce89"}, 0x3) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}, 0x3}) ioctl$FIONREAD(r2, 0x541b, &(0x7f00000001c0)) dup2(r1, r3) 2033/05/18 03:34:18 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530ff", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:18 executing program 6: r0 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"69df01010000ffffffffffff0400005d", 0x103}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x40000, 0x0) r2 = socket$vsock_dgram(0x28, 0x2, 0x0) r3 = socket$vsock_dgram(0x28, 0x2, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, &(0x7f0000000200)={'lo\x00', {0x2, 0x4e23, @rand_addr=0x1}}) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0400030000000000", @ANYPTR=&(0x7f0000000240)=ANY=[@ANYBLOB="0973659e7a7f1c56712ad65a435b95900ad9d878a47d4b26e1667ef8e5af27758b4e8d8dc0e2b96ea51599beb4b3a79c9386167abf8627909b20dcffbc4a3fa4a5b24fc986ee53ef78eee5f3e965b41e7863a13bdbbed87b136eaf3234524377fd3e0d025185c163610c64dda17070669378019111427ad2345debaf6014382dcadc2d3310e7634f4c37baf38c75e4abdc2c3f644d2dc87767a314ab61b3f00553ca0c97a969b135ad5428f6f896df18aaa2925d8ac517080fb15eb6476a85caa5b8dc42f1f93c862dbe25a9f40dee40000000000000000000000000"], @ANYBLOB="0503ff7f010077ca0000000040400000"]) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = dup3(r4, r0, 0x0) ioctl$EVIOCGBITSW(r1, 0x80404525, &(0x7f0000000340)=""/242) r6 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x88000, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000100)={r6}) 2033/05/18 03:34:18 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e678e00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:18 executing program 5: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000300)) ioctl$VHOST_NET_SET_BACKEND(r0, 0xaf02, &(0x7f0000f1dff8)) 2033/05/18 03:34:18 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0xc, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:18 executing program 1 (fault-call:0 fault-nth:23): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:18 executing program 5: timer_create(0x9, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f0000000080)}}, &(0x7f0000000000)) openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x101000, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000100)={0x4200000000000000, 0x1000, 0x400, 0x4, 0x11}) r1 = request_key(&(0x7f00000001c0)='.dead\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000240)='posix_acl_access.em0.][#\x00', 0xffffffffffffffff) keyctl$read(0xb, r1, &(0x7f0000000280)=""/4096, 0x1000) timer_settime(0x0, 0x1, &(0x7f0000000080)={{}, {0x0, 0x1c9c380}}, &(0x7f00000000c0)) 2033/05/18 03:34:18 executing program 6: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80000, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000040)=0x200000, 0x4) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000080)={0x3, "ab5236"}, 0x4) ptrace(0x4207, r1) ptrace(0x1a, r1) 2033/05/18 03:34:18 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000040)={{0x5, 0x9}, 'port0\x00', 0x80, 0x40, 0x2, 0x80, 0xc2, 0x0, 0x1, 0x0, 0x3, 0x7fffffff}) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) syz_mount_image$ocfs2(&(0x7f0000000100)='ocfs2\x00', &(0x7f0000000180)='./bus\x00', 0x1, 0x6, &(0x7f0000000600)=[{&(0x7f00000001c0)="90f103d13361585556c74c77581148202489945666407530892a73a39132664537c108842aa9e31a67be8acd36b960ba99a4dc564eb907196bc52e05c2a47717a8def364742a294911503a191e7a5ed29e1df4e4a4d9432558611a8ab6acdf70e517e4c83f7b9a6417c13a088d5515726accadcfd34344ce6e4386b76ad81966c6ab51198d016d535075b34c2d1a4c56c31ed15920658b280f295322ff57bf4cc0d4", 0xa2, 0x3}, {&(0x7f0000000280)="6e3dc790929fe15f293314b37cce5e5115c7df137cc5b00daa700f4a176cf54ecce1aed32ea23d4b488973701f47b343aaf8a2ee12ff2d3829c349c59245b2bf65746698a9cc2d6fd1c970a3851dab0c2d9e53ccf4cd", 0x56, 0x363}, {&(0x7f0000000300)="9136eb4c8e6741b41a6ce6101d961fa0c84907f06bdf5b2f585c8ec2819dee6b1870f14f10b92a9ca02f08b7d3b0135d362c8378ee2778c7dc4813c5febb30be398a9feafa61923a11b96f857ff1ae1f78f645253c5992f6491d7ea921dd62db2c06346945c37e9490c8f73f56d10a3bdb54a5fe187c0d30cec822d2ba261a23faac872a98bbccd6088aa6c7af1fdde95c168168e6789dc5e1dbcae1c7a7f181099b667e99183e8a0c7a3d2c943b8923a2fa57f3ef4b547c6d6e6a0d4e80a4a9aea7f9af91aac032f9417529", 0xcc, 0x5}, {&(0x7f0000000400)="fcd1acf09f0da51a9550d9c5a71a6c9bf706a61c1059db0c0c61092ce6fc971f6e5bdb22747b585bc1bd0b6617898330bb009dc7665b47c09bf6c199c3edf03c357b256de2db2f6bcff04f0cbc83854b22f09e45776a7475cf3f665dbaf7a9f5df32ff1267fc0b6bb18d141e93836d80eb8befdfd62558013190b7d15ac31395c619e3822835cb02bc41b8e14904763f43bd7e4d", 0x94, 0x2}, {&(0x7f00000004c0)="10625393655679d7fa7729c3cc52d17c69ffb525a299de7235d1dcc8ca73a57921742e348fc0db8dec3c33e47fe67e0b3cda4827fbad509b8760d77064fecfaf85a0eb16da6bb5f03445f8af70235e056b0fd6ee3b64345f814461c6e73a1c3ae191c57317f22db01969c326f9a4938fb643da74c3d84849ffc73cf6d0c4ecef713f51d02995ef1a05fddc5c1ab0eba6505fca3c6bd5e6feed7b04d4a58c6f743ad9c4699e4a0fce7c62777406b7d0e50d2e8e12bad2ea09a9c8ab2d23b9de400f96bfff2e7dee10029e73b09337be94d1ab107a5c", 0xd5, 0x6}, {&(0x7f00000005c0)="d6cdd4db551331c9a0b10cd4b780bd0dff3c705c77c30f9eebf9fee15481253742a1b112d9d7d881124d7e30ae9cd97df90ea9953273ffcd6b0356a68a9125", 0x3f, 0x1}], 0x1801010, &(0x7f00000007c0)='/dev/usbmon#\x00') setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000800)=0x101, 0x4) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:18 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x7ffe, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:18 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530ff", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:18 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67d700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:18 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000000)={0x1, 0x4, [@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1d}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]]}) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) [ 306.020503] FAULT_INJECTION: forcing a failure. [ 306.020503] name failslab, interval 1, probability 0, space 0, times 0 [ 306.032297] CPU: 0 PID: 20786 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 306.039342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.048702] Call Trace: [ 306.051305] dump_stack+0x1b9/0x294 [ 306.055157] ? dump_stack_print_info.cold.2+0x52/0x52 [ 306.060618] ? print_usage_bug+0xc0/0xc0 [ 306.064683] ? find_held_lock+0x36/0x1c0 2033/05/18 03:34:18 executing program 5: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0) ioctl$KVM_NMI(r1, 0xae9a) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3, 0xfeda) sendmsg(r0, &(0x7f0000000140)={&(0x7f00004f5000)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f00006e9c68)}, 0x0) syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x0, 0x0) close(r0) 2033/05/18 03:34:18 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fcntl$setflags(r2, 0x2, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="00400000100000000000000000f20000"]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x199a02, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000140)=@req3={0x10001, 0x24c, 0x1f, 0x0, 0x2, 0x2, 0x9}, 0x1c) [ 306.068786] should_fail.cold.4+0xa/0x1a [ 306.072883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.078453] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 306.083664] ? graph_lock+0x170/0x170 [ 306.087475] ? debug_check_no_locks_freed+0x310/0x310 [ 306.092679] ? find_held_lock+0x36/0x1c0 [ 306.096755] ? __lock_is_held+0xb5/0x140 [ 306.100838] ? check_same_owner+0x320/0x320 [ 306.105265] ? rcu_note_context_switch+0x710/0x710 [ 306.110207] ? lock_downgrade+0x8e0/0x8e0 [ 306.114363] __should_failslab+0x124/0x180 [ 306.118616] should_failslab+0x9/0x14 [ 306.122438] kmem_cache_alloc+0x2af/0x760 [ 306.126591] ? rcu_report_qs_rnp+0x790/0x790 [ 306.131010] __d_alloc+0xc0/0xd30 [ 306.134471] ? shrink_dcache_for_umount+0x290/0x290 [ 306.139489] ? d_alloc_parallel+0x1e70/0x1e70 [ 306.143985] ? lock_release+0xa10/0xa10 [ 306.147958] ? mark_held_locks+0xc9/0x160 [ 306.152100] ? filename_create+0x1aa/0x5a0 [ 306.156325] ? d_lookup+0x254/0x330 [ 306.159945] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 306.164947] ? d_lookup+0x219/0x330 [ 306.168565] d_alloc+0x8e/0x370 [ 306.171831] ? __d_lookup+0x9c0/0x9c0 [ 306.175624] ? __d_alloc+0xd30/0xd30 [ 306.179341] __lookup_hash+0xd9/0x190 [ 306.183138] filename_create+0x1dd/0x5a0 [ 306.187209] ? kern_path_mountpoint+0x40/0x40 [ 306.191701] ? fget_raw+0x20/0x20 [ 306.195152] ? putname+0xf2/0x130 [ 306.198591] ? getname_flags+0xd0/0x5a0 [ 306.202556] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.208078] ? getname_flags+0x26e/0x5a0 [ 306.212130] do_mkdirat+0xd2/0x2f0 [ 306.215661] ? __ia32_sys_mknod+0xb0/0xb0 [ 306.219804] ? ksys_ioctl+0x81/0xd0 [ 306.223477] ? do_syscall_64+0x92/0x800 [ 306.227456] __x64_sys_mkdir+0x5c/0x80 [ 306.231347] do_syscall_64+0x1b1/0x800 [ 306.235230] ? finish_task_switch+0x1ca/0x840 [ 306.239717] ? syscall_return_slowpath+0x5c0/0x5c0 [ 306.244638] ? syscall_return_slowpath+0x30f/0x5c0 [ 306.249561] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 306.254917] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.259756] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 306.264936] RIP: 0033:0x454e47 [ 306.268111] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 306.287441] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 306.295140] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 306.302394] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 306.309649] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:18 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c653003", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:18 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:18 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000ee00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:18 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0), 0xfffffffffffffed8) close(r0) [ 306.316908] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 306.324169] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000017 2033/05/18 03:34:18 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c653004", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:19 executing program 1 (fault-call:0 fault-nth:24): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:19 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0xe, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:19 executing program 5: getresgid(&(0x7f0000000140)=0x0, &(0x7f0000000080), &(0x7f00000001c0)) r1 = getgid() getgroups(0x3, &(0x7f0000000100)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff]) setresgid(r0, r1, r2) getgroups(0x2, &(0x7f0000000000)=[0xffffffffffffffff, 0xffffffffffffffff]) setfsgid(r3) r4 = socket$inet6(0xa, 0x6, 0x93) getpeername$packet(0xffffffffffffff9c, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x14) ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f0000000200)={@dev={0xfe, 0x80, [], 0x18}, @empty, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x1, 0xfffffffffffffffd, 0x7, 0x100, 0x1, 0x0, r5}) 2033/05/18 03:34:19 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:19 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000b000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:19 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x200180, 0x0) getsockopt$ax25_int(r1, 0x101, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x5) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) utimensat(r0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={{0x77359400}, {0x77359400}}, 0x100) ioctl$SG_EMULATED_HOST(r2, 0x2203, &(0x7f0000000000)) 2033/05/18 03:34:19 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x800000002, 0x8) 2033/05/18 03:34:19 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)={0xaa}) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f00000000c0)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000140)={r4, 0x100, 0x8}, 0xc) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r3, 0x4, 0x405) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000000)) dup2(r1, r3) 2033/05/18 03:34:19 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700fa00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:19 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530fe", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:19 executing program 6: syz_emit_ethernet(0x1f0, &(0x7f0000000000)={@broadcast=[0xff, 0xe0, 0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [{[], {0x8100, 0x81, 0x1000, 0x2}}], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x29, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @multicast1=0xe0000001}, @udp={0xc3fe, 0x8100, 0x8}}}}}, 0x0) [ 307.343968] FAULT_INJECTION: forcing a failure. [ 307.343968] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 307.355821] CPU: 1 PID: 20851 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 307.362743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.372089] Call Trace: [ 307.374682] dump_stack+0x1b9/0x294 [ 307.378317] ? dump_stack_print_info.cold.2+0x52/0x52 [ 307.383511] ? debug_check_no_obj_freed+0x2ff/0x584 [ 307.388534] should_fail.cold.4+0xa/0x1a [ 307.392599] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 307.397533] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 307.402644] ? debug_check_no_locks_freed+0x310/0x310 [ 307.407829] ? trace_hardirqs_on+0xd/0x10 [ 307.411979] ? kobject_uevent_env+0x288/0xea0 [ 307.416480] ? internal_create_group+0x347/0x970 [ 307.421244] ? lo_ioctl+0xe8/0x2190 [ 307.424878] ? lo_rw_aio_complete+0x430/0x430 [ 307.429382] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 307.434921] ? should_fail+0x21b/0xbcd [ 307.438813] __alloc_pages_nodemask+0x34e/0xd70 [ 307.443488] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 307.448502] ? rcu_is_watching+0x85/0x140 [ 307.452656] ? rcu_report_qs_rnp+0x790/0x790 [ 307.457066] ? find_held_lock+0x36/0x1c0 [ 307.461146] ? check_same_owner+0x320/0x320 [ 307.465471] cache_grow_begin+0x6e/0x6c0 [ 307.469549] kmem_cache_alloc+0x689/0x760 [ 307.473703] ? ioctl_preallocate+0x2e0/0x2e0 [ 307.478112] ? fget_raw+0x20/0x20 [ 307.481566] ? putname+0xf2/0x130 [ 307.485019] getname_flags+0xd0/0x5a0 [ 307.488823] do_mkdirat+0xbd/0x2f0 [ 307.492371] ? __ia32_sys_mknod+0xb0/0xb0 [ 307.496514] ? fput+0x130/0x1a0 [ 307.499793] ? ksys_ioctl+0x81/0xd0 [ 307.503418] ? do_syscall_64+0x92/0x800 [ 307.507394] __x64_sys_mkdir+0x5c/0x80 [ 307.511282] do_syscall_64+0x1b1/0x800 [ 307.515168] ? finish_task_switch+0x1ca/0x840 [ 307.519669] ? syscall_return_slowpath+0x5c0/0x5c0 [ 307.524610] ? syscall_return_slowpath+0x30f/0x5c0 [ 307.529544] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 307.534959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.539808] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 307.544991] RIP: 0033:0x454e47 [ 307.548174] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 307.567546] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 307.575256] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 307.582519] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 307.589785] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 307.597046] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 307.604310] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000018 2033/05/18 03:34:20 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1d75", 0x3) 2033/05/18 03:34:20 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.stat\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0)=[{0x4, 0x7fff}, {0xb, 0x9}, {0x3, 0xf9}, {0xb, 0xfffffffffffffff8}], 0x4) r1 = socket$inet6(0xa, 0x3, 0x6) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e24, 0x400, @local={0xfe, 0x80, [], 0xaa}, 0x9}, 0x1c) connect$inet6(r1, &(0x7f0000000280)={0xa}, 0x1c) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1080480}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x80, r2, 0x702, 0x70bd26, 0x25dfdbfb, {0x1}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7ff}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x7}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x8001}, 0x48800) getsockopt$inet6_int(r1, 0x29, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) 2033/05/18 03:34:20 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:20 executing program 6: alarm(0x400) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000000)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000140)="00000000a24ea579909a1f836cd536c8dc19c19ed805386ae45dd6ead8a6368ce540cc75deb40975a128d80713ec044a11d1ef6af2b11d8a20d1f7be2ae565f6c048af44b4e7dd5676ab35a3958def5cc088e20743d9fb55fcd83237b80d3fbcb2e11c2d17c05dc9fdb8cd8b5973ba57bb5793c9354a5efbad854cb77e353db0889d234753aa07b777879f84") getdents64(r1, &(0x7f00000002c0)=""/140, 0x3b5) ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000280)=r0) getresuid(&(0x7f0000000040), &(0x7f0000000200), &(0x7f0000000240)) 2033/05/18 03:34:20 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700fd00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:20 executing program 1 (fault-call:0 fault-nth:25): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:20 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x50) 2033/05/18 03:34:20 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) inotify_init() fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) [ 308.241527] FAULT_INJECTION: forcing a failure. [ 308.241527] name failslab, interval 1, probability 0, space 0, times 0 [ 308.252897] CPU: 1 PID: 20869 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 308.259830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.269186] Call Trace: [ 308.271790] dump_stack+0x1b9/0x294 [ 308.275431] ? dump_stack_print_info.cold.2+0x52/0x52 [ 308.280636] ? perf_trace_lock_acquire+0xe3/0x980 [ 308.285484] ? print_usage_bug+0xc0/0xc0 2033/05/18 03:34:20 executing program 5: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000000)=0x2) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x80, 0x0, 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00') ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000000c0)=0x0) fcntl$lock(r0, 0x0, &(0x7f0000000100)={0x2, 0x7, 0x10001, 0x0, r2}) ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000040)=0x2) 2033/05/18 03:34:20 executing program 6: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x4400, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000080)='./file0\x00', r0}, 0x10) rt_sigaction(0x40, &(0x7f0000000180)={0x10001, {0x20f}, 0x10000000, 0x3}, 0x0, 0x8, &(0x7f00000001c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000007126000000000000bf67000000000000570600000f0000006706000002000000070600000ee619f2bf250000000000001f6500000000000067070000020000000707000099741df70f75000000000000bf5400000000000007000000040000003d43010000000000950000000000000061560000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) 2033/05/18 03:34:20 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 308.289557] should_fail.cold.4+0xa/0x1a [ 308.293631] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 308.298749] ? graph_lock+0x170/0x170 [ 308.302553] ? perf_trace_lock+0x900/0x900 [ 308.306798] ? debug_check_no_locks_freed+0x310/0x310 [ 308.311995] ? perf_trace_lock+0x900/0x900 [ 308.316251] ? find_held_lock+0x36/0x1c0 [ 308.320333] ? __lock_is_held+0xb5/0x140 [ 308.324534] ? check_same_owner+0x320/0x320 [ 308.328867] ? rcu_note_context_switch+0x710/0x710 [ 308.333802] ? lock_downgrade+0x8e0/0x8e0 [ 308.337962] __should_failslab+0x124/0x180 2033/05/18 03:34:20 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000000200", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 308.342214] should_failslab+0x9/0x14 [ 308.346027] kmem_cache_alloc+0x2af/0x760 [ 308.350186] ? rcu_report_qs_rnp+0x790/0x790 [ 308.354618] __d_alloc+0xc0/0xd30 [ 308.358091] ? shrink_dcache_for_umount+0x290/0x290 [ 308.363122] ? d_alloc_parallel+0x1e70/0x1e70 [ 308.367632] ? lock_release+0xa10/0xa10 [ 308.371622] ? mark_held_locks+0xc9/0x160 [ 308.375776] ? filename_create+0x1aa/0x5a0 [ 308.380025] ? d_lookup+0x254/0x330 [ 308.383676] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 308.388699] ? d_lookup+0x219/0x330 [ 308.392335] d_alloc+0x8e/0x370 [ 308.395621] ? __d_lookup+0x9c0/0x9c0 [ 308.399431] ? __d_alloc+0xd30/0xd30 [ 308.403164] __lookup_hash+0xd9/0x190 [ 308.406976] filename_create+0x1dd/0x5a0 [ 308.411053] ? kern_path_mountpoint+0x40/0x40 [ 308.415573] ? fget_raw+0x20/0x20 [ 308.419028] ? putname+0xf2/0x130 [ 308.422489] ? getname_flags+0xd0/0x5a0 [ 308.426470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.432011] ? getname_flags+0x26e/0x5a0 [ 308.436084] do_mkdirat+0xd2/0x2f0 2033/05/18 03:34:21 executing program 5: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f00000001c0)='./file0\x00', &(0x7f000000aff8)='./file0\x00', &(0x7f0000000040)='bpf\x00', 0x1, &(0x7f0000000080)) r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x5, 0x0) openat$cgroup(r0, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) chdir(&(0x7f0000000780)='./file0\x00') r1 = getpid() prctl$setptracer(0x59616d61, r1) syz_fuseblk_mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 308.439630] ? __ia32_sys_mknod+0xb0/0xb0 [ 308.443781] ? ksys_ioctl+0x81/0xd0 [ 308.447416] ? do_syscall_64+0x92/0x800 [ 308.451396] __x64_sys_mkdir+0x5c/0x80 [ 308.455293] do_syscall_64+0x1b1/0x800 [ 308.459187] ? finish_task_switch+0x1ca/0x840 [ 308.463688] ? syscall_return_slowpath+0x5c0/0x5c0 [ 308.468627] ? syscall_return_slowpath+0x30f/0x5c0 [ 308.473567] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 308.478941] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 308.483797] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 308.488989] RIP: 0033:0x454e47 [ 308.492171] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 308.511571] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 308.519274] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 308.526532] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 308.533788] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 2033/05/18 03:34:21 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0c75", 0x3) [ 308.541043] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 308.548297] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000019 2033/05/18 03:34:21 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c653014", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:21 executing program 1 (fault-call:0 fault-nth:26): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:21 executing program 6: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000080)="0001000000ff000000000000c9030000ec000000010008000000000000000000002000000020000000010000000000006e5fbe5c0000ffff53ef0100010000006e5fbe5a0000c9ca68e30d69e5000000000000010000000000800000002c0000000000008893", 0x66, 0x400}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='jqfmt=vfsv0,usrjquota=./file0R,\x00']) 2033/05/18 03:34:21 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000009500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:21 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='io.bfq.weight\x00', 0x2, 0x0) write(r1, &(0x7f0000000200), 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x1, 0x0) 2033/05/18 03:34:21 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:21 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0e75", 0x3) [ 308.697602] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled [ 308.706583] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled [ 308.715083] EXT4-fs (loop6): filesystem is read-only [ 308.720233] EXT4-fs (loop6): unsupported inode size: 32768 [ 308.766190] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled [ 308.774974] EXT4-fs (loop6): Journaled quota options ignored when QUOTA feature is enabled [ 308.783449] EXT4-fs (loop6): filesystem is read-only [ 308.788608] EXT4-fs (loop6): unsupported inode size: 32768 [ 308.798696] FAULT_INJECTION: forcing a failure. [ 308.798696] name failslab, interval 1, probability 0, space 0, times 0 [ 308.810069] CPU: 0 PID: 20903 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 308.817000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.826362] Call Trace: [ 308.828967] dump_stack+0x1b9/0x294 [ 308.832616] ? dump_stack_print_info.cold.2+0x52/0x52 [ 308.837834] should_fail.cold.4+0xa/0x1a [ 308.841931] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 308.847057] ? perf_trace_lock_acquire+0xe3/0x980 [ 308.851916] ? graph_lock+0x170/0x170 [ 308.855730] ? debug_check_no_locks_freed+0x310/0x310 [ 308.860945] ? find_held_lock+0x36/0x1c0 [ 308.865040] ? print_usage_bug+0xc0/0xc0 [ 308.869121] ? __lock_is_held+0xb5/0x140 [ 308.873194] ? print_usage_bug+0xc0/0xc0 [ 308.877267] ? check_same_owner+0x320/0x320 [ 308.881597] ? mark_held_locks+0xc9/0x160 [ 308.885762] ? rcu_note_context_switch+0x710/0x710 [ 308.890699] __should_failslab+0x124/0x180 [ 308.894951] should_failslab+0x9/0x14 [ 308.898763] kmem_cache_alloc+0x2af/0x760 [ 308.902911] ? __lock_acquire+0x7f5/0x5140 [ 308.907200] ? __lock_is_held+0xb5/0x140 [ 308.911259] ext4_alloc_inode+0xc1/0x860 [ 308.915311] ? ratelimit_state_init+0xb0/0xb0 [ 308.919792] ? find_held_lock+0x36/0x1c0 [ 308.923849] ? lock_downgrade+0x8e0/0x8e0 [ 308.927991] ? kasan_check_read+0x11/0x20 [ 308.932133] ? rcu_is_watching+0x85/0x140 [ 308.936269] ? rcu_report_qs_rnp+0x790/0x790 [ 308.940661] ? graph_lock+0x170/0x170 [ 308.944457] ? ratelimit_state_init+0xb0/0xb0 [ 308.948940] alloc_inode+0x63/0x190 [ 308.952557] new_inode_pseudo+0x69/0x1a0 [ 308.956609] ? prune_icache_sb+0x1a0/0x1a0 [ 308.960832] ? perf_trace_lock_acquire+0xe3/0x980 [ 308.965671] new_inode+0x1c/0x40 [ 308.969031] __ext4_new_inode+0x443/0x60c0 [ 308.973255] ? find_held_lock+0x36/0x1c0 [ 308.977317] ? ext4_free_inode+0x1870/0x1870 [ 308.981724] ? kasan_check_read+0x11/0x20 [ 308.985864] ? rcu_is_watching+0x85/0x140 [ 308.989999] ? rcu_report_qs_rnp+0x790/0x790 [ 308.994398] ? rcu_report_qs_rnp+0x790/0x790 [ 308.998797] ? is_bpf_text_address+0xd7/0x170 [ 309.003281] ? kernel_text_address+0x79/0xf0 [ 309.007686] ? __unwind_start+0x166/0x330 [ 309.011821] ? __kernel_text_address+0xd/0x40 [ 309.016307] ? unwind_get_return_address+0x61/0xa0 [ 309.021224] ? __save_stack_trace+0x7e/0xd0 [ 309.025546] ? save_stack+0xa9/0xd0 [ 309.029174] ? save_stack+0x43/0xd0 [ 309.032784] ? __kasan_slab_free+0x11a/0x170 [ 309.037179] ? kmem_cache_free+0x86/0x2d0 [ 309.041311] ? putname+0xf2/0x130 [ 309.044757] ? filename_create+0x2aa/0x5a0 [ 309.048975] ? do_mkdirat+0xd2/0x2f0 [ 309.052674] ? __x64_sys_mkdir+0x5c/0x80 [ 309.056723] ? do_syscall_64+0x1b1/0x800 [ 309.060767] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.066121] ? kasan_check_read+0x11/0x20 [ 309.070270] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 309.074853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.080381] ? __dquot_initialize+0x615/0xdc0 [ 309.084861] ? kasan_check_write+0x14/0x20 [ 309.089081] ? graph_lock+0x170/0x170 [ 309.092885] ? dquot_get_next_dqblk+0x180/0x180 [ 309.097541] ? kasan_check_write+0x14/0x20 [ 309.101769] ? __lock_is_held+0xb5/0x140 [ 309.105822] ext4_mkdir+0x2d9/0xe50 [ 309.109455] ? ext4_init_dot_dotdot+0x510/0x510 [ 309.114115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.119641] ? security_inode_permission+0xd2/0x100 [ 309.124649] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.130174] ? security_inode_mkdir+0xe8/0x120 [ 309.134742] ? getname_flags+0xd0/0x5a0 [ 309.138705] vfs_mkdir+0x42e/0x6b0 [ 309.142248] do_mkdirat+0x266/0x2f0 [ 309.145872] ? __ia32_sys_mknod+0xb0/0xb0 [ 309.150012] ? ksys_ioctl+0x81/0xd0 [ 309.153637] ? do_syscall_64+0x92/0x800 [ 309.157601] __x64_sys_mkdir+0x5c/0x80 [ 309.161479] do_syscall_64+0x1b1/0x800 [ 309.165354] ? finish_task_switch+0x1ca/0x840 [ 309.169835] ? syscall_return_slowpath+0x5c0/0x5c0 [ 309.174751] ? syscall_return_slowpath+0x30f/0x5c0 [ 309.179678] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 309.185035] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.189882] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.195069] RIP: 0033:0x454e47 [ 309.198246] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 2033/05/18 03:34:21 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000f600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 309.217936] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 309.225635] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 309.232898] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 309.240153] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 309.247407] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 309.254668] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000001a 2033/05/18 03:34:22 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f00000000c0)=0xffff) r2 = getpgid(0x0) sched_setscheduler(r2, 0x1, &(0x7f0000000140)=0x8) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000240)={{{@in=@rand_addr, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@rand_addr}}, &(0x7f0000000340)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'teql0\x00', r3}) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r4 = creat(&(0x7f0000000380)='./bus\x00', 0x140) ioctl$BLKBSZGET(r4, 0x80081270, &(0x7f0000000100)) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000180)=""/151) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10200, 0x0) 2033/05/18 03:34:22 executing program 6: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r0, 0x8200) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x1, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-512-generic\x00'}, 0x58) socket$vsock_dgram(0x28, 0x2, 0x0) r3 = accept$alg(r2, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000040)={0x0, 0x1}, &(0x7f0000000080)=0x8) ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f00000002c0)={0x3, 0x1}) ioctl$VT_GETMODE(r1, 0x5601, &(0x7f0000000100)) syz_open_dev$audion(&(0x7f0000000300)='/dev/audio#\x00', 0x7fff, 0x4800) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000001c0)={r4, @in6={{0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, [], 0x10}, 0x5}}, [0x2, 0x3, 0x0, 0x5, 0x35, 0x6, 0x8, 0x762, 0xce2, 0x3, 0x24000000000000, 0x0, 0x8, 0x0, 0x80000001]}, &(0x7f00000000c0)=0x100) sendfile(r3, r1, &(0x7f0000000000), 0x2) 2033/05/18 03:34:22 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x80, 0x1) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x604a41, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000080)={0x5, 0x208, 0x5, 0xdbd, 0x0}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e20, 0x9, @empty, 0x7}}, 0x7, 0x3ff}, &(0x7f00000001c0)=0x90) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000200)={0x5e6c31ef, 0x9, 0x0, 0x1}, 0x6) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000002c0)=@assoc_value={r1, 0x1}, &(0x7f0000000300)=0x8) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000340)) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000380)={r6, 0x3, 0x5, [0x2, 0xffffffffffff7961, 0x7, 0x1000000000000000, 0x7]}, 0x12) bind$inet6(r5, &(0x7f00000003c0)={0xa, 0x4e20, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0x1}, 0x1c) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000400), 0x4) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000440)={r6, 0x800}, 0x8) ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000480)={0x0, 0x1, 0x6161, 0x2, 0x7fffffff, 0x9, 0x1ff, 0x600000000000, 0x10001, 0x7fff}) r7 = syz_open_dev$urandom(&(0x7f00000004c0)='/dev/urandom\x00', 0x0, 0x200000) ioctl$DRM_IOCTL_IRQ_BUSID(r0, 0xc0106403, &(0x7f0000000500)={0x855b, 0x1a2c, 0x1, 0x4}) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000540)={r6, 0x6, 0x30, 0xaad, 0x10000}, &(0x7f0000000580)=0x18) r8 = openat$audio(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/audio\x00', 0x4000, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000600)=[@in6={0xa, 0x4e23, 0xe78, @local={0xfe, 0x80, [], 0xaa}, 0x8000}, @in6={0xa, 0x4e22, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0x1f}, @in6={0xa, 0x4e24, 0x6, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x8}, @in6={0xa, 0x4e21, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0xfffffffffffffffb}, @in={0x2, 0x4e23, @multicast1=0xe0000001}, @in={0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, [], 0x1c}, 0x7fffffff}, @in6={0xa, 0x4e23, 0xff, @dev={0xfe, 0x80, [], 0x1b}, 0x5}], 0xc8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r8, 0x84, 0x16, &(0x7f0000000700)={0x4, [0x10001, 0x82, 0x6, 0x5]}, &(0x7f0000000740)=0xc) ioctl$DRM_IOCTL_IRQ_BUSID(r8, 0xc0106403, &(0x7f0000000780)={0xfffffffffffffffc, 0x1, 0x69f8, 0x6}) getsockopt$bt_BT_VOICE(r8, 0x112, 0xb, &(0x7f00000007c0)=0x80000000, &(0x7f0000000800)=0x2) ioctl$VT_RELDISP(r0, 0x5605) lseek(r7, 0x0, 0x2) write$tun(r0, &(0x7f0000000840)={@void, @void, @ipv4={{0x14, 0x4, 0x0, 0x4, 0x13a, 0x65, 0x9, 0x1000, 0x2b, 0x0, @loopback=0x7f000001, @dev={0xac, 0x14, 0x14, 0x17}, {[@timestamp={0x44, 0x28, 0xb28f, 0x3, 0x1, [{[@local={0xac, 0x14, 0x14, 0xaa}], 0x6}, {[], 0x8}, {[@rand_addr=0x80000000], 0x400000000}, {[@loopback=0x7f000001], 0x1}, {[@remote={0xac, 0x14, 0x14, 0xbb}], 0x200}]}, @end, @generic={0x8b, 0x4, "f56e"}, @ssrr={0x89, 0xf, 0x5, [@remote={0xac, 0x14, 0x14, 0xbb}, @multicast1=0xe0000001, @loopback=0x7f000001]}]}}, @udp={0x4e22, 0x4e21, 0xea, 0x0, [@guehdr={0x1, 0x5, 0xb75, 0x5, 0x100}, @guehdr={0x2, 0xffffffff80000001, 0x40, 0x2, 0xabf7a401258c1f82, [0x80]}, @guehdr={0x2, 0xffffff8000000000, 0x5, 0x5, 0x100, [0x80]}, @guehdr={0x1, 0x9e7f, 0x4, 0x7fffffff, 0x100}], "6f382f12120c4cc1e471d4f5268ba1b389c151e3dc41c04c54fa58bb7cd60cec36600e151837594b44069e0b2d0cf816c27f4a3f74be5f53c31a178ff9842be72a182533514ab9622a37ecad0c924bfa8045b517b969196097e49369ef817dfe3c224550cd47cb7848cdeb0dbdd2181a0d8f717cebcbd4f44b0927ff0e71f6fce4b01f45c11b1037c1201e026307282e9afb3fc4ae1ce2ffe06b3f69499ddad330b7e57e126757185740709fd7d18a3aec244a054777533d6ecf441200523ff4b9adfd7f0400bf97c953"}}}, 0x13a) ioctl$KDGKBMETA(r8, 0x4b62, &(0x7f0000000980)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f00000009c0)={r2, @in6={{0xa, 0x4e24, 0x1f, @remote={0xfe, 0x80, [], 0xbb}, 0x3}}, 0x8591, 0x4}, &(0x7f0000000a80)=0x90) r9 = gettid() syz_open_procfs(r9, &(0x7f0000000ac0)='net/ip6_mr_cache\x00') ioctl(r0, 0x7ff, &(0x7f0000000b00)="49eea8fb0982c7d16723902e33fd3b34c0d50a0a713e50eb7e49c597133c556c76822fa726dbe9a14e9b140877911ac67c4108f165c6423b541eff54473ce6ef8e0178ba95dab1cb5f83fbde82a36bdaedd7faf6bb000cc11a3ee9440cb1699dd3255246c5590400e7a2da06b042373a6a85c881cf545a892d0e3265470375dbe6c01580db33e29237135609468b645a4b483a362cac28381c223b2e68f6faa3164e251bd9996017d2e9a67b5d01d5913bbef764be21ed0719ce73") 2033/05/18 03:34:22 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000009500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:22 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:22 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x100, 0x0) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r2, r3) 2033/05/18 03:34:22 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0d75", 0x3) 2033/05/18 03:34:22 executing program 1 (fault-call:0 fault-nth:27): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 309.570299] FAULT_INJECTION: forcing a failure. [ 309.570299] name failslab, interval 1, probability 0, space 0, times 0 [ 309.581655] CPU: 0 PID: 20935 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 309.588595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.598038] Call Trace: [ 309.600642] dump_stack+0x1b9/0x294 [ 309.604290] ? dump_stack_print_info.cold.2+0x52/0x52 [ 309.609495] ? mark_page_accessed+0x66a/0xd10 [ 309.614006] should_fail.cold.4+0xa/0x1a 2033/05/18 03:34:22 executing program 6: mkdir(&(0x7f0000000080)='./file0\x00', 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000020000007f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0xb1, &(0x7f0000000200)=""/177}, 0x48) mount(&(0x7f00008deff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000100)="03") 2033/05/18 03:34:22 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67b800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 309.618083] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 309.623206] ? perf_trace_lock_acquire+0xe3/0x980 [ 309.628060] ? graph_lock+0x170/0x170 [ 309.631873] ? debug_check_no_locks_freed+0x310/0x310 [ 309.637072] ? print_usage_bug+0xc0/0xc0 [ 309.641153] ? print_usage_bug+0xc0/0xc0 [ 309.645228] ? __lock_is_held+0xb5/0x140 [ 309.649303] ? print_usage_bug+0xc0/0xc0 [ 309.653381] ? check_same_owner+0x320/0x320 [ 309.657714] ? rcu_note_context_switch+0x710/0x710 [ 309.662656] __should_failslab+0x124/0x180 [ 309.666915] should_failslab+0x9/0x14 2033/05/18 03:34:22 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:22 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x615}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x1000, 0x20000) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000000c0)=0xfffffffeffffffff, 0x4) timer_delete(0x0) ioctl$sock_inet_SIOCDELRT(r1, 0x890c, &(0x7f0000000100)={0x3, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, {0x2, 0x4e20}, {0x2, 0x4e24, @multicast1=0xe0000001}, 0x100, 0x7, 0x80, 0x9, 0xfff, &(0x7f0000000080)='bond_slave_0\x00', 0x80, 0x0, 0xaca}) [ 309.670725] kmem_cache_alloc+0x2af/0x760 [ 309.674879] ? __lock_acquire+0x7f5/0x5140 [ 309.679122] ? __lock_is_held+0xb5/0x140 [ 309.683199] ext4_alloc_inode+0xc1/0x860 [ 309.687270] ? ratelimit_state_init+0xb0/0xb0 [ 309.691772] ? find_held_lock+0x36/0x1c0 [ 309.695856] ? lock_downgrade+0x8e0/0x8e0 [ 309.700026] ? kasan_check_read+0x11/0x20 [ 309.704181] ? rcu_is_watching+0x85/0x140 [ 309.708338] ? rcu_report_qs_rnp+0x790/0x790 [ 309.712756] ? graph_lock+0x170/0x170 [ 309.716577] ? ratelimit_state_init+0xb0/0xb0 [ 309.721085] alloc_inode+0x63/0x190 [ 309.724724] new_inode_pseudo+0x69/0x1a0 [ 309.728796] ? prune_icache_sb+0x1a0/0x1a0 [ 309.733041] ? perf_trace_lock_acquire+0xe3/0x980 [ 309.737905] new_inode+0x1c/0x40 [ 309.741281] __ext4_new_inode+0x443/0x60c0 [ 309.745522] ? find_held_lock+0x36/0x1c0 [ 309.749602] ? ext4_free_inode+0x1870/0x1870 [ 309.754019] ? kasan_check_read+0x11/0x20 [ 309.758173] ? rcu_is_watching+0x85/0x140 [ 309.762325] ? rcu_report_qs_rnp+0x790/0x790 [ 309.766741] ? rcu_report_qs_rnp+0x790/0x790 2033/05/18 03:34:22 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67fc00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:22 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 309.771160] ? is_bpf_text_address+0xd7/0x170 [ 309.775665] ? kernel_text_address+0x79/0xf0 [ 309.780080] ? __unwind_start+0x166/0x330 [ 309.784231] ? __kernel_text_address+0xd/0x40 [ 309.788735] ? unwind_get_return_address+0x61/0xa0 [ 309.791087] rpcbind: RPC call returned error 13 [ 309.793675] ? __save_stack_trace+0x7e/0xd0 [ 309.793713] ? save_stack+0xa9/0xd0 [ 309.793730] ? save_stack+0x43/0xd0 [ 309.810040] ? __kasan_slab_free+0x11a/0x170 [ 309.814455] ? kmem_cache_free+0x86/0x2d0 [ 309.818539] rpcbind: RPC call returned error 13 [ 309.818603] ? putname+0xf2/0x130 [ 309.826690] ? filename_create+0x2aa/0x5a0 [ 309.830919] ? do_mkdirat+0xd2/0x2f0 [ 309.834622] ? __x64_sys_mkdir+0x5c/0x80 [ 309.838680] ? do_syscall_64+0x1b1/0x800 [ 309.842731] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.848089] ? kasan_check_read+0x11/0x20 [ 309.852227] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 309.856797] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.862319] ? __dquot_initialize+0x615/0xdc0 [ 309.866798] ? kasan_check_write+0x14/0x20 [ 309.871024] ? graph_lock+0x170/0x170 [ 309.874816] ? dquot_get_next_dqblk+0x180/0x180 [ 309.879470] ? kasan_check_write+0x14/0x20 [ 309.883693] ? __lock_is_held+0xb5/0x140 [ 309.887742] ext4_mkdir+0x2d9/0xe50 [ 309.891360] ? ext4_init_dot_dotdot+0x510/0x510 [ 309.896028] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.901551] ? security_inode_permission+0xd2/0x100 [ 309.906551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.912072] ? security_inode_mkdir+0xe8/0x120 [ 309.916638] ? getname_flags+0xd0/0x5a0 [ 309.920605] vfs_mkdir+0x42e/0x6b0 [ 309.924135] do_mkdirat+0x266/0x2f0 [ 309.927749] ? __ia32_sys_mknod+0xb0/0xb0 [ 309.931883] ? ksys_ioctl+0x81/0xd0 [ 309.935493] ? do_syscall_64+0x92/0x800 [ 309.939455] __x64_sys_mkdir+0x5c/0x80 [ 309.943329] do_syscall_64+0x1b1/0x800 [ 309.947207] ? finish_task_switch+0x1ca/0x840 [ 309.951691] ? syscall_return_slowpath+0x5c0/0x5c0 [ 309.956604] ? syscall_return_slowpath+0x30f/0x5c0 [ 309.961524] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 309.966876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.971709] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.976886] RIP: 0033:0x454e47 [ 309.980057] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 309.999334] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 310.007614] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 310.014873] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 310.022125] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 310.029379] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 310.036640] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000001b 2033/05/18 03:34:22 executing program 1 (fault-call:0 fault-nth:28): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:22 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000040)='X', 0x2b7, 0x80, &(0x7f0000000000)={0xa, 0x4e23, 0x8, @mcast2={0xff, 0x2, [], 0x1}}, 0x18) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}}, &(0x7f0000000180)=0x84) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000001c0)={r2, 0x6374, 0x3, [0x200, 0x4, 0x2fdc]}, &(0x7f0000000200)=0xe) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000140), 0x4) [ 310.142786] FAULT_INJECTION: forcing a failure. [ 310.142786] name failslab, interval 1, probability 0, space 0, times 0 [ 310.154608] CPU: 0 PID: 20962 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 310.161551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.170904] Call Trace: [ 310.173501] dump_stack+0x1b9/0x294 [ 310.177139] ? dump_stack_print_info.cold.2+0x52/0x52 [ 310.182337] ? __lock_acquire+0x7f5/0x5140 [ 310.186578] should_fail.cold.4+0xa/0x1a [ 310.190652] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 310.195761] ? debug_check_no_locks_freed+0x310/0x310 [ 310.200957] ? find_held_lock+0x36/0x1c0 [ 310.205032] ? lock_downgrade+0x8e0/0x8e0 [ 310.209183] ? perf_trace_lock_acquire+0xe3/0x980 [ 310.214029] ? perf_trace_lock_acquire+0xe3/0x980 [ 310.218879] ? perf_trace_lock+0x900/0x900 [ 310.223115] ? graph_lock+0x170/0x170 [ 310.226921] ? is_bpf_text_address+0xd7/0x170 [ 310.231422] ? kernel_text_address+0x79/0xf0 [ 310.235837] __should_failslab+0x124/0x180 [ 310.240093] should_failslab+0x9/0x14 [ 310.243907] kmem_cache_alloc+0x47/0x760 [ 310.247978] ? find_held_lock+0x36/0x1c0 [ 310.252051] ? __es_tree_search.isra.12+0x1ba/0x220 [ 310.257066] __es_insert_extent+0x2fd/0x1130 [ 310.261467] ? ext4_es_insert_extent+0x20b/0x7c0 [ 310.266212] ? ext4_es_free_extent+0x800/0x800 [ 310.270785] ? lock_release+0xa10/0xa10 [ 310.274750] ? __lock_is_held+0xb5/0x140 [ 310.278803] ? kasan_check_write+0x14/0x20 [ 310.283033] ? do_raw_write_lock+0xbd/0x1b0 [ 310.287350] ext4_es_insert_extent+0x2d9/0x7c0 [ 310.291925] ? ext4_es_find_delayed_extent_range+0xd70/0xd70 [ 310.297710] ? __lock_is_held+0xb5/0x140 [ 310.301766] ? rcu_read_lock_sched_held+0x108/0x120 [ 310.306775] ? __kmalloc+0x5f9/0x760 [ 310.310484] ext4_ext_put_gap_in_cache+0x150/0x1d0 [ 310.315404] ? ext4_zeroout_es+0x160/0x160 [ 310.319633] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 310.325166] ext4_ext_map_blocks+0x240e/0x6270 [ 310.329737] ? perf_trace_lock+0x900/0x900 [ 310.333963] ? perf_trace_lock_acquire+0xe3/0x980 [ 310.338795] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 310.343796] ? perf_trace_lock+0x900/0x900 [ 310.348031] ? find_held_lock+0x36/0x1c0 [ 310.352083] ? graph_lock+0x170/0x170 [ 310.355869] ? graph_lock+0x170/0x170 [ 310.359680] ? lock_downgrade+0x8e0/0x8e0 [ 310.363823] ? lock_acquire+0x1dc/0x520 [ 310.367782] ? ext4_map_blocks+0x466/0x1b40 [ 310.372092] ? lock_release+0xa10/0xa10 [ 310.376055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.381579] ? ext4_es_lookup_extent+0x45d/0xdd0 [ 310.386326] ? rcu_note_context_switch+0x710/0x710 [ 310.391246] ? __might_sleep+0x95/0x190 [ 310.395212] ? down_read+0xaf/0x1b0 [ 310.398825] ? ext4_map_blocks+0x466/0x1b40 [ 310.403133] ? __down_interruptible+0x6e0/0x6e0 [ 310.407797] ? kernel_text_address+0x79/0xf0 [ 310.412194] ? __unwind_start+0x166/0x330 [ 310.416331] ext4_map_blocks+0xe17/0x1b40 [ 310.420476] ? __save_stack_trace+0x7e/0xd0 [ 310.424790] ? ext4_issue_zeroout+0x190/0x190 [ 310.429276] ? save_stack+0x43/0xd0 [ 310.432886] ? __kasan_slab_free+0x11a/0x170 [ 310.437281] ? kmem_cache_free+0x86/0x2d0 [ 310.441413] ? putname+0xf2/0x130 [ 310.444854] ext4_getblk+0x105/0x600 [ 310.448559] ? ext4_iomap_begin+0x1330/0x1330 [ 310.453043] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 310.457617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.463142] ? __dquot_initialize+0x615/0xdc0 [ 310.467622] ? kasan_check_write+0x14/0x20 [ 310.471843] ext4_bread+0x8d/0x2a0 [ 310.475380] ? ext4_getblk+0x600/0x600 [ 310.479255] ? dquot_get_next_dqblk+0x180/0x180 [ 310.483916] ? kasan_check_write+0x14/0x20 [ 310.488146] ext4_append+0x14e/0x370 [ 310.491848] ext4_mkdir+0x52a/0xe50 [ 310.495471] ? ext4_init_dot_dotdot+0x510/0x510 [ 310.500129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.505650] ? security_inode_permission+0xd2/0x100 [ 310.510653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.516177] ? security_inode_mkdir+0xe8/0x120 [ 310.520743] ? getname_flags+0xd0/0x5a0 [ 310.524715] vfs_mkdir+0x42e/0x6b0 [ 310.528246] do_mkdirat+0x266/0x2f0 [ 310.531864] ? __ia32_sys_mknod+0xb0/0xb0 [ 310.536004] ? ksys_ioctl+0x81/0xd0 [ 310.539622] ? do_syscall_64+0x92/0x800 [ 310.543585] __x64_sys_mkdir+0x5c/0x80 [ 310.547902] do_syscall_64+0x1b1/0x800 [ 310.551775] ? finish_task_switch+0x1ca/0x840 [ 310.556257] ? syscall_return_slowpath+0x5c0/0x5c0 [ 310.561174] ? syscall_return_slowpath+0x30f/0x5c0 [ 310.566095] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 310.571448] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 310.576282] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.581456] RIP: 0033:0x454e47 [ 310.584625] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 310.603943] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 310.611646] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 310.618995] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 310.626253] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 310.633505] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 310.640756] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000001c 2033/05/18 03:34:23 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) 2033/05/18 03:34:23 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c653002", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:23 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000e400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:23 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0575", 0x3) 2033/05/18 03:34:23 executing program 5: r0 = fanotify_init(0xf2fb50f043f4f402, 0x1000) vmsplice(r0, &(0x7f0000000340)=[{&(0x7f0000000280)="7a55c09549eb4d6d894074de32939cbe5e45cd74ace01eca959baab61a5f5d74b9c4416e8e96f306e656322fedf735ecdaeca1652f09008bbe305efd16b22369eda3f3ff322f5b6801a3cb47db52157298f8469298626eee7f3140c58212470216ca4aa511c803a9c953e2f783e27caea7227cfa65fb3daf478dc84145f4d844b861ff78afbef1cbc79d", 0x8a}], 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x7, 0x0, 0x1, 0x49}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x1, 0x0) setsockopt$llc_int(r1, 0x10c, 0x2, &(0x7f00000003c0)=0x1, 0x4) r2 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x4028700f, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000240)={0x0, 0x40, 0x2, [0x645, 0x100000001]}, &(0x7f0000000400)=0xc) setsockopt$inet_sctp_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000440)={r4, 0x9}, 0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f00000005c0)={r4, 0x6}, 0x8) ioctl$TIOCCBRK(r3, 0x5428) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ashmem\x00', 0x2000, 0x0) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000580)=@get={0x1, &(0x7f0000000480)=""/222, 0x8265}) getsockopt$inet_dccp_buf(r3, 0x21, 0xc0, &(0x7f0000000140)=""/230, &(0x7f0000000080)=0xe6) 2033/05/18 03:34:23 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000012000/0x2000)=nil, 0x2000, 0x40001, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:23 executing program 6: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'veth1_to_team\x00', 0x400}) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x4002, 0x0) 2033/05/18 03:34:23 executing program 1 (fault-call:0 fault-nth:29): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 310.873664] FAULT_INJECTION: forcing a failure. [ 310.873664] name failslab, interval 1, probability 0, space 0, times 0 [ 310.885070] CPU: 0 PID: 20974 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 310.892005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.901364] Call Trace: [ 310.903968] dump_stack+0x1b9/0x294 [ 310.907610] ? dump_stack_print_info.cold.2+0x52/0x52 [ 310.912810] ? __lock_acquire+0x7f5/0x5140 [ 310.917063] should_fail.cold.4+0xa/0x1a 2033/05/18 03:34:23 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='attr/exec\x00') fchmodat(r0, &(0x7f00000002c0)='./file0\x00', 0x10) sendmsg$nl_crypto(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x808010}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)=@alg={0xf0, 0x10, 0x200, 0x70bd27, 0x25dfdbfc, {{'morus640-sse2\x00'}, [], [], 0x400, 0x2000}, [{0x8, 0x1, 0x1}, {0x8, 0x1, 0x8}]}, 0xf0}, 0x1, 0x0, 0x0, 0x1}, 0x40000) clock_gettime(0x0, &(0x7f00000000c0)={0x0}) write$evdev(r0, &(0x7f0000000140)=[{{r1}}], 0x18) [ 310.921141] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 310.926344] ? debug_check_no_locks_freed+0x310/0x310 [ 310.931558] ? find_held_lock+0x36/0x1c0 [ 310.935631] ? perf_trace_lock+0xd6/0x900 [ 310.939788] ? perf_trace_lock_acquire+0xe3/0x980 [ 310.944652] ? perf_trace_lock_acquire+0xe3/0x980 [ 310.949502] ? zap_class+0x720/0x720 [ 310.953229] ? perf_trace_lock+0x900/0x900 [ 310.957470] ? graph_lock+0x170/0x170 [ 310.961296] ? is_bpf_text_address+0xd7/0x170 [ 310.965782] ? kernel_text_address+0x79/0xf0 [ 310.970197] __should_failslab+0x124/0x180 [ 310.974423] should_failslab+0x9/0x14 [ 310.978214] kmem_cache_alloc+0x47/0x760 [ 310.982262] ? find_held_lock+0x36/0x1c0 [ 310.986317] ? __es_tree_search.isra.12+0x1ba/0x220 [ 310.991329] __es_insert_extent+0x2fd/0x1130 [ 310.995736] ? ext4_es_insert_extent+0x20b/0x7c0 [ 311.000485] ? ext4_es_free_extent+0x800/0x800 [ 311.005056] ? lock_release+0xa10/0xa10 [ 311.009042] ? __lock_is_held+0xb5/0x140 [ 311.013106] ? kasan_check_write+0x14/0x20 [ 311.017341] ? do_raw_write_lock+0xbd/0x1b0 [ 311.021655] ext4_es_insert_extent+0x2d9/0x7c0 [ 311.026233] ? ext4_es_find_delayed_extent_range+0xd70/0xd70 [ 311.032029] ? __lock_is_held+0xb5/0x140 [ 311.036093] ? rcu_read_lock_sched_held+0x108/0x120 [ 311.041102] ? __kmalloc+0x5f9/0x760 [ 311.044810] ext4_ext_put_gap_in_cache+0x150/0x1d0 [ 311.049740] ? ext4_zeroout_es+0x160/0x160 [ 311.053967] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 311.059504] ext4_ext_map_blocks+0x240e/0x6270 [ 311.064074] ? perf_trace_lock+0x900/0x900 [ 311.068321] ? perf_trace_lock_acquire+0xe3/0x980 [ 311.073164] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 311.078175] ? perf_trace_lock+0x900/0x900 [ 311.082403] ? find_held_lock+0x36/0x1c0 [ 311.086453] ? graph_lock+0x170/0x170 [ 311.090243] ? graph_lock+0x170/0x170 [ 311.094042] ? lock_downgrade+0x8e0/0x8e0 [ 311.098190] ? lock_acquire+0x1dc/0x520 [ 311.102153] ? ext4_map_blocks+0x466/0x1b40 [ 311.106466] ? lock_release+0xa10/0xa10 [ 311.110431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.115966] ? ext4_es_lookup_extent+0x45d/0xdd0 [ 311.120712] ? rcu_note_context_switch+0x710/0x710 [ 311.125633] ? __might_sleep+0x95/0x190 [ 311.129608] ? down_read+0xaf/0x1b0 [ 311.133222] ? ext4_map_blocks+0x466/0x1b40 [ 311.137530] ? __down_interruptible+0x6e0/0x6e0 [ 311.142197] ? kernel_text_address+0x79/0xf0 [ 311.146592] ? __unwind_start+0x166/0x330 [ 311.150728] ext4_map_blocks+0xe17/0x1b40 [ 311.154867] ? __save_stack_trace+0x7e/0xd0 [ 311.159184] ? ext4_issue_zeroout+0x190/0x190 [ 311.163672] ? save_stack+0x43/0xd0 [ 311.167285] ? __kasan_slab_free+0x11a/0x170 [ 311.171679] ? kmem_cache_free+0x86/0x2d0 [ 311.175810] ? putname+0xf2/0x130 [ 311.179512] ext4_getblk+0x105/0x600 [ 311.183221] ? ext4_iomap_begin+0x1330/0x1330 [ 311.187706] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 311.192288] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.197820] ? __dquot_initialize+0x615/0xdc0 [ 311.202301] ? kasan_check_write+0x14/0x20 [ 311.206525] ext4_bread+0x8d/0x2a0 [ 311.210059] ? ext4_getblk+0x600/0x600 [ 311.213934] ? dquot_get_next_dqblk+0x180/0x180 [ 311.218595] ? kasan_check_write+0x14/0x20 [ 311.222825] ext4_append+0x14e/0x370 [ 311.226537] ext4_mkdir+0x52a/0xe50 [ 311.230162] ? ext4_init_dot_dotdot+0x510/0x510 [ 311.234830] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.240358] ? security_inode_permission+0xd2/0x100 [ 311.245622] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.251147] ? security_inode_mkdir+0xe8/0x120 [ 311.255715] ? getname_flags+0xd0/0x5a0 [ 311.259678] vfs_mkdir+0x42e/0x6b0 [ 311.263209] do_mkdirat+0x266/0x2f0 [ 311.266826] ? __ia32_sys_mknod+0xb0/0xb0 [ 311.270966] ? ksys_ioctl+0x81/0xd0 [ 311.274581] ? do_syscall_64+0x92/0x800 [ 311.278551] __x64_sys_mkdir+0x5c/0x80 [ 311.282429] do_syscall_64+0x1b1/0x800 [ 311.286315] ? finish_task_switch+0x1ca/0x840 [ 311.290800] ? syscall_return_slowpath+0x5c0/0x5c0 [ 311.295716] ? syscall_return_slowpath+0x30f/0x5c0 [ 311.300637] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 311.305993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 311.310836] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.316014] RIP: 0033:0x454e47 [ 311.319191] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.338563] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 311.346271] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 311.353531] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 311.360786] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 311.368040] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 2033/05/18 03:34:23 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700dd00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:23 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x109481, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x70, 0xbb, 0xa970, 0xffffffffffffff7f, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x202, 0x7fffffff, 0x5, 0x9, 0x4, 0x8, 0x5, 0x8000, 0xc7, 0x939f, 0x5, 0x6db, 0xffffffffffff9022, 0x2, 0x63f5, 0xfff, 0xfbc, 0x4, 0x7, 0x9a, 0x1, 0xfff, 0x77, 0x6, 0x3, 0x4ae, 0x768, 0x0, 0x40, 0x1, @perf_bp={&(0x7f0000000040), 0x2}, 0x10000, 0x80000000, 0x2, 0x0, 0x9, 0x1f, 0x10001}, r0, 0x0, r1, 0x8) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r2, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r2, 0x4, 0x0) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000604ffc)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1}) socket$l2tp(0x18, 0x1, 0x1) rt_sigreturn() dup2(r2, r4) 2033/05/18 03:34:23 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1375", 0x3) 2033/05/18 03:34:23 executing program 5: r0 = fanotify_init(0xf2fb50f043f4f402, 0x1000) vmsplice(r0, &(0x7f0000000340)=[{&(0x7f0000000280)="7a55c09549eb4d6d894074de32939cbe5e45cd74ace01eca959baab61a5f5d74b9c4416e8e96f306e656322fedf735ecdaeca1652f09008bbe305efd16b22369eda3f3ff322f5b6801a3cb47db52157298f8469298626eee7f3140c58212470216ca4aa511c803a9c953e2f783e27caea7227cfa65fb3daf478dc84145f4d844b861ff78afbef1cbc79d", 0x8a}], 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x7, 0x0, 0x1, 0x49}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x1, 0x0) setsockopt$llc_int(r1, 0x10c, 0x2, &(0x7f00000003c0)=0x1, 0x4) r2 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x4028700f, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000240)={0x0, 0x40, 0x2, [0x645, 0x100000001]}, &(0x7f0000000400)=0xc) setsockopt$inet_sctp_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000440)={r4, 0x9}, 0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f00000005c0)={r4, 0x6}, 0x8) ioctl$TIOCCBRK(r3, 0x5428) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ashmem\x00', 0x2000, 0x0) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000580)=@get={0x1, &(0x7f0000000480)=""/222, 0x8265}) getsockopt$inet_dccp_buf(r3, 0x21, 0xc0, &(0x7f0000000140)=""/230, &(0x7f0000000080)=0xe6) 2033/05/18 03:34:23 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 311.375303] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000001d 2033/05/18 03:34:24 executing program 1 (fault-call:0 fault-nth:30): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:24 executing program 6: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x4, 0x802, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x717a, 0x600400) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f00000001c0)=0xffffffffffff704d, 0x4) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000180)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], 0x9, 0x4, 0x5, 0x2}) prctl$void(0xe) [ 311.530974] FAULT_INJECTION: forcing a failure. [ 311.530974] name failslab, interval 1, probability 0, space 0, times 0 [ 311.542784] CPU: 0 PID: 21007 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 311.549730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.559088] Call Trace: [ 311.561672] dump_stack+0x1b9/0x294 [ 311.565300] ? dump_stack_print_info.cold.2+0x52/0x52 [ 311.570484] ? lock_downgrade+0x8e0/0x8e0 [ 311.574626] ? inode_io_list_del_locked+0x3b0/0x3b0 [ 311.579634] should_fail.cold.4+0xa/0x1a [ 311.583682] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 311.588779] ? graph_lock+0x170/0x170 [ 311.592567] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.598095] ? __mark_inode_dirty+0x499/0x1530 [ 311.602662] ? __inode_attach_wb+0x1310/0x1310 [ 311.607236] ? kasan_check_read+0x11/0x20 [ 311.611371] ? __lock_is_held+0xb5/0x140 [ 311.615428] ? check_same_owner+0x320/0x320 [ 311.619737] ? __dquot_alloc_space+0x4fc/0x8a0 [ 311.624305] ? rcu_note_context_switch+0x710/0x710 [ 311.629221] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 311.634227] __should_failslab+0x124/0x180 [ 311.638447] should_failslab+0x9/0x14 [ 311.642230] kmem_cache_alloc+0x2af/0x760 [ 311.646360] ? percpu_counter_add_batch+0xf2/0x150 [ 311.651282] ext4_mb_new_blocks+0x773/0x4730 [ 311.655677] ? find_held_lock+0x36/0x1c0 [ 311.659731] ? ext4_discard_preallocations+0x13b0/0x13b0 [ 311.665169] ? kasan_check_read+0x11/0x20 [ 311.669304] ? rcu_is_watching+0x85/0x140 [ 311.673439] ? rcu_report_qs_rnp+0x790/0x790 [ 311.677834] ? rcu_report_qs_rnp+0x790/0x790 [ 311.682232] ? is_bpf_text_address+0xd7/0x170 [ 311.686712] ? kernel_text_address+0x79/0xf0 [ 311.691112] ? __unwind_start+0x166/0x330 [ 311.695243] ? __kernel_text_address+0xd/0x40 [ 311.699721] ? unwind_get_return_address+0x61/0xa0 [ 311.704635] ? __save_stack_trace+0x7e/0xd0 [ 311.708970] ? save_stack+0xa9/0xd0 [ 311.712588] ? save_stack+0x43/0xd0 [ 311.716199] ? kasan_kmalloc+0xc4/0xe0 [ 311.720069] ? __kmalloc+0x14e/0x760 [ 311.723770] ? ext4_find_extent+0x6f3/0x960 [ 311.728076] ? ext4_ext_map_blocks+0x28a/0x6270 [ 311.732728] ? ext4_map_blocks+0x8d9/0x1b40 [ 311.737034] ? ext4_getblk+0x105/0x600 [ 311.740904] ? ext4_bread+0x8d/0x2a0 [ 311.744602] ? ext4_append+0x14e/0x370 [ 311.748472] ? ext4_mkdir+0x52a/0xe50 [ 311.752260] ? vfs_mkdir+0x42e/0x6b0 [ 311.755955] ? do_mkdirat+0x266/0x2f0 [ 311.759737] ? __x64_sys_mkdir+0x5c/0x80 [ 311.763781] ? do_syscall_64+0x1b1/0x800 [ 311.767828] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.773206] ? save_stack+0xa9/0xd0 [ 311.776819] ? print_usage_bug+0xc0/0xc0 [ 311.780863] ? graph_lock+0x170/0x170 [ 311.784644] ? __lock_is_held+0xb5/0x140 [ 311.788686] ? ext4_bread+0x8d/0x2a0 [ 311.792392] ? __lock_is_held+0xb5/0x140 [ 311.796445] ? rcu_read_lock_sched_held+0x108/0x120 [ 311.801443] ? __kmalloc+0x5f9/0x760 [ 311.805142] ? ext4_find_extent+0x6f3/0x960 [ 311.809450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.814979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.820503] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 311.825508] ext4_ext_map_blocks+0x2d63/0x6270 [ 311.830084] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 311.835085] ? ext4_expand_extra_isize+0x590/0x590 [ 311.840014] ? graph_lock+0x170/0x170 [ 311.843807] ? find_held_lock+0x36/0x1c0 [ 311.847854] ? graph_lock+0x170/0x170 [ 311.851637] ? graph_lock+0x170/0x170 [ 311.855423] ? graph_lock+0x170/0x170 [ 311.859207] ? lock_downgrade+0x8e0/0x8e0 [ 311.863340] ? graph_lock+0x170/0x170 [ 311.867132] ? lock_acquire+0x1dc/0x520 [ 311.871102] ? ext4_map_blocks+0x871/0x1b40 [ 311.875410] ? lock_release+0xa10/0xa10 [ 311.879372] ? check_same_owner+0x320/0x320 [ 311.883684] ? rcu_note_context_switch+0x710/0x710 [ 311.888604] ? down_write+0x87/0x120 [ 311.892320] ext4_map_blocks+0x8d9/0x1b40 [ 311.896455] ? __save_stack_trace+0x7e/0xd0 [ 311.900769] ? ext4_issue_zeroout+0x190/0x190 [ 311.905253] ? save_stack+0x43/0xd0 [ 311.908869] ? __kasan_slab_free+0x11a/0x170 [ 311.913271] ? kmem_cache_free+0x86/0x2d0 [ 311.917404] ? putname+0xf2/0x130 [ 311.920844] ext4_getblk+0x105/0x600 [ 311.924546] ? ext4_iomap_begin+0x1330/0x1330 [ 311.929032] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.934555] ? __dquot_initialize+0x615/0xdc0 [ 311.939036] ? kasan_check_write+0x14/0x20 [ 311.943261] ext4_bread+0x8d/0x2a0 [ 311.946797] ? ext4_getblk+0x600/0x600 [ 311.950675] ? dquot_get_next_dqblk+0x180/0x180 [ 311.955328] ? kasan_check_write+0x14/0x20 [ 311.959553] ext4_append+0x14e/0x370 [ 311.963252] ext4_mkdir+0x52a/0xe50 [ 311.966867] ? ext4_init_dot_dotdot+0x510/0x510 [ 311.971525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.977048] ? security_inode_permission+0xd2/0x100 [ 311.982051] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.987574] ? security_inode_mkdir+0xe8/0x120 [ 311.992140] ? getname_flags+0xd0/0x5a0 [ 311.996099] vfs_mkdir+0x42e/0x6b0 [ 311.999629] do_mkdirat+0x266/0x2f0 [ 312.003887] ? __ia32_sys_mknod+0xb0/0xb0 [ 312.008031] ? ksys_ioctl+0x81/0xd0 [ 312.011645] ? do_syscall_64+0x92/0x800 [ 312.015607] __x64_sys_mkdir+0x5c/0x80 [ 312.019480] do_syscall_64+0x1b1/0x800 [ 312.023367] ? finish_task_switch+0x1ca/0x840 [ 312.027852] ? syscall_return_slowpath+0x5c0/0x5c0 [ 312.032767] ? syscall_return_slowpath+0x30f/0x5c0 [ 312.037702] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 312.043053] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.047885] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.053056] RIP: 0033:0x454e47 [ 312.056228] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 312.075486] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 312.083184] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 312.090445] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 312.097721] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 312.104972] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 312.112227] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000001e 2033/05/18 03:34:24 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:24 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:24 executing program 5: setgroups(0x350a7178f7fb3761, &(0x7f0000000080)) exit_group(0x3) r0 = open(&(0x7f0000000000)='./file0\x00', 0x404200, 0x104) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) 2033/05/18 03:34:24 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:24 executing program 1 (fault-call:0 fault-nth:31): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:24 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0a75", 0x3) 2033/05/18 03:34:24 executing program 6: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x220000) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000180)={0x68, 0x7}) ioctl(r0, 0x10000008912, &(0x7f0000000240)="0047fc2f07d82c99240970") mmap(&(0x7f0000000000/0xe73000)=nil, 0xe73000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000000080)) r3 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xce, 0x200003) setsockopt$inet_tcp_buf(r3, 0x6, 0x3d, &(0x7f00000001c0)="6b456175a187b6b41adbfda3a07e585a328be56e3354631d8bbe0761870f66c9544da48621e6cb87a028a824f6796898500b69fd008646c685e31035bfb204c90467e0813c30df8a0d351e00f73a49eec2a17c69b774a9be2e8a1fb48a046603fcf841dbafb736d03b29e45a3f454ca4f6616b4381d519b3e6d1f69218a1", 0x7e) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r3, &(0x7f00000000c0)="2b493223157c1725be49f11b2881bf90c85c910dfa9d336acfe82b45ef708fdef10a89a78279bb2529106f7127fc41a790d5ad03674a907f9fcbbd5dbcbaa79f96"}, 0x10) mlockall(0x3) 2033/05/18 03:34:24 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x4000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) mmap(&(0x7f0000013000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x2b) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x4000000000000, @time, {0x0, 0x40000000000004}, {0x0, 0x100000000001}, @time=@time={0x77359400}}], 0xffffffffffffff87) fcntl$setstatus(r1, 0x4, 0x800) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) [ 312.369816] FAULT_INJECTION: forcing a failure. [ 312.369816] name failslab, interval 1, probability 0, space 0, times 0 [ 312.381273] CPU: 1 PID: 21037 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 312.388212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.397572] Call Trace: [ 312.400176] dump_stack+0x1b9/0x294 [ 312.403820] ? dump_stack_print_info.cold.2+0x52/0x52 [ 312.409025] ? lock_downgrade+0x8e0/0x8e0 [ 312.413212] ? inode_io_list_del_locked+0x3b0/0x3b0 2033/05/18 03:34:24 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, &(0x7f0000000440), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="73657373696f6e7d322c00e2082cddb6fbd03b27fb2337924eb1ce1ff04e1a9095fef03efa81c67006798c3ac82e4c7c43ff41e611dda390f717b2008e905b0d"]) [ 312.418253] should_fail.cold.4+0xa/0x1a [ 312.422335] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 312.427460] ? graph_lock+0x170/0x170 [ 312.431273] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 312.436822] ? __mark_inode_dirty+0x499/0x1530 [ 312.441419] ? __inode_attach_wb+0x1310/0x1310 [ 312.446032] ? kasan_check_read+0x11/0x20 [ 312.450194] ? __lock_is_held+0xb5/0x140 [ 312.454280] ? check_same_owner+0x320/0x320 [ 312.458613] ? __dquot_alloc_space+0x4fc/0x8a0 [ 312.463209] ? rcu_note_context_switch+0x710/0x710 2033/05/18 03:34:25 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000ed00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 312.468151] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 312.473182] __should_failslab+0x124/0x180 [ 312.477430] should_failslab+0x9/0x14 [ 312.481237] kmem_cache_alloc+0x2af/0x760 [ 312.485399] ? percpu_counter_add_batch+0xf2/0x150 [ 312.490354] ext4_mb_new_blocks+0x773/0x4730 [ 312.494783] ? find_held_lock+0x36/0x1c0 [ 312.498862] ? ext4_discard_preallocations+0x13b0/0x13b0 [ 312.504326] ? kasan_check_read+0x11/0x20 [ 312.508480] ? rcu_is_watching+0x85/0x140 [ 312.512618] ? rcu_report_qs_rnp+0x790/0x790 [ 312.517026] ? rcu_report_qs_rnp+0x790/0x790 [ 312.521436] ? is_bpf_text_address+0xd7/0x170 [ 312.525925] ? kernel_text_address+0x79/0xf0 [ 312.530323] ? __unwind_start+0x166/0x330 [ 312.534457] ? __kernel_text_address+0xd/0x40 [ 312.538942] ? unwind_get_return_address+0x61/0xa0 [ 312.543861] ? __save_stack_trace+0x7e/0xd0 [ 312.548183] ? save_stack+0xa9/0xd0 [ 312.551798] ? save_stack+0x43/0xd0 [ 312.555445] ? kasan_kmalloc+0xc4/0xe0 [ 312.559317] ? __kmalloc+0x14e/0x760 [ 312.563025] ? ext4_find_extent+0x6f3/0x960 [ 312.567339] ? ext4_ext_map_blocks+0x28a/0x6270 [ 312.571993] ? ext4_map_blocks+0x8d9/0x1b40 [ 312.576301] ? ext4_getblk+0x105/0x600 [ 312.580174] ? ext4_bread+0x8d/0x2a0 [ 312.583872] ? ext4_append+0x14e/0x370 [ 312.587742] ? ext4_mkdir+0x52a/0xe50 [ 312.591526] ? vfs_mkdir+0x42e/0x6b0 [ 312.595222] ? do_mkdirat+0x266/0x2f0 [ 312.599019] ? __x64_sys_mkdir+0x5c/0x80 [ 312.603072] ? do_syscall_64+0x1b1/0x800 [ 312.607120] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.612475] ? save_stack+0xa9/0xd0 [ 312.616088] ? print_usage_bug+0xc0/0xc0 [ 312.620136] ? graph_lock+0x170/0x170 [ 312.623928] ? __lock_is_held+0xb5/0x140 [ 312.627982] ? ext4_bread+0x8d/0x2a0 [ 312.631695] ? __lock_is_held+0xb5/0x140 [ 312.635752] ? rcu_read_lock_sched_held+0x108/0x120 [ 312.640754] ? __kmalloc+0x5f9/0x760 [ 312.644457] ? ext4_find_extent+0x6f3/0x960 [ 312.648773] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.654299] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.659824] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 312.664836] ext4_ext_map_blocks+0x2d63/0x6270 [ 312.669420] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 312.674426] ? perf_trace_lock+0x900/0x900 [ 312.678654] ? perf_trace_lock+0x900/0x900 [ 312.682876] ? find_held_lock+0x36/0x1c0 [ 312.686926] ? graph_lock+0x170/0x170 [ 312.690712] ? graph_lock+0x170/0x170 [ 312.694500] ? graph_lock+0x170/0x170 [ 312.698286] ? lock_downgrade+0x8e0/0x8e0 [ 312.702420] ? graph_lock+0x170/0x170 [ 312.706235] ? lock_acquire+0x1dc/0x520 [ 312.710196] ? ext4_map_blocks+0x871/0x1b40 [ 312.714516] ? lock_release+0xa10/0xa10 [ 312.718484] ? rcu_note_context_switch+0x710/0x710 [ 312.723413] ? down_write+0x87/0x120 [ 312.727124] ext4_map_blocks+0x8d9/0x1b40 [ 312.731268] ? __save_stack_trace+0x7e/0xd0 [ 312.735585] ? ext4_issue_zeroout+0x190/0x190 [ 312.740069] ? save_stack+0x43/0xd0 [ 312.743681] ? __kasan_slab_free+0x11a/0x170 [ 312.748077] ? kmem_cache_free+0x86/0x2d0 [ 312.752211] ? putname+0xf2/0x130 [ 312.755653] ext4_getblk+0x105/0x600 [ 312.759356] ? ext4_iomap_begin+0x1330/0x1330 [ 312.763843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.769367] ? __dquot_initialize+0x615/0xdc0 [ 312.773846] ? kasan_check_write+0x14/0x20 [ 312.778078] ext4_bread+0x8d/0x2a0 [ 312.781606] ? ext4_getblk+0x600/0x600 [ 312.785479] ? dquot_get_next_dqblk+0x180/0x180 [ 312.790135] ? kasan_check_write+0x14/0x20 [ 312.794364] ext4_append+0x14e/0x370 [ 312.798071] ext4_mkdir+0x52a/0xe50 [ 312.801694] ? ext4_init_dot_dotdot+0x510/0x510 [ 312.806354] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.811878] ? security_inode_permission+0xd2/0x100 [ 312.816896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.822419] ? security_inode_mkdir+0xe8/0x120 [ 312.826989] ? getname_flags+0xd0/0x5a0 [ 312.830958] vfs_mkdir+0x42e/0x6b0 [ 312.834494] do_mkdirat+0x266/0x2f0 [ 312.838113] ? __ia32_sys_mknod+0xb0/0xb0 [ 312.842252] ? ksys_ioctl+0x81/0xd0 [ 312.845868] ? do_syscall_64+0x92/0x800 [ 312.849835] __x64_sys_mkdir+0x5c/0x80 [ 312.853719] do_syscall_64+0x1b1/0x800 [ 312.857593] ? finish_task_switch+0x1ca/0x840 [ 312.862076] ? syscall_return_slowpath+0x5c0/0x5c0 [ 312.866992] ? syscall_return_slowpath+0x30f/0x5c0 [ 312.871923] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 312.877280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.882113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.887295] RIP: 0033:0x454e47 [ 312.890641] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 312.909988] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 2033/05/18 03:34:25 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x58) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:25 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:25 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0675", 0x3) 2033/05/18 03:34:25 executing program 1 (fault-call:0 fault-nth:32): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 312.917699] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 312.924959] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 312.932214] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 312.939467] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 312.946722] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000001f [ 313.031790] hfsplus: unable to parse mount options [ 313.034815] FAULT_INJECTION: forcing a failure. [ 313.034815] name failslab, interval 1, probability 0, space 0, times 0 [ 313.048467] CPU: 1 PID: 21057 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 313.055397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.064750] Call Trace: [ 313.067343] dump_stack+0x1b9/0x294 [ 313.070981] ? dump_stack_print_info.cold.2+0x52/0x52 [ 313.076177] ? lock_downgrade+0x8e0/0x8e0 [ 313.080512] should_fail.cold.4+0xa/0x1a [ 313.084587] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 313.089695] ? graph_lock+0x170/0x170 [ 313.093501] ? __find_get_block+0xa29/0xe50 [ 313.097830] ? graph_lock+0x170/0x170 [ 313.101643] ? __find_get_block+0x365/0xe50 [ 313.105979] ? __lock_is_held+0xb5/0x140 [ 313.110048] ? __lock_is_held+0xb5/0x140 [ 313.114121] ? check_same_owner+0x320/0x320 [ 313.118458] ? check_same_owner+0x320/0x320 [ 313.122780] ? lock_release+0xa10/0xa10 [ 313.126765] ? rcu_note_context_switch+0x710/0x710 [ 313.131698] ? __might_sleep+0x95/0x190 [ 313.135679] __should_failslab+0x124/0x180 [ 313.139922] should_failslab+0x9/0x14 [ 313.143729] kmem_cache_alloc+0x2af/0x760 [ 313.147891] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 313.152929] jbd2_journal_add_journal_head+0x1e7/0x5c0 [ 313.158220] ? jbd2_journal_write_metadata_buffer+0xef0/0xef0 [ 313.164127] jbd2_journal_get_create_access+0x42/0x600 [ 313.169413] ? rcu_note_context_switch+0x710/0x710 [ 313.174359] __ext4_journal_get_create_access+0x46/0x90 2033/05/18 03:34:25 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700ae00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 313.179733] ext4_getblk+0x2a9/0x600 [ 313.183460] ? ext4_iomap_begin+0x1330/0x1330 [ 313.187966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 313.193511] ? __dquot_initialize+0x615/0xdc0 [ 313.198012] ? kasan_check_write+0x14/0x20 [ 313.202253] ext4_bread+0x8d/0x2a0 [ 313.205796] ? ext4_getblk+0x600/0x600 [ 313.209686] ? dquot_get_next_dqblk+0x180/0x180 [ 313.214361] ? kasan_check_write+0x14/0x20 [ 313.218607] ext4_append+0x14e/0x370 [ 313.222329] ext4_mkdir+0x52a/0xe50 [ 313.225966] ? ext4_init_dot_dotdot+0x510/0x510 [ 313.230647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 313.236196] ? security_inode_permission+0xd2/0x100 [ 313.241305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 313.246847] ? security_inode_mkdir+0xe8/0x120 [ 313.251467] ? getname_flags+0xd0/0x5a0 [ 313.255448] vfs_mkdir+0x42e/0x6b0 [ 313.258998] do_mkdirat+0x266/0x2f0 [ 313.262630] ? __ia32_sys_mknod+0xb0/0xb0 [ 313.266786] ? ksys_ioctl+0x81/0xd0 [ 313.270417] ? do_syscall_64+0x92/0x800 [ 313.274395] __x64_sys_mkdir+0x5c/0x80 [ 313.278289] do_syscall_64+0x1b1/0x800 [ 313.282178] ? finish_task_switch+0x1ca/0x840 [ 313.286679] ? syscall_return_slowpath+0x5c0/0x5c0 [ 313.291614] ? syscall_return_slowpath+0x30f/0x5c0 [ 313.296548] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 313.301918] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 313.306778] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.311979] RIP: 0033:0x454e47 [ 313.315159] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 313.334558] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 313.342282] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 313.349558] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 313.356829] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 313.364101] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 313.371368] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000020 [ 313.379214] ENOMEM in journal_alloc_journal_head, retrying. [ 313.402632] hfsplus: unable to parse mount options 2033/05/18 03:34:26 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) r2 = getpgid(r1) sched_setscheduler(r2, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x26) r3 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@mcast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast2}}, &(0x7f0000000040)=0xe8) ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f00000000c0)={@empty, 0x46, r4}) open(&(0x7f0000000280)='./bus\x00', 0x200040, 0x0) 2033/05/18 03:34:26 executing program 5: mmap(&(0x7f0000000000/0x48000)=nil, 0x48000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x240, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0xffffffffffffff01, 0x6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000003c0)={r1, @in={{0x2, 0x4e20, @multicast2=0xe0000002}}}, &(0x7f0000000480)=0x84) mmap(&(0x7f0000000000/0x18000)=nil, 0x18000, 0x3, 0x32, 0xffffffffffffffff, 0x0) socketpair(0x15, 0x7, 0x81, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$nfc_llcp(r2, &(0x7f0000000380)=[{&(0x7f0000000100)={0x27, 0x0, 0x1, 0x7, 0x100000001, 0x401, "d36dcf63f1129db926be5eeab08dd97e4eb6d01ab92dd31ce03c3a6344972e19ae156f114a37a2c5fd72a67b05747c9e5ed2a0622094cebf720d7139a3f7e6", 0x3a}, 0x60, &(0x7f0000000280)=[{&(0x7f0000000180)="6f67c35e2534023e286e2fbd3388f43c1014c3d3eb1b6a259e8d44f255788ffc4cbc49d9f78b5d11a68e9e0e61bed55a2d26f8152210bb1aa74b416d6671f7b7ba9bf4502ef38046764cefffcc00e630a951016cfcc2b211f8563a38310dfdcfbbd22ea07305de4278f0a503a96a2ee4fe2fa40739bf27eae0a7924c055845b54a3491505bdf31c2be0210b5e6aea025956a74618574668d2d02b6dd163bf2e439f75ac8615c41299a24ceeeef0dfa4221ed70448b7e9863ea6893bd0000000000", 0xc1}], 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="a800000000000005000000907598e5ba5de672581b1aa2737d614f86a0a8c9ed43164eaf4e624f50c41dbb8726d067c2b1db250376de60606cd6208a3fe96eb74c1e877acc301948d5930c0b6f7c6daa0fc62f6e038c9aa5e9438b0a3e6f32121a086a4b0f30c14bcd3e1d473bc0ed697c384300d654e6c6bb41a99dab52b039ca0b92b6f80300a9741ad0877c2a451abb4c6f8e2bad61de4079909cd6e10cfc465042000000000000073e9cf94217d435b1ee720f592f86d5f488fa1233f486f68a054e9ec9fedada859309636a2cb49bab21bde25f033aa203861838841fa829a22b08fa76"], 0xa8, 0x800}], 0x1, 0x100000000000000) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0xffffffffffffffff, 0x0) ioctl$int_in(r3, 0x5407, &(0x7f0000026ffa)) 2033/05/18 03:34:26 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cuse\x00', 0x0, 0x0) setsockopt$ipx_IPX_TYPE(r0, 0x100, 0x1, &(0x7f00000001c0)=0x15e400, 0x4) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) rt_sigprocmask(0x2, &(0x7f0000000000)={0x984}, &(0x7f0000000140), 0x8) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000000c0)="c4c379146600006543a02d0000000000000064670f01cab8010000000f01d946d8f1e1b066ba400066edb9f60800000f32f2400f0964460f35", 0x39}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000100)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2033/05/18 03:34:26 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1475", 0x3) 2033/05/18 03:34:26 executing program 1 (fault-call:0 fault-nth:33): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:26 executing program 2: sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r0, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000604ffc)) dup2(r0, r2) 2033/05/18 03:34:26 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:26 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000001000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 313.921887] FAULT_INJECTION: forcing a failure. [ 313.921887] name failslab, interval 1, probability 0, space 0, times 0 [ 313.933234] CPU: 1 PID: 21075 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 313.940172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.949527] Call Trace: [ 313.952140] dump_stack+0x1b9/0x294 [ 313.955767] ? dump_stack_print_info.cold.2+0x52/0x52 [ 313.960953] ? __lock_acquire+0x7f5/0x5140 [ 313.965174] ? do_raw_spin_unlock+0x9e/0x2e0 [ 313.969575] should_fail.cold.4+0xa/0x1a [ 313.973622] ? do_raw_spin_lock+0xc1/0x200 [ 313.977841] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 313.982932] ? debug_check_no_locks_freed+0x310/0x310 [ 313.988104] ? debug_check_no_obj_freed+0x2ff/0x584 [ 313.993113] ? __lock_is_held+0xb5/0x140 [ 313.997164] ? perf_trace_lock_acquire+0xe3/0x980 [ 314.002048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.007605] ? ext4_ext_map_blocks+0xf9d/0x6270 [ 314.012268] ? perf_trace_lock+0x900/0x900 [ 314.016535] __should_failslab+0x124/0x180 [ 314.020772] should_failslab+0x9/0x14 [ 314.024567] kmem_cache_alloc+0x47/0x760 [ 314.028612] ? perf_trace_lock+0x900/0x900 [ 314.032842] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 314.037845] ? ext4_es_can_be_merged+0x238/0x2a0 [ 314.042595] __es_insert_extent+0x2fd/0x1130 [ 314.046992] ? ext4_es_free_extent+0x800/0x800 [ 314.051572] ? lock_release+0xa10/0xa10 [ 314.055547] ? __lock_is_held+0xb5/0x140 [ 314.059601] ? kasan_check_write+0x14/0x20 [ 314.063822] ? do_raw_write_lock+0xbd/0x1b0 [ 314.068138] ext4_es_insert_extent+0x2d9/0x7c0 [ 314.072718] ? lock_release+0xa10/0xa10 [ 314.076683] ? ext4_es_find_delayed_extent_range+0xd70/0xd70 [ 314.082477] ? rcu_note_context_switch+0x710/0x710 [ 314.087396] ? down_write+0x87/0x120 [ 314.091104] ext4_map_blocks+0xaee/0x1b40 [ 314.095236] ? __save_stack_trace+0x7e/0xd0 [ 314.099549] ? ext4_issue_zeroout+0x190/0x190 [ 314.104040] ? save_stack+0x43/0xd0 [ 314.107653] ? __kasan_slab_free+0x11a/0x170 [ 314.112051] ? kmem_cache_free+0x86/0x2d0 [ 314.116190] ? putname+0xf2/0x130 [ 314.119634] ext4_getblk+0x105/0x600 [ 314.123357] ? ext4_iomap_begin+0x1330/0x1330 [ 314.127843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.133369] ? __dquot_initialize+0x615/0xdc0 [ 314.137851] ? kasan_check_write+0x14/0x20 [ 314.142074] ext4_bread+0x8d/0x2a0 [ 314.145611] ? ext4_getblk+0x600/0x600 [ 314.149498] ? dquot_get_next_dqblk+0x180/0x180 [ 314.154158] ? kasan_check_write+0x14/0x20 [ 314.158386] ext4_append+0x14e/0x370 [ 314.162090] ext4_mkdir+0x52a/0xe50 [ 314.165709] ? ext4_init_dot_dotdot+0x510/0x510 [ 314.170369] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.175900] ? security_inode_permission+0xd2/0x100 [ 314.180912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.186434] ? security_inode_mkdir+0xe8/0x120 [ 314.191012] ? getname_flags+0xd0/0x5a0 [ 314.194981] vfs_mkdir+0x42e/0x6b0 [ 314.198510] do_mkdirat+0x266/0x2f0 [ 314.202127] ? __ia32_sys_mknod+0xb0/0xb0 [ 314.206265] ? ksys_ioctl+0x81/0xd0 [ 314.209880] ? do_syscall_64+0x92/0x800 [ 314.213840] __x64_sys_mkdir+0x5c/0x80 [ 314.217721] do_syscall_64+0x1b1/0x800 [ 314.221593] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 314.226422] ? syscall_return_slowpath+0x5c0/0x5c0 [ 314.231339] ? syscall_return_slowpath+0x30f/0x5c0 [ 314.236259] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 314.241622] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 314.246462] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.251634] RIP: 0033:0x454e47 2033/05/18 03:34:26 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530f6", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 314.254803] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.274069] RSP: 002b:00007f787067fba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 314.281767] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000454e47 [ 314.289027] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 0000000020000040 [ 314.296283] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 314.303537] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 314.310803] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000021 2033/05/18 03:34:26 executing program 5: r0 = fcntl$getown(0xffffffffffffff9c, 0x9) r1 = fcntl$getown(0xffffffffffffffff, 0x9) r2 = syz_open_dev$binder(&(0x7f0000000480)='/dev/binder#\x00', 0x0, 0x2) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/pfkey\x00', 0x8200, 0x0) kcmp(r0, r1, 0x1, r2, r3) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x1, 0x0) r4 = memfd_create(&(0x7f000003e000)='\'', 0x0) r5 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) r6 = dup2(r5, r4) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000001000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"}) syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x30042) r7 = syz_open_dev$sndseq(&(0x7f000011c000)='/dev/snd/seq\x00', 0x0, 0x8000000000102) write$sndseq(r7, &(0x7f00000001c0)=[{0x1e, 0x0, 0x0, 0x3fd, @time, {}, {}, @connect}], 0x30) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r4, 0x402c5342, &(0x7f0000000080)={0x0, 0xa7e, 0x26}) ioctl$KVM_GET_EMULATED_CPUID(r3, 0xc008ae09, &(0x7f0000000200)=""/201) 2033/05/18 03:34:26 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000000000008500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:26 executing program 1 (fault-call:0 fault-nth:34): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:26 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0775", 0x3) 2033/05/18 03:34:27 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 314.467011] FAULT_INJECTION: forcing a failure. [ 314.467011] name failslab, interval 1, probability 0, space 0, times 0 [ 314.478391] CPU: 0 PID: 21099 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 314.485325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.494683] Call Trace: [ 314.497279] dump_stack+0x1b9/0x294 [ 314.500904] ? dump_stack_print_info.cold.2+0x52/0x52 [ 314.506116] should_fail.cold.4+0xa/0x1a [ 314.510179] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 314.515271] ? save_stack+0x43/0xd0 [ 314.518886] ? kasan_kmalloc+0xc4/0xe0 [ 314.522759] ? __kmalloc_track_caller+0x14a/0x760 [ 314.527588] ? memdup_user+0x2c/0xa0 [ 314.531287] ? strndup_user+0x77/0xd0 [ 314.535077] ? graph_lock+0x170/0x170 [ 314.538862] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.544221] ? find_held_lock+0x36/0x1c0 [ 314.548290] ? check_same_owner+0x320/0x320 [ 314.552597] ? lock_release+0xa10/0xa10 [ 314.556562] ? rcu_note_context_switch+0x710/0x710 [ 314.561495] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 314.566502] ? __check_object_size+0x95/0x5d9 [ 314.570988] __should_failslab+0x124/0x180 [ 314.575234] should_failslab+0x9/0x14 [ 314.579028] __kmalloc_track_caller+0x2c4/0x760 [ 314.583726] ? strncpy_from_user+0x500/0x500 [ 314.588125] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 314.593665] ? strndup_user+0x77/0xd0 [ 314.597456] memdup_user+0x2c/0xa0 [ 314.600986] strndup_user+0x77/0xd0 [ 314.604602] ksys_mount+0x73/0x140 [ 314.608129] __x64_sys_mount+0xbe/0x150 [ 314.612090] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 314.617097] do_syscall_64+0x1b1/0x800 [ 314.620969] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 314.625799] ? syscall_return_slowpath+0x5c0/0x5c0 [ 314.630734] ? syscall_return_slowpath+0x30f/0x5c0 [ 314.635654] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 314.641027] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 314.645875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.651054] RIP: 0033:0x45843a 2033/05/18 03:34:27 executing program 5: prctl$setname(0xf, &(0x7f0000000300)="f2a9eac4eb1848700c7da799d0b682563530947609fef4165fef016d08fbd4aecd440637756ed33a85d835ea8c50816e5cc4802dedea1299f6213c624b7bb77cd6d5d5f3efd7646afe9b41ee4d83f85347407c1f2133d84d3bfd1fb6beeba9433525f443330543c220001b7fc76f04ec873a9657a00b9ba79043ce354b0fc85061a28652000911dd96071c859d7a56565de1cf56e75b4970641c301ef6d2fdd698201b1a807194beb18b80afe6023882ba928fb379647bf9d761452feba3e6263acc40fc6d36186f87aa414b0c5a82e7a5efab7c1bb2dc4a7cb10742194b473523e5d8c604b3e3963691387ebf9cca1a75564a4587d7e699dab435414abc835dc8133cb0ec6cbfbb13a0b083e443fe4b7f63e06a14bdf27dba5dc441000c754495f16fbedb4f8b34fcdb58053011a45c8cda67ee0b7d435a731dcb41c52863126ad2dc1dc3686b7ee45422f8f898b5eec241777aa2bde8401b23a5928bfbf46eece9ff") seccomp(0x1, 0x2, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) acct(&(0x7f0000000040)='./file0\x00') [ 314.654250] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 314.673569] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 314.681365] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 314.688621] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 314.695874] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 314.703127] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 314.710390] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000022 2033/05/18 03:34:27 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000000600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 314.829785] kauditd_printk_skb: 219 callbacks suppressed [ 314.829822] audit: type=1326 audit(2000000067.381:232): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 314.856521] audit: type=1326 audit(2000000067.381:233): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=163 compat=0 ip=0x455a09 code=0x50000 [ 314.877690] audit: type=1326 audit(2000000067.381:234): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 314.898875] audit: type=1326 audit(2000000067.381:235): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 314.920055] audit: type=1326 audit(2000000067.381:236): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 314.941197] audit: type=1326 audit(2000000067.381:237): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 314.962349] audit: type=1326 audit(2000000067.381:238): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 314.983562] audit: type=1326 audit(2000000067.381:239): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 315.004711] audit: type=1326 audit(2000000067.381:240): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 [ 315.025857] audit: type=1326 audit(2000000067.381:241): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=21103 comm=F2A9EAC4EB1848700C7DA799D0B682 exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a09 code=0x50000 2033/05/18 03:34:27 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000040)) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:27 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:27 executing program 1 (fault-call:0 fault-nth:35): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:27 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67009a00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:27 executing program 6: r0 = socket$kcm(0x29, 0x9, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$inet6_sctp(0xa, 0x200000002000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x76, &(0x7f0000ad2000), &(0x7f0000000080)=0x23c) 2033/05/18 03:34:27 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0875", 0x3) 2033/05/18 03:34:27 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc\x00', 0x0, 0x0) ioctl$ASHMEM_GET_PROT_MASK(0xffffffffffffffff, 0x7706, &(0x7f00000000c0)) connect$l2tp(r1, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x4, 0x3, {0xa, 0x4e20, 0xc040, @mcast2={0xff, 0x2, [], 0x1}, 0x1}}}, 0x32) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x7006, &(0x7f00000003c0)) 2033/05/18 03:34:27 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f0000000000)={0x9, 0x72, "e20a6843464653acf90cdb9493ad83a7e32e121fa663585291c9d6c2c323bc03e8bf4951ab922166db01b031cf75629736c25761872f357875ebc9cfc6e663ef71e02374ae09e950bced2b3f8145d22256d77f0686e8b3d79f856183da078b66636e1147ed12fc1ce610717588bcaac423b2"}) dup2(r1, r3) [ 315.221853] FAULT_INJECTION: forcing a failure. [ 315.221853] name failslab, interval 1, probability 0, space 0, times 0 [ 315.233214] CPU: 0 PID: 21130 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 315.240150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.249516] Call Trace: [ 315.252118] dump_stack+0x1b9/0x294 [ 315.255767] ? dump_stack_print_info.cold.2+0x52/0x52 [ 315.260973] ? perf_trace_lock_acquire+0xe3/0x980 [ 315.265836] ? perf_trace_lock+0x900/0x900 [ 315.270087] ? perf_trace_lock+0xd6/0x900 [ 315.274253] should_fail.cold.4+0xa/0x1a [ 315.278333] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 315.283446] ? find_held_lock+0x36/0x1c0 [ 315.287552] ? find_held_lock+0x36/0x1c0 [ 315.291631] ? xfs_refcount_find_shared+0x1470/0x18c0 [ 315.296833] ? check_same_owner+0x320/0x320 [ 315.301164] ? mnt_get_count+0x150/0x150 [ 315.305234] ? rcu_note_context_switch+0x710/0x710 [ 315.310155] ? dput.part.26+0x26d/0x780 [ 315.314128] __should_failslab+0x124/0x180 [ 315.318354] should_failslab+0x9/0x14 [ 315.322142] __kmalloc_track_caller+0x2c4/0x760 [ 315.326807] ? strncpy_from_user+0x500/0x500 [ 315.331203] ? strndup_user+0x77/0xd0 [ 315.334997] memdup_user+0x2c/0xa0 [ 315.338530] strndup_user+0x77/0xd0 [ 315.342147] ksys_mount+0x3c/0x140 [ 315.345683] __x64_sys_mount+0xbe/0x150 [ 315.349645] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 315.354659] do_syscall_64+0x1b1/0x800 [ 315.358536] ? finish_task_switch+0x1ca/0x840 [ 315.363029] ? syscall_return_slowpath+0x5c0/0x5c0 [ 315.367950] ? syscall_return_slowpath+0x30f/0x5c0 [ 315.372870] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 315.378228] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.383063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.388242] RIP: 0033:0x45843a [ 315.391413] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 315.410772] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 2033/05/18 03:34:27 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x100000004e23, @multicast1=0xe0000001}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b01a0fd58010002d600000000f0ffffba00aac9edea990800ff0300000000000000000000f2a63468e2eccc2e09f8851fa709cf15078d6c04d0f2513e7201bd7e1457627b22a17c93d799dfa02013a80000000000008001064cae4bfed565cc556d37b9e8387d91a79a636e6393765375820198ab207ae6fad7c154273ea234072cdb34635451db1b9bcafa0ed23ccd2e511400330a27be1d412a18fa620c744ac1e9b04d88b49180a83e77708ee297911442291d6ffe2422990400000000000000e8330a8e0200e2"], 0xc9) exit(0x0) readv(r0, &(0x7f0000000780)=[{&(0x7f0000000640)=""/34, 0x22}, {&(0x7f0000000680)=""/73, 0x49}, {&(0x7f0000000700)=""/126, 0x7e}], 0x3) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000000)={'ip_vti0\x00', {0x2, 0x4e20, @multicast2=0xe0000002}}) shutdown(r0, 0x1) 2033/05/18 03:34:27 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:28 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700c100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 315.418478] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 315.425739] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 315.432994] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 315.440254] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 315.447509] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000023 2033/05/18 03:34:28 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:28 executing program 1 (fault-call:0 fault-nth:36): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 315.569405] FAULT_INJECTION: forcing a failure. [ 315.569405] name failslab, interval 1, probability 0, space 0, times 0 [ 315.580751] CPU: 0 PID: 21157 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 315.587673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.597020] Call Trace: [ 315.599617] dump_stack+0x1b9/0x294 [ 315.603254] ? dump_stack_print_info.cold.2+0x52/0x52 [ 315.608457] should_fail.cold.4+0xa/0x1a [ 315.612517] ? zap_class+0x720/0x720 [ 315.616238] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 315.621343] ? kasan_kmalloc+0xc4/0xe0 [ 315.625229] ? __kmalloc_track_caller+0x14a/0x760 [ 315.630069] ? memdup_user+0x2c/0xa0 [ 315.633779] ? strndup_user+0x77/0xd0 [ 315.637577] ? graph_lock+0x170/0x170 [ 315.641387] ? find_held_lock+0x36/0x1c0 [ 315.645458] ? ieee80211_add_ext_srates_ie+0x550/0xa90 [ 315.650747] ? check_same_owner+0x320/0x320 [ 315.655067] ? lock_release+0xa10/0xa10 [ 315.659047] ? check_same_owner+0x320/0x320 [ 315.663379] ? rcu_note_context_switch+0x710/0x710 [ 315.668313] ? __check_object_size+0x95/0x5d9 [ 315.672813] __should_failslab+0x124/0x180 [ 315.677060] should_failslab+0x9/0x14 [ 315.680874] kmem_cache_alloc_trace+0x2cb/0x780 [ 315.685551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.691091] ? _copy_from_user+0xdf/0x150 [ 315.695251] copy_mount_options+0x5f/0x380 [ 315.699490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.705048] ksys_mount+0xd0/0x140 [ 315.708602] __x64_sys_mount+0xbe/0x150 [ 315.712579] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 315.717601] do_syscall_64+0x1b1/0x800 [ 315.721493] ? finish_task_switch+0x1ca/0x840 [ 315.725992] ? syscall_return_slowpath+0x5c0/0x5c0 [ 315.730923] ? syscall_return_slowpath+0x30f/0x5c0 [ 315.735871] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 315.741506] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.746360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.751549] RIP: 0033:0x45843a 2033/05/18 03:34:28 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0975", 0x3) 2033/05/18 03:34:28 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc\x00', 0x0, 0x0) ioctl$ASHMEM_GET_PROT_MASK(0xffffffffffffffff, 0x7706, &(0x7f00000000c0)) connect$l2tp(r1, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x4, 0x3, {0xa, 0x4e20, 0xc040, @mcast2={0xff, 0x2, [], 0x1}, 0x1}}}, 0x32) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x7006, &(0x7f00000003c0)) [ 315.754729] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 315.774153] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 315.781867] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 315.789134] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 315.796400] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 315.803666] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 315.810931] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000024 2033/05/18 03:34:28 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c6530ff", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:29 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:29 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:29 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700d800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") r1 = shmget$private(0x0, 0x13000, 0x0, &(0x7f0000feb000/0x13000)=nil) r2 = shmat(r1, &(0x7f0000fec000/0x1000)=nil, 0x7000) mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffa000/0x1000)=nil) shmdt(r2) r3 = dup3(r0, r0, 0x80000) ioctl$KVM_GET_NR_MMU_PAGES(r3, 0xae45, 0x200000) 2033/05/18 03:34:29 executing program 1 (fault-call:0 fault-nth:37): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:29 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1175", 0x3) 2033/05/18 03:34:29 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000013000/0x4000)=nil, 0x4000}, 0x3}) dup2(r1, r3) 2033/05/18 03:34:29 executing program 6: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000080)={@mcast2={0xff, 0x2, [], 0x1}, 0x57, r1}) r2 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x2) ioctl$int_in(r2, 0x800000c0045006, &(0x7f0000595ff8)=0x3) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x100000b, 0x52, r2, 0x0) writev(r2, &(0x7f0000001500)=[{&(0x7f00000011c0)="ec", 0x1}], 0x1) write(r2, &(0x7f0000001540)="f22084eef321997be5902f977b55973d1271155d977c23a9ca72aa155a646b7091a7e383bc95c6b350c1f3735fa833e9f74ab3536f3d209e15be918a9da9ae900a5acb331670cdd2bb6f5569b8177e35309753570bb65a229622056194af818a0e76a57bb77882278f2b7bc1f7b381dc45278a41bbbe840905ac2271ac0328c0a87c61fd0802473d03d896a14554b831b8ce6ddff2d9943c7986c337fa4d85b1a0cd98f74db10c96228541b0df31870b1b86c15d73c0bb6400488ef22621fc409565fff80cc92bee5fc9b4db3f92f497e586a5869febbb8219cc04a09caba88e9931943980dc6ac282e9ba692143c4c4dba1d71f53772fb002c60a5a63f33755b6cc964425d9b5b7c687e35cd4d8ef501a87386e12e968f874090331be4d833985484a267e1116750756a507023eac40a0eb5761c8a94cdcdfc06e10a6cdc752fdd23701ab7cd3b73a29ceea2bbd33d0a23dd3fa90b570c112290d41bec9b6d8bf48f2758724b429afa20914813be7296a27a236fe589686df74294323c7b085bc9e5f57961c6f70588d241f060ad4f27dd41fc152ffe3d97bd7993d74d780f4db0f3001cc6c7e7d714509972bd89f7e9724fe76e6ef7a83e20170ba16098308d064d42591d42392066a19a9f60078e4df537e860d098f70c39510c43b3b0770548906f2e0d6d68f3e243302f2638ffbce24c24b559123f582a88761d8edcd115908c35bf2f4eef7d7188f3c1bfe5fe3a36fe84b58121d44c2039a7389e3c5b115ae888a51038de904ce62da807783654de4a6a602f8ad279a1fbff01c259458dcaa9820e957ead3dab8cf4aac2e60993eaf7f362d5d0cb0b6c4e67e353ddc26f1262cc71c2a30555241c088965607c94ad5a58af1aacd7e9b5ab86379ecab79d04eab5ecbc50be647d2e888ec57b0a8d070f2ce95b7ba852fe917c2c8b59bdf4d490735321fd29f49d1415255f20cb18b2f673bb7268f149f76a79d47ac63aef53ca0b5ef68170aae5ec3686e97e6c92f5aa590e316dd283e28dcc5ac1ec1206040518689544792495a375518f36dbf3fc268f8cb74125016015c2d4f78152fc8671b0ffc6228467ac45966925ff9e8971a65371cae59ee3f660bb65e183ff548a368f41484017d0d77ded9057e7aab38bb3427760d86a7b5086eff8628061c97e11e27826cbb30115489e034e0ea6ff9b3caeb981808ed9ae413323ee3831665d4f4a510e215d3379a20ba57258ef6ad2a953eb08422a55e56737fd61a908c1194fc239b071fd4d54161bba2262d4b6528af730718a1eba7b5e38e56b4aaad7b07729d4b696ef5aefdd3427ffc853d1d204398eba2e0e4c95612ff1c0ccaccf97da4ee5f6c4f3eb7a98b29d82fd6cdd597739e0d85eff67ed7a1e72f1e1da3678fb13bac538735b56348e3d081103ef47f02a3866d2ec26ae298ab2c98e749cf70c334644af283951f998706eff6ac54c7de02ff76e60a48eb7e6f701668c94c6c3ff60b3f405f59590f01b6d6fc1e49c72a75fea3f5c5121d3b19150cefcf343ead14fd4c9dc4cce90b61621523d541592d74b8a6613dd998b561ce02f24377bd0fbce08610e00529212f319ec627864e1f4db82e26d8d6d10daa9d1cd7a3a435b5e7423e6d2673c130f3f75980dd70b73afe1c482fb9f494327de1367e09f6fd4999cbf2ec7ca476008fbcb64de85dfa3e9ffb571925b9947c09805b22766449e860c21bf833268adfa95623d514a19f0895992debeb98700d041683a8a71c80f63e64186c37c8665f8e3fe0c7ed135a5d47f267d8b71fcc2511986c615d87fcb534c2580d7794ab35ed9d394a727836ab7a5bf45f91f93cbde033699eece9f47ccd6b168095680b54ec0756e09723f2fc230de8687e88351fbc1f77f75d5f9a4db3ca45363e1f4a73530d82cc2f919d367989109cb4c628165ad97845ec3c5d6929d7e0ecdc0132ff48c1c7ea895edcf42b6a3975504710e0804870930fcaef4233d1b9ac344fb5ab132818c80f5ed85d2bf4c9e5232fe2c0b71bfe7617bf8fdebc6ad779400e7d74665ecba677bdc0e9e1b2d4df8761b7a93e7240cdb3bc51a04f82102a51c0da4ed32e0e52d0a1f98898e4e5c057899a0ab5c3e6afe6a89ec2a39db802c02cfa2caf2a43cf0ecfccf4fe57060313ecacf5b542e98d42f585f7a9b0615d86b4f20fa50d1ea97e7ecb94a0d7a33dd6cea6ab51f9680543f01d250be7aa33173b846595100a3773845c9389535b0dff6d0af3840b24f94827d52ea977941e1ee1d018f03e30b6ecdd613dd320f808a021b7f5a0ecf4cb9b9f54d29bc37b9331d35faf1d4ad02499b31a6069a0beeb34c87fa26f5e299037f59ed3006baa98cea956119656448fdcd6f46440d7c77ebf528acfc02018e7fd4e0cec5a77918eb20c3a4323cc3fd3b771ec039762cc1452d9c4de4368500e1d34cd7dca68c2b4e5b082e7dadc39675401dc9e587da8e80123ce85ecf006b2f60556e0cad7520c3418ba8e010f44c4209de39cdeeccc72f6555e770de6a84dc50c1965bff04482a789ed3bb26c8fd2ea3d3425f200c986171b31fc8f012f950dc8672c57bccfd66460ad4f0175ce7ca7e3f8b3bf39d296cc8748897b18b8b154f47a9bf7a2bf92d566cc983264d2120da2841c20104f4b3deb07e1b05c9f8e3ee89396002c2d6f9c4c56a493d9366744d24bcf2d8f220d8d6e9140e387e8bd0e8d2fe8cb80215354401c6ca9c63fc1b429f2c1e1e8d4292003c913310e4ea2ee7724a82f860d059e09c5dedc42ec47789a8585756a134554da23951d9b112c0f15db16db784ea91585d80ca00a53da6cfa29f9e704dd13fbf691022f4b70493243440f70122adc37b6cee1ae04b81610ce6281d594bd763c16d971a900855b84af7c9f07b5650d8174cac4d6d88c200b86f5fb1893d0cbe35f332caef33a438e3cdd83a7022b1b46f16a052b9e53ff36075000103c7c2660ff6b6213e824b42545a69c51773c93c2c6b4f7b4bfe8c68120e979f2fea6d37f825b82db1cf1140893992ecc826ed60030faacefce051d0d0a7d346da36a043d43f7a89dfbdf7a5861f757b6d8c3394812d42650edbf5c416a21b93b268d20c05e33a177cec087e889589b387607f20bf11bb95162c53a7f50b5f8c9278eae2755fe66cad10e87e7cd6d2148f0fe4519b48a41e0eec0aadf2a7544b6996483729527486bc99a8acf0ace2965929cabbc5208275974da4d2027a784e73891e92ec2868f01c6ecb5641dbbbdf866226f83765afd3de9d33dcd71b31402d4cab7e646530d2d26e6aa55d803c063db48b67c66470d09e85a8e446bdb360150ea2d3e147756f5315049058ce71bd76349b03e1a8d6d7257ad445208e184881dea33e9203ec1de5d0daed29a86a96a37804e5d6cbe0eef6aeedc513cb88b2f960985f1322c8aae1f6313e57436d5f03c7ace65eb93f81d6b78865d5115b691896f8fc1909b503f099e1350bc06195bfbb863868df766054ae1ce296da679ac88c144de12d2cb15f0f1032312e6b524f6972afa7efa914001395259339c9bb16bfd8bb3aaf56dc8c8abcf380f1341c4d7ecb8c38f01d10eaa8b4eb4c2ccb01239bcbdae85653a36a816c9c444cfd70af53e30f2f4a062d1ee0e6550eaa230270cac764aa60c77984f15e352a8878e8c517edf3dbf53f318800153a57ed2ebc440ee43ad0d69765879318dd1887b4c492b2c22e40cf6255bae476118680dbcaf94da85c7188c366df7b331f4cea8e93aed2b6ca7b3e514996b7d1834c8959e3c3b0264ad90996c0129ae7d192fc05f8e5bb150775b375728011f991a367447116d62dacdd04ea6e042209dcc03ed662ecd1d31557588501027d020333935f91701ce37e5e210d282f75ee961c29b73fb1a5ec274d9bfc29a1b0efe0ea14753598efbd56ef126978d1f7c91b4518a537474a4469d88d1455b8724ec395ac84e6752f8ad17f73079a0ce3173d80d5d0526192cc7afca3fb69cfbe29619793c98fe99a36585f15a6a34df75f532be0bea212651c62ad4e8ec6659faf40ec7ed3e28f0d4f0756407bebcb20bd15d74a8377e61ecab96b535c3ea33c751b4790d6284db155be46a9bf8eb4764ac7ed3250623d1045dfb2115ca20403481a2a7e3abbd05a511b2fac1123b8016d3f13888f97a85f17fcaf49da3555cb8f3e8f465c1af7988f064eeb22c88794b242602514cab5a1da1f55a3dc0fe8e8772a6ae88758419000652933666ad1dd5a3babae39f30974f2ba4a3f0ff3d70d3b0261a4eca0a049f50f4a0636de1fe2ef47345763790d45d60c001ea440305a6dae2c9081bdde30366d639d8104ffa9a75a83f73244a20b57f3a0e5d35c3819c5be17e86098de85e0bda829654a78eff06a9ff2f618f96c49ee37f829a6c6d32cf28cf59bc551fb105712042b0b5112833042108b21614a9987f773615694701c0932a24bb713a1f9b31fbef6b6b01fc8b9683501857c20b075084cd6de6faacb49620044d12d0484f040899ae193524872a293670fd3ce4e3d005edd9933cd3bb52c3244d3a68c99f8c346bf61c87e9897b6340afeddc9c6cfc5b130ddbd0da648d34be01e185e0e5ba8191aab7b1bf7b414f97c363af86a7ba38a8d0d12b350a6b50581fdb33fcfdbb3e10f229ebeeeddfe67add25bb5416ab2cf88c6f0098482be88d88a4f3ae2b310ea7cb8623a272ded03037e8fa1559dc5e89e8371f1aceafde388a2518589a614be1e02c226bfe1e7cf28124ecaad2e49944306fb68c0ea7f05389ef8a6b32900a170fbae8ffe621b322ce30fa654f8d42659d38d9fe628dcd7070050ec2c090b0f0d6e49bbbd9cdf02f4ad49e02ce6570b28c674e971505d21c4fb1fb2891f9abef014d5cefde73a10b257364977324ecf4ff07132a324f17675e61d22c5a47d7c4aa8c9e0d3130fafaa3ae26135f54c2f7562ae4d99d0389c6c48a033880d69853ff543f7c5937b23ae2d2e5e2db06cf4bb1ebec32612324fb55c909c139a27c4be350e7fe2743f44ad3a5cdb2c7f259e1654ee1ded6e145a82a56aeacb9055d598105ba24be4a7c3438e2c295a4856ecea6590e9549206745b551e90168ed12c437050dc2d488927e69227544fd3d514b1e5100d291186c47fc86c33c9f734706252f9dab00531e27e45d4deb2b337a4e1b1560c2e1b029ce00b134613b896652b597d24fa7a200f1ba91ba8dfccfede5b45881f79c5853fabd3233a9dc50fcc45a1b675440153533ace5769a0b107c465c6e7f2b18aecd5e614425690893669ca91130462e5357ca7d730a6aacd17eed2ef18d5fa05b54b56cdecec2445a442d6357266f6f2153a21e87950b8905a30639f900f413793c004db31b35e6e49f7e65e70f735c8b5994f891aeec913f8f56de2024a350ea6842843b6e6c3ffb5d50feed376b5a3a22f59607f21aa815186a3451e01eb1f2097d15bec2a74f25171986581889d799b82aa964d790bca095e396623b182e25e1b2599c1e72003b4e43740a3fedb27893496db8dbdae8cc6cd47625c7e6d6e8e1a6ccd70c781c3adb45d53eb8d2a1b1e161b7fbc78d3d99124e8ad5b2a1fe85da8b16d3e954ee48b1ce12d6c48015194ad51fa9dd068e75942d3410a775fc3069be233751a82a15288c00446e664dccd09b8f5caa74f74bf904d4830f92d3fbc4c8cf8c35cbfa5cc154d2caac672c918b9f8a0ae09c27b40dd195b1ef3c75423ea3531aaf260434f5a55395e8df67b4856173b14a8e59d2d99f86781141c274f3b8f6cabe0834690439e27d2d55", 0xffe) close(r2) [ 316.561967] FAULT_INJECTION: forcing a failure. [ 316.561967] name failslab, interval 1, probability 0, space 0, times 0 [ 316.573326] CPU: 1 PID: 21189 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 316.580250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.589601] Call Trace: [ 316.592202] dump_stack+0x1b9/0x294 [ 316.595851] ? dump_stack_print_info.cold.2+0x52/0x52 [ 316.601053] ? perf_trace_lock_acquire+0xe3/0x980 [ 316.605905] ? find_held_lock+0x36/0x1c0 [ 316.609986] should_fail.cold.4+0xa/0x1a [ 316.614062] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 316.619181] ? kasan_check_read+0x11/0x20 [ 316.623344] ? rcu_report_qs_rnp+0x790/0x790 [ 316.627761] ? find_held_lock+0x36/0x1c0 [ 316.631836] ? check_same_owner+0x320/0x320 [ 316.636148] ? rcu_note_context_switch+0x710/0x710 [ 316.641066] ? save_stack+0xa9/0xd0 [ 316.644685] __should_failslab+0x124/0x180 [ 316.648911] should_failslab+0x9/0x14 [ 316.652700] kmem_cache_alloc+0x2af/0x760 [ 316.656846] getname_flags+0xd0/0x5a0 [ 316.660636] user_path_at_empty+0x2d/0x50 [ 316.664772] do_mount+0x172/0x30b0 [ 316.668309] ? copy_mount_string+0x40/0x40 [ 316.672531] ? rcu_pm_notify+0xc0/0xc0 [ 316.676418] ? copy_mount_options+0x5f/0x380 [ 316.680810] ? rcu_read_lock_sched_held+0x108/0x120 [ 316.685823] ? kmem_cache_alloc_trace+0x616/0x780 [ 316.690690] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 316.696220] ? _copy_from_user+0xdf/0x150 [ 316.700358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.705880] ? copy_mount_options+0x285/0x380 [ 316.710366] ksys_mount+0x12d/0x140 [ 316.713983] __x64_sys_mount+0xbe/0x150 [ 316.717947] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 316.722952] do_syscall_64+0x1b1/0x800 [ 316.726832] ? finish_task_switch+0x1ca/0x840 [ 316.731313] ? syscall_return_slowpath+0x5c0/0x5c0 [ 316.736232] ? syscall_return_slowpath+0x30f/0x5c0 [ 316.741163] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 316.746517] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.751355] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.756532] RIP: 0033:0x45843a [ 316.759702] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 316.779039] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 316.786745] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 316.794016] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 316.801272] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 2033/05/18 03:34:29 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1675", 0x3) 2033/05/18 03:34:29 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)="2e2f66696c653006", 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 316.808530] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 316.815787] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000025 [ 316.829816] QAT: Invalid ioctl 2033/05/18 03:34:29 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000000)={0x0, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x8c) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10800, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f0000000100)) 2033/05/18 03:34:29 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000de00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:29 executing program 1 (fault-call:0 fault-nth:38): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 316.894362] QAT: Invalid ioctl [ 316.908334] QAT: Invalid ioctl 2033/05/18 03:34:29 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xebffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:29 executing program 5: setrlimit(0x7, &(0x7f0000000080)) eventfd(0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x2500, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000000c0)={{0x4060, 0xb33}, 'port1\x00', 0x40, 0x100010, 0x3, 0x400, 0x3, 0x0, 0x1, 0x0, 0x7, 0x4}) 2033/05/18 03:34:29 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfcfdffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 317.003534] FAULT_INJECTION: forcing a failure. [ 317.003534] name failslab, interval 1, probability 0, space 0, times 0 [ 317.014931] CPU: 0 PID: 21208 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 317.021865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.031219] Call Trace: [ 317.033816] dump_stack+0x1b9/0x294 [ 317.037451] ? dump_stack_print_info.cold.2+0x52/0x52 [ 317.042638] ? find_held_lock+0x36/0x1c0 [ 317.046707] should_fail.cold.4+0xa/0x1a [ 317.050774] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 317.055887] ? kasan_check_read+0x11/0x20 [ 317.060048] ? rcu_report_qs_rnp+0x790/0x790 [ 317.064462] ? rcu_report_qs_rnp+0x790/0x790 [ 317.068901] ? find_held_lock+0x36/0x1c0 [ 317.073011] ? __irqentry_text_end+0x64218/0x1f98a8 [ 317.078059] ? check_same_owner+0x320/0x320 [ 317.082394] ? rcu_note_context_switch+0x710/0x710 [ 317.087334] ? save_stack+0xa9/0xd0 [ 317.090974] __should_failslab+0x124/0x180 [ 317.095226] should_failslab+0x9/0x14 [ 317.099035] kmem_cache_alloc+0x2af/0x760 [ 317.103192] getname_flags+0xd0/0x5a0 [ 317.106994] user_path_at_empty+0x2d/0x50 [ 317.111163] do_mount+0x172/0x30b0 [ 317.114712] ? copy_mount_string+0x40/0x40 [ 317.118945] ? rcu_pm_notify+0xc0/0xc0 [ 317.122840] ? copy_mount_options+0x5f/0x380 [ 317.127249] ? rcu_read_lock_sched_held+0x108/0x120 [ 317.132267] ? kmem_cache_alloc_trace+0x616/0x780 [ 317.137117] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 317.142652] ? _copy_from_user+0xdf/0x150 [ 317.146805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.152369] ? copy_mount_options+0x285/0x380 [ 317.156870] ksys_mount+0x12d/0x140 [ 317.160497] __x64_sys_mount+0xbe/0x150 [ 317.164989] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 317.170017] do_syscall_64+0x1b1/0x800 [ 317.173903] ? finish_task_switch+0x1ca/0x840 [ 317.178403] ? syscall_return_slowpath+0x5c0/0x5c0 [ 317.183335] ? syscall_return_slowpath+0x30f/0x5c0 [ 317.188270] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 317.193637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.198482] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.203668] RIP: 0033:0x45843a [ 317.206849] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 317.226212] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 317.233924] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 317.241195] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 317.248459] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 317.255726] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 317.262995] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000026 2033/05/18 03:34:30 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x30000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x0, 0x70bd2b, 0x25dfdbfb, {0x1}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044}, 0x40) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:30 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1775", 0x3) 2033/05/18 03:34:30 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\f\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:30 executing program 6: setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000002000)="24b38b20d0ef3254115223ef6cf758327575c041e002a8089496079b1b45009349041eca724fdec73fab9b04e4a4a5af1d03000000000000007faa62b9c0d263274f4a010c4f93ef85516b042511f32764171ba9bd278cbe360c22f184073fe215dee02fe37161246323ee4e82c790add905b90a64adab9fef855d72abb637d460fc6fb5a9eec5535b119c9dfbde3f76323a5af634e4235a33d57e226460104ca0dedf1f0e8365cd43d106c41d009976034d6557bf8917cad630598f6e58fd1770012d78aabb64ffffffed0000464caeedf840d001fe92b08c3f7b8e1596417d7dcd645413be300000020000000001c122283846253398a04d99ca8680deb20632834bc027c44d4cf2fd102724d6748de61eebb06801048dea7636f3a248a9bf3123882ca9fc66b4e70b06d43045", 0x12e) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{0xa}, {0xa, 0x0, 0x0, @empty, 0x1}}, 0x5c) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x0, 0x9}, 0x14) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x9, 0x2}) setsockopt$inet6_int(r0, 0x29, 0x40, &(0x7f0000001fde), 0x4) 2033/05/18 03:34:30 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000340)='/dev/loop#\x00', 0x1, 0x2) fadvise64(r0, 0x0, 0x1, 0x2) r1 = dup2(r0, r0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x51c2634b}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f00000001c0)={r2, 0x100000000}, 0x8) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = memfd_create(&(0x7f00000000c0)='nodev\x00', 0x0) ioctl$LOOP_GET_STATUS64(r3, 0x4c05, &(0x7f0000000200)) socket$unix(0x1, 0x400004000000b, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x5, 0x410f}) times(&(0x7f0000000100)) ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{}, {}, {}]}) 2033/05/18 03:34:30 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfeffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:30 executing program 1 (fault-call:0 fault-nth:39): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:30 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x100000001, 0x50) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) ioctl$EVIOCGABS2F(r2, 0x8018456f, &(0x7f00000000c0)=""/190) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) fremovexattr(r1, &(0x7f0000000000)=@known='security.capability\x00') ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) r4 = dup2(r1, r3) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000040)={0x3, 0x4, 0x2, 0x3, 0x10a5, 0xffffffff875eade8, 0xffffffff00000001, 0x9, 0x0}, &(0x7f0000000180)=0x20) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000200)="d01acca7f797e2faab62e5b2861502c3", 0x10) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000001c0)={0x10001, 0x5, 0x9, 0x97, r5}, 0x10) 2033/05/18 03:34:30 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0xfffffffffffffffd) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r3, 0x4, 0xffffffffffffeffe) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) setsockopt$inet_mreqsrc(r2, 0x0, 0x26, &(0x7f0000000040)={@remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc) setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, &(0x7f0000000000)=0x5, 0x4) 2033/05/18 03:34:30 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f00000f5ffc)=0xfffffffeffffffff, 0x4) bind$inet6(r0, &(0x7f0000710fe4)={0xa, 0x1}, 0x1c) r1 = dup3(r0, r0, 0x80000) getsockopt$ax25_buf(r1, 0x101, 0x0, &(0x7f0000000000)=""/13, &(0x7f0000000040)=0xd) syz_emit_ethernet(0x9a, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @multicast1=0xe0000001}, @udp={0x0, 0x1, 0x8}}}}}, 0x0) fcntl$setsig(r0, 0xa, 0x12) [ 317.571815] FAULT_INJECTION: forcing a failure. [ 317.571815] name failslab, interval 1, probability 0, space 0, times 0 [ 317.583116] CPU: 1 PID: 21233 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 317.590053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.599415] Call Trace: [ 317.602021] dump_stack+0x1b9/0x294 [ 317.605669] ? dump_stack_print_info.cold.2+0x52/0x52 [ 317.610874] ? perf_trace_lock_acquire+0xe3/0x980 [ 317.615727] ? kernel_text_address+0x79/0xf0 [ 317.620144] ? __unwind_start+0x166/0x330 [ 317.624300] ? __kernel_text_address+0xd/0x40 [ 317.628809] should_fail.cold.4+0xa/0x1a [ 317.632889] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 317.638009] ? perf_trace_lock_acquire+0xe3/0x980 [ 317.642864] ? save_stack+0x43/0xd0 [ 317.646506] ? find_held_lock+0x36/0x1c0 [ 317.650600] ? check_same_owner+0x320/0x320 [ 317.654929] ? rcu_note_context_switch+0x710/0x710 [ 317.659855] __should_failslab+0x124/0x180 [ 317.664081] should_failslab+0x9/0x14 [ 317.667883] __kmalloc_track_caller+0x2c4/0x760 [ 317.672542] ? kasan_check_read+0x11/0x20 [ 317.676683] ? do_raw_spin_unlock+0x9e/0x2e0 [ 317.681084] ? kstrdup_const+0x66/0x80 [ 317.684963] kstrdup+0x39/0x70 [ 317.688159] kstrdup_const+0x66/0x80 [ 317.691862] alloc_vfsmnt+0x1b3/0x9d0 [ 317.695652] ? mnt_free_id.isra.27+0x60/0x60 [ 317.700052] ? kasan_check_read+0x11/0x20 [ 317.704187] ? graph_lock+0x170/0x170 [ 317.708845] ? rcu_pm_notify+0xc0/0xc0 [ 317.712719] ? trace_hardirqs_off+0xd/0x10 [ 317.716946] ? putname+0xf2/0x130 [ 317.720386] ? putname+0xf2/0x130 [ 317.723840] ? find_held_lock+0x36/0x1c0 [ 317.727899] ? lock_downgrade+0x8e0/0x8e0 [ 317.732041] ? module_unload_free+0x5b0/0x5b0 [ 317.736535] ? lock_release+0xa10/0xa10 [ 317.740498] ? mpi_free.cold.1+0x19/0x19 [ 317.744548] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.750078] vfs_kern_mount.part.34+0x88/0x4d0 [ 317.754650] ? may_umount+0xb0/0xb0 [ 317.758263] ? _raw_read_unlock+0x22/0x30 [ 317.762394] ? __get_fs_type+0x97/0xc0 [ 317.766273] do_mount+0x564/0x30b0 [ 317.769805] ? copy_mount_string+0x40/0x40 [ 317.774042] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 317.778793] ? retint_kernel+0x10/0x10 [ 317.782672] ? copy_mount_options+0x1f0/0x380 [ 317.787155] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 317.791986] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.797522] ? copy_mount_options+0x285/0x380 [ 317.802093] ksys_mount+0x12d/0x140 [ 317.805716] __x64_sys_mount+0xbe/0x150 [ 317.809681] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 317.814689] do_syscall_64+0x1b1/0x800 [ 317.818573] ? finish_task_switch+0x1ca/0x840 [ 317.823056] ? syscall_return_slowpath+0x5c0/0x5c0 [ 317.827973] ? syscall_return_slowpath+0x30f/0x5c0 [ 317.832892] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 317.838721] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.843562] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.848738] RIP: 0033:0x45843a [ 317.851908] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 2033/05/18 03:34:30 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x14000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:30 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700f600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:30 executing program 6: r0 = socket$inet6(0xa, 0x4, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="0047fc2f07d82c99240970") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x4, &(0x7f0000000000), &(0x7f0000000380)=0x14) close(r2) close(r1) [ 317.871251] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 317.878948] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 317.886210] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 317.893462] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 317.900717] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 317.907973] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000027 2033/05/18 03:34:30 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1075", 0x3) 2033/05/18 03:34:30 executing program 5: getresgid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)) pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = dup(0xffffffffffffff9c) ioctl$TIOCCBRK(r1, 0x5428) ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0xffffffffffffffc1) r2 = syz_open_dev$loop(&(0x7f0000000580)='/dev/loop#\x00', 0x0, 0x82) r3 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000240)=[{&(0x7f0000000080)="ad", 0x1}], 0x1, 0x1806) syz_genetlink_get_family_id$ipvs(&(0x7f0000000700)='IPVS\x00') pwritev(r2, &(0x7f0000000340)=[{&(0x7f0000000140)="bb45291ded381019f00b9024b472c2d423f26097980b681a2a67b9b7e9b0ca879ba471cd78226937c4f8eac11b28ddc3a46db42a7ac0aab069fe2291c7f1cc79496ca6cc03aa1c67c4601389f0a0", 0x4e}, {&(0x7f00000001c0)}], 0x36, 0x0) 2033/05/18 03:34:30 executing program 1 (fault-call:0 fault-nth:40): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 318.039565] FAULT_INJECTION: forcing a failure. [ 318.039565] name failslab, interval 1, probability 0, space 0, times 0 [ 318.050984] CPU: 0 PID: 21267 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 318.057933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.067299] Call Trace: [ 318.069936] dump_stack+0x1b9/0x294 [ 318.073587] ? dump_stack_print_info.cold.2+0x52/0x52 [ 318.078794] ? perf_trace_lock_acquire+0xe3/0x980 [ 318.083659] should_fail.cold.4+0xa/0x1a [ 318.087731] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 318.092844] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 318.097873] ? find_next_bit+0x104/0x130 [ 318.101964] ? pcpu_next_unpop+0x83/0xf0 [ 318.106050] ? find_held_lock+0x36/0x1c0 [ 318.110145] ? check_same_owner+0x320/0x320 [ 318.114467] ? rcu_pm_notify+0xc0/0xc0 [ 318.118344] ? rcu_note_context_switch+0x710/0x710 [ 318.123268] __should_failslab+0x124/0x180 [ 318.127495] should_failslab+0x9/0x14 [ 318.131282] __kmalloc_track_caller+0x2c4/0x760 [ 318.135955] ? btrfs_mount+0x197/0x213e [ 318.139925] kstrdup+0x39/0x70 [ 318.143112] btrfs_mount+0x197/0x213e [ 318.146910] ? kasan_check_read+0x11/0x20 [ 318.151048] ? rcu_is_watching+0x85/0x140 [ 318.155190] ? btrfs_remount+0x16f0/0x16f0 [ 318.159413] ? __lockdep_init_map+0x105/0x590 [ 318.163897] ? __lockdep_init_map+0x105/0x590 [ 318.168383] ? lockdep_init_map+0x9/0x10 [ 318.172606] ? __init_waitqueue_head+0x96/0x140 [ 318.177262] ? init_wait_entry+0x1b0/0x1b0 [ 318.181485] ? memcpy+0x45/0x50 [ 318.184846] ? alloc_vfsmnt+0x771/0x9d0 [ 318.188809] ? mnt_free_id.isra.27+0x60/0x60 [ 318.193207] ? kasan_check_read+0x11/0x20 [ 318.197341] ? graph_lock+0x170/0x170 [ 318.201130] ? rcu_pm_notify+0xc0/0xc0 [ 318.205006] ? trace_hardirqs_off+0xd/0x10 [ 318.209242] ? putname+0xf2/0x130 [ 318.212684] ? find_held_lock+0x36/0x1c0 [ 318.216741] ? lock_downgrade+0x8e0/0x8e0 [ 318.220886] ? module_unload_free+0x5b0/0x5b0 [ 318.225371] mount_fs+0xae/0x328 [ 318.228722] ? btrfs_remount+0x16f0/0x16f0 [ 318.232947] ? mount_fs+0xae/0x328 [ 318.236478] ? mpi_free.cold.1+0x19/0x19 [ 318.240536] vfs_kern_mount.part.34+0xd4/0x4d0 [ 318.245105] ? may_umount+0xb0/0xb0 [ 318.248721] ? _raw_read_unlock+0x22/0x30 [ 318.252857] ? __get_fs_type+0x97/0xc0 [ 318.256736] do_mount+0x564/0x30b0 [ 318.260270] ? copy_mount_string+0x40/0x40 [ 318.264497] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 318.269247] ? retint_kernel+0x10/0x10 [ 318.273128] ? copy_mount_options+0x213/0x380 [ 318.277611] ? copy_mount_options+0x1a1/0x380 [ 318.282095] ? __sanitizer_cov_trace_pc+0x20/0x50 [ 318.286928] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.292626] ? copy_mount_options+0x285/0x380 [ 318.297112] ksys_mount+0x12d/0x140 [ 318.300728] __x64_sys_mount+0xbe/0x150 [ 318.304689] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 318.309696] do_syscall_64+0x1b1/0x800 [ 318.313570] ? finish_task_switch+0x1ca/0x840 [ 318.318055] ? syscall_return_slowpath+0x5c0/0x5c0 [ 318.322972] ? syscall_return_slowpath+0x30f/0x5c0 [ 318.327902] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 318.333257] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.338126] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.343318] RIP: 0033:0x45843a [ 318.346491] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 318.365813] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 318.373511] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 318.380766] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 318.388022] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 318.395281] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 318.402534] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000028 2033/05/18 03:34:31 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x818b, 0x7, 0xa173, 0x100, 0x9, 0x62, 0x284, 0xffffffffffffff3f, 0x1000, 0x1, 0x20, 0x5}) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0x10000, 0x9a, 0x0, 0x39, 0xffff, 0x80, 0x7, 0x7, 0x0}, &(0x7f0000000180)=0x20) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={r2, 0x101}, 0xc) r3 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x200, 0x1, 0x6, 0x8, 0x40000000, 0x100, 0xfffffffffffffff9, 0x8, 0x92c, 0x1, 0x3, 0x8, 0x4}, {0x9, 0x10001, 0x859, 0x5, 0x186d, 0x1000, 0x0, 0x1, 0x4, 0x40, 0x7, 0x2, 0x7}, {0x8, 0x8, 0x100, 0x1, 0x5, 0x7fffffff, 0x7fffffff, 0x7, 0x0, 0x0, 0x5, 0x1f, 0x4}], 0x9}) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:31 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67cd00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:31 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000012000/0x2000)=nil, 0x2000, 0xfffffffffffffffb, 0x801e, r1, 0x0) ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000000180)=""/81) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) getpid() ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$EVIOCGID(r2, 0x80084502, &(0x7f0000000380)=""/4096) getrusage(0xfffffffffffffffe, &(0x7f00000002c0)) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7f, 0x202) dup2(r1, r3) 2033/05/18 03:34:31 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x1400, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:31 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1275", 0x3) 2033/05/18 03:34:31 executing program 5: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x6, &(0x7f00000004c0)=[{&(0x7f0000000100)="f3cf1340bbfc2cdeb79fc224e5b88965df83e6de1c5b226a4de634dce9510a32426920508e51022a0910c7ccab27ec3aa938f178aac6d73416eeee6566308c1416351c737b10f0fbb241ef51058be162", 0x50, 0x95fc}, {&(0x7f0000000180)="8a7ccdf0afb145fd1418a3da044c689ba108e66876ccc8a414b48a802e341a6f7e6dd82a2dd19403d0ad17e397caca969eab2f7a519ba21d351dc9eadd963ef45f96efea963b578ffa803ab6bdd2c1c30303405ebb5c431013a9a6a1355af0f02021ad2c8280495048a5953f12e4254750f417397682481dda555b7160e011b9a1331a594a5d1793ae6d6c14e7d555707dbced9b8a84e116283b755aaf79178b42a4787de856d30e611d834a57aacbd6581c7cd9fb11bc1740be28666f3a662cd0ed33a5cc236ecb0baa0428844dcf99734bce512eb855f2963485b3ebf67437bc6635b932e6119facae", 0xea, 0x7f}, {&(0x7f0000000280)="36567066e918576bc13f55eb2d6c51d8cd6cbe4bb715cd5b038369cd7c06383ef523bdabaacbe4046a848cbd5c93f4ffa5e6c78db2add13a0aac94ef9c595a88f19fbc6ce4d476e712700576327e7671b3d9d1ac8ede47cc1b7403757c8d57a23e3f79090484c38397d185ac51dfd5f8c35c7b83c3", 0x75, 0x9}, {&(0x7f0000000300), 0x0, 0x9}, {&(0x7f0000000340)="7ffc619629616accffad791cb386983306d5ca8facc1632afc7c6555cc8281d4dba15c4d3f4cbae20361f467a841c22061dd595103bdd76f8769b3aeed1a5e1557ffe40a304b351a633e93e085f4155a7a520357d0635596190b59043723db69b869dc775613e3de76b2f97aae0ee03a7a9894bb63a482a8c9cfc2a23bda1bbe04e49f1e5400e529bd40cd8a64a8b9ec21a76435", 0x94, 0x8000}, {&(0x7f0000000400)="ef91379157d19ece9ef4e9b725edb6b3b0e221900055ff14ca1b73566dae95ce245fa026922170c6a4257c00e2e1abde8abec1b87eb3d3a20048f2f8036cb8b821d07cfc943b1d4faf7e7a235f12d35f06092592edf0bf06189c675e9c1eee48f3e7bc6139294428d8e102df6071a5fd2810ba03c151906566d7784d64c97710bb5fb51384a278e7c5c98a", 0x8b, 0x81}], 0x88a000, &(0x7f0000000580)={[{@enospc_debug='enospc_debug', 0x2c}]}) mlock(&(0x7f0000005000/0x4000)=nil, 0x4000) ioctl$EVIOCGID(r0, 0x80084502, &(0x7f0000000000)=""/88) remap_file_pages(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000007000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000008000/0x2000)=nil, 0x2000, 0x300000a, 0xe0, 0x100) 2033/05/18 03:34:31 executing program 1 (fault-call:0 fault-nth:41): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:31 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x15, &(0x7f0000000380), 0x0) r1 = dup3(r0, r0, 0x80000) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000000)=0x1, 0x4) [ 318.917979] FAULT_INJECTION: forcing a failure. [ 318.917979] name failslab, interval 1, probability 0, space 0, times 0 [ 318.929382] CPU: 0 PID: 21289 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 318.936319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.945682] Call Trace: [ 318.948295] dump_stack+0x1b9/0x294 [ 318.951952] ? dump_stack_print_info.cold.2+0x52/0x52 [ 318.957163] ? perf_trace_lock_acquire+0xe3/0x980 [ 318.962036] should_fail.cold.4+0xa/0x1a [ 318.966122] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 318.971244] ? __lock_acquire+0x7f5/0x5140 [ 318.975505] ? find_held_lock+0x36/0x1c0 [ 318.979586] ? find_held_lock+0x36/0x1c0 [ 318.983690] ? check_same_owner+0x320/0x320 [ 318.988025] ? rcu_note_context_switch+0x710/0x710 [ 318.993044] ? rcu_is_watching+0x85/0x140 [ 318.997218] __should_failslab+0x124/0x180 [ 319.001461] should_failslab+0x9/0x14 [ 319.005263] kmem_cache_alloc+0x2af/0x760 [ 319.009415] ? is_bpf_text_address+0xd7/0x170 [ 319.013921] ? kernel_text_address+0x79/0xf0 [ 319.018340] ? __unwind_start+0x166/0x330 [ 319.022499] alloc_vfsmnt+0xe0/0x9d0 [ 319.026221] ? mnt_free_id.isra.27+0x60/0x60 [ 319.030648] ? save_stack+0xa9/0xd0 [ 319.034284] ? save_stack+0x43/0xd0 [ 319.037918] ? __kasan_slab_free+0x11a/0x170 [ 319.042329] ? kasan_slab_free+0xe/0x10 [ 319.046303] ? kfree+0xd9/0x260 [ 319.049589] ? btrfs_mount+0x831/0x213e [ 319.053566] ? mount_fs+0xae/0x328 [ 319.057111] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 319.061867] ? do_mount+0x564/0x30b0 [ 319.065588] ? ksys_mount+0x12d/0x140 [ 319.069404] ? __x64_sys_mount+0xbe/0x150 [ 319.073576] ? do_syscall_64+0x1b1/0x800 [ 319.077641] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.083014] ? kasan_check_read+0x11/0x20 [ 319.087167] ? do_raw_spin_unlock+0x9e/0x2e0 [ 319.091578] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 319.096168] ? kasan_check_write+0x14/0x20 [ 319.100407] ? do_raw_spin_lock+0xc1/0x200 [ 319.104652] ? trace_hardirqs_off+0xd/0x10 [ 319.108891] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 319.114006] ? debug_check_no_obj_freed+0x2ff/0x584 [ 319.119029] vfs_kern_mount.part.34+0x88/0x4d0 [ 319.123621] ? may_umount+0xb0/0xb0 [ 319.127246] ? quarantine_put+0xeb/0x190 [ 319.131323] ? kfree+0x111/0x260 [ 319.134690] ? btrfs_mount+0x831/0x213e [ 319.138670] vfs_kern_mount+0x40/0x60 [ 319.142474] btrfs_mount+0x4a1/0x213e [ 319.146285] ? kasan_check_read+0x11/0x20 [ 319.150438] ? rcu_is_watching+0x85/0x140 [ 319.154602] ? btrfs_remount+0x16f0/0x16f0 [ 319.158847] ? __lockdep_init_map+0x105/0x590 [ 319.163345] ? __lockdep_init_map+0x105/0x590 [ 319.167851] ? lockdep_init_map+0x9/0x10 [ 319.171915] ? __init_waitqueue_head+0x96/0x140 [ 319.176588] ? init_wait_entry+0x1b0/0x1b0 [ 319.180831] ? memcpy+0x45/0x50 [ 319.184124] ? alloc_vfsmnt+0x771/0x9d0 [ 319.188103] ? mnt_free_id.isra.27+0x60/0x60 [ 319.192518] ? kasan_check_read+0x11/0x20 [ 319.196671] ? graph_lock+0x170/0x170 [ 319.200474] ? rcu_pm_notify+0xc0/0xc0 [ 319.204362] ? trace_hardirqs_off+0xd/0x10 [ 319.208610] ? putname+0xf2/0x130 [ 319.212070] ? find_held_lock+0x36/0x1c0 [ 319.216150] ? lock_downgrade+0x8e0/0x8e0 [ 319.220299] ? module_unload_free+0x5b0/0x5b0 [ 319.224823] mount_fs+0xae/0x328 [ 319.228193] ? btrfs_remount+0x16f0/0x16f0 [ 319.232430] ? mount_fs+0xae/0x328 [ 319.235973] ? mpi_free.cold.1+0x19/0x19 [ 319.240046] vfs_kern_mount.part.34+0xd4/0x4d0 [ 319.244657] ? may_umount+0xb0/0xb0 [ 319.248293] ? _raw_read_unlock+0x22/0x30 [ 319.252448] ? __get_fs_type+0x97/0xc0 [ 319.256342] do_mount+0x564/0x30b0 [ 319.259904] ? do_raw_spin_unlock+0x9e/0x2e0 [ 319.264321] ? copy_mount_string+0x40/0x40 [ 319.268574] ? rcu_pm_notify+0xc0/0xc0 [ 319.272566] ? copy_mount_options+0x5f/0x380 [ 319.276976] ? rcu_read_lock_sched_held+0x108/0x120 [ 319.282000] ? kmem_cache_alloc_trace+0x616/0x780 [ 319.286854] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 319.292399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.297936] ? copy_mount_options+0x285/0x380 [ 319.302438] ksys_mount+0x12d/0x140 [ 319.306098] __x64_sys_mount+0xbe/0x150 [ 319.310081] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 319.315101] do_syscall_64+0x1b1/0x800 [ 319.318993] ? finish_task_switch+0x1ca/0x840 [ 319.323493] ? syscall_return_slowpath+0x5c0/0x5c0 [ 319.328429] ? syscall_return_slowpath+0x30f/0x5c0 [ 319.333364] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 319.338737] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.343588] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.348776] RIP: 0033:0x45843a 2033/05/18 03:34:31 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x20000) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:31 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x14, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 319.351959] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 319.371432] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 319.379151] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 319.386423] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 319.393697] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 319.400980] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 319.408269] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000029 2033/05/18 03:34:32 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e679d00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:32 executing program 1 (fault-call:0 fault-nth:42): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:32 executing program 6: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f00000001c0)="0047fc2f07d82c99240970") r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, &(0x7f0000d83ff8), 0x8000fffffffe) truncate(&(0x7f0000000040)='./bus\x00', 0x401) sendfile(r2, r2, &(0x7f00000000c0), 0xfff) 2033/05/18 03:34:32 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") socketpair$unix(0x1, 0x10000000000009, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r2, r0, 0x80000) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) mq_timedsend(r3, &(0x7f00000000c0)="2593e833637b76bb8179d628843a5bdcc4dc5d7b406ad948f8123b73bc5027fcb073beb9abf2abfea026416322cd8b8a95595978320f72526a7072cddfbcfcfff41829e49cecf96b0a324dee99250afa9de8bbe0f3331d0b81fd8c2d8ed99844ff484f989b8aea1d07ebea597b813cf28da228c7dbf1fa13ecaf734f0dff58b101", 0x81, 0x1000, &(0x7f0000000180)={r4, r5+10000000}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000004ff0)={0x3, &(0x7f0000002fe8)=[{0x45, 0x0, 0x4000000000401}, {}, {0x6}]}, 0x10) 2033/05/18 03:34:32 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0f75", 0x3) [ 319.542656] FAULT_INJECTION: forcing a failure. [ 319.542656] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 319.554509] CPU: 0 PID: 21315 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 319.561435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.570794] Call Trace: [ 319.573394] dump_stack+0x1b9/0x294 [ 319.577031] ? dump_stack_print_info.cold.2+0x52/0x52 [ 319.582933] should_fail.cold.4+0xa/0x1a [ 319.587002] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 319.592116] ? debug_check_no_locks_freed+0x310/0x310 [ 319.597309] ? print_usage_bug+0xc0/0xc0 [ 319.601378] ? graph_lock+0x170/0x170 [ 319.605178] ? print_usage_bug+0xc0/0xc0 [ 319.609246] ? find_held_lock+0x36/0x1c0 [ 319.613318] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.618855] ? should_fail+0x21b/0xbcd [ 319.622750] __alloc_pages_nodemask+0x34e/0xd70 [ 319.627433] ? kasan_check_read+0x11/0x20 [ 319.631587] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 319.636606] ? rcu_report_qs_rnp+0x790/0x790 [ 319.641018] ? find_held_lock+0x36/0x1c0 [ 319.645102] ? check_same_owner+0x320/0x320 [ 319.649607] cache_grow_begin+0x6e/0x6c0 [ 319.653674] kmem_cache_alloc+0x689/0x760 [ 319.657831] ? find_held_lock+0x36/0x1c0 [ 319.661903] getname_flags+0xd0/0x5a0 [ 319.665711] user_path_at_empty+0x2d/0x50 [ 319.669864] do_mount+0x172/0x30b0 [ 319.673406] ? do_raw_spin_unlock+0x9e/0x2e0 [ 319.677821] ? copy_mount_string+0x40/0x40 [ 319.682058] ? rcu_pm_notify+0xc0/0xc0 [ 319.685953] ? copy_mount_options+0x5f/0x380 [ 319.690363] ? rcu_read_lock_sched_held+0x108/0x120 [ 319.695384] ? kmem_cache_alloc_trace+0x616/0x780 [ 319.700229] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 319.705782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.711319] ? copy_mount_options+0x285/0x380 [ 319.715820] ksys_mount+0x12d/0x140 [ 319.719451] __x64_sys_mount+0xbe/0x150 [ 319.723429] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 319.728451] do_syscall_64+0x1b1/0x800 [ 319.732340] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 319.737183] ? syscall_return_slowpath+0x5c0/0x5c0 [ 319.742118] ? syscall_return_slowpath+0x30f/0x5c0 [ 319.747051] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 319.752420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.757265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.762450] RIP: 0033:0x45843a [ 319.765632] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 319.785030] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 2033/05/18 03:34:32 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x1000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 319.792747] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 319.800194] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 319.807464] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 319.814729] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 319.821999] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000002a 2033/05/18 03:34:32 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:32 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000d400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:32 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x8002, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x3, 0x9, 0x7, 0x722, 0x5, 0x92, 0x5, 0x4d, 0x6, 0xe7d, 0xd24}, 0xb) fcntl$setstatus(r1, 0x4, 0x2000) pread64(r1, &(0x7f0000000040)=""/32, 0x20, 0x0) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000400)=""/168, &(0x7f00000004c0)=0xa8) lstat(&(0x7f00000003c0)='./file1\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_generic(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x106000}, 0xc, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="ec0100001b0000032dbd7000fbdbdf251f000000e40078001c3b23891942d93c93310b84cd0bee7bfb6a025042ec40aea6da97f01575da9a0ca0784188f85fa33b3f096cf32a298f91f1136093b9a77b2ad3766e093aef51d55e99f9e92c635f919424c359bff8cd6745894de55fa4a3ff9f74895c2f14cda079e9fb8b3f75e1b0557262074b050d023686c8844ce4a7c74fc8c2490b7d726cb0c498744fff34edcac8f64c60eef7448e295824fa9ae418ede11f2d6e55d2803b226c3559b7682da575cc8291f9ddd28f24f2f0dbc33a57f358951c29c1aa3dcb8123b18fc83212ea198fa0c0f8e273d9f34c50227a7583c0c4e1180000009545f6d3e786bc433efd79abc97a44ff3f2222e4bf9ba5ac4d72a3e3747bcebf67950f82a2f810bf9ea7089c3ce69549743e8c6d113432c0adf30e013b24bb9d7fcc2a15325cb9daa3fdcf8c7ab97799b979d637103fd9f242fc00fa518607e99e393d7ee4cd43ff2bcc9ea64e6e89a9f08f2729af1bee93a190674cb087120d44a6562adc987e3be534e6642e8eb0975336457f875d7d3a97c7ff0af390e33579bdce721dbc1ed98db65df1d6fd19b7f0b1a93ed5bde2337f3000050032e5f76a266b3f5fd06383388eae24dd1b5fe6a70ad864b0e95ac0dc66f3a7a9118b08001b00", @ANYRES32=r4, @ANYBLOB="00200800590045cc7076c930fa2e530f3cd6", @ANYRES32=r1, @ANYBLOB="800000614aa44971abc9247b4d87d2a4c95d5d7904f222c2d7b9ee954cb7c3899112c3326863bde1277260ad7fe2481b8a634f30e604e9dd5d24167d25fbd90829bc38cc78cd77e601b979a134f2351d1f75278d1e612cc438"], 0x1ec}, 0x1, 0x0, 0x0, 0x40010}, 0xc885) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:32 executing program 6: r0 = open(&(0x7f0000000080)='./file0\x00', 0x12000, 0x188) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000000c0)=0x2) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r2 = timerfd_create(0x0, 0x0) readv(r2, &(0x7f0000001440)=[{&(0x7f00000013c0)=""/124, 0x7c}], 0x1) clock_nanosleep(0x0, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) pkey_alloc(0x0, 0x0) fcntl$notify(r0, 0x402, 0x10) write(r1, &(0x7f0000000000)="dfb2464d4dbf7b41159802b9df3c199241dc20a971971e2b7d540544f881660ce8dde34f24aa2f87a903726dcad3b549cdbbe0e3a4f528f587f8fdbaa43120cc20a4658ed71f7ad14b1b15bf5c572c718ad1b07ae784b82ec910ef0fad068a412b6363b314", 0xffffffffffffffac) io_setup(0x2, &(0x7f0000000100)=0x0) io_submit(r3, 0x2, &(0x7f0000001300)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x3, 0x3ff, r2, &(0x7f00000001c0)="2c855176c87aafc81d9ea9591963f4052b64b2d32cf07eacdeb59933d368783ca13fea531076eebee7c8bbb4ee6905149dfd144255922480908753f4faf80a280594df6d4cadff544ca01640cb77ee79782506756f5b814116794545496d9a2f8774fad52559d37af5be5d92e08c101b7812da65556d86", 0x77, 0x7f, 0x0, 0x0, r0}, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x3, 0x1, r2, &(0x7f00000002c0)="990b2a317b2313d6aeea4b721648d25b16fe02436bb2e3604b52cfdee537ecb340787dbfd8dc8912a702457263a074cb8b30e7b75e1f677e019e6127e6778953c05f52d175dbbccb629f3a870c20add2baef885d5775011434521f31180bb484a26e472b98b4269fd044d5c11819db9f546f8ede7b73747d3e6133ecde03c8abffccf7aa28f4069f33a833a13299de5fadfa9c5dc10ca39b6f44a96713e27b5610a4dadc6f4d2e0525949aeb8e523379e3b4cac42689e1ebe743bd5f6dd53d6f370faa7638430d4a43a3c2a86f91b840ef9d5e118dd17bd6ebd27a59f3ba89294eb8a922bb0834ce06d4af5fbcfd2a32eae727e0dcec93949f83f0fbf4a6540c5c3e82593628e390cade8530b6331ca951c992d435ed91dea96433192ef72b77503ef4893c696c87926b1eef834bc5c3d3bb49c9dbed9ce56ad473cf44131b5b4f435eb1c74e2e14858ce08d8b4a2b9e548f33c678348e04e8af4252de2d7850660da5bf1d600230a1b8e921ca3290e1fe13c1b9888a0925e3b0d0f8e07456ac1e4b2ac6763c1c135baa37943487f5884904a2eaaf33fdbef687077915b5638d53d3ff394a24b8025a869b8a21a9f9056033ad588f8944483fd7b7404bfb556ef110391c3aee0490b405e266b98638317463735c4965348bf721585cdc43fa307c91dd48649e476995d39a350ee1238e3debb6be65119b594e965b0254b7f5355bef7c064d289a92e9ec24073bc01e4285d56388cea68364d2e157ca75ffa0b6d9d83d8da95a4764589f2391ab0f843b92c951cfee92d7f3d11275d5cd687631a99dfe33a39151054424ecfa7adfd93ab12b2681505f97a68dcd64305a10f1c4a97fc0aeea8c0a3dee3421599ab1888e4f6950117101c04d837097cf58b7e5d0597cd39996119db12728233399543fe2dc060288e5debb1eb2bdd21e0bbedbb6e79bd617c56bfe5f5e300e1399c3871e7ddc3056af4b38ed557ab8b496d52e9b73a85f450db629148d1499d059279aaadd80eeb48fae6b43f2e8f1c16a813138fe6c0d9c50500468332ac28af5bba2a82b19ef9f540839b6ae3e3bae188937333317c7250b9416c1ede982ea558730d8e926b4a2902e1481d6a74c91dc793055512f4b9cccdbf0c6079489c75b2e3f905437eacb5e24313236d3f9174b3538d2f43beb0cd82361ddc8817231d3f89b6119d07ddb203626f1883420e1a1ceec367833845ca933f0628512fe1a6377b9428d3c53f69c7b6ab3a2224e4f50c628d9cc44f28d7ade8952b9a2601b1b1e7ab98ba246ae8732f607859bf86847b4af8f263bb7cad713f341aa924a5d68365c2f451a624f4b5470e60ea083ed401113ee2b229b4eb6b27cd9a63e9b83e626b62cae3561e7d016db0cc55e0c7944b0d4b9f5074664f1acc1c7ed297c26495f097b3da156bdcf4e0ffbef3ba4d8405948f57b2a5339c30d0a933d4ac85c58118e9867e17057af4fdd5598a529cee5abf622e82342ee9095bfc986b90e051715aaa5b8c48c95020067e8e85ff0660a565ebc2132804e6aa68ec606d10807f86fc475bdabf9501e737cb0742384c7e8c82df75195d7cb03bbc90fddad3b5ca2bf10710bdcbc53032d98c243dddd7419042d921bcbc9fc51e3dfc353c5b3fa5ed502bba21e13e02052d25a652e772e83915024568ad6e940d9373a2b7295724721ef61bb4cbc082a6eba800e0ec2a46e59fb06ae06c94cdc56925f1b30fa1e9fc9a063577c330d4f7700ff4a3d0ef43accf710a981cff7f86dc70334e992a5ce8492b1bff8902b42adca7385c04887e42416f01614b81c28cdad6d2bfe4e3d9bc777c6d1ab800284fbfa5f0ef5fe5f3286ac0240c6277d0dd8636a6a317583f58055d3a2d7d8d19cfbd8b1b1787b7886494ea911c660dce607699b12aaeae621adfe89d511d1d456a35d3c044180209030a3f88d85d004e434346a99f60ed94f19a1171d053768fa183ca0b6293e18d5d21461a15779882ff4f3a057cda539a2599482ca06972820821616964cdcff2f97a7f7f68e2beb04812f9adcd85f4a261ff369f5d465f72066cac06f4c533640335768953fa9663b1ad140920d29261b279c894202fc65c8460a348269804ae4c8a36ca74a0aaeebd8cab9a1ab592912b58583b2ef30572aef744d9e2c51da5a7e14b9ec77c2673f35ee7406cf1eb0be41535b0b7963047199b4bc0dafec8f4fafb6a3e86dfa37b401d5a09ea979e585e8b35a37a2aef793e9e529c977abba33c9394bdbe83cc97d5ec3c5db2d9ec4d790c48b4a6883302af50258d6b6832b3f6aa379b4284a95e161379a87cd9dd8321fc90ad9fddd7f54c18acd0fc3c5f385453b8a3a5ff3c8fdb9e2c359c42f562e8077cd262ded7b8996dcdcff4733b08f0116b6b44a5401ceaf481ce79e53d56ef30d65a2f0df495f8031a4be60a04813541644fecc9f69b2e975a76daba8f6f651a563445293ad93d4dc141d6f81432a49b9b8540cfe4d48a8095dfa3663df1fe783468bbb2b2a00be3330e718daddbb62d9dc0e89d87030612aa0bf339f98fb49dfcf06a97fecd6fab6fd83c9748c0ab9470261d4c6405a03f8cfec08cd8b59ef130d1f1c7a49afb50020deac9db3b27df95cdc069aa6645bec19125b1d793fc67bf9436c147e7648d2488623b583e8ed80db9f0384acfed8622d5625f41ef2b6307425352bcf91dcc14590862cd05ede2209d1007beb58b82cf4ff8547ba74db18de61123090c4d56a933bd53cb5a07c298993870ad382f232ee86ea2e555d8d8aecc7861eaba52bec4d5e67bfe40611eb9aeb72f5c37d93ebcb9bcc3aef61b46b334936359982ef8a2cd1acc37dc90bb346bbbedbc2a1877433e1c3a8239dbfcb84beec341fcf5ebe9fa9d7359276c7de7ad4b6a62fac30580f09476300fcaecccfb07380f8d7fa229aec136ae0cc53b1750eaf0fba07a83a480aadef90b3a6428a045e398e8665387a396c52b254fc5cba5829ca66227a6ea2cc37d6b0693801ab4c0d5dc496d9a88b46633677f7537f677005d454b464bdd918a4d373c43c498c540307f645b29470dd43b443cea85919e21f6de0d0667c5fef096cb2b812395aab7ff70fd43de1f56caa407b84ad26f4c69ddcaeee879b46c1d9991446640773f116b835c8844b08a50a156dc000063f15121b000ddcc6731afc40f204cf1cc598c8f249850761fa8f60c0bf349d3ea6923dfe325364b2e4f00002f2fd40d8da74a83964597d63747b15733724b37580ce13ed03ce187ba63efdada486832c806bb3ff05b0ded51670a98f765413f2cb9c50dd32e24ca190459409603171b7f6c8a25ca38fe3bc58b88cf019da6d5e979603ab813690c232b09c4b729ad842e7768354cb2455aa55baa614911343150f35247e8e26c07967bfe6fc32c1d7228511eff2ab4f6a6140a28c30de2c0c3faa601a4362fa3d828178aace0d33e1b679355c681c95d1875b0c8dbd1f2fb16e166145265c6ac157f35189237f41ffa66960db1c52f6c1d02169775d8201c740a77776c2b60d2bb2a12d99290824f1752c7440e1addcce2256fa46cc9fd026d9edc513b34b01b1fc6080d71b349a4d7ba0b9c3cdc208bef7edb92db6a26e27ca6c617e7cbc578b6cea5eaa6bd1c5afa03d06ecbe922fba65d90efee1b3b6721e17f360777d999baa70e3aa98f12ac0463c01d1ea5f216d78733c0912d26be5b873b4a364fe2a03179e1b60af8dd9a5f11d83cb227be0f5306c0ae52fc23a7852179e1cb200fc7c65b39c1ea6113fdf12c683b51d5588485a667a2ac6c886734d313521aaf95389b36ced911de4846e96430999a9cac732b7bbeecb5d230a909c0ea300c28a9603735392e23e2658315dbb23bf09bc35134d9e5688011bd3c167176f352fd1b7b39ae8c63dea21bf4b5395ab7e6d0868a29c8fe4e2ddf7b17e0a574be121b214592e116066f885b10a81856cbd228888e2a7690ac052a0e2c141423e9572bc4aa304b9c75341fc07769bbc8219b34541a29411f474172bd1cbefb54f22edcb6ff52e7fd54ff0e583d237b6e0e6aafc85fb9539d1a46acc8e6966d97900033ec4d45169733ffb0f1344bf2c1bee07be7b8d7793b48f98d4414e26bf3070cef1945b9c6f69b78ab64566f9bdcb9e2262ded193d55c2c94fb2431aaae1761e800a22ad9a0fa848af83a3d6a15d392c439dd0fe26bf8deabf752e3052c46b51be05b8a6567583a3ef7fb4d771291f7cce7e041592efaa773516a6d4092dfa24d2f7dae7a0c8452bac3f2f547780662e07e3b19f43c75f71b172efef6b3b0efe16745eb24143ab3ef11d968f740b4b4feb6839bb53b9f1d8628372020e2ca921a8d49e0d6f9f22e40939f892ba21d5ae8697d1ac56e3024d543c3471e123345d0c170f443c1ab1d7d3c1d47f763f630cfca9a924c28c6a1eec10c5cc0fdc99431acae825b1611ecd905190a0a1f9d47c30cfcbbc10a9629e26a37ddb021ab98ab5e49e878d63d1f605d84e18b2dacee03feabf934ab6d4b6b4028637eed1e421bbcfd88427780f41dbfbb6b6dac8002c00a6d1a9d16a90d56f6ddf2b11eb83890ef3cf5aefecba86b849d440089f86931fcd58bf66f4d87fc78704d64162f44f7c96345f4f64ca1b8b2317c34c448fdf7d578d814f5364a1b403640277d9ab15c3308ef86e2ce92dba086c442ff4d59b9a99afda712e098d6faa175769b40763f95baf7ef471ddd44de5994db44a1d44f4fa0967e2c81f449135507a09bd74d2b9f1d18038bac1b46958e16ddc990a04e39640d8428a389152fba279f434517e3e424c9a4ac8fbe269fcb8de12cbbec1cba8f56eb66d6638cbbc65b4c48b50f030db00175895ed726eae0d29a333b5fddec01ddfa6c4b554b32297396da4f9aba73f4da790afa5e30ee13601a5fd3c93fa1b793c2131beac1ac292245e7ac844084debf841156a51c6a3a9d1fcc0dc0f60c7db488628e647dacd3c30330fac65ac55772fb6027d83d41df6a0b2fb451a7d59af71b5122e19cdde4db2b4b2530fe990052780f79c142557ea055fb0f5eea3943eb5a7ec07a892d838cf189b469391433ff65ff4c1e90d247188808920d5d1fd61425eaef912fae4c9a27bbe6ef04ccfe1ba3027f3bb73c099c80a7fdb8cc67b911557883c732749384ca8db8720793248822bfdc939aee97b26853f743ce667fd90443ca15e75dbfec6facbfd579669a6550de9417f72c45f1fe6aa29d798128756fa5ad341be932ffe4cd780b204ee1459fa58ac891687920d78d0b1f64550540023face81f3d4ad35ee4f30475ee2312aad3fff4efdbb63342e22e6f903c40a0ca1a3b380f5447eabecb65b91f40f4f58ac681eec1018e5ff0b01ffdc506bf8c1d68ab921866a55d572a72d00da45edd6f9c453fa058485188ab4de63b6cb49d68221cd0b720482fbf0e349f4d272ef1ea26262cff26718415e9f2e5660fa02a6fb38648960020ac2fb74d89d6c165cb0a728ba844602b805e70b9dec47da51311da4d9b7cee7c311a1a5859ecd5563ff4230b5e68b938d68318e6721ba191cb9a0257b38d3b640e4da9c936d9885d6f2122210ef340f29b3111810f251afd1992d1d2de2b4c34e68dd6b8ce3d969a2c011bc1f3c9a9000fc8756dc744845b656d432f9ff74b9018641ca4ee04881ea9ed92fed287ebca2c001ad010bf04450e7881368cb0b636037bf7f2327d403db62928f26123f026e21dfa2a42a6201dee62d51bcd20ea75253a404ada71b9e1399717c7dc802bc7bfbd2af3b171c43820f08a8706ebca7b8e3834", 0x1000, 0x1, 0x0, 0x0, r0}]) pkey_alloc(0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 2033/05/18 03:34:32 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x20000) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:32 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0375", 0x3) 2033/05/18 03:34:32 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x20000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:32 executing program 1 (fault-call:0 fault-nth:43): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 320.184739] FAULT_INJECTION: forcing a failure. [ 320.184739] name failslab, interval 1, probability 0, space 0, times 0 [ 320.196070] CPU: 1 PID: 21346 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 320.203003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.212355] Call Trace: [ 320.214952] dump_stack+0x1b9/0x294 [ 320.218593] ? dump_stack_print_info.cold.2+0x52/0x52 [ 320.223788] ? perf_trace_lock_acquire+0xe3/0x980 [ 320.228638] ? perf_trace_lock+0x900/0x900 [ 320.232885] should_fail.cold.4+0xa/0x1a [ 320.236959] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 320.242074] ? __lock_acquire+0x7f5/0x5140 [ 320.246316] ? find_held_lock+0x36/0x1c0 [ 320.250373] ? find_held_lock+0x36/0x1c0 [ 320.254441] ? check_same_owner+0x320/0x320 [ 320.258754] ? rcu_note_context_switch+0x710/0x710 [ 320.263670] ? rcu_is_watching+0x85/0x140 [ 320.267808] __should_failslab+0x124/0x180 [ 320.272036] should_failslab+0x9/0x14 [ 320.275823] kmem_cache_alloc+0x2af/0x760 [ 320.279959] ? is_bpf_text_address+0xd7/0x170 [ 320.284455] ? kernel_text_address+0x79/0xf0 [ 320.288855] ? __unwind_start+0x166/0x330 [ 320.293000] alloc_vfsmnt+0xe0/0x9d0 [ 320.296705] ? mnt_free_id.isra.27+0x60/0x60 [ 320.301110] ? save_stack+0xa9/0xd0 [ 320.304725] ? save_stack+0x43/0xd0 [ 320.308338] ? __kasan_slab_free+0x11a/0x170 [ 320.312736] ? kasan_slab_free+0xe/0x10 [ 320.316695] ? kfree+0xd9/0x260 [ 320.319960] ? btrfs_mount+0x831/0x213e [ 320.323917] ? mount_fs+0xae/0x328 [ 320.327444] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 320.332185] ? do_mount+0x564/0x30b0 [ 320.335884] ? ksys_mount+0x12d/0x140 [ 320.339666] ? __x64_sys_mount+0xbe/0x150 [ 320.343817] ? do_syscall_64+0x1b1/0x800 [ 320.347866] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.353225] ? kasan_check_read+0x11/0x20 [ 320.357363] ? do_raw_spin_unlock+0x9e/0x2e0 [ 320.361759] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 320.366330] ? kasan_check_write+0x14/0x20 [ 320.370552] ? do_raw_spin_lock+0xc1/0x200 [ 320.374775] ? trace_hardirqs_off+0xd/0x10 [ 320.378997] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 320.384093] ? debug_check_no_obj_freed+0x2ff/0x584 [ 320.389103] vfs_kern_mount.part.34+0x88/0x4d0 [ 320.393674] ? may_umount+0xb0/0xb0 [ 320.397289] ? quarantine_put+0xeb/0x190 [ 320.401336] ? kfree+0x111/0x260 [ 320.404688] ? btrfs_mount+0x831/0x213e [ 320.408655] vfs_kern_mount+0x40/0x60 [ 320.412489] btrfs_mount+0x4a1/0x213e [ 320.416279] ? kasan_check_read+0x11/0x20 [ 320.420415] ? rcu_is_watching+0x85/0x140 [ 320.424558] ? btrfs_remount+0x16f0/0x16f0 [ 320.428798] ? __lockdep_init_map+0x105/0x590 [ 320.433279] ? __lockdep_init_map+0x105/0x590 [ 320.437763] ? lockdep_init_map+0x9/0x10 [ 320.441813] ? __init_waitqueue_head+0x96/0x140 [ 320.446469] ? init_wait_entry+0x1b0/0x1b0 [ 320.451215] ? memcpy+0x45/0x50 [ 320.454488] ? alloc_vfsmnt+0x771/0x9d0 [ 320.458447] ? mnt_free_id.isra.27+0x60/0x60 [ 320.462847] ? kasan_check_read+0x11/0x20 [ 320.466979] ? graph_lock+0x170/0x170 [ 320.470769] ? rcu_pm_notify+0xc0/0xc0 [ 320.474639] ? trace_hardirqs_off+0xd/0x10 [ 320.478863] ? mark_held_locks+0xc9/0x160 [ 320.483002] ? retint_kernel+0x10/0x10 [ 320.486883] ? find_held_lock+0x36/0x1c0 [ 320.490940] ? lock_downgrade+0x8e0/0x8e0 [ 320.495074] ? module_unload_free+0x5b0/0x5b0 [ 320.499559] mount_fs+0xae/0x328 [ 320.502914] ? btrfs_remount+0x16f0/0x16f0 [ 320.507144] ? mount_fs+0xae/0x328 [ 320.510676] vfs_kern_mount.part.34+0xd4/0x4d0 [ 320.515246] ? may_umount+0xb0/0xb0 [ 320.518860] ? _raw_read_unlock+0x22/0x30 [ 320.522993] ? __get_fs_type+0x97/0xc0 [ 320.526883] do_mount+0x564/0x30b0 [ 320.530409] ? interrupt_entry+0xb1/0xf0 [ 320.534461] ? copy_mount_string+0x40/0x40 [ 320.538681] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 320.543429] ? retint_kernel+0x10/0x10 [ 320.547309] ? copy_mount_options+0x1e3/0x380 [ 320.551793] ? write_comp_data+0x14/0x70 [ 320.555845] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.561368] ? copy_mount_options+0x285/0x380 [ 320.565853] ksys_mount+0x12d/0x140 [ 320.569469] __x64_sys_mount+0xbe/0x150 [ 320.573429] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 320.578434] do_syscall_64+0x1b1/0x800 [ 320.582307] ? finish_task_switch+0x1ca/0x840 [ 320.586790] ? syscall_return_slowpath+0x5c0/0x5c0 [ 320.591709] ? syscall_return_slowpath+0x30f/0x5c0 [ 320.596626] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 320.601978] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.606812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.611987] RIP: 0033:0x45843a [ 320.615160] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 2033/05/18 03:34:33 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x3000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:33 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0b75", 0x3) [ 320.634481] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 320.642175] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 320.649435] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 320.656690] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 320.663949] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 320.671202] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000002b 2033/05/18 03:34:33 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:33 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000e400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:33 executing program 1 (fault-call:0 fault-nth:44): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:33 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x300, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 320.825374] FAULT_INJECTION: forcing a failure. [ 320.825374] name failslab, interval 1, probability 0, space 0, times 0 [ 320.836776] CPU: 1 PID: 21361 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 320.843697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.853041] Call Trace: [ 320.855631] dump_stack+0x1b9/0x294 [ 320.859275] ? dump_stack_print_info.cold.2+0x52/0x52 [ 320.864466] ? kernel_text_address+0x79/0xf0 [ 320.868876] ? __unwind_start+0x166/0x330 [ 320.873022] ? __kernel_text_address+0xd/0x40 [ 320.877521] should_fail.cold.4+0xa/0x1a [ 320.881587] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 320.886699] ? save_stack+0x43/0xd0 [ 320.890326] ? kasan_kmalloc+0xc4/0xe0 [ 320.894214] ? kasan_slab_alloc+0x12/0x20 [ 320.898358] ? kmem_cache_alloc+0x12e/0x760 [ 320.902672] ? alloc_vfsmnt+0xe0/0x9d0 [ 320.906553] ? vfs_kern_mount.part.34+0x88/0x4d0 [ 320.911310] ? find_held_lock+0x36/0x1c0 [ 320.915387] ? check_same_owner+0x320/0x320 [ 320.919733] ? rcu_note_context_switch+0x710/0x710 [ 320.924669] __should_failslab+0x124/0x180 [ 320.928908] should_failslab+0x9/0x14 [ 320.932708] __kmalloc_track_caller+0x2c4/0x760 [ 320.937383] ? kasan_check_read+0x11/0x20 [ 320.941543] ? do_raw_spin_unlock+0x9e/0x2e0 [ 320.945965] ? kstrdup_const+0x66/0x80 [ 320.949865] kstrdup+0x39/0x70 [ 320.953066] kstrdup_const+0x66/0x80 [ 320.956787] alloc_vfsmnt+0x1b3/0x9d0 [ 320.960594] ? mnt_free_id.isra.27+0x60/0x60 [ 320.965018] ? save_stack+0xa9/0xd0 [ 320.968649] ? save_stack+0x43/0xd0 2033/05/18 03:34:33 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000008e00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:33 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x3f00, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 320.972280] ? __kasan_slab_free+0x11a/0x170 [ 320.976688] ? kasan_slab_free+0xe/0x10 [ 320.980660] ? kfree+0xd9/0x260 [ 320.983941] ? btrfs_mount+0x831/0x213e [ 320.987920] ? mount_fs+0xae/0x328 [ 320.991465] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 320.996223] ? do_mount+0x564/0x30b0 [ 320.999942] ? ksys_mount+0x12d/0x140 [ 321.003749] ? __x64_sys_mount+0xbe/0x150 [ 321.007901] ? do_syscall_64+0x1b1/0x800 [ 321.011964] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.017334] ? kasan_check_read+0x11/0x20 [ 321.021488] ? do_raw_spin_unlock+0x9e/0x2e0 [ 321.025905] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 321.030493] ? kasan_check_write+0x14/0x20 [ 321.034737] ? do_raw_spin_lock+0xc1/0x200 [ 321.038978] ? trace_hardirqs_off+0xd/0x10 [ 321.043217] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 321.048323] ? debug_check_no_obj_freed+0x2ff/0x584 [ 321.053348] vfs_kern_mount.part.34+0x88/0x4d0 [ 321.057935] ? may_umount+0xb0/0xb0 [ 321.061559] ? quarantine_put+0xeb/0x190 [ 321.065621] ? kfree+0x111/0x260 [ 321.068991] ? btrfs_mount+0x831/0x213e [ 321.072966] vfs_kern_mount+0x40/0x60 [ 321.076767] btrfs_mount+0x4a1/0x213e [ 321.080572] ? kasan_check_read+0x11/0x20 [ 321.084725] ? rcu_is_watching+0x85/0x140 [ 321.088884] ? btrfs_remount+0x16f0/0x16f0 [ 321.093124] ? __lockdep_init_map+0x105/0x590 [ 321.097625] ? __lockdep_init_map+0x105/0x590 [ 321.102123] ? lockdep_init_map+0x9/0x10 [ 321.106191] ? __init_waitqueue_head+0x96/0x140 [ 321.110864] ? init_wait_entry+0x1b0/0x1b0 [ 321.115101] ? memcpy+0x45/0x50 [ 321.118392] ? alloc_vfsmnt+0x771/0x9d0 [ 321.122370] ? mnt_free_id.isra.27+0x60/0x60 [ 321.126780] ? kasan_check_read+0x11/0x20 [ 321.130927] ? graph_lock+0x170/0x170 [ 321.134729] ? rcu_pm_notify+0xc0/0xc0 [ 321.138617] ? trace_hardirqs_off+0xd/0x10 [ 321.142858] ? putname+0xf2/0x130 [ 321.146317] ? find_held_lock+0x36/0x1c0 [ 321.150416] ? lock_downgrade+0x8e0/0x8e0 [ 321.154565] ? module_unload_free+0x5b0/0x5b0 [ 321.159065] mount_fs+0xae/0x328 [ 321.162434] ? btrfs_remount+0x16f0/0x16f0 [ 321.166670] ? mount_fs+0xae/0x328 [ 321.170211] ? mpi_free.cold.1+0x19/0x19 [ 321.174279] vfs_kern_mount.part.34+0xd4/0x4d0 [ 321.178866] ? may_umount+0xb0/0xb0 [ 321.182500] ? _raw_read_unlock+0x22/0x30 [ 321.186652] ? __get_fs_type+0x97/0xc0 [ 321.190545] do_mount+0x564/0x30b0 [ 321.194098] ? copy_mount_string+0x40/0x40 [ 321.198338] ? rcu_pm_notify+0xc0/0xc0 [ 321.202233] ? copy_mount_options+0x5f/0x380 [ 321.206647] ? rcu_read_lock_sched_held+0x108/0x120 [ 321.211667] ? kmem_cache_alloc_trace+0x616/0x780 [ 321.216522] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.222064] ? _copy_from_user+0xdf/0x150 [ 321.226311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.231850] ? copy_mount_options+0x285/0x380 [ 321.236355] ksys_mount+0x12d/0x140 [ 321.239983] __x64_sys_mount+0xbe/0x150 [ 321.243960] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 321.248985] do_syscall_64+0x1b1/0x800 [ 321.252873] ? finish_task_switch+0x1ca/0x840 [ 321.257380] ? syscall_return_slowpath+0x5c0/0x5c0 [ 321.262311] ? syscall_return_slowpath+0x30f/0x5c0 [ 321.267251] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 321.272623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.277470] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.282655] RIP: 0033:0x45843a [ 321.285837] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 321.305211] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 321.312932] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 321.320202] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 321.327469] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 321.334735] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 321.342024] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000002c 2033/05/18 03:34:34 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x20000) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:34 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e678600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:34 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) mq_open(&(0x7f0000000000)='selinux*mime_type}{mime_type,&}cgroup$vmnet0vmnet0.\x00', 0x0, 0x21, &(0x7f0000000040)={0x6, 0x40, 0x3, 0x1, 0xfffffffffffffff8, 0x80000001, 0xfff, 0x1ff}) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) dup2(r3, r2) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:34 executing program 1 (fault-call:0 fault-nth:45): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:34 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x2, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:34 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df1575", 0x3) 2033/05/18 03:34:34 executing program 6: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x300, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:34 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x2, 0x0) [ 321.827931] FAULT_INJECTION: forcing a failure. [ 321.827931] name failslab, interval 1, probability 0, space 0, times 0 [ 321.839706] CPU: 1 PID: 21397 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 321.846638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.855995] Call Trace: [ 321.858593] dump_stack+0x1b9/0x294 [ 321.862224] ? dump_stack_print_info.cold.2+0x52/0x52 [ 321.867416] ? lock_downgrade+0x8e0/0x8e0 [ 321.871573] should_fail.cold.4+0xa/0x1a [ 321.875635] ? kasan_check_read+0x11/0x20 [ 321.879800] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 321.884920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.890463] ? pcpu_alloc+0x188/0x1380 [ 321.894356] ? find_held_lock+0x36/0x1c0 [ 321.898539] ? check_same_owner+0x320/0x320 [ 321.902874] ? rcu_note_context_switch+0x710/0x710 [ 321.907818] __should_failslab+0x124/0x180 [ 321.912071] should_failslab+0x9/0x14 [ 321.915883] __kmalloc_track_caller+0x2c4/0x760 [ 321.920557] ? lockdep_init_map+0x9/0x10 [ 321.924617] ? __init_waitqueue_head+0x96/0x140 [ 321.929548] ? memcpy+0x45/0x50 [ 321.932825] ? btrfs_mount_root+0x120/0x1e70 [ 321.937239] kstrdup+0x39/0x70 [ 321.940437] btrfs_mount_root+0x120/0x1e70 [ 321.944674] ? alloc_vfsmnt+0x771/0x9d0 [ 321.948660] ? btrfs_decode_error+0x70/0x70 [ 321.952988] ? save_stack+0x43/0xd0 [ 321.956616] ? __kasan_slab_free+0x11a/0x170 [ 321.961028] ? kasan_slab_free+0xe/0x10 [ 321.965013] ? kfree+0xd9/0x260 [ 321.968302] ? mount_fs+0xae/0x328 [ 321.971852] ? vfs_kern_mount.part.34+0xd4/0x4d0 2033/05/18 03:34:34 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x20}) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000000c0)={0x0, 0x3f, 0xffffffffffffffe0, 0x5, 0x1, 0x1, 0x5, 0x7f97c83, {0x0, @in={{0x2, 0x4e24, @broadcast=0xffffffff}}, 0x8, 0x0, 0x6, 0x1, 0x401}}, &(0x7f0000000180)=0xb0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000001c0)={0x7, 0xe51, 0x8, 0x400, 0x9, 0x100, 0x7fffffff, 0x8544, r4}, &(0x7f0000000200)=0x20) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000040)) dup2(r1, r3) [ 321.976613] ? do_mount+0x564/0x30b0 [ 321.980330] ? ksys_mount+0x12d/0x140 [ 321.984129] ? __x64_sys_mount+0xbe/0x150 [ 321.988281] ? do_syscall_64+0x1b1/0x800 [ 321.992344] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.997713] ? kasan_check_read+0x11/0x20 [ 322.001864] ? do_raw_spin_unlock+0x9e/0x2e0 [ 322.006279] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 322.010870] ? kasan_check_write+0x14/0x20 [ 322.015102] ? do_raw_spin_lock+0xc1/0x200 [ 322.019343] mount_fs+0xae/0x328 [ 322.022709] ? debug_check_no_obj_freed+0x2ff/0x584 2033/05/18 03:34:34 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x3f00000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:34 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67a800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 322.027731] vfs_kern_mount.part.34+0xd4/0x4d0 [ 322.032322] ? may_umount+0xb0/0xb0 [ 322.035948] ? quarantine_put+0xeb/0x190 [ 322.040010] ? kfree+0x111/0x260 [ 322.043386] ? btrfs_mount+0x831/0x213e [ 322.047376] vfs_kern_mount+0x40/0x60 [ 322.051185] btrfs_mount+0x4a1/0x213e [ 322.054995] ? kasan_check_read+0x11/0x20 [ 322.059319] ? rcu_is_watching+0x85/0x140 [ 322.063478] ? btrfs_remount+0x16f0/0x16f0 [ 322.067717] ? __lockdep_init_map+0x105/0x590 [ 322.072216] ? __lockdep_init_map+0x105/0x590 2033/05/18 03:34:34 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xf6ffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 322.076718] ? lockdep_init_map+0x9/0x10 [ 322.080786] ? __init_waitqueue_head+0x96/0x140 [ 322.085463] ? init_wait_entry+0x1b0/0x1b0 [ 322.089701] ? memcpy+0x45/0x50 [ 322.092994] ? alloc_vfsmnt+0x771/0x9d0 [ 322.096976] ? mnt_free_id.isra.27+0x60/0x60 [ 322.101389] ? kasan_check_read+0x11/0x20 [ 322.105536] ? graph_lock+0x170/0x170 [ 322.109339] ? rcu_pm_notify+0xc0/0xc0 [ 322.113224] ? trace_hardirqs_off+0xd/0x10 [ 322.117466] ? mark_held_locks+0xc9/0x160 [ 322.121625] ? find_held_lock+0x36/0x1c0 2033/05/18 03:34:34 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x600, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 322.125696] ? lock_downgrade+0x8e0/0x8e0 [ 322.129842] ? module_unload_free+0x5b0/0x5b0 [ 322.134343] mount_fs+0xae/0x328 [ 322.137709] ? btrfs_remount+0x16f0/0x16f0 [ 322.141943] ? mount_fs+0xae/0x328 [ 322.145482] ? strncmp+0x101/0x190 [ 322.149027] vfs_kern_mount.part.34+0xd4/0x4d0 [ 322.153619] ? may_umount+0xb0/0xb0 [ 322.157251] ? _raw_read_unlock+0x22/0x30 [ 322.161401] ? __get_fs_type+0x97/0xc0 [ 322.165298] do_mount+0x564/0x30b0 [ 322.168847] ? copy_mount_string+0x40/0x40 [ 322.173090] ? trace_hardirqs_on_caller+0x421/0x5c0 2033/05/18 03:34:34 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x100000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 322.178114] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 322.182879] ? retint_kernel+0x10/0x10 [ 322.186779] ? copy_mount_options+0x1f0/0x380 [ 322.191278] ? copy_mount_options+0x206/0x380 [ 322.195779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.201325] ? copy_mount_options+0x285/0x380 [ 322.205825] ksys_mount+0x12d/0x140 [ 322.209457] __x64_sys_mount+0xbe/0x150 [ 322.213437] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 322.218466] do_syscall_64+0x1b1/0x800 [ 322.222352] ? finish_task_switch+0x1ca/0x840 [ 322.226840] ? syscall_return_slowpath+0x5c0/0x5c0 [ 322.231761] ? syscall_return_slowpath+0x30f/0x5c0 [ 322.236681] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 322.242044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 322.246887] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.252061] RIP: 0033:0x45843a [ 322.255230] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 322.274448] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 322.282144] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 322.289398] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 322.296660] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 322.303913] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 322.311164] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000002d 2033/05/18 03:34:34 executing program 1 (fault-call:0 fault-nth:46): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:34 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000dd00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 322.410133] FAULT_INJECTION: forcing a failure. [ 322.410133] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 322.422123] CPU: 0 PID: 21420 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 322.429066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.438419] Call Trace: [ 322.441001] dump_stack+0x1b9/0x294 [ 322.444622] ? dump_stack_print_info.cold.2+0x52/0x52 [ 322.449811] should_fail.cold.4+0xa/0x1a [ 322.453865] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 322.458953] ? lock_downgrade+0x8e0/0x8e0 [ 322.463094] ? kasan_check_read+0x11/0x20 [ 322.467247] ? find_held_lock+0x36/0x1c0 [ 322.471315] ? check_same_owner+0x320/0x320 [ 322.475625] ? rcu_note_context_switch+0x710/0x710 [ 322.480549] ? __might_sleep+0x95/0x190 [ 322.484534] __alloc_pages_nodemask+0x34e/0xd70 [ 322.489187] ? kasan_slab_free+0xe/0x10 [ 322.493146] ? kfree+0xd9/0x260 [ 322.496409] ? btrfs_mount_root+0x2b2/0x1e70 [ 322.500807] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 322.505811] ? ksys_mount+0x12d/0x140 [ 322.509597] ? do_syscall_64+0x1b1/0x800 [ 322.513644] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.518997] ? do_raw_spin_unlock+0x9e/0x2e0 [ 322.523403] ? kasan_check_write+0x14/0x20 [ 322.527621] ? do_raw_spin_lock+0xc1/0x200 [ 322.531843] ? trace_hardirqs_off+0xd/0x10 [ 322.536063] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 322.541153] ? debug_check_no_obj_freed+0x2ff/0x584 [ 322.546164] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 322.551703] alloc_pages_current+0x10c/0x210 [ 322.556103] __get_free_pages+0xf/0x40 [ 322.559978] get_zeroed_page+0x11/0x20 [ 322.563853] parse_security_options+0x1e/0xb0 [ 322.568338] btrfs_mount_root+0x368/0x1e70 [ 322.572558] ? alloc_vfsmnt+0x771/0x9d0 [ 322.576544] ? btrfs_decode_error+0x70/0x70 [ 322.580859] ? save_stack+0x43/0xd0 [ 322.584469] ? __kasan_slab_free+0x11a/0x170 [ 322.588871] ? kasan_slab_free+0xe/0x10 [ 322.592829] ? kfree+0xd9/0x260 [ 322.596093] ? mount_fs+0xae/0x328 [ 322.599616] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 322.604367] ? do_mount+0x564/0x30b0 [ 322.608065] ? ksys_mount+0x12d/0x140 [ 322.611859] ? __x64_sys_mount+0xbe/0x150 [ 322.615995] ? do_syscall_64+0x1b1/0x800 [ 322.620056] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.625416] ? kasan_check_read+0x11/0x20 [ 322.629550] ? do_raw_spin_unlock+0x9e/0x2e0 [ 322.633954] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 322.638528] ? kasan_check_write+0x14/0x20 [ 322.642751] ? do_raw_spin_lock+0xc1/0x200 [ 322.646987] mount_fs+0xae/0x328 [ 322.650343] ? debug_check_no_obj_freed+0x2ff/0x584 [ 322.655350] vfs_kern_mount.part.34+0xd4/0x4d0 [ 322.661223] ? may_umount+0xb0/0xb0 [ 322.664830] ? quarantine_put+0xeb/0x190 [ 322.668881] ? kfree+0x111/0x260 [ 322.672252] ? btrfs_mount+0x831/0x213e [ 322.676213] vfs_kern_mount+0x40/0x60 [ 322.680005] btrfs_mount+0x4a1/0x213e [ 322.683800] ? kasan_check_read+0x11/0x20 [ 322.687936] ? rcu_is_watching+0x85/0x140 [ 322.692078] ? btrfs_remount+0x16f0/0x16f0 [ 322.696299] ? __lockdep_init_map+0x105/0x590 [ 322.700781] ? __lockdep_init_map+0x105/0x590 [ 322.705262] ? lockdep_init_map+0x9/0x10 [ 322.709308] ? __init_waitqueue_head+0x96/0x140 [ 322.713985] ? init_wait_entry+0x1b0/0x1b0 [ 322.718217] ? memcpy+0x45/0x50 [ 322.721488] ? alloc_vfsmnt+0x771/0x9d0 [ 322.725455] ? mnt_free_id.isra.27+0x60/0x60 [ 322.729854] ? kasan_check_read+0x11/0x20 [ 322.733988] ? graph_lock+0x170/0x170 [ 322.737779] ? rcu_pm_notify+0xc0/0xc0 [ 322.741649] ? trace_hardirqs_off+0xd/0x10 [ 322.745878] ? putname+0xf2/0x130 [ 322.749328] ? find_held_lock+0x36/0x1c0 [ 322.753386] ? lock_downgrade+0x8e0/0x8e0 [ 322.757519] ? module_unload_free+0x5b0/0x5b0 [ 322.762007] mount_fs+0xae/0x328 [ 322.765364] ? btrfs_remount+0x16f0/0x16f0 [ 322.769584] ? mount_fs+0xae/0x328 [ 322.773111] ? mpi_free.cold.1+0x19/0x19 [ 322.777160] vfs_kern_mount.part.34+0xd4/0x4d0 [ 322.781732] ? may_umount+0xb0/0xb0 [ 322.785345] ? _raw_read_unlock+0x22/0x30 [ 322.789478] ? __get_fs_type+0x97/0xc0 [ 322.793359] do_mount+0x564/0x30b0 [ 322.796892] ? copy_mount_string+0x40/0x40 [ 322.801114] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 322.805970] ? retint_kernel+0x10/0x10 [ 322.809853] ? copy_mount_options+0x1a1/0x380 [ 322.814350] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 322.819179] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.824701] ? copy_mount_options+0x285/0x380 [ 322.829190] ksys_mount+0x12d/0x140 [ 322.832807] __x64_sys_mount+0xbe/0x150 [ 322.836779] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 322.841786] do_syscall_64+0x1b1/0x800 [ 322.845660] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 322.850493] ? syscall_return_slowpath+0x5c0/0x5c0 [ 322.855411] ? syscall_return_slowpath+0x30f/0x5c0 [ 322.860331] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 322.865682] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 322.870525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.875697] RIP: 0033:0x45843a [ 322.878868] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 322.898196] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 322.905892] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 322.913144] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 322.920397] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 322.927659] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 322.934913] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000002e 2033/05/18 03:34:35 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x20000) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:35 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x7, 0x6e3cd744e8d39ea8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000200)={0x0, 0x898a}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000280)={r1, 0xbb7, 0x10}, &(0x7f00000002c0)=0xc) gettid() r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r3 = getpgid(0x0) sched_setscheduler(r3, 0x1, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1e}}}, 0x200, 0xfffffffffffffffc, 0x1f, 0x3, 0x8}, &(0x7f0000000100)=0x98) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000180)={0x2, 0x0, 0x10001, 0x100000001, r4}, 0x10) preadv(r2, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:35 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000d700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:35 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0475", 0x3) 2033/05/18 03:34:35 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) write$sndseq(r1, &(0x7f00000000c0)=[{0x8000, 0x80, 0x7, 0x10001, @tick=0x5, {0x7fff}, {0xffffffffffff5037, 0x4}, @addr={0x1ff, 0x1}}, {0x4, 0x1, 0x9, 0x8, @time={r4, r5+10000000}, {0x4, 0x8}, {0xe0000000000000, 0x100000000}, @control={0x7, 0x8, 0x4f77}}], 0x60) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) kcmp(r0, r0, 0x2, r2, r3) dup2(r1, r3) 2033/05/18 03:34:35 executing program 1 (fault-call:0 fault-nth:47): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:35 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:35 executing program 6: r0 = socket$inet(0x10, 0x3, 0x10) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="006ffc2f07d82c99240970") ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) sendmsg(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000000000)="240000001800030307fffd946fa2000016140000feffffff031d8568791ba3a2d188527e0fb04dabbe819b8a968bc48a756a2bdbe309f45f71b9811c2c532885283b57cb83a1b777c4", 0x13}], 0x1}, 0x0) [ 323.118476] FAULT_INJECTION: forcing a failure. [ 323.118476] name failslab, interval 1, probability 0, space 0, times 0 [ 323.129859] CPU: 0 PID: 21442 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 323.136793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.146145] Call Trace: [ 323.148742] dump_stack+0x1b9/0x294 [ 323.152377] ? dump_stack_print_info.cold.2+0x52/0x52 [ 323.157566] ? perf_trace_lock_acquire+0xe3/0x980 [ 323.162406] ? perf_trace_lock+0x900/0x900 [ 323.166646] should_fail.cold.4+0xa/0x1a [ 323.170713] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 323.175820] ? __lock_acquire+0x7f5/0x5140 [ 323.180065] ? find_held_lock+0x36/0x1c0 [ 323.184131] ? find_held_lock+0x36/0x1c0 [ 323.188219] ? check_same_owner+0x320/0x320 [ 323.192548] ? rcu_note_context_switch+0x710/0x710 [ 323.197486] ? rcu_is_watching+0x85/0x140 [ 323.201648] __should_failslab+0x124/0x180 [ 323.205896] should_failslab+0x9/0x14 [ 323.209706] kmem_cache_alloc+0x2af/0x760 [ 323.213864] ? is_bpf_text_address+0xd7/0x170 [ 323.218364] ? kernel_text_address+0x79/0xf0 [ 323.222773] ? __unwind_start+0x166/0x330 [ 323.226925] alloc_vfsmnt+0xe0/0x9d0 [ 323.230645] ? mnt_free_id.isra.27+0x60/0x60 [ 323.235067] ? save_stack+0xa9/0xd0 [ 323.238698] ? save_stack+0x43/0xd0 [ 323.242507] ? __kasan_slab_free+0x11a/0x170 [ 323.246914] ? kasan_slab_free+0xe/0x10 [ 323.250887] ? kfree+0xd9/0x260 [ 323.254172] ? btrfs_mount+0x831/0x213e [ 323.258148] ? mount_fs+0xae/0x328 [ 323.261693] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 323.266460] ? do_mount+0x564/0x30b0 [ 323.270179] ? ksys_mount+0x12d/0x140 [ 323.273994] ? __x64_sys_mount+0xbe/0x150 [ 323.278147] ? do_syscall_64+0x1b1/0x800 [ 323.282214] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.287583] ? kasan_check_read+0x11/0x20 [ 323.291732] ? do_raw_spin_unlock+0x9e/0x2e0 [ 323.296146] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 323.300732] ? kasan_check_write+0x14/0x20 [ 323.304968] ? do_raw_spin_lock+0xc1/0x200 [ 323.309208] ? trace_hardirqs_off+0xd/0x10 [ 323.313445] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 323.318560] ? debug_check_no_obj_freed+0x2ff/0x584 [ 323.323588] vfs_kern_mount.part.34+0x88/0x4d0 [ 323.328175] ? may_umount+0xb0/0xb0 [ 323.331800] ? quarantine_put+0xeb/0x190 [ 323.335863] ? kfree+0x111/0x260 [ 323.339230] ? btrfs_mount+0x831/0x213e [ 323.343207] vfs_kern_mount+0x40/0x60 [ 323.347010] btrfs_mount+0x4a1/0x213e [ 323.350814] ? kasan_check_read+0x11/0x20 [ 323.354961] ? rcu_is_watching+0x85/0x140 [ 323.359116] ? btrfs_remount+0x16f0/0x16f0 [ 323.363354] ? __lockdep_init_map+0x105/0x590 [ 323.367852] ? __lockdep_init_map+0x105/0x590 [ 323.372349] ? lockdep_init_map+0x9/0x10 [ 323.376410] ? __init_waitqueue_head+0x96/0x140 [ 323.381083] ? init_wait_entry+0x1b0/0x1b0 [ 323.385315] ? memcpy+0x45/0x50 [ 323.388603] ? alloc_vfsmnt+0x771/0x9d0 [ 323.392578] ? mnt_free_id.isra.27+0x60/0x60 [ 323.396991] ? kasan_check_read+0x11/0x20 [ 323.401138] ? graph_lock+0x170/0x170 [ 323.404939] ? rcu_pm_notify+0xc0/0xc0 [ 323.408822] ? trace_hardirqs_off+0xd/0x10 [ 323.413068] ? putname+0xf2/0x130 [ 323.416523] ? find_held_lock+0x36/0x1c0 [ 323.420595] ? lock_downgrade+0x8e0/0x8e0 [ 323.424745] ? module_unload_free+0x5b0/0x5b0 [ 323.429249] mount_fs+0xae/0x328 [ 323.432615] ? btrfs_remount+0x16f0/0x16f0 [ 323.436852] ? mount_fs+0xae/0x328 [ 323.440393] ? mpi_free.cold.1+0x19/0x19 [ 323.444465] vfs_kern_mount.part.34+0xd4/0x4d0 [ 323.449053] ? may_umount+0xb0/0xb0 [ 323.452689] ? _raw_read_unlock+0x22/0x30 [ 323.456835] ? __get_fs_type+0x97/0xc0 [ 323.460728] do_mount+0x564/0x30b0 [ 323.464271] ? do_raw_spin_unlock+0x9e/0x2e0 [ 323.468685] ? copy_mount_string+0x40/0x40 [ 323.472922] ? rcu_pm_notify+0xc0/0xc0 [ 323.476818] ? copy_mount_options+0x5f/0x380 [ 323.481236] ? rcu_read_lock_sched_held+0x108/0x120 [ 323.486255] ? kmem_cache_alloc_trace+0x616/0x780 [ 323.491108] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 323.496653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.502195] ? copy_mount_options+0x285/0x380 [ 323.506699] ksys_mount+0x12d/0x140 [ 323.510330] __x64_sys_mount+0xbe/0x150 [ 323.514308] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 323.519327] do_syscall_64+0x1b1/0x800 [ 323.523239] ? finish_task_switch+0x1ca/0x840 [ 323.527737] ? syscall_return_slowpath+0x5c0/0x5c0 [ 323.532667] ? syscall_return_slowpath+0x30f/0x5c0 [ 323.537604] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 323.543019] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.547871] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.553060] RIP: 0033:0x45843a 2033/05/18 03:34:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000001000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:36 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x300000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:36 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r1 = socket(0x11, 0x3, 0x0) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000788000)=0x2, 0x4) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r1, 0x111, 0x4, 0x1, 0x4) bind$packet(r1, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value={0x0, 0x6}, &(0x7f00000000c0)=0x8) ioctl$sock_ipx_SIOCIPXNCPCONN(r1, 0x89e3, &(0x7f0000000200)=0x4) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r2, 0x5}, 0x8) setsockopt(r1, 0x107, 0x5, &(0x7f0000001000), 0xc5) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x10000b72, 0x4) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f0000000180)={@dev, 0x0}, &(0x7f00000002c0)=0x14) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000300)={r5, @empty, @dev={0xac, 0x14, 0x14, 0xd}}, 0xc) ioctl$sock_ipx_SIOCIPXNCPCONN(r1, 0x89e3, &(0x7f0000000080)=0x2) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x100000004e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000000340)="554eb31698bd4e281d616bf481ce7ac3021969dc232c6238403f5b53b0392a4ee061c9c76ac221abd8e5e19dbbfe705a13521ee830277910a9512fb8e8a58183a463698ce9bb7aa6f5e5b9f7b0e8c0398a0ff6c5038137477b69ad8978976603cfe6e47a5a8d369c13b0e34bada033b1e483f30317ec34a7807bfd6404f29d4ca1359139fbb3f382450ec69b2623e3084c59ce15657473fc66bfebc47aeddc350b25ecd2024ed2b7c81dcb26b64b64b87f1d5d4bd0ececd300c48c96f8c5b26f6957", 0xc2, 0x40, &(0x7f0000000280)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) write(r0, &(0x7f0000000000)="bb2eaf2fd044dc3c7916d0c499e11067cdcc50e38a24eaffd41915e3a95e284397e1b37a07f31209bcd711ce5e2480745242445ed84a0e2cadfdbfa78c68c5e5a6fb0e9dd2488c0d316bdfe6b58fb9ebe03f17703cd0cf79e8563022213b46a48bcca90ac2247c7dad5c82a060", 0x6d) [ 323.556243] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 323.575681] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 323.583395] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 323.590668] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 323.597938] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 323.605205] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 323.612487] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000002f 2033/05/18 03:34:36 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x200000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000f00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:36 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x2) 2033/05/18 03:34:36 executing program 1 (fault-call:0 fault-nth:48): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:36 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x1000000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 323.779615] FAULT_INJECTION: forcing a failure. [ 323.779615] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 323.791563] CPU: 0 PID: 21465 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 323.798491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.807845] Call Trace: [ 323.810442] dump_stack+0x1b9/0x294 [ 323.814083] ? dump_stack_print_info.cold.2+0x52/0x52 [ 323.819287] should_fail.cold.4+0xa/0x1a [ 323.823366] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 323.828473] ? lock_downgrade+0x8e0/0x8e0 [ 323.832637] ? kasan_check_read+0x11/0x20 [ 323.836799] ? find_held_lock+0x36/0x1c0 [ 323.840895] ? check_same_owner+0x320/0x320 [ 323.845235] ? rcu_note_context_switch+0x710/0x710 [ 323.850187] ? __might_sleep+0x95/0x190 [ 323.854180] __alloc_pages_nodemask+0x34e/0xd70 [ 323.858861] ? kasan_slab_free+0xe/0x10 [ 323.862844] ? kfree+0xd9/0x260 [ 323.866131] ? btrfs_mount_root+0x2b2/0x1e70 [ 323.870554] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 323.875579] ? ksys_mount+0x12d/0x140 [ 323.879393] ? do_syscall_64+0x1b1/0x800 [ 323.883462] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.888834] ? do_raw_spin_unlock+0x9e/0x2e0 [ 323.893252] ? kasan_check_write+0x14/0x20 [ 323.897491] ? do_raw_spin_lock+0xc1/0x200 [ 323.901733] ? trace_hardirqs_off+0xd/0x10 [ 323.905973] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 323.911090] ? debug_check_no_obj_freed+0x2ff/0x584 [ 323.916126] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 323.921676] alloc_pages_current+0x10c/0x210 [ 323.926094] __get_free_pages+0xf/0x40 [ 323.929983] get_zeroed_page+0x11/0x20 [ 323.933875] parse_security_options+0x1e/0xb0 [ 323.938374] btrfs_mount_root+0x368/0x1e70 [ 323.942617] ? alloc_vfsmnt+0x771/0x9d0 [ 323.946604] ? btrfs_decode_error+0x70/0x70 [ 323.950942] ? save_stack+0x43/0xd0 [ 323.954572] ? __kasan_slab_free+0x11a/0x170 [ 323.958983] ? kasan_slab_free+0xe/0x10 [ 323.962954] ? kfree+0xd9/0x260 [ 323.966235] ? mount_fs+0xae/0x328 [ 323.969774] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 323.974527] ? do_mount+0x564/0x30b0 [ 323.978240] ? ksys_mount+0x12d/0x140 [ 323.982037] ? __x64_sys_mount+0xbe/0x150 [ 323.986185] ? do_syscall_64+0x1b1/0x800 [ 323.990247] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.995613] ? kasan_check_read+0x11/0x20 [ 323.999765] ? do_raw_spin_unlock+0x9e/0x2e0 [ 324.004821] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 324.009412] ? kasan_check_write+0x14/0x20 [ 324.013654] ? do_raw_spin_lock+0xc1/0x200 [ 324.017908] mount_fs+0xae/0x328 [ 324.021280] ? debug_check_no_obj_freed+0x2ff/0x584 [ 324.026308] vfs_kern_mount.part.34+0xd4/0x4d0 [ 324.030907] ? may_umount+0xb0/0xb0 [ 324.034536] ? quarantine_put+0xeb/0x190 [ 324.038606] ? kfree+0x111/0x260 [ 324.041976] ? btrfs_mount+0x831/0x213e [ 324.045954] vfs_kern_mount+0x40/0x60 [ 324.049758] btrfs_mount+0x4a1/0x213e [ 324.053571] ? kasan_check_read+0x11/0x20 [ 324.057724] ? rcu_is_watching+0x85/0x140 [ 324.061883] ? btrfs_remount+0x16f0/0x16f0 [ 324.066142] ? __lockdep_init_map+0x105/0x590 [ 324.070674] ? __lockdep_init_map+0x105/0x590 [ 324.075170] ? lockdep_init_map+0x9/0x10 [ 324.079219] ? __init_waitqueue_head+0x96/0x140 [ 324.083874] ? init_wait_entry+0x1b0/0x1b0 [ 324.088095] ? memcpy+0x45/0x50 [ 324.091368] ? alloc_vfsmnt+0x771/0x9d0 [ 324.095332] ? mnt_free_id.isra.27+0x60/0x60 [ 324.099727] ? kasan_check_read+0x11/0x20 [ 324.103862] ? graph_lock+0x170/0x170 [ 324.107650] ? rcu_pm_notify+0xc0/0xc0 [ 324.111521] ? trace_hardirqs_off+0xd/0x10 [ 324.115750] ? putname+0xf2/0x130 [ 324.119189] ? find_held_lock+0x36/0x1c0 [ 324.123244] ? lock_downgrade+0x8e0/0x8e0 [ 324.127389] ? module_unload_free+0x5b0/0x5b0 [ 324.131875] mount_fs+0xae/0x328 [ 324.135227] ? btrfs_remount+0x16f0/0x16f0 [ 324.139455] ? mount_fs+0xae/0x328 [ 324.142982] ? mpi_free.cold.1+0x19/0x19 [ 324.147041] vfs_kern_mount.part.34+0xd4/0x4d0 [ 324.151610] ? may_umount+0xb0/0xb0 [ 324.155223] ? _raw_read_unlock+0x22/0x30 [ 324.159356] ? __get_fs_type+0x97/0xc0 [ 324.163239] do_mount+0x564/0x30b0 [ 324.166770] ? copy_mount_string+0x40/0x40 [ 324.170993] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.175744] ? retint_kernel+0x10/0x10 [ 324.179627] ? copy_mount_options+0x1a1/0x380 [ 324.184133] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 324.188966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.194488] ? copy_mount_options+0x285/0x380 [ 324.198976] ksys_mount+0x12d/0x140 [ 324.202595] __x64_sys_mount+0xbe/0x150 [ 324.206555] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 324.211568] do_syscall_64+0x1b1/0x800 [ 324.215452] ? finish_task_switch+0x1ca/0x840 [ 324.219940] ? syscall_return_slowpath+0x5c0/0x5c0 [ 324.224857] ? syscall_return_slowpath+0x30f/0x5c0 [ 324.230298] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 324.235652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.240496] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.245672] RIP: 0033:0x45843a [ 324.248843] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 324.268176] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 2033/05/18 03:34:36 executing program 5: prctl$void(0x1a) r0 = socket$bt_hidp(0x1f, 0x3, 0x6) r1 = syz_open_dev$admmidi(&(0x7f0000001140)='/dev/admmidi#\x00', 0xdaf3, 0x81) accept(r0, &(0x7f0000001400)=@generic, &(0x7f0000001480)=0x80) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000001180)={{0xfff, 0x80}, {0x3, 0x8}, 0x9, 0x4, 0x880000000}) r2 = accept(r0, &(0x7f0000001080)=@llc, &(0x7f0000001100)=0x80) r3 = socket$can_bcm(0x1d, 0x2, 0x2) recvfrom(r0, &(0x7f0000000000)=""/4096, 0x1000, 0x2, &(0x7f0000001000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r3, 0x4, 0x0, 0x1, 0x2, {0xa, 0x4e24, 0x4, @ipv4={[], [0xff, 0xff]}, 0x101}}}, 0x80) getsockname$packet(r2, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000013c0)=0x14) r4 = open(&(0x7f0000002780)='./file0\x00', 0x840, 0x1) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000001200)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0000001000000000", @ANYPTR=&(0x7f00000027c0)=ANY=[@ANYBLOB="14479197f8dba0e5eb8a33decb519b84302dbc5d37467d463af2977dbc276ec435ee6b5f07372b0b53740e962da76af603055ea8a649993df9968610577c27b03f584465b6ec15c08e1a99440dd2f8505a7989b6418bf5ba59ae912707c2a7ea43e03ebcb9d5ff9e4fad65a65d"], @ANYBLOB="df01ff070000030001003e7622000000951ec70229a7ca0280e0d46c2d93b8494158644784b5d8bd4eb42a76367297f6a800d281e7869b70db2a97b2339465aa7fcba0b70194dbef309e1864ebe587be359eeb56a642729ffe745a52203a273d2e65522102154ef266d00d77eced70e3d3826c1b94188e20a98a660e996c93cd7d3b2433f85de3a5903d4d89a5c162e5f2b0e4f46c35d45d466a5dedba78204d4dab78da9c4790807eff83cb0c79c89dc7697a086f3ae70e9c346785765688f154577562ba4d5f93e95041b8b56a452ac6f052a958d4a5e58bdafb67b6420bf78866f801810da76e7c4aa061bbdc1a7b036714bc5151099db1b92e3459dda0cc847bf411d64e7b32a02b2ec0d357e85da5610bda4f91f20cacf7632362924244028edd320812f40f719839e62d57d8850bb17ab9de1cf65a7410736c2e7cb8574fa997c6f4b441e084c7f322"]) 2033/05/18 03:34:36 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000032fe8)) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000680)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000700000004000000a0040000600100007802000060010000b8030000b8030000b803000004000000", @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB="00000000e6ff00000000000000000000000000000000000000000000e60000000000000001000000000000000000000000000000000000000000000000000000"], @ANYBLOB="ac1414aaac1414bb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000626f6e645f736c6176655f3100000000726f736530000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0006001000000000000000000000000000000000000000000000000000070004e464c4f4700000000000000000000000000000000000000000000000000000000000000000000000000042fd94c273aba5e601573e4fce4f3d5d3bba611e0b9a970cfab8d1c707e6fd027e816385272bd971bd1a65457a259a07f504d250bde6449521d29bc6cb317e500000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000180100000000000000000000000000000000000000000000000000002800434c41535349465900000000000000000000000000000000000000000000000000000000000000000000e00000010000000000000000ffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006772653000000000000000000000000076657468315f746f5f626f6e6400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff0000000050642a7d2f2d18a578b5649922000761e41e454b1ac8b464fa775ea32c0e898f223b"], 0x4f0) 2033/05/18 03:34:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000c100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:36 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:36 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r2, 0x4, 0x47fe) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(r2, 0x8934, &(0x7f0000000000)={'veth1\x00', 0x2bac}) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) msync(&(0x7f0000013000/0x3000)=nil, 0x3000, 0x7) dup2(r1, r3) 2033/05/18 03:34:36 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) recvfrom$ipx(r0, &(0x7f0000000040)=""/145, 0x91, 0x40000000, &(0x7f0000000100)={0x4, 0x5, 0x5, "a38cef2af77c", 0x8}, 0x10) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:36 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x10) 2033/05/18 03:34:36 executing program 1 (fault-call:0 fault-nth:49): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 324.275877] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 324.283132] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 324.290389] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 324.297643] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 324.304898] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000030 2033/05/18 03:34:36 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f0000000080)) ioctl(r0, 0x2284, &(0x7f0000000080)) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000000)) 2033/05/18 03:34:36 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfffffdfc, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67a500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 324.450446] FAULT_INJECTION: forcing a failure. [ 324.450446] name failslab, interval 1, probability 0, space 0, times 0 [ 324.461790] CPU: 0 PID: 21496 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 324.468722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.478081] Call Trace: [ 324.480685] dump_stack+0x1b9/0x294 [ 324.484330] ? dump_stack_print_info.cold.2+0x52/0x52 [ 324.489553] ? perf_trace_lock_acquire+0xe3/0x980 [ 324.494416] should_fail.cold.4+0xa/0x1a [ 324.498496] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 324.503604] ? graph_lock+0x170/0x170 [ 324.507410] ? find_held_lock+0x36/0x1c0 [ 324.511460] ? find_held_lock+0x36/0x1c0 [ 324.515530] ? check_same_owner+0x320/0x320 [ 324.519841] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 324.525058] ? rcu_note_context_switch+0x710/0x710 [ 324.529982] __should_failslab+0x124/0x180 [ 324.534210] should_failslab+0x9/0x14 [ 324.537999] kmem_cache_alloc+0x2af/0x760 [ 324.542140] ? drain_local_pages_wq+0x20/0x20 [ 324.546637] getname_kernel+0x54/0x370 [ 324.550516] kern_path+0x1e/0x40 [ 324.553873] lookup_bdev+0xfa/0x240 [ 324.557488] ? blkdev_open+0x280/0x280 [ 324.561362] ? mark_free_pages+0x3b0/0x3b0 [ 324.565582] ? rcu_read_lock_sched_held+0x108/0x120 [ 324.570602] ? __alloc_pages_nodemask+0xacf/0xd70 [ 324.575444] ? kasan_slab_free+0xe/0x10 [ 324.579405] ? kfree+0xd9/0x260 [ 324.582676] blkdev_get_by_path+0x1f/0xe0 [ 324.586814] btrfs_scan_one_device+0xd7/0xae0 [ 324.591302] ? do_raw_spin_unlock+0x9e/0x2e0 [ 324.595710] ? device_list_add+0x1500/0x1500 [ 324.600117] ? kasan_check_write+0x14/0x20 [ 324.604343] ? do_raw_spin_lock+0xc1/0x200 [ 324.608565] ? trace_hardirqs_off+0xd/0x10 [ 324.612790] ? debug_check_no_obj_freed+0x2ff/0x584 [ 324.617805] ? __free_pages+0x106/0x180 [ 324.621775] ? free_unref_page+0x9d0/0x9d0 [ 324.626006] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.631537] ? free_pages+0x50/0x90 [ 324.635156] btrfs_mount_root+0x3a2/0x1e70 [ 324.639385] ? alloc_vfsmnt+0x771/0x9d0 [ 324.643357] ? btrfs_decode_error+0x70/0x70 [ 324.647766] ? save_stack+0x43/0xd0 [ 324.651381] ? __kasan_slab_free+0x11a/0x170 [ 324.655773] ? kasan_slab_free+0xe/0x10 [ 324.659732] ? kfree+0xd9/0x260 [ 324.662997] ? mount_fs+0xae/0x328 [ 324.666528] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 324.671267] ? do_mount+0x564/0x30b0 [ 324.674966] ? ksys_mount+0x12d/0x140 [ 324.678754] ? __x64_sys_mount+0xbe/0x150 [ 324.682889] ? do_syscall_64+0x1b1/0x800 [ 324.686935] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.692288] ? kasan_check_read+0x11/0x20 [ 324.696427] ? do_raw_spin_unlock+0x9e/0x2e0 [ 324.700825] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 324.705396] ? kasan_check_write+0x14/0x20 [ 324.709626] ? do_raw_spin_lock+0xc1/0x200 [ 324.713853] mount_fs+0xae/0x328 [ 324.717206] ? debug_check_no_obj_freed+0x2ff/0x584 [ 324.722214] vfs_kern_mount.part.34+0xd4/0x4d0 [ 324.726785] ? may_umount+0xb0/0xb0 [ 324.730394] ? quarantine_put+0xeb/0x190 [ 324.734468] ? kfree+0x111/0x260 [ 324.737823] ? btrfs_mount+0x831/0x213e [ 324.741794] vfs_kern_mount+0x40/0x60 [ 324.745585] btrfs_mount+0x4a1/0x213e [ 324.749383] ? kasan_check_read+0x11/0x20 [ 324.753519] ? rcu_is_watching+0x85/0x140 [ 324.757673] ? btrfs_remount+0x16f0/0x16f0 [ 324.761896] ? __lockdep_init_map+0x105/0x590 [ 324.766377] ? __lockdep_init_map+0x105/0x590 [ 324.770859] ? lockdep_init_map+0x9/0x10 [ 324.774916] ? __init_waitqueue_head+0x96/0x140 [ 324.779572] ? init_wait_entry+0x1b0/0x1b0 [ 324.783791] ? memcpy+0x45/0x50 [ 324.787067] ? alloc_vfsmnt+0x771/0x9d0 [ 324.791033] ? mnt_free_id.isra.27+0x60/0x60 [ 324.795432] ? kasan_check_read+0x11/0x20 [ 324.799567] ? graph_lock+0x170/0x170 [ 324.803363] ? rcu_pm_notify+0xc0/0xc0 [ 324.807235] ? trace_hardirqs_off+0xd/0x10 [ 324.811462] ? putname+0xf2/0x130 [ 324.814904] ? find_held_lock+0x36/0x1c0 [ 324.818959] ? lock_downgrade+0x8e0/0x8e0 [ 324.823094] ? module_unload_free+0x5b0/0x5b0 [ 324.827581] mount_fs+0xae/0x328 [ 324.830932] ? btrfs_remount+0x16f0/0x16f0 [ 324.835153] ? mount_fs+0xae/0x328 [ 324.838686] ? mpi_free.cold.1+0x19/0x19 [ 324.842746] vfs_kern_mount.part.34+0xd4/0x4d0 [ 324.847326] ? may_umount+0xb0/0xb0 [ 324.850943] ? _raw_read_unlock+0x22/0x30 [ 324.855081] ? __get_fs_type+0x97/0xc0 [ 324.858959] do_mount+0x564/0x30b0 [ 324.862500] ? copy_mount_string+0x40/0x40 [ 324.866721] ? rcu_pm_notify+0xc0/0xc0 [ 324.870614] ? copy_mount_options+0x5f/0x380 [ 324.875011] ? rcu_read_lock_sched_held+0x108/0x120 [ 324.880028] ? kmem_cache_alloc_trace+0x616/0x780 [ 324.884872] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.890395] ? _copy_from_user+0xdf/0x150 [ 324.894533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.900054] ? copy_mount_options+0x285/0x380 [ 324.904541] ksys_mount+0x12d/0x140 [ 324.908157] __x64_sys_mount+0xbe/0x150 [ 324.912118] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 324.917124] do_syscall_64+0x1b1/0x800 [ 324.921000] ? finish_task_switch+0x1ca/0x840 [ 324.925488] ? syscall_return_slowpath+0x5c0/0x5c0 [ 324.930490] ? syscall_return_slowpath+0x30f/0x5c0 [ 324.935418] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 324.940774] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.945607] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.950781] RIP: 0033:0x45843a [ 324.953955] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 324.973289] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 324.980998] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 324.988260] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 324.995514] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 325.002770] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 325.010034] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000031 [ 325.029116] sd 0:0:1:0: device reset [ 325.041132] sd 0:0:1:0: device reset 2033/05/18 03:34:37 executing program 5: r0 = socket(0xb, 0xa, 0x1) sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x14, 0x11, 0x201, 0x0, 0x0, {0x7}}, 0x14}, 0x1}, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) bind$rds(r0, &(0x7f0000000200)={0x2, 0x4e20, @broadcast=0xffffffff}, 0x10) r2 = getpgrp(0x0) fcntl$setownex(r0, 0xf, &(0x7f00000001c0)={0x1, r2}) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000280)=0x40) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x74, 0x0, [0x4, 0xbc, 0x5b, 0x5]}) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000240)=0x5, 0x4) 2033/05/18 03:34:37 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x20000603) 2033/05/18 03:34:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\x00\x00\v\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:37 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x4, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:37 executing program 1 (fault-call:0 fault-nth:50): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:37 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x2fe, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:37 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f0000000080)) ioctl(r0, 0x2284, &(0x7f0000000080)) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000000)) 2033/05/18 03:34:37 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000140)={0x0, 0x2, 0x3, 0x2, 0x3, 0x6, 0x0, 0x66}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) openat(r1, &(0x7f0000000180)='./file0\x00', 0x10840, 0x18) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe01, 0x17, 0x17, 0x8, "002274189a95c7a472b81263b03e8f5388bcfa3cd8a174d35749f9d8b20bfd4e38cdd78a05308dbb96db1729483bbf34589d89e0c30b8a4c74842e22d1ef2c0a", "f670b70c187c70163226a8893a284b397441b703b1365ee219f78072f50bc572", [0x3af, 0x5]}) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80800) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) accept$netrom(r2, &(0x7f00000001c0), &(0x7f0000000200)=0x10) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ff9000/0x5000)=nil, 0x5000}, 0x1}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) r4 = accept4$ipx(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x80800) dup2(r4, r3) [ 325.369161] sd 0:0:1:0: device reset [ 325.391886] FAULT_INJECTION: forcing a failure. [ 325.391886] name failslab, interval 1, probability 0, space 0, times 0 [ 325.403225] CPU: 0 PID: 21526 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 325.410166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.419526] Call Trace: [ 325.422130] dump_stack+0x1b9/0x294 [ 325.425774] ? dump_stack_print_info.cold.2+0x52/0x52 [ 325.430987] should_fail.cold.4+0xa/0x1a [ 325.435068] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 325.440177] ? kasan_check_read+0x11/0x20 [ 325.444338] ? rcu_is_watching+0x85/0x140 [ 325.448504] ? find_held_lock+0x36/0x1c0 [ 325.452590] ? lock_downgrade+0x8e0/0x8e0 [ 325.456762] ? do_raw_spin_unlock+0x9e/0x2e0 [ 325.461182] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 325.465779] __should_failslab+0x124/0x180 [ 325.470010] should_failslab+0x9/0x14 [ 325.473803] kmem_cache_alloc+0x47/0x760 [ 325.477852] ? rcu_note_context_switch+0x710/0x710 [ 325.482777] ? mempool_free+0x370/0x370 [ 325.486741] mempool_alloc_slab+0x44/0x60 [ 325.490880] mempool_alloc+0x18b/0x490 [ 325.494769] ? mempool_destroy+0x30/0x30 [ 325.498818] ? rcu_pm_notify+0xc0/0xc0 [ 325.502707] bio_alloc_bioset+0x384/0x6d0 [ 325.506856] ? bvec_alloc+0x2d0/0x2d0 [ 325.510649] ? check_same_owner+0x320/0x320 [ 325.514959] ? lock_release+0xa10/0xa10 [ 325.518925] submit_bh_wbc+0x14b/0x790 [ 325.522804] block_read_full_page+0x939/0xab0 [ 325.527290] ? check_disk_change+0x140/0x140 [ 325.531689] ? __bread_gfp+0x310/0x310 [ 325.535568] ? alloc_pages_current+0x114/0x210 [ 325.540141] ? __page_cache_alloc+0x189/0x5d0 [ 325.544803] ? __filemap_set_wb_err+0x3a0/0x3a0 [ 325.549457] ? kasan_check_write+0x14/0x20 [ 325.553684] ? __mutex_lock+0x7d9/0x17f0 [ 325.557740] blkdev_readpage+0x1c/0x20 [ 325.561622] do_read_cache_page+0x778/0x13b0 [ 325.566027] ? blkdev_writepages+0x30/0x30 [ 325.570258] ? pagecache_get_page+0xe20/0xe20 [ 325.574745] ? find_held_lock+0x36/0x1c0 [ 325.578811] ? lock_downgrade+0x8e0/0x8e0 [ 325.582949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.588481] ? refcount_sub_and_test+0x212/0x330 [ 325.593224] ? graph_lock+0x170/0x170 [ 325.597025] ? refcount_inc_not_zero+0x2d0/0x2d0 [ 325.601772] ? m_show+0x5d0/0x5d0 [ 325.605216] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 325.610746] ? _atomic_dec_and_lock+0x117/0x1c0 [ 325.615402] ? cpumask_local_spread+0x2e0/0x2e0 [ 325.620062] ? kasan_check_write+0x14/0x20 [ 325.624284] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 325.629206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.634743] ? iput+0x632/0xa80 [ 325.638033] ? inode_add_lru+0x290/0x290 [ 325.642091] ? kasan_check_read+0x11/0x20 [ 325.646240] ? do_raw_spin_unlock+0x9e/0x2e0 [ 325.650639] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 325.655212] ? kasan_check_write+0x14/0x20 [ 325.659447] ? do_raw_spin_lock+0xc1/0x200 [ 325.663676] ? blkdev_get+0xc0/0xb30 [ 325.667393] ? bdget+0x5c0/0x5c0 [ 325.670747] ? mntput+0x74/0xa0 [ 325.674022] ? path_put+0x50/0x70 [ 325.677465] ? lookup_bdev+0xb4/0x240 [ 325.681256] ? blkdev_open+0x280/0x280 [ 325.685129] ? mark_free_pages+0x3b0/0x3b0 [ 325.689350] ? rcu_read_lock_sched_held+0x108/0x120 [ 325.694349] ? __alloc_pages_nodemask+0xacf/0xd70 [ 325.699177] ? kasan_slab_free+0xe/0x10 [ 325.703143] read_cache_page_gfp+0x6f/0x90 [ 325.707366] btrfs_scan_one_device+0x1ec/0xae0 [ 325.711936] ? do_raw_spin_unlock+0x9e/0x2e0 [ 325.716330] ? device_list_add+0x1500/0x1500 [ 325.720722] ? kasan_check_write+0x14/0x20 [ 325.724977] ? do_raw_spin_lock+0xc1/0x200 [ 325.729198] ? trace_hardirqs_off+0xd/0x10 [ 325.733425] ? debug_check_no_obj_freed+0x2ff/0x584 [ 325.738429] ? __free_pages+0x106/0x180 [ 325.742478] ? free_unref_page+0x9d0/0x9d0 [ 325.746707] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 325.752251] ? free_pages+0x50/0x90 [ 325.755868] btrfs_mount_root+0x3a2/0x1e70 [ 325.760089] ? alloc_vfsmnt+0x771/0x9d0 [ 325.764055] ? btrfs_decode_error+0x70/0x70 [ 325.768370] ? save_stack+0x43/0xd0 [ 325.771981] ? __kasan_slab_free+0x11a/0x170 [ 325.776376] ? kasan_slab_free+0xe/0x10 [ 325.780333] ? kfree+0xd9/0x260 [ 325.783601] ? mount_fs+0xae/0x328 [ 325.787134] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 325.791875] ? do_mount+0x564/0x30b0 [ 325.795573] ? ksys_mount+0x12d/0x140 [ 325.799359] ? __x64_sys_mount+0xbe/0x150 [ 325.803491] ? do_syscall_64+0x1b1/0x800 [ 325.807540] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.812894] ? kasan_check_read+0x11/0x20 [ 325.817034] ? do_raw_spin_unlock+0x9e/0x2e0 [ 325.821430] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 325.826005] ? kasan_check_write+0x14/0x20 [ 325.830236] ? do_raw_spin_lock+0xc1/0x200 [ 325.834469] mount_fs+0xae/0x328 [ 325.837825] ? debug_check_no_obj_freed+0x2ff/0x584 [ 325.842833] vfs_kern_mount.part.34+0xd4/0x4d0 [ 325.847405] ? may_umount+0xb0/0xb0 [ 325.851021] ? quarantine_put+0xeb/0x190 [ 325.855075] ? kfree+0x111/0x260 [ 325.858442] ? btrfs_mount+0x831/0x213e [ 325.862403] vfs_kern_mount+0x40/0x60 [ 325.866190] btrfs_mount+0x4a1/0x213e [ 325.869987] ? kasan_check_read+0x11/0x20 [ 325.874122] ? rcu_is_watching+0x85/0x140 [ 325.878265] ? btrfs_remount+0x16f0/0x16f0 [ 325.882484] ? __lockdep_init_map+0x105/0x590 [ 325.886967] ? __lockdep_init_map+0x105/0x590 [ 325.891451] ? lockdep_init_map+0x9/0x10 [ 325.895499] ? __init_waitqueue_head+0x96/0x140 [ 325.900153] ? init_wait_entry+0x1b0/0x1b0 [ 325.904380] ? memcpy+0x45/0x50 [ 325.907653] ? alloc_vfsmnt+0x771/0x9d0 [ 325.911614] ? mnt_free_id.isra.27+0x60/0x60 [ 325.916013] ? kasan_check_read+0x11/0x20 [ 325.920152] ? graph_lock+0x170/0x170 [ 325.923952] ? rcu_pm_notify+0xc0/0xc0 [ 325.927824] ? trace_hardirqs_off+0xd/0x10 [ 325.932056] ? putname+0xf2/0x130 [ 325.935496] ? find_held_lock+0x36/0x1c0 [ 325.939553] ? lock_downgrade+0x8e0/0x8e0 [ 325.943686] ? module_unload_free+0x5b0/0x5b0 [ 325.948179] mount_fs+0xae/0x328 [ 325.951536] ? btrfs_remount+0x16f0/0x16f0 [ 325.955756] ? mount_fs+0xae/0x328 [ 325.959283] ? mpi_free.cold.1+0x19/0x19 [ 325.963336] vfs_kern_mount.part.34+0xd4/0x4d0 [ 325.967905] ? may_umount+0xb0/0xb0 [ 325.971520] ? _raw_read_unlock+0x22/0x30 [ 325.975663] ? __get_fs_type+0x97/0xc0 [ 325.979539] do_mount+0x564/0x30b0 [ 325.983065] ? interrupt_entry+0xb1/0xf0 [ 325.987121] ? copy_mount_string+0x40/0x40 [ 325.991344] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 325.996089] ? retint_kernel+0x10/0x10 [ 325.999979] ? copy_mount_options+0x1f0/0x380 [ 326.004946] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 326.009780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 326.015305] ? copy_mount_options+0x285/0x380 [ 326.019790] ksys_mount+0x12d/0x140 [ 326.023406] __x64_sys_mount+0xbe/0x150 [ 326.027367] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 326.032374] do_syscall_64+0x1b1/0x800 [ 326.036250] ? finish_task_switch+0x1ca/0x840 [ 326.040733] ? syscall_return_slowpath+0x5c0/0x5c0 [ 326.045652] ? syscall_return_slowpath+0x30f/0x5c0 [ 326.050573] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 326.055927] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.060761] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.065944] RIP: 0033:0x45843a [ 326.069115] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 2033/05/18 03:34:38 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x1400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:38 executing program 6: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="0700000000000000ff030000000000cfc91fcfbe30bf1cb1a0ba0149d77a915dfc57000000000000000000f90600000000000081e0000000000000af0f0000000000000700000000000000590e191d25b6b22b000000000000ff7f000000000000cf08000000000000060009000d000000380a00eafffffffffe0f00000000000000"]) r2 = socket$inet6(0xa, 0x7, 0xb3c) connect(r2, &(0x7f00000000c0)=@in={0x2}, 0x80) sendto$inet6(r2, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e21, 0x0, @loopback={0x0, 0x1}}, 0x1c) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') setsockopt$inet6_buf(r0, 0x29, 0xdb, &(0x7f0000000140), 0x0) 2033/05/18 03:34:38 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r3) ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f0000000040)) r5 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x2000) add_key$user(&(0x7f0000000140)='user\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000200)="703010572278a8843c5de1902b617ec80f165b14afaabfde2ffffe128a41fc35d7cf38eebc8187e7a2f445ad61c97b456b03fbc356a2dc4488e057ff57fe474d73d07013e6366e0c4d65efe229449f744ae6589b8c4a4fe48566fba10e8011ee4741138a580abe482ef554aa933bdbe65a7888bc5896c43499d8f8d68ada4ba63eb8a128c59ed74cd153208e4a15ddc6651a7e52e1086174ccd11b5893b6961ddd813d032af234720c0eba06ae54b7177ecf3f825a8f", 0xb6, r1) setsockopt$netrom_NETROM_N2(r5, 0x103, 0x3, &(0x7f0000000100)=0xa5, 0x4) keyctl$update(0x2, r4, &(0x7f0000000600)="df0275", 0x3) [ 326.088447] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 326.096140] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 326.103395] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 326.110648] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 326.117904] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 326.125156] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000032 2033/05/18 03:34:38 executing program 1 (fault-call:0 fault-nth:51): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:38 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300000b00000000000000000000000100180000000000030006000000000002000000e000000100000000000000000200010000000000000000000000000003000500000000000200efe851936ec2bfe58605880000e000000100000000000000000ac95af29a65c7e11345754cde4c3854aa2e79cc2a5810162c11978a5e1dd1268429de61fd8ccaa003bd2b7bbfab18391a5b19285cc30a07cb2c071c477b6f5ae42bbcbfe3992ea62dfe356ce107859513e65019d865f4517f2fa4e20cfffb3d9a15dcbc2b5bb82ef981b21dff"], 0x58}, 0x1}, 0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x200, 0x0) tkill(r2, 0x22) 2033/05/18 03:34:38 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000009000", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:38 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendfile(r2, r2, &(0x7f00000000c0), 0x6bc6) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getown(r1, 0x9) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) getsockopt$netrom_NETROM_T1(r2, 0x103, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:38 executing program 6: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000200)="0047fc2f07d82c99240970") r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_mreqsrc(r2, 0x0, 0x2d, &(0x7f0000000080)={@remote={0xac, 0x14, 0x14, 0xbb}, @rand_addr=0x8, @broadcast=0xffffffff}, 0xc) bind$bt_sco(r1, &(0x7f0000000000)={0x1f}, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x1, 0x0) ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000100)) listen(r1, 0x0) setsockopt$bt_BT_VOICE(r1, 0x112, 0x7, &(0x7f00000001c0), 0x0) 2033/05/18 03:34:38 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x3f000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 326.272415] FAULT_INJECTION: forcing a failure. [ 326.272415] name failslab, interval 1, probability 0, space 0, times 0 [ 326.283804] CPU: 1 PID: 21548 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 326.290749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.300092] Call Trace: [ 326.302674] dump_stack+0x1b9/0x294 [ 326.306296] ? dump_stack_print_info.cold.2+0x52/0x52 [ 326.311475] ? perf_trace_lock_acquire+0xe3/0x980 [ 326.316313] should_fail.cold.4+0xa/0x1a [ 326.320367] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 326.325460] ? graph_lock+0x170/0x170 [ 326.329266] ? find_held_lock+0x36/0x1c0 [ 326.333324] ? find_held_lock+0x36/0x1c0 [ 326.337395] ? check_same_owner+0x320/0x320 [ 326.341701] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 326.346804] ? rcu_note_context_switch+0x710/0x710 [ 326.351918] __should_failslab+0x124/0x180 [ 326.356140] should_failslab+0x9/0x14 [ 326.359929] kmem_cache_alloc+0x2af/0x760 [ 326.364060] ? drain_local_pages_wq+0x20/0x20 [ 326.368554] getname_kernel+0x54/0x370 [ 326.372429] kern_path+0x1e/0x40 [ 326.375782] lookup_bdev+0xfa/0x240 [ 326.379398] ? blkdev_open+0x280/0x280 [ 326.383274] ? mark_free_pages+0x3b0/0x3b0 [ 326.387500] ? rcu_read_lock_sched_held+0x108/0x120 [ 326.392512] ? __alloc_pages_nodemask+0xacf/0xd70 [ 326.397342] ? kasan_slab_free+0xe/0x10 [ 326.401303] ? kfree+0xd9/0x260 [ 326.404574] blkdev_get_by_path+0x1f/0xe0 [ 326.408711] btrfs_scan_one_device+0xd7/0xae0 [ 326.413194] ? do_raw_spin_unlock+0x9e/0x2e0 [ 326.417591] ? device_list_add+0x1500/0x1500 [ 326.421988] ? kasan_check_write+0x14/0x20 [ 326.426216] ? do_raw_spin_lock+0xc1/0x200 [ 326.430452] ? trace_hardirqs_off+0xd/0x10 [ 326.434692] ? debug_check_no_obj_freed+0x2ff/0x584 [ 326.439698] ? __free_pages+0x106/0x180 [ 326.443657] ? free_unref_page+0x9d0/0x9d0 [ 326.447897] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 326.453424] ? free_pages+0x50/0x90 [ 326.457045] btrfs_mount_root+0x3a2/0x1e70 [ 326.461264] ? alloc_vfsmnt+0x771/0x9d0 [ 326.465233] ? btrfs_decode_error+0x70/0x70 [ 326.469554] ? save_stack+0x43/0xd0 [ 326.473168] ? __kasan_slab_free+0x11a/0x170 [ 326.477562] ? kasan_slab_free+0xe/0x10 [ 326.481521] ? kfree+0xd9/0x260 [ 326.484789] ? mount_fs+0xae/0x328 [ 326.488317] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 326.493062] ? do_mount+0x564/0x30b0 [ 326.496758] ? ksys_mount+0x12d/0x140 [ 326.500543] ? __x64_sys_mount+0xbe/0x150 [ 326.504677] ? do_syscall_64+0x1b1/0x800 [ 326.508725] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.514074] ? kasan_check_read+0x11/0x20 [ 326.518212] ? do_raw_spin_unlock+0x9e/0x2e0 [ 326.522607] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 326.527176] ? kasan_check_write+0x14/0x20 [ 326.531396] ? do_raw_spin_lock+0xc1/0x200 [ 326.535622] mount_fs+0xae/0x328 [ 326.538977] ? debug_check_no_obj_freed+0x2ff/0x584 [ 326.543990] vfs_kern_mount.part.34+0xd4/0x4d0 [ 326.548566] ? may_umount+0xb0/0xb0 [ 326.552174] ? quarantine_put+0xeb/0x190 [ 326.556221] ? kfree+0x111/0x260 [ 326.559576] ? btrfs_mount+0x831/0x213e [ 326.563540] vfs_kern_mount+0x40/0x60 [ 326.567329] btrfs_mount+0x4a1/0x213e [ 326.571120] ? kasan_check_read+0x11/0x20 [ 326.575252] ? rcu_is_watching+0x85/0x140 [ 326.579393] ? btrfs_remount+0x16f0/0x16f0 [ 326.583612] ? __lockdep_init_map+0x105/0x590 [ 326.588097] ? __lockdep_init_map+0x105/0x590 [ 326.592579] ? lockdep_init_map+0x9/0x10 [ 326.596626] ? __init_waitqueue_head+0x96/0x140 [ 326.601285] ? init_wait_entry+0x1b0/0x1b0 [ 326.605504] ? memcpy+0x45/0x50 [ 326.608779] ? alloc_vfsmnt+0x771/0x9d0 [ 326.612746] ? mnt_free_id.isra.27+0x60/0x60 [ 326.617151] ? kasan_check_read+0x11/0x20 [ 326.621290] ? graph_lock+0x170/0x170 [ 326.625076] ? rcu_pm_notify+0xc0/0xc0 [ 326.628949] ? trace_hardirqs_off+0xd/0x10 [ 326.633174] ? putname+0xf2/0x130 [ 326.636615] ? find_held_lock+0x36/0x1c0 [ 326.640680] ? lock_downgrade+0x8e0/0x8e0 [ 326.644816] ? module_unload_free+0x5b0/0x5b0 [ 326.649302] mount_fs+0xae/0x328 [ 326.652657] ? btrfs_remount+0x16f0/0x16f0 [ 326.656902] ? mount_fs+0xae/0x328 [ 326.660428] ? mpi_free.cold.1+0x19/0x19 [ 326.664477] vfs_kern_mount.part.34+0xd4/0x4d0 [ 326.669047] ? may_umount+0xb0/0xb0 [ 326.672664] ? _raw_read_unlock+0x22/0x30 [ 326.676804] ? __get_fs_type+0x97/0xc0 [ 326.680683] do_mount+0x564/0x30b0 [ 326.684212] ? do_raw_spin_unlock+0x9e/0x2e0 [ 326.688611] ? copy_mount_string+0x40/0x40 [ 326.692845] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 326.697851] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 326.702598] ? retint_kernel+0x10/0x10 [ 326.706479] ? copy_mount_options+0x213/0x380 [ 326.710960] ? copy_mount_options+0x213/0x380 [ 326.715444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 326.720964] ? copy_mount_options+0x285/0x380 [ 326.725451] ksys_mount+0x12d/0x140 [ 326.729068] __x64_sys_mount+0xbe/0x150 [ 326.733033] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 326.738042] do_syscall_64+0x1b1/0x800 [ 326.741917] ? finish_task_switch+0x1ca/0x840 [ 326.746401] ? syscall_return_slowpath+0x5c0/0x5c0 [ 326.751317] ? syscall_return_slowpath+0x30f/0x5c0 [ 326.756237] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 326.761637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.766473] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.771650] RIP: 0033:0x45843a [ 326.774820] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 326.794149] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 326.801846] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 326.809274] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 326.816533] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 326.823789] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 326.831044] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000033 2033/05/18 03:34:39 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000080)) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) ioctl$TIOCNXCL(r0, 0x540d) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000180)={{0x8, 0x7, 0x5, 0x8001, 'syz0\x00', 0x2}, 0x5, 0x403, 0x1, r1, 0x3, 0x2, 'syz1\x00', &(0x7f0000000040)=['/dev/usbmon#\x00', 'cpuset\'#\'.!vmnet1+selinuxuser-em1\x00', '/dev/usbmon#\x00'], 0x3c, [], [0x7ff, 0x2, 0x80, 0xff]}) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:39 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xffffffeb, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670000008300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:39 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") connect$inet(r0, &(0x7f00000000c0)={0x2}, 0x10) getsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[{}, {}, {}, {}], 0x200000000000014b) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000100)={0x0, 0xd7, "af554af4f60f933acbc616d9334f016ea84ddee5084ed4a1ccc98c51bd594b29bbdc831795e447a3643f2c324cf00e6c9c3bc7491712e32b70e290f9bbfdc19d60677050a41404b0ff4651271ff8bed4b696fb842d6aaaa4e985ea8c1b3c920dc2435f545d03c53edb1bb61b65ba846ab2b26b298d4624acbdd4e15048c1d123010a5838831cd29c9a6d7ddb87a009e2d4703e31efc87a21a04747e89b703e9ed4b3d196e8df582e151090953c3d84106cce5908030b1e865e0319fbac6149639e356e31b3bff278e29562fd4608a9bb7d1d62342ccfab"}, &(0x7f0000000200)=0xdf) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={r2, 0xf44d}, &(0x7f00000002c0)=0x8) 2033/05/18 03:34:39 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000040)={0x0, 0xb29d}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000100)={r4, 0xffffffff}, 0x8) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f00000003c0)={0x4, &(0x7f0000000140)=[{}, {}, {}, {}]}) fcntl$setstatus(r1, 0x4, 0x2000) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000440)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000540)=0xe8) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000640)={{0x1, 0xfffffffffffffc00}, 'port1\x00', 0x61, 0x2, 0x1, 0x100000000, 0x10000, 0x7f, 0xb051, 0x0, 0x2, 0x84}) getresgid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)=0x0) syz_fuse_mount(&(0x7f0000000400)='./file0\x00', 0xa002, r5, r6, 0x9, 0x20) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {0x8001}, {}, @time=@time={0x77359400}}], 0x30) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000000)={0x1, 0x3}) 2033/05/18 03:34:39 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffffffe) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) membarrier(0x40, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22}, 0x1c) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000180)={0x303, 0x33}, 0x4) 2033/05/18 03:34:39 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r2 = dup(r0) setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f00000001c0)={0x8af, {{0xa, 0x4e21, 0xffffffffffff7265, @loopback={0x0, 0x1}, 0x3a692399}}}, 0x88) r3 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="66b9840b00000f320f8a0000a5b82e0a8ed00f210ef40f9a6d0bb800008ed80f01c8653e0f01b20038", 0x29}], 0x1, 0x7a, &(0x7f0000000140), 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x800, 0x0) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1a8, r3) keyctl$update(0x2, r4, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:39 executing program 1 (fault-call:0 fault-nth:52): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:39 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x2000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:39 executing program 6: r0 = socket(0xa, 0x802, 0x0) setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000000)=0x200, 0x4) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000080)=@add_del={0x2, &(0x7f0000000040)='bridge0\x00'}) 2033/05/18 03:34:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700e200", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 327.242742] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 327.298683] FAULT_INJECTION: forcing a failure. [ 327.298683] name failslab, interval 1, probability 0, space 0, times 0 [ 327.310128] CPU: 0 PID: 21581 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 327.317063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.326686] Call Trace: [ 327.329289] dump_stack+0x1b9/0x294 [ 327.332935] ? dump_stack_print_info.cold.2+0x52/0x52 [ 327.338136] ? perf_trace_lock_acquire+0xe3/0x980 [ 327.342988] ? unwind_get_return_address+0x61/0xa0 2033/05/18 03:34:39 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xebffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700e600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:39 executing program 6: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_GET_MSRS(r0, 0x4004556e, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000fd02e813c5b11979d671f981bd8187e9138cf09e76b341eb7963b8093880bfc14de2559a4eba35eec0a7e272e4a185d1f58564d171c16877879efa1943316f5ee2eae0fa1276404412faac29f8f310869cb6cacab5a8f35982c807f494b9791cbf1feff498026c000000aaa5c3a77c578bb1651e76b695355cf37e9b6072c7f1a023afaef3830d2e2f3c8d8ac73b55f600ef601653e3861eb1b1ccb8020188a82da052dd50dc78627a92afe0dd61831fc7cb83c0d6c63429b1efc3162c8beb9243f6f9bc4478ef784d6dd51e224cf9537736bbb11bac90b84438674666bd7caf7db7f8f0ca1aded4054f5e14977882f384ab8d7629921163287cc92edb7a06e6d62b0b429aaa6189"]) fcntl$setsig(r0, 0xa, 0x29) [ 327.347929] should_fail.cold.4+0xa/0x1a [ 327.352006] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 327.357120] ? save_stack+0xa9/0xd0 [ 327.360752] ? save_stack+0x43/0xd0 [ 327.364387] ? __kmalloc_node+0x47/0x70 [ 327.368367] ? kvmalloc_node+0xbf/0x100 [ 327.372348] ? btrfs_mount_root+0x6ef/0x1e70 [ 327.376759] ? mount_fs+0xae/0x328 [ 327.380303] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 327.385066] ? vfs_kern_mount+0x40/0x60 [ 327.389053] ? btrfs_mount+0x4a1/0x213e [ 327.393043] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 327.397887] ? find_held_lock+0x36/0x1c0 [ 327.401965] ? nfsd4_set_deviceid+0x350/0xa40 [ 327.406497] ? check_same_owner+0x320/0x320 [ 327.410836] ? __kmalloc_node+0x33/0x70 [ 327.414821] ? rcu_note_context_switch+0x710/0x710 [ 327.419758] ? rcu_read_lock_sched_held+0x108/0x120 [ 327.424789] __should_failslab+0x124/0x180 [ 327.429038] should_failslab+0x9/0x14 [ 327.432864] kmem_cache_alloc_trace+0x2cb/0x780 [ 327.437547] ? __kmalloc_node+0x47/0x70 [ 327.441799] btrfs_mount_root+0x786/0x1e70 2033/05/18 03:34:40 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x20000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:40 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000000580)=""/4096) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000060000007897c03c0732154b"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 327.446040] ? alloc_vfsmnt+0x771/0x9d0 [ 327.450031] ? btrfs_decode_error+0x70/0x70 [ 327.454369] ? save_stack+0x43/0xd0 [ 327.458005] ? __kasan_slab_free+0x11a/0x170 [ 327.462419] ? kasan_slab_free+0xe/0x10 [ 327.466396] ? kfree+0xd9/0x260 [ 327.469686] ? mount_fs+0xae/0x328 [ 327.473223] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 327.477985] ? do_mount+0x564/0x30b0 [ 327.481703] ? ksys_mount+0x12d/0x140 [ 327.485511] ? __x64_sys_mount+0xbe/0x150 [ 327.489668] ? do_syscall_64+0x1b1/0x800 [ 327.493732] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.499107] ? kasan_check_read+0x11/0x20 [ 327.503262] ? do_raw_spin_unlock+0x9e/0x2e0 [ 327.507676] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 327.512269] ? kasan_check_write+0x14/0x20 [ 327.516510] ? do_raw_spin_lock+0xc1/0x200 [ 327.520754] mount_fs+0xae/0x328 [ 327.524133] ? debug_check_no_obj_freed+0x2ff/0x584 [ 327.529156] vfs_kern_mount.part.34+0xd4/0x4d0 [ 327.533744] ? may_umount+0xb0/0xb0 [ 327.537368] ? quarantine_put+0xeb/0x190 [ 327.541430] ? kfree+0x111/0x260 [ 327.544800] ? btrfs_mount+0x831/0x213e [ 327.548779] vfs_kern_mount+0x40/0x60 [ 327.552581] btrfs_mount+0x4a1/0x213e [ 327.556388] ? kasan_check_read+0x11/0x20 [ 327.560540] ? rcu_is_watching+0x85/0x140 [ 327.564695] ? btrfs_remount+0x16f0/0x16f0 [ 327.568956] ? __lockdep_init_map+0x105/0x590 [ 327.573453] ? __lockdep_init_map+0x105/0x590 [ 327.577951] ? lockdep_init_map+0x9/0x10 [ 327.582011] ? __init_waitqueue_head+0x96/0x140 [ 327.586683] ? init_wait_entry+0x1b0/0x1b0 [ 327.590920] ? memcpy+0x45/0x50 [ 327.594209] ? alloc_vfsmnt+0x771/0x9d0 [ 327.598183] ? mnt_free_id.isra.27+0x60/0x60 [ 327.602592] ? kasan_check_read+0x11/0x20 [ 327.606739] ? graph_lock+0x170/0x170 [ 327.610542] ? rcu_pm_notify+0xc0/0xc0 [ 327.614427] ? trace_hardirqs_off+0xd/0x10 [ 327.618672] ? putname+0xf2/0x130 [ 327.622129] ? find_held_lock+0x36/0x1c0 [ 327.626201] ? lock_downgrade+0x8e0/0x8e0 [ 327.630348] ? module_unload_free+0x5b0/0x5b0 [ 327.634850] mount_fs+0xae/0x328 [ 327.638218] ? btrfs_remount+0x16f0/0x16f0 [ 327.642454] ? mount_fs+0xae/0x328 [ 327.646011] ? mpi_free.cold.1+0x19/0x19 [ 327.650084] vfs_kern_mount.part.34+0xd4/0x4d0 [ 327.654673] ? may_umount+0xb0/0xb0 [ 327.658303] ? _raw_read_unlock+0x22/0x30 [ 327.662449] ? __get_fs_type+0x97/0xc0 [ 327.666345] do_mount+0x564/0x30b0 [ 327.669890] ? copy_mount_string+0x40/0x40 [ 327.674125] ? rcu_pm_notify+0xc0/0xc0 [ 327.678022] ? copy_mount_options+0x5f/0x380 [ 327.682437] ? rcu_read_lock_sched_held+0x108/0x120 [ 327.687456] ? kmem_cache_alloc_trace+0x616/0x780 [ 327.692304] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 327.697840] ? _copy_from_user+0xdf/0x150 [ 327.701992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.707532] ? copy_mount_options+0x285/0x380 [ 327.712032] ksys_mount+0x12d/0x140 [ 327.715667] __x64_sys_mount+0xbe/0x150 [ 327.719640] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 327.724660] do_syscall_64+0x1b1/0x800 [ 327.728558] ? finish_task_switch+0x1ca/0x840 [ 327.733062] ? syscall_return_slowpath+0x5c0/0x5c0 [ 327.737994] ? syscall_return_slowpath+0x30f/0x5c0 [ 327.742933] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 327.748304] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.753156] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.758347] RIP: 0033:0x45843a [ 327.761527] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 327.780938] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 327.788650] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 327.795924] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 327.803194] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 327.810459] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 327.817727] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000034 2033/05/18 03:34:40 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) fcntl$setstatus(r1, 0x4, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000000)) dup2(r1, r3) 2033/05/18 03:34:40 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x3ff, 0x94673ec35f5db9b0) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f00000000c0)=0x5, 0x4) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x80, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r2, 0x81785501, &(0x7f0000000040)=""/30) accept$alg(r1, 0x0, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(camellia)\x00'}, 0x58) 2033/05/18 03:34:40 executing program 4: r0 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@generic, &(0x7f00000000c0)=0x80, 0x80000) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r2 = fcntl$getown(r1, 0x9) r3 = getpgid(r2) sched_setscheduler(r3, 0x1, &(0x7f0000000140)=0x8) preadv(r1, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) r4 = open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) epoll_pwait(r4, &(0x7f0000000100)=[{}, {}], 0x2, 0x2, &(0x7f0000000200)={0xfffffffffffffffa}, 0x8) 2033/05/18 03:34:40 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67f900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:40 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:40 executing program 1 (fault-call:0 fault-nth:53): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:40 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = syz_open_dev$loop(&(0x7f00000006c0)='/dev/loop#\x00', 0x3, 0x2000) ioctl$BLKGETSIZE(r3, 0x1260, &(0x7f0000000700)) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000600)="df0275", 0x3) r5 = open(&(0x7f0000000100)='./file0\x00', 0x2000, 0x100) recvfrom$ax25(r5, &(0x7f0000000640)=""/93, 0x5d, 0x40, &(0x7f00000005c0)={0x3, {"caf1861b2013eb"}, 0x100000}, 0x10) syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x1000, 0x7, &(0x7f0000000500)=[{&(0x7f00000001c0)="8edaeb8f0e2c95209d4be8f7a2a712308f87818976061c9249b53da70037d03ce221a1fd2a7bcfbabe95c5f49b478efd4ed9e300dabbb5da81485ee727b38aa8323e5a6332457e519e6f491aa6b3ca831b09722d7825e670aacef1727cbe8ddd733b4eddb2f9aa262cdb198b70bb18f4193ec9c0e9401fb077a47c5fc1be73986ba120b16aab8975f414173ec56ec6ff7b02683cefb773", 0x97, 0x6daff3ea}, {&(0x7f0000001600)="247b0508e0ccb6406bef137afd094504f71c396e809015997b1f1c8d46d46fccc5d7588fcd135b8f041a4cc932eafcc7e8cc40102d8bfb581d8b30def75800845e7bb06884160d9080089ff600f0111d7a68ccbbbdf5dea44d07e90ac33c9ec0b6e0b249be1fb21a3aa4c579e3ab3afe8a7cf90f1f1bdc61b1d6400161ef4126e43114c551ed770bd172963ec46b6914dbf72cd876220d735fbe8a9373945f516f682d16b8811af5009b40f08827577a4d97ee1ac9635cd2dc73730cda25d692d6102182303d6440e9504b01a8c63bff3c89733b03dda316bc6c25f8ab39946be6d83b4b426ba6fcc77fb012bdf340097f235b1ca3eb52dabc0126de756251b841527764da7c4c0de4b9b51707e27f55679bfe8538f7a261ec04e114f8414ec68106ba618b7407c3c85b7ab2ae72d2eb298b100cabfc768c4ec9f648fc448786c24043ee830dc9a99639d5fe14bd79885c08a939c31580dc01ac55e36405155f6af843a6602660a79e62a5393d311fe5ede52ffd9437c8b8b75817d145ab96f4b459ac4e32a90079d50e46b25ff0080e74833ae667df72bc53259742c8018ed289986dd3434afe01763412bae4ce5b5dda7487d87deb63242e2f2f08a520b63165dca51aafe901a7bad3151b1f0bb55d136086289fc286197e915083d1e4a85ca03ab4ef0abe9b38dcb0076d86a9886e4ee7b2f6001dedef5bafa6639d66257f64e356a19bf589c223d7a8d9a8f97e5b2b6fcb9d4b4b271bfe563674a4e555baa4444ef82f5f247d7b77759d2dec5b8d8f41f0fb813cecab3f281d392547dd740cdaf5bb9621f08aa38d8e640ffcc08aeefe30fa6257ce213f44f3248587699d0462118a057955ebcb152653ecaa090d7ca367c43776bfdcc7baf0ec0eacfee5bc4575fc10efc6cdd2032249bc41737fc1f56adada2e011e0505ed3e0a6074678a25ebbffd756ff3c5f21c9832d91e083a55532bc922ef4c09603ed5f6838f123d8cbd45f730069dc8f3a813b4e01f40ae5eebc5368c4ab27efbd5760a6031998f2825d81516ce588c14d015ef3bf98454cd122b111831fbf667437b01e5faf7d67cfd6a771b13ee8a9b9f2f8bf4e0731752fd1f05f7c8663597e482ff7f8b546b4cf1fbdaaf8c116b4a58df3ae0e59244177f51d6d276e0eaa06f20d6c1584165ca8d33672738b32aef3adb2d65515c9767f799a6e9fcad8cca6b04c761b402dd66630a77af64b3dbf55bfa0704ddd03803e74a82a7db41f0ad2a1f943b708b143705f2393e398838426d9e5ee1982770cd5220f9867c1596c84c1e8e44c835bf05e4ede7a3d89857db0402fb84e9d170345eaed47d51719f1ad6819d483988017efcb45129c98daeae9a7b0716687cf86c8a527dbfe8bef6dfc4edbe4ad5d39a5bad1e6e36061fc1c4ad3467136fa51cc90e8cb788d2217e235698167e0d821cc2a155761019a82f0921284a5c43d56c5d547b56db40411dbaa345504226454fbc6dad09069f823a4bb2038db5dd9eb4f27490be61c90ba3bcce29c3e33d85ccf806890f710b5291f10df5c95f30a72818c18e5054179363d153d74153e5b53fed09938e30ab1f8534a414fd46bce071a803ae569fca620a116900e05cbe811486fb16a9a62556b8654a570cf0c800cc0432862e25ea78b0567b92e53c55a4026688e842ea111fa3252d5c1a4eceb734ef004645b6c417dd4a008a896521ed3381be64272a681d86c66dc32ca755b62c6843332a100690489e9aa82805fb25c26d699a42448dbbc11829812f32c996c90435884c70540b25ae02b895dc7af9cb08890b02277b97149bbb8972348748d86fed6a78655c23086edf17abd96f806229a34bab5d780834c5cd58256f83d4a43b81a43a53b91e7e0fc2bd64be4e6cc6daca89a78cb9551f74d1bd65bd679253de2418a2416d02b9d46d0fdbc4560623268339aa6342a12f0200dfcb21c6fc083d0d0e8b5697e1b76ab6a494899a272c63a4de5ee3b136ad62f0a4e1c5ee039994d8d2e91f870ff72886211964312ecb5a3799ae67d91468eb31a8f83699ed0cfa002ed13e979dea0f29f5bdcf51ac1d97fa78f5a9699f0c3945078e67355af01acb410b026c59cab0e501fe9c326aed325a7d7264983ed2b53df98ac02c6cf2148e6221be5924840e37b8c5f867899badf21d2b2409ace62ab1fe3c7eaeeb2e2ab65d8953981ab1ea1c59d1acbd88c7d4233e9441f20bd1a2eae62e145667edec7b200b941b6fe8f9b38ca2fa431d2f5259f0da40737ae22b442ad0d3646b36d567821179ae3879760de83b733f8354f4349a28bce99d0bdbfdb76b1f99c36377a1d914eaa4605cd3485121f16616b976eb16152bd9d12d696e445971274f19a0f4623f27ee54f37b8cb4871e4bbafba01de844f5721801051e5080490b5a468ce888eec5fb3ce6bcc372fbddecd9da158d8e5f7d5e1dd18f23273b79afc25521465117c00c73b1763926634de84ae1ec3175e7315925bf1407f1f2c79dff6e1fb989a35cdd48944d472236df642ed37bfdd14d32defc49b16a510694af9c799cf437d3f03ce6f7e7b43a635e6ce16ced8ede88f2701ee01fad48012762eaf00b084e4f9ad13aaa6c4b12eb293a19d55686be64984fdd88127ae2bf6c910c2265daa6602f4b9928e5e4d9064bcd3074bfe169a98d11c2d335007f1dc2bb18f3425eacff85dff20bebf2a991db9ffbec06c34c368df2d9252a2b6dc0a5c60b513b1a256ace4957e0f026d203a8ddee2ae42a9beff97d0ec9c438f171eeb09e9920b8bf2ab1f72bed6e14fa14d64f2f80c9c592ec31672a3fe79b8f94c1d9f516e82418e5f65f15878833b7b0d6a1db26f9ffa434c9f6b9d5a11a1aeb525082deb9be1b956e41504d4535205623f56859a6b967f17c714534c5f63f59cfcc7029d3aacf0fe5cfc80c73a727215840cd347314e9e13c90481f3dee43a299b85dfc382e9ae1f44b3bcfc621ace534914f1d4b887ab2e7d8a4f0e766d5d218962d2e63b9a87cbebcd3ebbfca3fdb27f62dba158206cb69dc32c4d9e42058b436fb5a2b1d6abd42a7c3adf08ed12cdb4b83ed1781f2eef290b094f5d121bee8438de76827cee052fddbd2d8b6ce6804c3f65dab2bf566de482c83251af6a5671414c491663c159e31f684d6ad7464b1720592cebae17b144e0307ea268019ae9ab3a621a3da7c9191c4fd8738bd81fbd8926b02fe3944bfc78c7ff5cd8d29d826ba7c1a5c3ecc221ee9346255a139360c4c22fca20210078742556b95b56a627e3cf4412fa72decb95702f738f11d46a8a786b662094c6e02a1582f9ae2a1d01a96ee7ac42ca9edb041be596352908be399492ead15cc3a190a50d7b813748333006fd6d52bd790306df2380a9cb5364769a82b3506da5abb06855611d1d48ac36fc9ae4c56f70750d4197814487fc596a2e8e909a55c2d6188e25b3990f98ec63c8ff565d08dbf2d3a1ddf08bc4bf80118e46e268b67302f85ee4cbb763bfa11e55c37518c25b277711167ff2142739888d3a5fa10c92661052b8455ca3720c96547f17aba665b065aeef994b75bb9aa86b9696eda676f6ab6ee29f5f963470629cd862868088d17a87ca5c7d03507c7509fa7b54c384930e7ae6d53c790e9d5a66cdabcccb4083374b16965aa8cb991ff06bad41bd89417f83e9e86cdb3f73bbf8faacf47ffab83892a8be74bb942ac408fee1ff9f5a0a786e3d8744fa4e10dc253084942840d8a664f86f80e366aeb8da6283ec6a848d66432e878646c81a6703d52fb44ebaa23c77a2c7d32291458f7e3de982d93874f701108bcb7e1372293db1684eb99a769304e03081fc48bdee388177018b866641d2184b5dad5e126307c9d17a34a24031a44b88c969d3128cbfadf3d1cf502e43b4bf68857d6786ef3b3f10fb75371ea0ef6ba5682a582a3b77cc8e369acf60c9a50c01b52a09e4692efe1384f2c644b3c8fa5f85efd263d63d4f97c8e4751b99acd979c6d38491b8be106e3caea693fb5bd5be2b77902ef677427bc38e0030c3a5fd8ea7f58266c3821a99450ac6a59157f775c07c88b8aa7c28ee41307c738027ff7181023dffc295bec2deb1b1389dce8397aae86b12d2fbef60a5a490c4fe0d2e53b6271b5a6e0cfd6d06bb3619fd85c6bd995aa14292c279f5c47b3ee4c7bf7140f1e0344aa4771a80a411b43c90eca755a4c42c5d16bc1882c5025b3b2b90806167ca2f88b4eba5d4347a8e8d356552b206a101c4bce5cb1a4f1fd052b88705589602160a1f2794735342346d6feb4603e071c6c1b57ddbd966ce5b4f9cd6a2f4b50116bbf33ace2997129d930297a587d664ba2b72a01166da07f5be939894b1b33580e0c9a9a2685a140bec2cb02ccb8dee0d0d1ef31dc16adf14b6f6b3a132619d743683658efe12293e75dfb34f490453802ad26a28f84fcc01621473e7570bf4eceb5582deaf7eca11e70b5a847c84e17eb2f9cd0103865344cfa38493b010b985b579a0a7ac2be627d81014a388fc81b03b4ad9ba3f1a900ca59de76e2388d8ce5d4b9d7f6e75cf336787607de60c861b0853a3591a1ffe2c2c9ade73fc5fe2e4f8724730bcbb15db01a023f00154de68e863277f824ec8f7e4d063ecd8f8decb78d882157f6909c21cca5b5ee88b2757a5784d01175c8bc73b6e80670171f3f3e00f66e61a830144fe547d1724e0fdbf04f474b1cfa51d78df751ad3032524771d233c818b9b7c583762ef115e2b86581d90679d8427ba425fa0ec18b248f574fc385e04194691edc5a65269095cb9c7bfae5ff3c588e189f81aebb4f4630e47e959d07dadfb0610b52b1ec36d36ee58c328951aa793e3e5ab83e4d45b40097327711a2b4db23cf7401b7932bf37a0d87c3ccc1c6b2a3c16fb7e1d934b7e8ef883bd5562ff49d1359dfd956d2ea0019168c9647bb0aee232c39f76e20ef84a85ed9e027637cbc136b9eb2e661ed4baf5b7f461a7e6515bead90ece77b6287038d6e55084863d74d2f56aa7118633aa116e4b4277d9fa97ee89dc3bac40d8bf720c1c92cda53900b8682815e60bd59e510aac17e9bb1cde3c608ed4ee8eff108673e09a58e64a33aaae34d7dce9a436f923f2ee46c09b7bcf00be6847b7604180673534eae0d66c17b24af6eff9341fb72a6a04277ad7a1e18a9c49571e1a6375bafa6c799ad816848c9fc0638b591d29ba996b3747b5e0b4b45dcfc076a2c7cf127cdafd74bbafc0126bb0b062495d06922a8eeb862cc6e3ee03bcbba45cbbd76be1bbba3e9458a1f6aebd5697aefeb9daedd65da2cb5b435a01d4ec69239cfce6fba813ea8ab0c94e2e23e366f066fd7faaaf05fc8b1080ea3e8eee76c85a606f68ac0dd3dc8923faedb2476447d8ab83a09f9faf163a1a70ecd8daaa6ef1f76cfbcab0fd993e0f75fa4a21a8d6e3c7c5bf75bcdda3553d53369c0235feca96d351ecd4a4d0f7efec848ed6436d57f8f9ab601c97af32188b0221b0d5b87fbfc1b6186dbfda6d98995c1d50c2eeb7e708a4365c377cad978632a20861fd280fb681502eaa8c2c903607b37e381bc9787a2fac3c2eb850f609a762d398bfd02a5cf71ae6d2c40e1817937f1dfc0cfad56f8a0a5f252f0e0f70fe7472f957be594ef02ea822281a9c9a406cc6086e147b75bbe58143201e50ccd253b1b995f6e803ab6b8448b8dc106e68d54213577c60158c064fb7ce706c5d22f27f3360639e7e99c5fcb8397260ac63714e1627a0d6ad2b7517380ff374a208810db5e3306c58e9139ee9705bc818064a077aabf06ac0d16", 0x1000, 0x9}, {&(0x7f0000002600)="eecec5919e35cc165c825ad78aeda1f2881acbae6e0e4728b3509c335f0bbc0eeaafc44feb3963ede4a3fe64a1c8237833223b7e47fd9de0b043de25847c8f764d5086e298250c3f3ab71eb95483505bfac28bdedf05e32abde7b0b3b88c88d2f1ae6326d58924d59047882866262ff3ad1845c77dfa8f42d4b4deb725e930ed68feb268e3d9d620aa474eb358146b04a67ee7da7191ee8c35317a98fc4199528e3977ad07bd3cf65e235706969a4aae09d45ef0ad6cfb1716ee2b33a397d906e3e295bf4eb269edce0897b0b579e82d81dd354c8907705b90d755c198f2d6064591f159ac1ff1cb858e5b3ab90b1ea235f5f18acb4ad0b4a3f36c65a44b3a5d9fcf2b32b07a8e75678e5421610a91a1fb2c0534980e0dc7c14de2228993fc45db7602383315153db2742dd9fbf14a6bea0f2608cd75f19ef7de9df0c8436f3146c0cce16e67746c9c5b52b8b86473ee1bf06a1351d4a167379584f8efa75884c5bae5eaca897218488a31fdc3368a511ade1299fc5418be8b9211031b88aee015c826a14f79f6aba35a8fdc5efe73c6ae3d0ae054624a6064100ac57d328ccf2fc70507acf18c56a1371c225ac645f9cec61df86a9e45dff021e6428ba5fae525360ee9edaf11ca88c45b57748418533dd4c1558efc08628d74fbeaa09570f815c80dcac86e9c605e7a59784341bb7b0d11f2773bf3d64c89dea38d3b9e17ecc871118bea39ca0a6b5b38f7f3655220ebf3f060aa777be636cb8ad10868cf64d023203c3bd1f5f663201965bab09dc27def5764b2417fe7f503e7aed9333b6bf3faeb853bd33a7f2f30cd35f585c4ef96e73777a07414818214114fb6787e62bde08109481eebfee9916d0fe6919ae19e906854f912b12568e5be91087f457400de2efdd36042fd618af7b2cb3f01e10350476e9fec59a7ee81801458ed74c0163420a30660a1841882c95e48cd8e8691bba5e50c901c4a3e52ebd4aee39836a831edf2828e74d527794a4c69bb99a8fe6bfe8ce37df2e57e677c8141a5718151f03da52f641cb3a9dc2753fe0c9a1776fca27f5bb6fad291d81256b9dc944ab484bef93578ea3570e1e53a28864d21c12661bff8e551e0f9968fdb8ecd6b360380b23f1214644aefce7c3f4af09550420570a943ac2d85ceb8e2b15791b7e3536f490484a40c0576503ea1baf7d57161e584b6cf0c88de739c96718130e363bec11ae8f12fea7b10d735725a48197a8ec215191856e5ac4bcbb4f7a2e2d67557a0c89c6a0e50649996bfb98253eb2f8327e7fc73c4fe3adcff7abff53b7047a2cf31b5d51359f603403a3879ccdc8fb181487278a7c8d9199d7bb906a151534177a56f6e7ea864d56f4faf0b3834b315bbcbe9479b4c0068387c65d4179cae70240c4d05da2895400e43da7fb46b20bf5bd0910779c581c3b4a2a5868bdbc9de7c044f70e80d9c0aaefa6d1cfed66210d27d28987b57da57572470e0226b7257cf0f4f6f0aafd9a455ee0360a720a90ac5d6413b1b77f2beeab81dd5bbe8aa1950d03818e00c8b00283025f3130dc4f445e784f85bf196e41ade793fd1e49ee272716ff09917f339ac938ad6d451ce57af22c45f6d1520479aa83edb29acea9eaffe51eb0e4d48cd64316fa740a55364af057bdde9f64567814598edbebedf296ead23cfad442e6aa9346f45ba2b062fd947d229ea94dc0b1490f0b0f82e9970328a919063a5b16a87ac614aa083f0e4aacb9e811fa4114a9301582e50ad359244b99e4a8998ae8a5feb48a5d6f99fffb792ab3a5f811717c0239cc7f4748255e0ffd7f2a9fddd038d12eb7215126c84836110df8c334beef683a950b4357f94fdc5ffb70c517e53a1a38d2c79cb6add555bf3cd61f02e4120d62fa8d2297199486a05a658ce21cee53eb62970d25fa7bbcf2bef12b29e64137eea02885dc249b33f1cfde2906177c95406008df3a5c444316a54417a108ac9872257420a544e09ef35d9c4b705eec4daf32e707aeff00f5842fd18931b01af1689005f23f8c2aeb3891feaef6c96a522ff90c3301fc5ae257c2f588bb8ca011bb5a0281deac849c239011465a4b34187ea38ca72bd5c864ca3e7760ff17d1e7e4e442115da91ad4635add1833da7094d83ac1a80315c79402c6349c475ad041fe083151e9b6f316d68bf9355855851f99c68a48425039d52777fba82177a7e46198dc46953e32af3cf8f87f108bb3ea58ee184674b3a60e70c9b040db9b7cf0778a5c9283c8eeaa260cdf6f7303d84fb56e314f2e8cd6ad9727e6bd991d5708bc4420539b1dbab0a4014fcafbd4c5e809be9d9eb6d94c6dcd79854bce7b89c3a34296cff4a75d494a074041b1e6579cce8ca77eb151a244b2a5051b675efa7e1afae171b933fc047712209a4944332d5099c0e23173eaa33ace41080d387741f61d174611392361d1516464cc5645d8cf289f1f6749aea0e22a61735ad3e5c7f6214e5b4116c5ad737b135bfdd55af8d258ee9757a8a9628241fa317ebbeeca13a426af9aaa0099c10daa8772e1fe174649baf1c4d75b6039652536f609ae842a994963df5588e2ee3da246ced9e27e090b910b54dfeafc975ee33993b9cbc97d4df8fb9f98ff3fe319633b29718a218ac4e9f6927f42195dcc04f0d0ef16020c34b589748c9cc41cb1c7b49dd1fe85cfeda5472be353cbbeacd47479eb3cf08d14f1e587f6a59c693e4e9d30f885c2966aef4d6dd9fd1c7610265325c3f3ca975baf3e9855d8429f1831f72845b2d5e0b208177c24f0fec3784d5a808a7c21cd892f9d06dcb7ec7308e7472f89cdb7b20efc41a2657c4a172579057d78eec80e3349345457e891fe7e65e1c2471184faed38fd4a520c59cd54f4550c08c6b388e85b1e237283e20480e0e10ae91e0ec31fe728abf59c586cb69666041303a97158cb899e59638f005abb8f822a122d37a740754997ba4321659ea16e90b1c7524b2cfeb46fa44e5764772714044e94043ee5fc01673d01f627a5aa9609c38839cc26c3bd8586189547015d56560eafc8967cf7e9be51b44c0859e92c45c6501e9c243a855e8290c4b72be5003dc585eea56b76992df51666197f1a28adf8fd5cf30d63065c742329557f99570e13b928d8aaddcb7ef36f7a75c5cb147f5e6f2a0105932536d5a5000333393f467285d05b17d676434a7565f844b5c2b94d610a48cee0e8ffaeb65157672afbc505bd44a5b20a85f69c9b470389cd30ccb52c8fdc5ee2314656836bfdef3d994f26275d49ca8c921e25bea05598ee19722b042bda65f861df676db9d12b52bc59fbc2c2006832d33d0a45a961ce065377f2185e8602918c0f453dce34b18c76b999942040e274975dd236804195e5d302de62482aee80960200fe1f90af189c841119c1e4bdfb9b08f5cf8dba8df766f4ea394911fa4c5d72a14ff1ee5f18b31eb3cf6bbfa7891a605b29efa7f0bfaecbf732c3d7910b1f986de83fc954a89bb2cf83b236e99fd24865d1ff2e5650887d001fedde521f5a58331021323a63ad02f51e4ccf48218689029441d487bd146c46ff9ad2309fdd1befb3b3a48585ae587be3dbe9963ccae60c24d677ba9cfeff8fad08f3e45a505e493ba378faa212f39295ee97e3db17223529fba9586fc80570e3b07ce6c16949fa98b797acb877e739dd03281c085dde297e9332e698cbab120a061b34cc8abbdf08c41f43904d650cecf587834ce398690282c289cd954d7d128c7b6f05f72b4fd6c7713290cee11191822f539a76226a7db4a5f6b33b903d82629d6e4c450e97f61a393a1021891221e0899733e417c5c2a5809fbdb974d6161a88ae5be8bebea28e66cf04c3fd6ffb71b9d3a2624caa641fd573faa25f3af94fe90a97256860fb28f07baca6871cd8b65ad64bddac1c7f288b2b66a9635313ba70f9dd801919c75b6dc987eae9e235950658d9cdc23255dd22beae23a745c8e6d94c9c894f09358a4611019b02a8b875b3c1bfc953cdc3b179440f216162cc96e42b1901fcc7353d3ee287b63a9b513ec8435d14a3cf50810c4d6f61b5483425d2090507fc947ad5fa5de26dd15866afb815cac32757160c4ddc845cf2919cb95479b4834a1bd5007200130cbb74ca6c570801241ce9e02c505f4c12f9f54d7be827b569dd90244edff8b31d37630f92cad041894f443167e83f9d88139160b7e31b234329458407671d06774318f666fcfd45b9baf54ef4244ca207a26fb826603a79a4734aba04cefe007ec3690cee0dd4a5a02b27eeb5b6f7d2a190b065faa0a733ce7efc0e6d87a3de756d32ced351fa043deb33096f4c1d7853e22cb60d360178723bba622f21db5a60f33b080fc0792ee4ef110853d096998e9b228696d7d31c080c63ff05fbdce102268fbf9bef05b1a204910919b4ec06e40d2a36337f681079045773050691fbb7eda9242dbc0ed3eb14216af280875cd1ed7e615a941276291c62fa8f06ffff87ff987024ad2f90d6c864077e58e1c8288d9f25374318615b1ea5a187c908c7334cd7086587f07593834c23572568c45e2f31691ad7975b0d58580840bb888cf2950086f83b200ebbac3bd8468124a243e4659571d602e470f991bcb026c51b832943e1e789fab09c1ee0ff5ffb7239a0ac55dbaa5c5a19a438214217ffc7295bc3c290ef81e48b4b8441a19efd355d534b734d5771ade2c2ec9dc1603e40e165c3dd9e6fe0d873c51c9fca47931c7da99bfc7af11a67ae8745ea4a08cf8d4d209b63d8d17d13a0c8248b9c7a21528654653a3a3085bc95cabbcbec76d34cd6e0d632cf3c9c5935e2ab5a24a5c3b4b5a30da6800d7a588812f449abb10392126f7aa5e4152c43dbd9e6d01473d3061160facc3f545fc6218dae0d913660e097f2b3dedded8aa03d151a7f26bdc5387a8c7b810cda7e9cf872380e222db507c695b695e12130925a82547e54562d3fd58f8421b9eb71efb348c7713c4a56a4315db8aec1ec79d727015ae9ce1d1f72e8158866bfca0f4f648e3c332fdf58be9f6113abe8a67a9dd368f879892a578d5f4cfd247a840aa537b491184908bc03bca06c41da4a44c767adc83b81f5bce05883c58c040e9a5a7ce70fd6948945a39b3112a8da88c5b017c9af349ff0f0a22eedd0f15e8988a0e22fb432e9141e0fc7e387340d8c3a99ea710dc53b28845ba0b90d8c4ff54e04db61ad1d7956711e15b8de15b65076994d7733fc9d7c47ad10ad92013cbbf8385bd84de5d60040b41847e0ba581e6a0178361eb727562267d4a52cea125d55ab19416c9d743d4fb0f05835afaeb8e942781c939300a2a501e9b40417f07533b6bb66e55f0d5b462cc7d517f446670b02c68bacdeff952c1eccbefcede61504eb2245a6fc618715d6a624fc80cc37ba84d2f7da6f8a55481d1cbe928cc6b03dd59b3bb100ca34a2e48fe44d842cb5a41950d3e0696eca3d5e47911601c3a05d3938513f84ebb8cad87371c7b7638df94af69bd80f26900b7f544786fe4326d2ef645feaf15c9fc82a0de2a071e0e07e13fc666155c1e6597b531366d48b8f3a1d6cd70edf25797975b17486abec20cdb1d9f80177651c72feb7b1a55906c0b8152093518e056cf984cdac117ae2b9df99008053da5ff752d7088d822aeaedcaffdc23f1fb2e0aa2f948aad7ec26aeb69b9dc4ab913337e20553fe0eb5ad290171657c564f441444b7716469f83d1cc91f80a24709c2d061678db2914758963d3c8064994e055075c411809ddacb70b541f03cb4ddaa36cf906321b5f95b3ad4b2f71af", 0x1000}, {&(0x7f0000000280)="2c35473bdf7529857ffaa1556f77488640415f76f9e95675228552ca3b56e6ebc004fd7fe3d87844a934afd91fb3ba2edfbd8777172dd5dd932cef7de7f5e9ad077f37f94bdc4b6486cd9742bb41d1766fb172af5fb85a5c88d8eaa6e7dea062bcf65412ed05691cb350290d4d259c1f986f09aaa867b4aa8d9cea5f0aab01e2fda5a8fd1dc80dfeecfc7e17ef60f2872aead70046b5ab1b8b4b34cee7e072aba9fb19fb72577b570e9e93d23b25653a2563717e164a3820d3ad214f7b445f7be3213b51613b25ee8a968f3cb9bb155651365a6a4255514e7ce882d0a138479af7e6ce965c2a7a562af1", 0xea, 0x6}, {&(0x7f0000000440)="93e6aa038211bce836cda390ae9e7bfe898c164a2448d4ccf9aae06af224156c2b6eb44f8f1be0dff3d4ea770ad143c6d8c085c6e6aa16bf2fef754c1dfd43b2db8ee25ecf318a9c9e19fbc84b7d1e1d7ea7ca4bf3bf7b055a392595d168c6b5972f4ca3fd2835fe2096d93b8ce989d0ba47f33d0aa04e689b8e6ed749bdc319731d128e17c199ef2fab9fe599faacd43b13e641893d171d670e8e5360c1a1465b6c8ada6b4b", 0xa6, 0xf20}, {&(0x7f0000000100), 0x0, 0x7}, {&(0x7f0000000140)="27f57281a1a852", 0x7, 0x9}], 0x40, &(0x7f0000000380)={[{@iocharset={'iocharset', 0x3d, 'cp869'}, 0x2c}, {@umask={'umask', 0x3d, [0x37, 0x35, 0x97, 0x31, 0x37, 0x36, 0x37, 0x36, 0x32]}, 0x2c}]}) 2033/05/18 03:34:40 executing program 6: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r2 = dup(r0) setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f00000001c0)={0x8af, {{0xa, 0x4e21, 0xffffffffffff7265, @loopback={0x0, 0x1}, 0x3a692399}}}, 0x88) r3 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="66b9840b00000f320f8a0000a5b82e0a8ed00f210ef40f9a6d0bb800008ed80f01c8653e0f01b20038", 0x29}], 0x1, 0x7a, &(0x7f0000000140), 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x800, 0x0) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1a8, r3) keyctl$update(0x2, r4, &(0x7f0000000600)="df0275", 0x3) [ 328.282525] FAULT_INJECTION: forcing a failure. [ 328.282525] name failslab, interval 1, probability 0, space 0, times 0 [ 328.294204] CPU: 0 PID: 21617 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 328.301144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.310509] Call Trace: [ 328.313107] dump_stack+0x1b9/0x294 [ 328.316749] ? dump_stack_print_info.cold.2+0x52/0x52 [ 328.321962] should_fail.cold.4+0xa/0x1a [ 328.326041] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 328.331159] ? graph_lock+0x170/0x170 [ 328.334976] ? find_held_lock+0x36/0x1c0 [ 328.339059] ? __lock_is_held+0xb5/0x140 [ 328.343141] ? check_same_owner+0x320/0x320 [ 328.347475] ? __mutex_lock+0x7d9/0x17f0 [ 328.351548] ? rcu_note_context_switch+0x710/0x710 [ 328.356480] ? btrfs_open_devices+0x29/0xd0 [ 328.360812] __should_failslab+0x124/0x180 [ 328.365055] should_failslab+0x9/0x14 [ 328.368868] kmem_cache_alloc+0x2af/0x760 [ 328.373038] getname_kernel+0x54/0x370 [ 328.376938] kern_path+0x1e/0x40 [ 328.380297] lookup_bdev+0xfa/0x240 [ 328.383925] ? blkdev_open+0x280/0x280 [ 328.387800] ? lcm+0x80/0x80 [ 328.390806] ? __x64_sys_mount+0xbe/0x150 [ 328.394942] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.400337] blkdev_get_by_path+0x1f/0xe0 [ 328.404479] btrfs_get_bdev_and_sb+0x38/0x300 [ 328.408967] open_fs_devices+0x6a5/0xc60 [ 328.413024] ? merge+0x240/0x240 [ 328.416391] ? btrfs_update_device+0x640/0x640 [ 328.420989] ? rcu_read_lock_sched_held+0x108/0x120 [ 328.426009] btrfs_open_devices+0xc0/0xd0 [ 328.430154] btrfs_mount_root+0x91f/0x1e70 [ 328.434388] ? btrfs_decode_error+0x70/0x70 [ 328.438715] ? save_stack+0x43/0xd0 [ 328.442330] ? __kasan_slab_free+0x11a/0x170 [ 328.446726] ? kasan_slab_free+0xe/0x10 [ 328.450683] ? kfree+0xd9/0x260 [ 328.453949] ? mount_fs+0xae/0x328 [ 328.457476] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 328.462224] ? do_mount+0x564/0x30b0 [ 328.465922] ? ksys_mount+0x12d/0x140 [ 328.469726] ? __x64_sys_mount+0xbe/0x150 [ 328.473860] ? do_syscall_64+0x1b1/0x800 [ 328.477908] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.483260] ? kasan_check_read+0x11/0x20 [ 328.487399] ? do_raw_spin_unlock+0x9e/0x2e0 [ 328.491795] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 328.496369] ? kasan_check_write+0x14/0x20 [ 328.500589] ? do_raw_spin_lock+0xc1/0x200 [ 328.504815] mount_fs+0xae/0x328 [ 328.508168] ? debug_check_no_obj_freed+0x2ff/0x584 [ 328.513176] vfs_kern_mount.part.34+0xd4/0x4d0 [ 328.517750] ? may_umount+0xb0/0xb0 [ 328.521362] ? quarantine_put+0xeb/0x190 [ 328.525412] ? kfree+0x111/0x260 [ 328.528767] ? btrfs_mount+0x831/0x213e [ 328.532732] vfs_kern_mount+0x40/0x60 [ 328.536522] btrfs_mount+0x4a1/0x213e [ 328.540322] ? kasan_check_read+0x11/0x20 [ 328.544454] ? rcu_is_watching+0x85/0x140 [ 328.548595] ? btrfs_remount+0x16f0/0x16f0 [ 328.552823] ? __lockdep_init_map+0x105/0x590 [ 328.557312] ? __lockdep_init_map+0x105/0x590 [ 328.561797] ? lockdep_init_map+0x9/0x10 [ 328.565846] ? __init_waitqueue_head+0x96/0x140 [ 328.570501] ? init_wait_entry+0x1b0/0x1b0 [ 328.574720] ? memcpy+0x45/0x50 [ 328.577999] ? alloc_vfsmnt+0x771/0x9d0 [ 328.581964] ? mnt_free_id.isra.27+0x60/0x60 [ 328.586363] ? kasan_check_read+0x11/0x20 [ 328.590498] ? graph_lock+0x170/0x170 [ 328.594295] ? rcu_pm_notify+0xc0/0xc0 [ 328.598167] ? trace_hardirqs_off+0xd/0x10 [ 328.602403] ? putname+0xf2/0x130 [ 328.605845] ? find_held_lock+0x36/0x1c0 [ 328.609909] ? lock_downgrade+0x8e0/0x8e0 [ 328.614043] ? module_unload_free+0x5b0/0x5b0 [ 328.618529] mount_fs+0xae/0x328 [ 328.621882] ? btrfs_remount+0x16f0/0x16f0 [ 328.626108] ? mount_fs+0xae/0x328 [ 328.629633] ? mpi_free.cold.1+0x19/0x19 [ 328.633685] vfs_kern_mount.part.34+0xd4/0x4d0 [ 328.638256] ? may_umount+0xb0/0xb0 [ 328.641871] ? _raw_read_unlock+0x22/0x30 [ 328.646030] ? __get_fs_type+0x97/0xc0 [ 328.649909] do_mount+0x564/0x30b0 [ 328.653441] ? copy_mount_string+0x40/0x40 [ 328.657659] ? rcu_pm_notify+0xc0/0xc0 [ 328.661541] ? copy_mount_options+0x5f/0x380 [ 328.665955] ? rcu_read_lock_sched_held+0x108/0x120 [ 328.670974] ? kmem_cache_alloc_trace+0x616/0x780 [ 328.675820] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 328.681349] ? copy_mount_options+0x285/0x380 [ 328.685835] ksys_mount+0x12d/0x140 [ 328.689449] __x64_sys_mount+0xbe/0x150 [ 328.693411] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 328.698425] do_syscall_64+0x1b1/0x800 [ 328.702300] ? finish_task_switch+0x1ca/0x840 [ 328.706783] ? syscall_return_slowpath+0x5c0/0x5c0 [ 328.711698] ? syscall_return_slowpath+0x30f/0x5c0 [ 328.716617] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 328.721990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.726827] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.732001] RIP: 0033:0x45843a [ 328.735177] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 328.754497] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 328.762203] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 328.769459] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 328.776714] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 328.783972] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 328.791223] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000035 [ 328.860133] hfs: unable to parse mount options [ 328.883914] hfs: unable to parse mount options 2033/05/18 03:34:41 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x10, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:41 executing program 6: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="0047fc2f07d82c1c240970") r1 = syz_open_procfs(0x0, &(0x7f0000000080)='loginuid\x00') setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f00000000c0)=0x38d, 0x4) timerfd_create(0x0, 0x1f90c83822660673) openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x20000, 0x0) 2033/05/18 03:34:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67d800", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:41 executing program 1 (fault-call:0 fault-nth:54): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:41 executing program 5: r0 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"2e2e000000af340000df8de1f600", 0x4011}) r1 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x4900) ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000080)=0xd325) ioctl$BLKRRPART(r1, 0x125f, 0x0) 2033/05/18 03:34:41 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x180) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000001c0)={{0x1000, 0x0, 0xc, 0x8, 0x7, 0x7d6, 0xa0, 0x800, 0x5, 0x0, 0x9, 0x6}, {0x6000, 0x10001, 0xf, 0xfffffffffffffff8, 0x8000, 0x9, 0x29c2, 0x1, 0x1fc5, 0xffffffffffffffff, 0xfffffffffffffff7, 0x9}, {0x10000, 0x0, 0x9, 0x2, 0xe1b7, 0x8001, 0x8, 0x3f, 0xc4, 0xde, 0x4, 0x536d}, {0x1000, 0x5000, 0xf, 0x5, 0x0, 0x8a30, 0x800000000000000, 0x88, 0x0, 0x5, 0x80, 0x3ff}, {0x0, 0x4, 0xc, 0x1, 0x1f, 0x1ff, 0x3, 0x7, 0x3, 0x9, 0x9, 0x9}, {0x5000, 0x1f000, 0x0, 0x7, 0x200, 0x3, 0x1000, 0x40, 0x80, 0x8, 0x8, 0x10000}, {0x103000, 0x2000, 0xf, 0xfffffffffffffffc, 0x6, 0x20, 0x7, 0x0, 0x9, 0x3, 0x5, 0x1a}, {0x6000, 0xd000, 0x3, 0x2, 0x800, 0x4, 0x27, 0x37c, 0x0, 0x8, 0x4, 0xfffffffffffffff9}, {0x3000, 0x10000}, {0xf000, 0x10002}, 0x80000000, 0x0, 0x0, 0x40001, 0x0, 0x100, 0x5000, [0x5, 0x80000000, 0x20, 0xfffffffffffffff7]}) ioctl$sock_ipx_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000300)={'teql0\x00', {0x4, 0x6, 0x7, "1965158b35c1", 0x9}}) r2 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f0000000100)=0xc) ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000140)=r3) r4 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r5 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r4) keyctl$update(0x2, r5, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:41 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:41 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000100)={0x7, 0x6, 0x41, 0x3, 0x4}, 0x14) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r1, 0x4, 0x2000) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000140)={0x3}, 0x4) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) bind$rds(r2, &(0x7f00000000c0)={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) fcntl$setstatus(r2, 0x4, 0x400) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2033/05/18 03:34:42 executing program 6: r0 = socket$kcm(0x29, 0x200000000002, 0x0) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000140)="5432c27035ebcaec63f0a252479e535beb1b9c35bb6e07e657e5c32c39ca22ab90db84f559d8106d4c66dc763d805b08c35778bb48db9e26b1a30c573e146878eec0e09b661ad1ece712cae23fa8d72506872909e950d5d49e2315ab7bda7d5abf4cd3b8c39ea8588223670eb31f30146409dd8386abf684b901a3d48b35fac8895c46a775d82a41", 0x88, 0xfffffffffffffff9) keyctl$invalidate(0x15, r1) r2 = add_key$user(&(0x7f0000001340)='user\x00', &(0x7f0000001380)={0x73, 0x79, 0x7a}, &(0x7f00000013c0)='x', 0x1, 0xfffffffffffffffd) keyctl$revoke(0x3, r2) ioctl(r0, 0x8912, &(0x7f0000000100)="0042fc2f07d82c99240970") r3 = dup3(r0, r0, 0x80000) r4 = fcntl$dupfd(r0, 0x0, r0) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000080)={0x3a62, 0x20, 0x1, r4}) keyctl$invalidate(0x15, r2) 2033/05/18 03:34:42 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xffffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:42 executing program 5: socket$inet6_dccp(0xa, 0x6, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="100000000008000000000000000000"], 0xffffffffffffffff) 2033/05/18 03:34:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67b500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:42 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x0, 0x20}, &(0x7f0000000100)=0xc) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000140)={r5, 0x7fff}, &(0x7f00000001c0)=0x8) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) [ 329.540280] FAULT_INJECTION: forcing a failure. [ 329.540280] name failslab, interval 1, probability 0, space 0, times 0 [ 329.551758] CPU: 0 PID: 21680 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 329.558694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.568051] Call Trace: [ 329.570654] dump_stack+0x1b9/0x294 [ 329.574304] ? dump_stack_print_info.cold.2+0x52/0x52 [ 329.579504] ? __kernel_text_address+0xd/0x40 [ 329.584013] ? unwind_get_return_address+0x61/0xa0 [ 329.588960] should_fail.cold.4+0xa/0x1a [ 329.593041] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 329.598147] ? save_stack+0xa9/0xd0 [ 329.601768] ? save_stack+0x43/0xd0 [ 329.605389] ? __kmalloc_node+0x47/0x70 [ 329.609354] ? kvmalloc_node+0xbf/0x100 [ 329.613343] ? mount_fs+0xae/0x328 [ 329.616877] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 329.621621] ? vfs_kern_mount+0x40/0x60 [ 329.625583] ? btrfs_mount+0x4a1/0x213e [ 329.629542] ? mount_fs+0xae/0x328 [ 329.633073] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 329.637830] ? find_held_lock+0x36/0x1c0 [ 329.641909] ? check_same_owner+0x320/0x320 [ 329.646219] ? __kmalloc_node+0x33/0x70 [ 329.650186] ? rcu_note_context_switch+0x710/0x710 [ 329.655102] ? rcu_read_lock_sched_held+0x108/0x120 [ 329.660110] __should_failslab+0x124/0x180 [ 329.664337] should_failslab+0x9/0x14 [ 329.668126] kmem_cache_alloc_trace+0x2cb/0x780 [ 329.672783] ? __kmalloc_node+0x47/0x70 [ 329.676755] btrfs_mount_root+0x786/0x1e70 [ 329.681025] ? alloc_vfsmnt+0x771/0x9d0 [ 329.685004] ? btrfs_decode_error+0x70/0x70 [ 329.689337] ? save_stack+0x43/0xd0 [ 329.692954] ? __kasan_slab_free+0x11a/0x170 [ 329.697360] ? kasan_slab_free+0xe/0x10 [ 329.701325] ? kfree+0xd9/0x260 [ 329.704592] ? mount_fs+0xae/0x328 [ 329.708119] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 329.712870] ? do_mount+0x564/0x30b0 [ 329.716567] ? ksys_mount+0x12d/0x140 [ 329.720354] ? __x64_sys_mount+0xbe/0x150 [ 329.724488] ? do_syscall_64+0x1b1/0x800 [ 329.728535] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.733892] ? kasan_check_read+0x11/0x20 [ 329.738207] ? do_raw_spin_unlock+0x9e/0x2e0 [ 329.742604] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 329.747179] ? kasan_check_write+0x14/0x20 [ 329.751401] ? do_raw_spin_lock+0xc1/0x200 [ 329.755630] mount_fs+0xae/0x328 [ 329.758988] ? debug_check_no_obj_freed+0x2ff/0x584 [ 329.764001] vfs_kern_mount.part.34+0xd4/0x4d0 [ 329.768580] ? may_umount+0xb0/0xb0 [ 329.772193] ? quarantine_put+0xeb/0x190 [ 329.776243] ? kfree+0x111/0x260 [ 329.779601] ? btrfs_mount+0x831/0x213e [ 329.783566] vfs_kern_mount+0x40/0x60 [ 329.787357] btrfs_mount+0x4a1/0x213e [ 329.791151] ? kasan_check_read+0x11/0x20 [ 329.795295] ? rcu_is_watching+0x85/0x140 [ 329.799436] ? btrfs_remount+0x16f0/0x16f0 [ 329.803657] ? __lockdep_init_map+0x105/0x590 [ 329.808144] ? __lockdep_init_map+0x105/0x590 [ 329.812630] ? lockdep_init_map+0x9/0x10 [ 329.816678] ? __init_waitqueue_head+0x96/0x140 [ 329.821333] ? init_wait_entry+0x1b0/0x1b0 [ 329.825551] ? memcpy+0x45/0x50 [ 329.828832] ? alloc_vfsmnt+0x771/0x9d0 [ 329.832795] ? mnt_free_id.isra.27+0x60/0x60 [ 329.837204] ? kasan_check_read+0x11/0x20 [ 329.841344] ? graph_lock+0x170/0x170 [ 329.845135] ? rcu_pm_notify+0xc0/0xc0 [ 329.849010] ? trace_hardirqs_off+0xd/0x10 [ 329.853246] ? putname+0xf2/0x130 [ 329.856700] ? find_held_lock+0x36/0x1c0 [ 329.860760] ? lock_downgrade+0x8e0/0x8e0 [ 329.864899] ? module_unload_free+0x5b0/0x5b0 [ 329.869388] mount_fs+0xae/0x328 [ 329.872752] ? btrfs_remount+0x16f0/0x16f0 [ 329.876971] ? mount_fs+0xae/0x328 [ 329.880500] ? mpi_free.cold.1+0x19/0x19 [ 329.884554] vfs_kern_mount.part.34+0xd4/0x4d0 [ 329.889126] ? may_umount+0xb0/0xb0 [ 329.892745] ? _raw_read_unlock+0x22/0x30 [ 329.896898] ? __get_fs_type+0x97/0xc0 [ 329.900779] do_mount+0x564/0x30b0 [ 329.904311] ? copy_mount_string+0x40/0x40 [ 329.908534] ? rcu_pm_notify+0xc0/0xc0 [ 329.912415] ? copy_mount_options+0x5f/0x380 [ 329.916822] ? rcu_read_lock_sched_held+0x108/0x120 [ 329.921829] ? kmem_cache_alloc_trace+0x616/0x780 [ 329.926666] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 329.932200] ? _copy_from_user+0xdf/0x150 [ 329.936345] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.942307] ? copy_mount_options+0x285/0x380 [ 329.946793] ksys_mount+0x12d/0x140 [ 329.950413] __x64_sys_mount+0xbe/0x150 [ 329.954373] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 329.959382] do_syscall_64+0x1b1/0x800 [ 329.963265] ? finish_task_switch+0x1ca/0x840 [ 329.967749] ? syscall_return_slowpath+0x5c0/0x5c0 [ 329.972666] ? syscall_return_slowpath+0x30f/0x5c0 [ 329.977590] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 329.982945] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.987782] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.992957] RIP: 0033:0x45843a [ 329.996127] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 330.015922] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 330.023626] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 330.030880] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 2033/05/18 03:34:42 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:42 executing program 6: sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100)=0x400005, 0x0) ioctl$int_out(0xffffffffffffffff, 0xc0385720, &(0x7f0000000100)) memfd_create(&(0x7f0000000000)='vboxnet0keyringvmnet1{+selinux^eth0selinux\x00', 0x2) 2033/05/18 03:34:42 executing program 5: r0 = socket$inet(0x2, 0x3, 0x2) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x4, 0x20000) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000140)={0x0, 0xfffffffffffffff9}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000001c0)={r2, 0xb7, "c775c0b258bffbf66f615b199850e36b145aca7c28686fa43761d7056ec434e2aefb0667992db1f20ebaaefa3feb58704b1b175b8596f0c610dcae342ecdbb27bedcbd349b90b04600950c14e3c62a6ef181e431acd2cd599eadf652c12d2171e12f09367299605efc44d965c007e7751f9b5e2ae21716437106ae32e58c7ca72084fb1c5248b011345ffef982548fbe642c411d2c1a4017d1cd2096d5be1aa2983334d14ecd78a7c421f12df1e2b4852bcf6635638473"}, &(0x7f0000000280)=0xbf) setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000100)={{&(0x7f0000000080)=""/23, 0x17}, &(0x7f00000000c0)}, 0x20) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000300)={r3, r4/1000+10000}, 0x10) setsockopt$inet_int(r0, 0x0, 0xd1, &(0x7f0000000000)=0xfd, 0x4) [ 330.038220] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 330.045473] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 330.052730] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000036 2033/05/18 03:34:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\v\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:42 executing program 1 (fault-call:0 fault-nth:55): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:42 executing program 6: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = syz_fuse_mount(&(0x7f0000000000)='./file0\x00', 0x4002, 0x0, 0x0, 0x0, 0x0) readahead(r0, 0x8001, 0x9) getxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='security.evm\x00', &(0x7f0000000200)=""/248, 0xf8) r1 = socket$kcm(0x29, 0xfffffffffffffffc, 0x0) ioctl(r1, 0x8912, &(0x7f0000000000)="0047fc2f07d82c1c240970") clone(0x0, &(0x7f0000000700), &(0x7f00000001c0), &(0x7f00000000c0), &(0x7f0000000400)) umount2(&(0x7f00000000c0)='./file0\x00', 0x1000000000000003) [ 330.169420] FAULT_INJECTION: forcing a failure. [ 330.169420] name failslab, interval 1, probability 0, space 0, times 0 [ 330.180727] CPU: 0 PID: 21697 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 330.187656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.197013] Call Trace: [ 330.199611] dump_stack+0x1b9/0x294 [ 330.203249] ? dump_stack_print_info.cold.2+0x52/0x52 [ 330.208445] ? perf_trace_lock_acquire+0xe3/0x980 [ 330.213294] ? unwind_get_return_address+0x61/0xa0 [ 330.218231] should_fail.cold.4+0xa/0x1a [ 330.222295] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 330.227426] ? save_stack+0xa9/0xd0 [ 330.231062] ? save_stack+0x43/0xd0 [ 330.234700] ? __kmalloc_node+0x47/0x70 [ 330.238683] ? kvmalloc_node+0xbf/0x100 [ 330.242664] ? btrfs_mount_root+0x6ef/0x1e70 [ 330.247080] ? mount_fs+0xae/0x328 [ 330.250622] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 330.255375] ? vfs_kern_mount+0x40/0x60 [ 330.259353] ? btrfs_mount+0x4a1/0x213e [ 330.263331] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 330.268094] ? find_held_lock+0x36/0x1c0 [ 330.272191] ? check_same_owner+0x320/0x320 [ 330.276522] ? __kmalloc_node+0x33/0x70 [ 330.280508] ? rcu_note_context_switch+0x710/0x710 [ 330.285446] ? rcu_read_lock_sched_held+0x108/0x120 [ 330.290475] __should_failslab+0x124/0x180 [ 330.294720] should_failslab+0x9/0x14 [ 330.298539] kmem_cache_alloc_trace+0x2cb/0x780 [ 330.303225] ? __kmalloc_node+0x47/0x70 [ 330.307215] btrfs_mount_root+0x786/0x1e70 [ 330.311459] ? alloc_vfsmnt+0x771/0x9d0 [ 330.315446] ? btrfs_decode_error+0x70/0x70 2033/05/18 03:34:42 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa}) recvmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/14, 0xe}, {&(0x7f00000000c0)=""/228, 0xe4}, {&(0x7f00000001c0)=""/211, 0xd3}, {&(0x7f0000000040)=""/16, 0x10}, {&(0x7f00000002c0)=""/89, 0x59}, {&(0x7f0000000340)=""/68, 0x44}, {&(0x7f00000003c0)}, {&(0x7f0000000400)=""/227, 0xe3}, {&(0x7f0000000500)=""/28, 0x1c}], 0x9, 0x0, 0x0, 0x7fffffff}, 0x20) fcntl$setstatus(r1, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000640)) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000003c0)=0x192e, 0x4) sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f0000000680)={0x10}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x26, 0x1, 0x70bd25, 0x25dfdbfb, {0xd}}, 0x14}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000) fcntl$setstatus(r1, 0x4, 0x46800) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000604ffc)) dup2(r1, r3) 2033/05/18 03:34:42 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x6000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 330.319780] ? save_stack+0x43/0xd0 [ 330.323413] ? __kasan_slab_free+0x11a/0x170 [ 330.327827] ? kasan_slab_free+0xe/0x10 [ 330.331801] ? kfree+0xd9/0x260 [ 330.335089] ? mount_fs+0xae/0x328 [ 330.338633] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 330.343385] ? do_mount+0x564/0x30b0 [ 330.347191] ? ksys_mount+0x12d/0x140 [ 330.350995] ? __x64_sys_mount+0xbe/0x150 [ 330.355144] ? do_syscall_64+0x1b1/0x800 [ 330.359209] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.364579] ? kasan_check_read+0x11/0x20 2033/05/18 03:34:42 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt(r0, 0x65, 0x6, &(0x7f0000000000), 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000080)={'rose0\x00', {0x2, 0x4e23}}) sched_setscheduler(r1, 0x7, &(0x7f0000000040)=0x6) [ 330.368727] ? do_raw_spin_unlock+0x9e/0x2e0 [ 330.373137] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 330.377726] ? kasan_check_write+0x14/0x20 [ 330.381961] ? do_raw_spin_lock+0xc1/0x200 [ 330.386205] mount_fs+0xae/0x328 [ 330.389577] ? debug_check_no_obj_freed+0x2ff/0x584 [ 330.394596] vfs_kern_mount.part.34+0xd4/0x4d0 [ 330.399183] ? may_umount+0xb0/0xb0 [ 330.402821] ? quarantine_put+0xeb/0x190 [ 330.406886] ? kfree+0x111/0x260 [ 330.410253] ? btrfs_mount+0x831/0x213e [ 330.414236] vfs_kern_mount+0x40/0x60 [ 330.418048] btrfs_mount+0x4a1/0x213e [ 330.421860] ? kasan_check_read+0x11/0x20 [ 330.426012] ? rcu_is_watching+0x85/0x140 [ 330.430174] ? btrfs_remount+0x16f0/0x16f0 [ 330.434500] ? __lockdep_init_map+0x105/0x590 [ 330.439007] ? __lockdep_init_map+0x105/0x590 [ 330.443514] ? lockdep_init_map+0x9/0x10 [ 330.447582] ? __init_waitqueue_head+0x96/0x140 [ 330.452257] ? init_wait_entry+0x1b0/0x1b0 [ 330.456500] ? memcpy+0x45/0x50 [ 330.459790] ? alloc_vfsmnt+0x771/0x9d0 [ 330.463772] ? mnt_free_id.isra.27+0x60/0x60 [ 330.468197] ? kasan_check_read+0x11/0x20 [ 330.472350] ? graph_lock+0x170/0x170 [ 330.476153] ? rcu_pm_notify+0xc0/0xc0 [ 330.480041] ? trace_hardirqs_off+0xd/0x10 [ 330.484287] ? putname+0xf2/0x130 [ 330.487741] ? find_held_lock+0x36/0x1c0 [ 330.491822] ? lock_downgrade+0x8e0/0x8e0 [ 330.495975] ? module_unload_free+0x5b0/0x5b0 [ 330.500476] mount_fs+0xae/0x328 [ 330.503849] ? btrfs_remount+0x16f0/0x16f0 [ 330.508082] ? mount_fs+0xae/0x328 [ 330.511623] ? mpi_free.cold.1+0x19/0x19 [ 330.515689] vfs_kern_mount.part.34+0xd4/0x4d0 [ 330.520281] ? may_umount+0xb0/0xb0 [ 330.523914] ? _raw_read_unlock+0x22/0x30 [ 330.528064] ? __get_fs_type+0x97/0xc0 [ 330.531962] do_mount+0x564/0x30b0 [ 330.535516] ? copy_mount_string+0x40/0x40 [ 330.539756] ? rcu_pm_notify+0xc0/0xc0 [ 330.543664] ? copy_mount_options+0x5f/0x380 [ 330.548077] ? rcu_read_lock_sched_held+0x108/0x120 [ 330.553098] ? kmem_cache_alloc_trace+0x616/0x780 [ 330.557953] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 330.563491] ? _copy_from_user+0xdf/0x150 [ 330.567655] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.573199] ? copy_mount_options+0x285/0x380 [ 330.577705] ksys_mount+0x12d/0x140 [ 330.581337] __x64_sys_mount+0xbe/0x150 [ 330.585313] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 330.590338] do_syscall_64+0x1b1/0x800 [ 330.594229] ? finish_task_switch+0x1ca/0x840 [ 330.598730] ? syscall_return_slowpath+0x5c0/0x5c0 [ 330.603670] ? syscall_return_slowpath+0x30f/0x5c0 [ 330.608611] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 330.613985] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.618833] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.624020] RIP: 0033:0x45843a [ 330.627201] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 330.646616] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 330.654326] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 330.661593] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 2033/05/18 03:34:43 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x7f, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x11, r1, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000020000e20000000008000000009c20ee930f7874a7ea"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 330.668858] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 330.676123] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 330.683392] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000037 [ 331.252296] device bridge_slave_1 left promiscuous mode [ 331.257905] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.269904] device bridge_slave_0 left promiscuous mode [ 331.275471] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.320645] team0 (unregistering): Port device team_slave_1 removed [ 331.334207] team0 (unregistering): Port device team_slave_0 removed [ 331.346435] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 331.363175] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 331.400569] bond0 (unregistering): Released all slaves 2033/05/18 03:34:44 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000240)=0xc) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(serpent-generic)\x00'}, 0x58) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$VT_RESIZE(r2, 0x5609, &(0x7f0000000640)={0xfff, 0x9, 0x7fffffff}) ioctl(r3, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000028c0), 0x0) getsockname(r2, &(0x7f0000000340)=@pptp={0x0, 0x0, {0x0, @remote}}, &(0x7f0000000440)=0x80) perf_event_open(&(0x7f00000001c0)={0x0, 0x70, 0xfff, 0x6, 0x2, 0x7, 0x0, 0x1000, 0x20000, 0x3, 0x1, 0x5, 0x3ff, 0x1, 0x1, 0x401, 0x6, 0xff, 0x1f06, 0x3, 0x0, 0x4, 0x547, 0x3f, 0x7f, 0x9, 0x76, 0x10000, 0x81, 0x187a, 0x8000, 0x7, 0x5, 0x2, 0xb96, 0x9da, 0x401, 0xfffffffffffffcae, 0x0, 0xf11, 0x4, @perf_config_ext={0x7, 0x800}, 0x800, 0x4, 0x8001, 0x7, 0x7, 0x8, 0x3}, r1, 0xc, r0, 0x3) r4 = syz_open_dev$admmidi(&(0x7f0000000480)='/dev/admmidi#\x00', 0x3f, 0x210080) ioctl$GIO_CMAP(r4, 0x4b70, &(0x7f00000004c0)) r5 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f00000002c0)={0x0, r4}) r6 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r5) rt_sigaction(0x13, &(0x7f0000000080)={0x4042, {0x8b2a}, 0x8000000, 0x401}, 0x0, 0x0, &(0x7f0000000500)) r7 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r6) ioctl(r2, 0x4, &(0x7f0000000540)="2907a778081e986feb4ad7ceefb141b8d9a4cf07449e922c5f4bc5f6f52f152fefa307f737fda2c72680c0ed8a3ae24c837300ee8d5fb92f1917c7a0e664341de52b968378bb5606208dfcad217989f2c64a82a22d5b14eb830562d8282cd4c04327c8e889a761aa50eb3e75e810f1f815b6093f45d72663379f4dc8394dc5bdc4c2e5029fac8aeaa3973221a4ad8b4a46b34fd509f8f04a09790b15e5beb920544fcceea9") r8 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r7) r9 = syz_open_dev$admmidi(&(0x7f0000000300)='/dev/admmidi#\x00', 0x2, 0x0) ioctl$KDDISABIO(r9, 0x4b37) keyctl$join(0x1, 0x0) r10 = memfd_create(&(0x7f0000000040)=']$\'@#\x00', 0x2) getsockopt$netrom_NETROM_T4(r10, 0x103, 0x6, &(0x7f0000000280)=0x7, &(0x7f0000000100)=0x4) keyctl$update(0x2, r8, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:44 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfcfdffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:44 executing program 1 (fault-call:0 fault-nth:56): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67008300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:44 executing program 6: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x420001, 0x0) accept4$bt_l2cap(r0, &(0x7f0000000040), &(0x7f0000000080)=0xe, 0x800) getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000000), &(0x7f00000000c0)=0x2) r1 = request_key(&(0x7f0000000100)='logon\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)='\x00', 0xfffffffffffffff8) r2 = request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000240)=')*.-nodev\x00', 0xfffffffffffffffd) keyctl$unlink(0x9, r1, r2) 2033/05/18 03:34:44 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") fcntl$setpipe(r0, 0x407, 0x2) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0xfffffffffffffffd, 0x31, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000480), &(0x7f00000004c0)=0xc) name_to_handle_at(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="ed00000005000000823189aeb80ed579b668632d6e43a2214f0bf798c959a41a02a757e4361a272668888e60ba1eb90c4b9edc3db6f8df654ed3b148b2ee0d19bdf7b37ca457797a23bdbe501062924c69e66840b01a0e4502b30a6fcda17f6c6e81c017db592605223128240410616593793404ceb391fb07305d709e08de194a47d650c9f468bad02d843deab01f3d53bb0da4e3aed7db85eb56158ac4a0fd466a7e887b55580ccf4cdd320f45846bdb6f00aed038149a27b9fae7d63d81efebe7af9943189d8b98443ea063cf29a4906ec12cf2d72afa6037ae61330440d88d1e5ad29295276f9bc864f52fb2224470e227ec5ac73723d5642ac7872473082b797176986b12463174a6a59fcc1c2c60c29e1672db381bf4e403557a0e06ed082ab4beb2528ac2f990e4a40fd3beebb2fe47fe7b85a3576c9d0858a9"], &(0x7f00000001c0), 0x400) 2033/05/18 03:34:44 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) open(&(0x7f0000000040)='./bus\x00', 0x40000, 0xd0) 2033/05/18 03:34:44 executing program 2: unshare(0x400) r0 = socket(0xa, 0x2, 0x56cb) syncfs(r0) [ 331.619555] FAULT_INJECTION: forcing a failure. [ 331.619555] name failslab, interval 1, probability 0, space 0, times 0 [ 331.630891] CPU: 1 PID: 21731 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 331.637821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.647239] Call Trace: [ 331.649840] dump_stack+0x1b9/0x294 [ 331.653477] ? dump_stack_print_info.cold.2+0x52/0x52 [ 331.658676] ? __save_stack_trace+0x7e/0xd0 [ 331.663014] should_fail.cold.4+0xa/0x1a [ 331.667093] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 331.672210] ? save_stack+0x43/0xd0 [ 331.675844] ? kasan_kmalloc+0xc4/0xe0 [ 331.679735] ? kmem_cache_alloc_trace+0x152/0x780 [ 331.684583] ? btrfs_mount_root+0x786/0x1e70 [ 331.688999] ? mount_fs+0xae/0x328 [ 331.692547] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 331.697311] ? btrfs_mount+0x4a1/0x213e [ 331.701289] ? mount_fs+0xae/0x328 [ 331.704838] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 331.709602] ? do_mount+0x564/0x30b0 [ 331.713322] ? ksys_mount+0x12d/0x140 [ 331.717126] ? __x64_sys_mount+0xbe/0x150 [ 331.721272] ? do_syscall_64+0x1b1/0x800 [ 331.725336] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.730710] ? find_held_lock+0x36/0x1c0 [ 331.734797] ? check_same_owner+0x320/0x320 [ 331.739128] ? rcu_note_context_switch+0x710/0x710 [ 331.744064] __should_failslab+0x124/0x180 [ 331.748306] should_failslab+0x9/0x14 [ 331.752113] kmem_cache_alloc_trace+0x2cb/0x780 [ 331.756782] ? __kmalloc_node+0x47/0x70 [ 331.760766] btrfs_mount_root+0x7e2/0x1e70 [ 331.765003] ? alloc_vfsmnt+0x771/0x9d0 [ 331.768989] ? btrfs_decode_error+0x70/0x70 [ 331.773324] ? save_stack+0x43/0xd0 [ 331.776959] ? __kasan_slab_free+0x11a/0x170 [ 331.781368] ? kasan_slab_free+0xe/0x10 [ 331.785339] ? kfree+0xd9/0x260 [ 331.788616] ? mount_fs+0xae/0x328 [ 331.792153] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 331.796903] ? do_mount+0x564/0x30b0 [ 331.800614] ? ksys_mount+0x12d/0x140 [ 331.804422] ? __x64_sys_mount+0xbe/0x150 [ 331.808566] ? do_syscall_64+0x1b1/0x800 [ 331.812625] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.817987] ? kasan_check_read+0x11/0x20 [ 331.822132] ? do_raw_spin_unlock+0x9e/0x2e0 [ 331.826538] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 331.831118] ? kasan_check_write+0x14/0x20 [ 331.835890] ? do_raw_spin_lock+0xc1/0x200 [ 331.840128] mount_fs+0xae/0x328 [ 331.843494] ? debug_check_no_obj_freed+0x2ff/0x584 [ 331.848510] vfs_kern_mount.part.34+0xd4/0x4d0 [ 331.853090] ? may_umount+0xb0/0xb0 [ 331.856714] ? quarantine_put+0xeb/0x190 [ 331.860774] ? kfree+0x111/0x260 [ 331.864137] ? btrfs_mount+0x831/0x213e [ 331.868109] vfs_kern_mount+0x40/0x60 [ 331.871907] btrfs_mount+0x4a1/0x213e [ 331.875706] ? retint_kernel+0x10/0x10 [ 331.879594] ? kasan_check_read+0x11/0x20 [ 331.883740] ? rcu_is_watching+0x85/0x140 [ 331.887891] ? btrfs_remount+0x16f0/0x16f0 [ 331.892125] ? __lockdep_init_map+0x105/0x590 [ 331.896620] ? __lockdep_init_map+0x105/0x590 [ 331.901117] ? lockdep_init_map+0x9/0x10 [ 331.905179] ? __init_waitqueue_head+0x96/0x140 [ 331.909846] ? init_wait_entry+0x1b0/0x1b0 [ 331.914075] ? memcpy+0x45/0x50 [ 331.917360] ? alloc_vfsmnt+0x771/0x9d0 [ 331.921329] ? mnt_free_id.isra.27+0x60/0x60 [ 331.925736] ? kasan_check_read+0x11/0x20 [ 331.929879] ? graph_lock+0x170/0x170 [ 331.933679] ? rcu_pm_notify+0xc0/0xc0 [ 331.937602] ? trace_hardirqs_off+0xd/0x10 [ 331.941871] ? putname+0xf2/0x130 [ 331.945323] ? find_held_lock+0x36/0x1c0 [ 331.949388] ? lock_downgrade+0x8e0/0x8e0 [ 331.953539] ? module_unload_free+0x5b0/0x5b0 [ 331.958121] mount_fs+0xae/0x328 [ 331.961481] ? btrfs_remount+0x16f0/0x16f0 [ 331.965709] ? mount_fs+0xae/0x328 [ 331.969245] ? mpi_free.cold.1+0x19/0x19 [ 331.973305] vfs_kern_mount.part.34+0xd4/0x4d0 [ 331.977885] ? may_umount+0xb0/0xb0 [ 331.981514] ? _raw_read_unlock+0x22/0x30 [ 331.985658] ? __get_fs_type+0x97/0xc0 [ 331.989550] do_mount+0x564/0x30b0 [ 331.993101] ? copy_mount_string+0x40/0x40 [ 331.997336] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 332.002357] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 332.007117] ? retint_kernel+0x10/0x10 [ 332.011007] ? copy_mount_options+0x1f0/0x380 [ 332.015586] ? copy_mount_options+0x1fd/0x380 [ 332.020080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.025616] ? copy_mount_options+0x285/0x380 [ 332.030113] ksys_mount+0x12d/0x140 [ 332.033738] __x64_sys_mount+0xbe/0x150 [ 332.037712] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 332.042727] do_syscall_64+0x1b1/0x800 [ 332.046610] ? finish_task_switch+0x1ca/0x840 [ 332.051102] ? syscall_return_slowpath+0x5c0/0x5c0 [ 332.056032] ? syscall_return_slowpath+0x30f/0x5c0 [ 332.060960] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 332.066341] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.071201] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.076384] RIP: 0033:0x45843a [ 332.079562] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 332.098924] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 332.106629] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 332.113895] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 2033/05/18 03:34:44 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r1 = accept$inet(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000180)={0x0, 0x65, "fe8aaaebd7af0b5e1d0d1044eb912da2f3b22d3b80206b9a9febb7825b8a1606ae35c8670c158f41973147842b8602c68e838c5ac275b25ffcf492fa48de41ca85ae4dbde65042a87022f3056c5a9f9fb30a1aa2be01e27f1c36c3decabf5916f92153ce9f"}, &(0x7f0000000280)=0x6d) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000002c0)={r2, 0xbf, "edce1e37a943ea0e0869e80e7d297e56ef228403cdb299788ef2b2e522941f6bd458e8c634f347135a9cedeb1c31e64458aa5bdde009aa84c72b468f57db98fb3f6b27d64e7e605720b0776be462dd96ce9feb0acfa49f5f23cea53aefb1a10b27bc653ad13d370c49e3127ce529381ec643e757de9b9a0d887771d731d950dbd494a3512054718f4706c747e8e490e18e637a1373a4b222c765134c11517e1cfb44de691d23c2c76facbe5ca8836f7603b41cabf656d7c7d789c6b9418aae"}, &(0x7f00000003c0)=0xc7) r3 = accept$alg(r0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008400)=[{{&(0x7f0000003a00)=@ax25, 0x80, &(0x7f0000003d80)=[{&(0x7f0000003a80)=""/69, 0x45}, {&(0x7f0000003b00)=""/163, 0xa3}, {&(0x7f0000003bc0)=""/120, 0x78}, {&(0x7f0000003c80)=""/56, 0x38}, {&(0x7f0000003cc0)=""/148, 0x94}, {&(0x7f0000006ec0)=""/4096, 0x1000}], 0x6, &(0x7f0000007ec0)=""/215, 0xd7}}], 0x1, 0x0, &(0x7f00000085c0)={0x77359400}) sendmmsg$alg(r3, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r3, &(0x7f0000000000)={&(0x7f0000000040)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000002840)=""/4096, 0x139f}], 0x1, &(0x7f0000fb3fa9)=""/87, 0xfffffffffffffce7}, 0x0) 2033/05/18 03:34:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000003, 0x2000000000000008) ioctl(r0, 0x48910, &(0x7f0000000140)="8ffe8dd833a006630047fc2f07d82c99240970fe82c3b206b327c19aa6e6febdc86ea090bb6ce3e244d9512e4b706553939de844c8aff15e5222e038b4c567aaf33ece9b684aeac3997f9bf93deda7967638e98cf504dc651a4199") getsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000000), &(0x7f0000000080)=0x4) 2033/05/18 03:34:44 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x80c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000240)="f3a7c245b1e6ea2fa3437a32385146534ec4160fdcc342dcc1cb6a511c0107dbfc3c9e6e60c1f8477edc8b4bfbd975407d56cd95ba00275af2de76724efd97e0509d0493893e16a09fc96ba1d3653a8943d3aa9dc07db3ef7120e879ff00000000000000aa7a96c74ce128fba8975fd4349bbd8ccbf91a44", 0xfffffffffffffee2, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000a500", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 332.121162] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 332.128426] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 332.135688] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000038 2033/05/18 03:34:44 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xf6ffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:44 executing program 1 (fault-call:0 fault-nth:57): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:44 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x2000001, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x800, 0x0) connect$nfc_raw(r1, &(0x7f0000000140)={0x27, 0x1}, 0x10) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x30, &(0x7f0000000700)=ANY=[], 0x0) r3 = socket(0x11, 0x100000803, 0x0) r4 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000100)={"6966623000faffffffffffffff00", 0x801}) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'ifb0\x00'}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x6000, 0x0) close(r0) 2033/05/18 03:34:44 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) r4 = getpgrp(0xffffffffffffffff) ptrace(0x4207, r4) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:44 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfffffff6, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 332.344548] FAULT_INJECTION: forcing a failure. [ 332.344548] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 332.356422] CPU: 1 PID: 21776 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 332.363351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.372707] Call Trace: [ 332.375306] dump_stack+0x1b9/0x294 [ 332.378954] ? dump_stack_print_info.cold.2+0x52/0x52 [ 332.384166] should_fail.cold.4+0xa/0x1a [ 332.388238] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 332.393356] ? debug_check_no_locks_freed+0x310/0x310 [ 332.398536] ? kasan_check_write+0x14/0x20 [ 332.402759] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 332.407680] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.413201] ? iput+0x632/0xa80 [ 332.416481] ? inode_add_lru+0x290/0x290 [ 332.420529] ? btrfs_close_devices+0x150/0x150 [ 332.425100] ? perf_trace_lock_acquire+0xe3/0x980 [ 332.429934] ? kasan_check_write+0x14/0x20 [ 332.434159] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 332.439078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.444605] ? should_fail+0x21b/0xbcd [ 332.448489] __alloc_pages_nodemask+0x34e/0xd70 [ 332.453152] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 332.458161] ? bd_set_size+0x370/0x370 [ 332.462043] ? find_held_lock+0x36/0x1c0 [ 332.466110] ? check_same_owner+0x320/0x320 [ 332.470426] ? do_raw_spin_lock+0xc1/0x200 [ 332.474650] cache_grow_begin+0x6e/0x6c0 [ 332.478709] kmem_cache_alloc_node_trace+0x692/0x770 [ 332.483809] ? __free_pages+0x106/0x180 [ 332.487784] __kmalloc_node+0x33/0x70 [ 332.491572] kvmalloc_node+0xbf/0x100 [ 332.495365] btrfs_mount_root+0x6ef/0x1e70 [ 332.499583] ? alloc_vfsmnt+0x771/0x9d0 [ 332.503551] ? btrfs_decode_error+0x70/0x70 [ 332.507866] ? save_stack+0x43/0xd0 [ 332.511476] ? __kasan_slab_free+0x11a/0x170 [ 332.515868] ? kasan_slab_free+0xe/0x10 [ 332.519832] ? kfree+0xd9/0x260 [ 332.523097] ? mount_fs+0xae/0x328 [ 332.526623] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 332.531371] ? do_mount+0x564/0x30b0 [ 332.535067] ? ksys_mount+0x12d/0x140 [ 332.538860] ? __x64_sys_mount+0xbe/0x150 [ 332.542993] ? do_syscall_64+0x1b1/0x800 [ 332.547043] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.552405] ? kasan_check_read+0x11/0x20 [ 332.556539] ? do_raw_spin_unlock+0x9e/0x2e0 [ 332.560934] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 332.565513] ? kasan_check_write+0x14/0x20 [ 332.569735] ? do_raw_spin_lock+0xc1/0x200 [ 332.573961] mount_fs+0xae/0x328 [ 332.577314] ? debug_check_no_obj_freed+0x2ff/0x584 [ 332.582328] vfs_kern_mount.part.34+0xd4/0x4d0 [ 332.586897] ? may_umount+0xb0/0xb0 [ 332.590507] ? quarantine_put+0xeb/0x190 [ 332.594556] ? kfree+0x111/0x260 [ 332.597907] ? btrfs_mount+0x831/0x213e [ 332.601871] vfs_kern_mount+0x40/0x60 [ 332.605661] btrfs_mount+0x4a1/0x213e [ 332.609450] ? kasan_check_read+0x11/0x20 [ 332.613583] ? rcu_is_watching+0x85/0x140 [ 332.617725] ? btrfs_remount+0x16f0/0x16f0 [ 332.621946] ? __lockdep_init_map+0x105/0x590 [ 332.626428] ? __lockdep_init_map+0x105/0x590 [ 332.630909] ? lockdep_init_map+0x9/0x10 [ 332.634956] ? __init_waitqueue_head+0x96/0x140 [ 332.639613] ? init_wait_entry+0x1b0/0x1b0 [ 332.643831] ? memcpy+0x45/0x50 [ 332.647105] ? alloc_vfsmnt+0x771/0x9d0 [ 332.651063] ? mnt_free_id.isra.27+0x60/0x60 [ 332.655459] ? kasan_check_read+0x11/0x20 [ 332.659589] ? graph_lock+0x170/0x170 [ 332.663376] ? rcu_pm_notify+0xc0/0xc0 [ 332.667247] ? trace_hardirqs_off+0xd/0x10 [ 332.671476] ? putname+0xf2/0x130 [ 332.674917] ? find_held_lock+0x36/0x1c0 [ 332.678972] ? lock_downgrade+0x8e0/0x8e0 [ 332.683109] ? module_unload_free+0x5b0/0x5b0 [ 332.687595] mount_fs+0xae/0x328 [ 332.690949] ? btrfs_remount+0x16f0/0x16f0 [ 332.695176] ? mount_fs+0xae/0x328 [ 332.698704] ? mpi_free.cold.1+0x19/0x19 [ 332.702757] vfs_kern_mount.part.34+0xd4/0x4d0 [ 332.707327] ? may_umount+0xb0/0xb0 [ 332.710940] ? _raw_read_unlock+0x22/0x30 [ 332.715071] ? __get_fs_type+0x97/0xc0 [ 332.718955] do_mount+0x564/0x30b0 [ 332.722479] ? interrupt_entry+0xb1/0xf0 [ 332.726537] ? copy_mount_string+0x40/0x40 [ 332.730761] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 332.735507] ? retint_kernel+0x10/0x10 [ 332.739387] ? copy_mount_options+0x213/0x380 [ 332.743871] ? write_comp_data+0xa/0x70 [ 332.747831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.753353] ? copy_mount_options+0x285/0x380 [ 332.757838] ksys_mount+0x12d/0x140 [ 332.761462] __x64_sys_mount+0xbe/0x150 [ 332.765423] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 332.770426] do_syscall_64+0x1b1/0x800 [ 332.774299] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 332.779129] ? syscall_return_slowpath+0x5c0/0x5c0 [ 332.784044] ? syscall_return_slowpath+0x30f/0x5c0 [ 332.788964] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 332.794328] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.799161] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.804339] RIP: 0033:0x45843a [ 332.807510] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 332.826838] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 332.834536] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a 2033/05/18 03:34:45 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x600000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:45 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r1 = accept$inet(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000180)={0x0, 0x65, "fe8aaaebd7af0b5e1d0d1044eb912da2f3b22d3b80206b9a9febb7825b8a1606ae35c8670c158f41973147842b8602c68e838c5ac275b25ffcf492fa48de41ca85ae4dbde65042a87022f3056c5a9f9fb30a1aa2be01e27f1c36c3decabf5916f92153ce9f"}, &(0x7f0000000280)=0x6d) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000002c0)={r2, 0xbf, "edce1e37a943ea0e0869e80e7d297e56ef228403cdb299788ef2b2e522941f6bd458e8c634f347135a9cedeb1c31e64458aa5bdde009aa84c72b468f57db98fb3f6b27d64e7e605720b0776be462dd96ce9feb0acfa49f5f23cea53aefb1a10b27bc653ad13d370c49e3127ce529381ec643e757de9b9a0d887771d731d950dbd494a3512054718f4706c747e8e490e18e637a1373a4b222c765134c11517e1cfb44de691d23c2c76facbe5ca8836f7603b41cabf656d7c7d789c6b9418aae"}, &(0x7f00000003c0)=0xc7) r3 = accept$alg(r0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008400)=[{{&(0x7f0000003a00)=@ax25, 0x80, &(0x7f0000003d80)=[{&(0x7f0000003a80)=""/69, 0x45}, {&(0x7f0000003b00)=""/163, 0xa3}, {&(0x7f0000003bc0)=""/120, 0x78}, {&(0x7f0000003c80)=""/56, 0x38}, {&(0x7f0000003cc0)=""/148, 0x94}, {&(0x7f0000006ec0)=""/4096, 0x1000}], 0x6, &(0x7f0000007ec0)=""/215, 0xd7}}], 0x1, 0x0, &(0x7f00000085c0)={0x77359400}) sendmmsg$alg(r3, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r3, &(0x7f0000000000)={&(0x7f0000000040)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000002840)=""/4096, 0x139f}], 0x1, &(0x7f0000fb3fa9)=""/87, 0xfffffffffffffce7}, 0x0) 2033/05/18 03:34:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000fa00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 332.841788] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 332.849040] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 332.856292] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 332.863545] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000039 [ 334.601253] IPVS: ftp: loaded support on port[0] = 21 [ 334.716422] device bridge_slave_1 left promiscuous mode [ 334.722077] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.754195] device bridge_slave_0 left promiscuous mode [ 334.759752] bridge0: port 1(bridge_slave_0) entered disabled state [ 334.821932] team0 (unregistering): Port device team_slave_1 removed [ 334.834248] team0 (unregistering): Port device team_slave_0 removed [ 334.846243] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 334.928189] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 334.969878] bond0 (unregistering): Released all slaves [ 335.766825] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.773243] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.802898] device bridge_slave_0 entered promiscuous mode [ 335.882071] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.888474] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.911949] device bridge_slave_1 entered promiscuous mode [ 335.983592] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 336.059603] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 336.283361] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 336.366485] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 336.659104] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 336.672674] team0: Port device team_slave_0 added [ 336.741495] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 336.756643] team0: Port device team_slave_1 added [ 336.814512] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 336.853664] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 336.891430] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 336.898623] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 336.913683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 336.944667] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 336.951837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 336.962944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 337.319120] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.325591] bridge0: port 2(bridge_slave_1) entered forwarding state [ 337.332271] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.338831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 337.346381] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 338.079106] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 338.686583] 8021q: adding VLAN 0 to HW filter on device bond0 [ 338.812310] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 338.936443] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 338.943128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 338.959286] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 339.079075] 8021q: adding VLAN 0 to HW filter on device team0 2033/05/18 03:34:52 executing program 6: openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) 2033/05/18 03:34:52 executing program 2: r0 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"000600000000000000000900", 0x10103}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f00000000c0)='./file0\x00', 0xccf, 0x3, &(0x7f0000000300)=[{&(0x7f0000000100)="c575285007fb942aeea6", 0xa, 0x3}, {&(0x7f0000000140)="6c04763f4e5c0628fe67a7ae3885b6a0d23b94ea74849bea0ec081c0190a2c5634e25c31927d581750935bbb75f4045ebdef56af078d5e4315259c7ef328286cb912c1745dd2c575f6f1ee96afcb5888aa8b0f452a7fb97fda9ad0f4520ea29c24a1398013374b145df687d64ba9e1bbaca191286de5806ac23f8ccc8b6522687b6eea0b87c6f86be9471d", 0x8b, 0x6}, {&(0x7f0000000200)="0933ecc1e10b8519275637ade090e4fec11eafc980f995a294bb5fec44a542110a398c3da8ca7476411f5e878676f13e2b974c0e18709f8c2734337eb5d3c26929d0531c1865c2e5605a6f1cd83e74138b1a9c39302d1fe32edadd67b717072e0bb5a5864e93bbe8eac1828b7c1cf4807d5f1f272356b5d5430f1c87566ba13be86a75c9f848ded80ac6c4bc48c9a13100dd879da1c01b0b795b20acd18d87e04ae80a665ae4642cdfd5f2edbc782fe5c0b6e53294e720b8c78498728622704afbdd4622aa90acc538995fb9a3", 0xcd, 0x4}], 0xc0, &(0x7f0000000380)='/dev/net/tun\x00') socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f00000003c0)) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) 2033/05/18 03:34:52 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x8000000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670e00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:52 executing program 1 (fault-call:0 fault-nth:58): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x80000, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r2 = getpgid(0x0) sched_setscheduler(r2, 0x1, &(0x7f0000000140)=0x8) preadv(r1, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r3 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xb3, 0x7d, &(0x7f0000000180)="5e925d95f5e2dc53d424f4be362361337cee411f3c63b0dce20c3f8422eabdf05d1462189cd69113f964ff12d2743273c90265e2c5b9eab023b2925d483f108199d5fd6dd3ed4baea2e5f8457dbd4b12e4a0b470abd70c7774bf9beda8775229cf941a70a275b53f2d394f487428f16dfec2250876e367b4563e64ef991d7e6f414722f57907b4c566f0c5bc3db42d1f88bf661e8e7cc43390dae2e0bbad0bb93c5903c7faca27a99dcd1b16e45f7f2755fd2b", &(0x7f00000000c0)=""/125, 0x1}, 0x28) r4 = open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000040)={0x0, 0x0, [0x8, 0x3, 0x3, 0x5]}) 2033/05/18 03:34:52 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000002c0)="20007fc01e0fb401000000000000000000000000000000000000", 0x1a, r2) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x400000, 0x0) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="cdb04e9bd59bab682326051141136f38453969b9a2b7617c9200f59d8842713de4ad28c32f7d23bb155191", 0x2b) ioctl(r4, 0x3ff, &(0x7f00000001c0)="fe8af7706e9bb2c12bb748f86489d4126dec50db5151e639f0bb641408528e9929bf1da2a46ab5f9d932d48dea8006eac694ad5b826ae3a00eb4888ade76b554ef083ecf764f4215056c2a06ea64a07735e4fc757ac409f1c83077b18374dfb3cfa5610d3de5d64f3da0f3ed382c576720c90a7974eee646355ed4ac9182b27bcc446cd43451603fb108e830da70b195d7d1f9a35643c1ea") 2033/05/18 03:34:52 executing program 5: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") sendmmsg(r0, &(0x7f0000007fc0)=[{{&(0x7f0000000c80)=@can={0x1d}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000000)="f3ce246f846fa2cc92676843fc2eb0f9074c09a7441e7d25d861f68d57c045bc43d1419120cde6f61ac80aff878b4d41c5bf2b8c6c0de3fca2218a964f342b4ee78d1ef6e0a5f207896867943765c630de6510d3a0ae284ed82c2caa147cb03ba61ae1493084a6df4055b9a17dbf525204fe519ec6630b9c1fe943a97afc9f3b8dced3a3e9e077515c39542a423ec8388a20e9cfd3adada7383d6909ca56321b40b2d49613adb9a7610d90066542f993769e5856d8ff75164666d0aa8a1079f7b71e652a2ecd5000745ba269538415f292a7ef1cad9f452186403ecd166dfc6a9e3e725271", 0xe5}, {&(0x7f0000000100)="8adc890c68cd36f04968b506fd8eb65b579cc9c89656e9650e22c1178d4c4d5bbfa092702345a8e8ada720c1fc997fcfda7af39b6d83d5bcce53dadf9fceb4b94589ce9187fd1b3c939f2e67c644421156d842b465c7bfae22a6f087b3b0df150f7614972301627b5cc38d33bec2fcd23a", 0x71}, {&(0x7f0000000180)="c92a324dd8a268fa59f4d7f6293655c635575ed22f03c66913722ed4d278d772edd6973c3a6126c2e9039d0d628621c340af468255498ab2979312bfe03100e19a413b09b9ffd91a1e76a7178e400a8aadcbb75fa568c76fbc32d46a5fafa6e4d1430c1969ba2d1c845713a16d16a601d3b38cceeaca25038ecb7ec26a38443c0a94c8a6a7f52b476c", 0x89}, {&(0x7f0000000280)="a1ce13bdee8a2890b0ed9763db2b19e9e7155b16d28de9cee7788ad30afb0a6a749f50893e74bfc505ca33aa58872a0d1f3c79775ac7b7e57b2cebb914f685bccfaff98d82690b2384f572c451f3b0410cb31043ad175c9dd68442c963a883f9e2e5f2483116aedfed32d7f71ba049752a41081ccb2f9b7b40486f2be8fdb82d64c864a22accc559e247e0ef71a19e12541b01984b538c18a48f73d407fb333f14caed40e2727562e47e0021524f5611800a05a8ab598fe472d13dd7a9a8773805c669996776d1", 0xc7}, {&(0x7f0000000380)}, {&(0x7f00000003c0)="64eaedbf25cf66676d3734c148689a4c82a8b9ecb67a4aa00460854e025f6b6db87fba4abb1e3d8dffe9ab4db02b0a7899f8a778abf513c67199674cd290de3215141740057448075126f7557fc3cc2e4a38723ec7a38f7769a7d8f32bc77aef292b61d409e08be6b759e8ffd03efc82510f82b5f75d1fb0d41ac31b3cfb6dbf92a931a32502f13539cb4f80791fee94b037a3648cb39790", 0x98}], 0x6, &(0x7f0000004180)}}, {{&(0x7f0000004440)=@can={0x1d}, 0x80, &(0x7f0000004640), 0x0, &(0x7f0000004680)}}, {{0x0, 0x0, &(0x7f0000007e00)=[{&(0x7f0000006e00)='%', 0x1}], 0x1, &(0x7f0000007e40)}}], 0x3, 0x0) [ 339.897550] FAULT_INJECTION: forcing a failure. [ 339.897550] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 339.909413] CPU: 0 PID: 22065 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 339.916350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.925709] Call Trace: [ 339.928311] dump_stack+0x1b9/0x294 [ 339.931963] ? dump_stack_print_info.cold.2+0x52/0x52 [ 339.937179] should_fail.cold.4+0xa/0x1a [ 339.941254] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 339.946465] ? debug_check_no_locks_freed+0x310/0x310 [ 339.951647] ? rcu_is_watching+0x85/0x140 [ 339.955783] ? rcu_report_qs_rnp+0x790/0x790 [ 339.960178] ? rcu_report_qs_rnp+0x790/0x790 [ 339.964581] ? is_bpf_text_address+0xd7/0x170 [ 339.969065] ? kernel_text_address+0x79/0xf0 [ 339.973461] ? __unwind_start+0x166/0x330 [ 339.977601] ? perf_trace_lock_acquire+0xe3/0x980 [ 339.982431] ? __save_stack_trace+0x7e/0xd0 [ 339.986751] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 339.992710] ? should_fail+0x21b/0xbcd [ 339.996590] __alloc_pages_nodemask+0x34e/0xd70 [ 340.001843] ? kasan_kmalloc+0xc4/0xe0 [ 340.005719] ? kmem_cache_alloc_trace+0x152/0x780 [ 340.010548] ? btrfs_mount_root+0x786/0x1e70 [ 340.014949] ? mount_fs+0xae/0x328 [ 340.018481] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 340.023497] ? ksys_mount+0x12d/0x140 [ 340.027288] ? do_syscall_64+0x1b1/0x800 [ 340.031340] ? find_held_lock+0x36/0x1c0 [ 340.035412] ? check_same_owner+0x320/0x320 [ 340.039728] cache_grow_begin+0x6e/0x6c0 [ 340.043785] kmem_cache_alloc_trace+0x6a5/0x780 [ 340.048452] btrfs_mount_root+0x7e2/0x1e70 [ 340.052673] ? alloc_vfsmnt+0x771/0x9d0 [ 340.056641] ? btrfs_decode_error+0x70/0x70 [ 340.060960] ? save_stack+0x43/0xd0 [ 340.064571] ? __kasan_slab_free+0x11a/0x170 [ 340.068975] ? kasan_slab_free+0xe/0x10 [ 340.072939] ? kfree+0xd9/0x260 [ 340.076208] ? mount_fs+0xae/0x328 [ 340.079740] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 340.084480] ? do_mount+0x564/0x30b0 [ 340.088181] ? ksys_mount+0x12d/0x140 [ 340.091967] ? __x64_sys_mount+0xbe/0x150 [ 340.096100] ? do_syscall_64+0x1b1/0x800 [ 340.100158] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.105510] ? kasan_check_read+0x11/0x20 [ 340.109643] ? do_raw_spin_unlock+0x9e/0x2e0 [ 340.114041] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 340.118611] ? kasan_check_write+0x14/0x20 [ 340.122830] ? do_raw_spin_lock+0xc1/0x200 [ 340.127059] mount_fs+0xae/0x328 [ 340.130412] ? debug_check_no_obj_freed+0x2ff/0x584 [ 340.135416] vfs_kern_mount.part.34+0xd4/0x4d0 [ 340.139987] ? may_umount+0xb0/0xb0 [ 340.143599] ? quarantine_put+0xeb/0x190 [ 340.147646] ? kfree+0x111/0x260 [ 340.150996] ? btrfs_mount+0x831/0x213e [ 340.154965] vfs_kern_mount+0x40/0x60 [ 340.158753] btrfs_mount+0x4a1/0x213e [ 340.162543] ? kasan_check_read+0x11/0x20 [ 340.166680] ? rcu_is_watching+0x85/0x140 [ 340.170821] ? btrfs_remount+0x16f0/0x16f0 [ 340.175041] ? __lockdep_init_map+0x105/0x590 [ 340.179524] ? __lockdep_init_map+0x105/0x590 [ 340.184011] ? lockdep_init_map+0x9/0x10 [ 340.188065] ? __init_waitqueue_head+0x96/0x140 [ 340.192731] ? init_wait_entry+0x1b0/0x1b0 [ 340.196958] ? memcpy+0x45/0x50 [ 340.200232] ? alloc_vfsmnt+0x771/0x9d0 [ 340.204192] ? mnt_free_id.isra.27+0x60/0x60 [ 340.208588] ? kasan_check_read+0x11/0x20 [ 340.212720] ? graph_lock+0x170/0x170 [ 340.216507] ? rcu_pm_notify+0xc0/0xc0 [ 340.220379] ? trace_hardirqs_off+0xd/0x10 [ 340.224605] ? putname+0xf2/0x130 [ 340.228051] ? find_held_lock+0x36/0x1c0 [ 340.232106] ? lock_downgrade+0x8e0/0x8e0 [ 340.236240] ? module_unload_free+0x5b0/0x5b0 [ 340.240729] mount_fs+0xae/0x328 [ 340.244081] ? btrfs_remount+0x16f0/0x16f0 [ 340.248313] ? mount_fs+0xae/0x328 [ 340.251843] ? mpi_free.cold.1+0x19/0x19 [ 340.255894] vfs_kern_mount.part.34+0xd4/0x4d0 [ 340.260467] ? may_umount+0xb0/0xb0 [ 340.264081] ? _raw_read_unlock+0x22/0x30 [ 340.268212] ? __get_fs_type+0x97/0xc0 [ 340.272093] do_mount+0x564/0x30b0 [ 340.275616] ? do_raw_spin_unlock+0x9e/0x2e0 [ 340.280021] ? copy_mount_string+0x40/0x40 [ 340.284255] ? rcu_pm_notify+0xc0/0xc0 [ 340.288143] ? copy_mount_options+0x5f/0x380 [ 340.292537] ? rcu_read_lock_sched_held+0x108/0x120 [ 340.297539] ? kmem_cache_alloc_trace+0x616/0x780 [ 340.302370] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.307908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.313439] ? copy_mount_options+0x285/0x380 [ 340.317928] ksys_mount+0x12d/0x140 [ 340.321543] __x64_sys_mount+0xbe/0x150 [ 340.325502] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 340.330507] do_syscall_64+0x1b1/0x800 [ 340.334383] ? syscall_return_slowpath+0x5c0/0x5c0 [ 340.339307] ? syscall_return_slowpath+0x30f/0x5c0 [ 340.344224] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 340.349578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.354410] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.359583] RIP: 0033:0x45843a [ 340.362753] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 340.382087] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 340.389781] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 340.397035] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 340.404289] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 340.411543] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 340.418805] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000003a [ 340.449261] ceph: device name is missing path (no : separator in /dev/loop2) [ 340.494289] ceph: device name is missing path (no : separator in /dev/loop2) 2033/05/18 03:34:53 executing program 6: 2033/05/18 03:34:53 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xfeffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e670300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:53 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000040)) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x2, 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:53 executing program 1 (fault-call:0 fault-nth:59): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:53 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:53 executing program 5: 2033/05/18 03:34:53 executing program 2: 2033/05/18 03:34:53 executing program 2: 2033/05/18 03:34:53 executing program 5: 2033/05/18 03:34:53 executing program 6: [ 341.115951] FAULT_INJECTION: forcing a failure. [ 341.115951] name failslab, interval 1, probability 0, space 0, times 0 [ 341.127284] CPU: 1 PID: 22092 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 341.134204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.143548] Call Trace: [ 341.146143] dump_stack+0x1b9/0x294 [ 341.149772] ? dump_stack_print_info.cold.2+0x52/0x52 [ 341.154971] should_fail.cold.4+0xa/0x1a [ 341.159037] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 341.164139] ? mark_held_locks+0xc9/0x160 [ 341.168289] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 341.173388] ? graph_lock+0x170/0x170 [ 341.177188] ? schedule+0xef/0x430 [ 341.180721] ? trace_hardirqs_on+0xd/0x10 [ 341.184868] ? find_held_lock+0x36/0x1c0 [ 341.188932] ? __lock_is_held+0xb5/0x140 [ 341.193006] ? check_same_owner+0x320/0x320 [ 341.197327] ? rcu_note_context_switch+0x710/0x710 [ 341.202256] ? __wait_on_bit+0x92/0x130 [ 341.206232] __should_failslab+0x124/0x180 [ 341.210479] should_failslab+0x9/0x14 [ 341.214278] kmem_cache_alloc+0x2af/0x760 [ 341.218437] ? __wait_on_bit+0x130/0x130 [ 341.222507] ? init_wait_var_entry+0x1a0/0x1a0 [ 341.227099] getname_kernel+0x54/0x370 [ 341.230992] kern_path+0x1e/0x40 [ 341.234365] lookup_bdev+0xfa/0x240 [ 341.237995] ? blkdev_open+0x280/0x280 [ 341.241885] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.247434] ? btrfs_read_dev_super+0x9c/0xe0 [ 341.251936] ? kasan_check_write+0x14/0x20 [ 341.256175] blkdev_get_by_path+0x1f/0xe0 [ 341.260334] btrfs_get_bdev_and_sb+0x38/0x300 [ 341.264832] open_fs_devices+0x6a5/0xc60 [ 341.268903] ? btrfs_update_device+0x640/0x640 [ 341.273500] ? rcu_read_lock_sched_held+0x108/0x120 [ 341.278783] btrfs_open_devices+0xc0/0xd0 [ 341.282934] btrfs_mount_root+0x91f/0x1e70 [ 341.287183] ? btrfs_decode_error+0x70/0x70 [ 341.291514] ? save_stack+0x43/0xd0 [ 341.295142] ? __kasan_slab_free+0x11a/0x170 [ 341.299556] ? kasan_slab_free+0xe/0x10 [ 341.303527] ? kfree+0xd9/0x260 [ 341.306809] ? mount_fs+0xae/0x328 [ 341.310353] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 341.315108] ? do_mount+0x564/0x30b0 [ 341.318823] ? ksys_mount+0x12d/0x140 [ 341.322626] ? __x64_sys_mount+0xbe/0x150 [ 341.326772] ? do_syscall_64+0x1b1/0x800 [ 341.330834] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.336202] ? kasan_check_read+0x11/0x20 [ 341.340358] ? do_raw_spin_unlock+0x9e/0x2e0 [ 341.344767] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 341.349359] ? kasan_check_write+0x14/0x20 [ 341.353596] ? do_raw_spin_lock+0xc1/0x200 [ 341.357839] mount_fs+0xae/0x328 [ 341.361207] ? debug_check_no_obj_freed+0x2ff/0x584 [ 341.366225] vfs_kern_mount.part.34+0xd4/0x4d0 [ 341.370806] ? may_umount+0xb0/0xb0 [ 341.374427] ? quarantine_put+0xeb/0x190 [ 341.378485] ? kfree+0x111/0x260 [ 341.381850] ? btrfs_mount+0x831/0x213e [ 341.385826] vfs_kern_mount+0x40/0x60 [ 341.389626] btrfs_mount+0x4a1/0x213e [ 341.393432] ? kasan_check_read+0x11/0x20 [ 341.397581] ? rcu_is_watching+0x85/0x140 [ 341.401737] ? btrfs_remount+0x16f0/0x16f0 [ 341.405972] ? __lockdep_init_map+0x105/0x590 [ 341.410467] ? __lockdep_init_map+0x105/0x590 [ 341.414965] ? lockdep_init_map+0x9/0x10 [ 341.419028] ? __init_waitqueue_head+0x96/0x140 [ 341.423699] ? init_wait_entry+0x1b0/0x1b0 [ 341.427935] ? memcpy+0x45/0x50 [ 341.431218] ? alloc_vfsmnt+0x771/0x9d0 [ 341.435192] ? mnt_free_id.isra.27+0x60/0x60 [ 341.439603] ? kasan_check_read+0x11/0x20 [ 341.443749] ? graph_lock+0x170/0x170 [ 341.447546] ? rcu_pm_notify+0xc0/0xc0 [ 341.451432] ? trace_hardirqs_off+0xd/0x10 [ 341.455756] ? putname+0xf2/0x130 [ 341.459208] ? find_held_lock+0x36/0x1c0 [ 341.463279] ? lock_downgrade+0x8e0/0x8e0 [ 341.467426] ? module_unload_free+0x5b0/0x5b0 [ 341.471921] mount_fs+0xae/0x328 [ 341.475283] ? btrfs_remount+0x16f0/0x16f0 [ 341.479514] ? mount_fs+0xae/0x328 [ 341.483053] ? mpi_free.cold.1+0x19/0x19 [ 341.487113] vfs_kern_mount.part.34+0xd4/0x4d0 [ 341.491694] ? may_umount+0xb0/0xb0 [ 341.495323] ? _raw_read_unlock+0x22/0x30 [ 341.499469] ? __get_fs_type+0x97/0xc0 [ 341.503357] do_mount+0x564/0x30b0 [ 341.506898] ? copy_mount_string+0x40/0x40 [ 341.511135] ? rcu_pm_notify+0xc0/0xc0 [ 341.515026] ? copy_mount_options+0x5f/0x380 [ 341.519432] ? rcu_read_lock_sched_held+0x108/0x120 [ 341.524446] ? kmem_cache_alloc_trace+0x616/0x780 [ 341.529293] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 341.534831] ? _copy_from_user+0xdf/0x150 [ 341.538983] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.544522] ? copy_mount_options+0x285/0x380 [ 341.549022] ksys_mount+0x12d/0x140 [ 341.552651] __x64_sys_mount+0xbe/0x150 [ 341.556624] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 341.561641] do_syscall_64+0x1b1/0x800 [ 341.565543] ? finish_task_switch+0x1ca/0x840 [ 341.570041] ? syscall_return_slowpath+0x5c0/0x5c0 [ 341.574972] ? syscall_return_slowpath+0x30f/0x5c0 [ 341.579901] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 341.585271] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.590124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.595314] RIP: 0033:0x45843a [ 341.598495] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 341.617865] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 341.625580] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 341.632847] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 341.640110] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 341.647377] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 341.654644] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000003b 2033/05/18 03:34:54 executing program 2: 2033/05/18 03:34:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\n\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:54 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:54 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x4000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:54 executing program 6: 2033/05/18 03:34:54 executing program 5: 2033/05/18 03:34:54 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x40000) getpgrp(0x0) getpgrp(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) r2 = getpgid(r1) sched_setscheduler(r2, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x3a, {0x50ca, 0xffffffff, 0x65, 0x80, 0x5d, 0x5ed7}, 0x3, 0x9}, 0xe) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:54 executing program 1 (fault-call:0 fault-nth:60): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 342.175920] FAULT_INJECTION: forcing a failure. [ 342.175920] name failslab, interval 1, probability 0, space 0, times 0 [ 342.187252] CPU: 0 PID: 22114 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 342.194185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.203536] Call Trace: [ 342.206139] dump_stack+0x1b9/0x294 [ 342.209791] ? dump_stack_print_info.cold.2+0x52/0x52 [ 342.215071] ? perf_trace_lock_acquire+0xe3/0x980 [ 342.219928] should_fail.cold.4+0xa/0x1a [ 342.223994] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 342.229095] ? mark_held_locks+0xc9/0x160 [ 342.233250] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 342.238357] ? graph_lock+0x170/0x170 [ 342.242165] ? schedule+0xef/0x430 [ 342.245711] ? find_held_lock+0x36/0x1c0 [ 342.249786] ? __lock_is_held+0xb5/0x140 [ 342.253866] ? check_same_owner+0x320/0x320 [ 342.258193] ? rcu_note_context_switch+0x710/0x710 [ 342.263122] ? __wait_on_bit+0x92/0x130 [ 342.267103] __should_failslab+0x124/0x180 [ 342.271341] should_failslab+0x9/0x14 2033/05/18 03:34:54 executing program 5: [ 342.275140] kmem_cache_alloc+0x2af/0x760 [ 342.279287] ? __wait_on_bit+0x130/0x130 [ 342.283357] ? init_wait_var_entry+0x1a0/0x1a0 [ 342.287950] getname_kernel+0x54/0x370 [ 342.291857] kern_path+0x1e/0x40 [ 342.295237] lookup_bdev+0xfa/0x240 [ 342.298875] ? blkdev_open+0x280/0x280 [ 342.302779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.308325] ? btrfs_read_dev_super+0x9c/0xe0 [ 342.312831] ? kasan_check_write+0x14/0x20 [ 342.317082] blkdev_get_by_path+0x1f/0xe0 [ 342.321245] btrfs_get_bdev_and_sb+0x38/0x300 2033/05/18 03:34:54 executing program 5: 2033/05/18 03:34:54 executing program 6: [ 342.325751] open_fs_devices+0x6a5/0xc60 [ 342.329830] ? btrfs_update_device+0x640/0x640 [ 342.334432] ? rcu_read_lock_sched_held+0x108/0x120 [ 342.339466] btrfs_open_devices+0xc0/0xd0 [ 342.343711] btrfs_mount_root+0x91f/0x1e70 [ 342.347966] ? btrfs_decode_error+0x70/0x70 [ 342.352299] ? save_stack+0x43/0xd0 [ 342.355933] ? __kasan_slab_free+0x11a/0x170 [ 342.360345] ? kasan_slab_free+0xe/0x10 [ 342.364319] ? kfree+0xd9/0x260 [ 342.367606] ? mount_fs+0xae/0x328 [ 342.371148] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 342.375909] ? do_mount+0x564/0x30b0 [ 342.379626] ? ksys_mount+0x12d/0x140 [ 342.383429] ? __x64_sys_mount+0xbe/0x150 [ 342.387578] ? do_syscall_64+0x1b1/0x800 [ 342.391641] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.397010] ? kasan_check_read+0x11/0x20 [ 342.401162] ? do_raw_spin_unlock+0x9e/0x2e0 [ 342.405567] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 342.410140] ? kasan_check_write+0x14/0x20 [ 342.414361] ? do_raw_spin_lock+0xc1/0x200 [ 342.418607] mount_fs+0xae/0x328 [ 342.421962] ? debug_check_no_obj_freed+0x2ff/0x584 [ 342.426968] vfs_kern_mount.part.34+0xd4/0x4d0 [ 342.431547] ? may_umount+0xb0/0xb0 [ 342.435158] ? quarantine_put+0xeb/0x190 [ 342.439208] ? kfree+0x111/0x260 [ 342.442562] ? btrfs_mount+0x831/0x213e [ 342.446524] vfs_kern_mount+0x40/0x60 [ 342.450310] btrfs_mount+0x4a1/0x213e [ 342.454099] ? kasan_check_read+0x11/0x20 [ 342.458235] ? rcu_is_watching+0x85/0x140 [ 342.462378] ? btrfs_remount+0x16f0/0x16f0 [ 342.466599] ? __lockdep_init_map+0x105/0x590 [ 342.471080] ? __lockdep_init_map+0x105/0x590 [ 342.475563] ? lockdep_init_map+0x9/0x10 [ 342.479608] ? __init_waitqueue_head+0x96/0x140 [ 342.484264] ? init_wait_entry+0x1b0/0x1b0 [ 342.488483] ? memcpy+0x45/0x50 [ 342.491755] ? alloc_vfsmnt+0x771/0x9d0 [ 342.495722] ? mnt_free_id.isra.27+0x60/0x60 [ 342.500120] ? kasan_check_read+0x11/0x20 [ 342.504252] ? graph_lock+0x170/0x170 [ 342.508050] ? rcu_pm_notify+0xc0/0xc0 [ 342.511921] ? trace_hardirqs_off+0xd/0x10 [ 342.516150] ? putname+0xf2/0x130 [ 342.519592] ? find_held_lock+0x36/0x1c0 [ 342.523650] ? lock_downgrade+0x8e0/0x8e0 [ 342.527783] ? module_unload_free+0x5b0/0x5b0 [ 342.532268] mount_fs+0xae/0x328 [ 342.535621] ? btrfs_remount+0x16f0/0x16f0 [ 342.539848] ? mount_fs+0xae/0x328 [ 342.543375] ? mpi_free.cold.1+0x19/0x19 [ 342.547426] vfs_kern_mount.part.34+0xd4/0x4d0 [ 342.552008] ? may_umount+0xb0/0xb0 [ 342.555631] ? _raw_read_unlock+0x22/0x30 [ 342.559764] ? __get_fs_type+0x97/0xc0 [ 342.563645] do_mount+0x564/0x30b0 [ 342.567178] ? copy_mount_string+0x40/0x40 [ 342.571398] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 342.576403] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 342.581147] ? retint_kernel+0x10/0x10 [ 342.585039] ? copy_mount_options+0x1f0/0x380 [ 342.589521] ? copy_mount_options+0x200/0x380 [ 342.594020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.599546] ? copy_mount_options+0x285/0x380 [ 342.604037] ksys_mount+0x12d/0x140 [ 342.607656] __x64_sys_mount+0xbe/0x150 [ 342.611625] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 342.616628] do_syscall_64+0x1b1/0x800 [ 342.620503] ? finish_task_switch+0x1ca/0x840 [ 342.624985] ? syscall_return_slowpath+0x5c0/0x5c0 [ 342.629911] ? syscall_return_slowpath+0x30f/0x5c0 [ 342.634833] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 342.640187] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.645028] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.650202] RIP: 0033:0x45843a [ 342.653375] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 2033/05/18 03:34:55 executing program 2: 2033/05/18 03:34:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, 'rng\x00\x00\x00\x00\x00\x00\x00\t\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 342.672705] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 342.680404] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 342.687660] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 342.694911] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 342.702167] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 342.709422] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000003c 2033/05/18 03:34:55 executing program 6: 2033/05/18 03:34:55 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x10000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:55 executing program 2: 2033/05/18 03:34:55 executing program 5: 2033/05/18 03:34:55 executing program 2: 2033/05/18 03:34:55 executing program 6: 2033/05/18 03:34:55 executing program 5: 2033/05/18 03:34:55 executing program 2: 2033/05/18 03:34:55 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x4003) ioctl$HDIO_GETGEO(r4, 0x301, &(0x7f0000000380)) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') 2033/05/18 03:34:55 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './bus', [{0x20, 'ppp1vmnet1vboxnet0}vmnet1-nodevsystem'}, {0x20, '/)-wlan0'}, {0x20, '/dev/usbmon#\x00'}], 0xa, "58eab9541aff816d7d8e9e8df780e651775439e7eddcf092a6148066bb7e703fe4ce474e32fca837594a171d22a29c9d179b3a7e78250a85591c5bd409cf3e655f6cf15d9e7c40f6f3a10d4cc99843db9397b8bc11c0915bcfbb31309dfe6f08068cd393e3ede6e240822f7073655609d82c19c31704d166e3fb23f9e482"}, 0xc4) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:55 executing program 1 (fault-call:0 fault-nth:61): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:55 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700000000000000e600", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 343.421107] FAULT_INJECTION: forcing a failure. [ 343.421107] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 343.432962] CPU: 0 PID: 22145 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 343.440020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.449381] Call Trace: [ 343.451985] dump_stack+0x1b9/0x294 [ 343.455636] ? dump_stack_print_info.cold.2+0x52/0x52 [ 343.460838] ? _raw_spin_unlock_irq+0x27/0x70 [ 343.465348] should_fail.cold.4+0xa/0x1a [ 343.469415] ? finish_task_switch+0x182/0x840 [ 343.473914] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 343.479016] ? preempt_notifier_register+0x1e0/0x1e0 [ 343.484131] ? debug_check_no_locks_freed+0x310/0x310 [ 343.489334] ? __schedule+0x809/0x1e30 [ 343.493235] ? __sched_text_start+0x8/0x8 [ 343.497390] ? print_usage_bug+0xc0/0xc0 [ 343.501463] ? perf_trace_lock_acquire+0xe3/0x980 [ 343.506323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 343.511866] ? should_fail+0x21b/0xbcd [ 343.515776] __alloc_pages_nodemask+0x34e/0xd70 2033/05/18 03:34:56 executing program 2: 2033/05/18 03:34:56 executing program 6: 2033/05/18 03:34:56 executing program 5: [ 343.520459] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 343.525484] ? schedule+0xef/0x430 [ 343.529031] ? find_held_lock+0x36/0x1c0 [ 343.533098] ? __lock_is_held+0xb5/0x140 [ 343.537179] ? check_same_owner+0x320/0x320 [ 343.541506] cache_grow_begin+0x6e/0x6c0 [ 343.545576] kmem_cache_alloc+0x689/0x760 [ 343.549728] ? __wait_on_bit+0x130/0x130 [ 343.553807] getname_kernel+0x54/0x370 [ 343.557709] kern_path+0x1e/0x40 [ 343.561084] lookup_bdev+0xfa/0x240 [ 343.564715] ? blkdev_open+0x280/0x280 2033/05/18 03:34:56 executing program 6: [ 343.568607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 343.574164] ? btrfs_read_dev_super+0x9c/0xe0 [ 343.578673] ? kasan_check_write+0x14/0x20 [ 343.582925] blkdev_get_by_path+0x1f/0xe0 [ 343.587091] btrfs_get_bdev_and_sb+0x38/0x300 [ 343.591597] open_fs_devices+0x6a5/0xc60 [ 343.595673] ? btrfs_update_device+0x640/0x640 [ 343.600275] ? rcu_read_lock_sched_held+0x108/0x120 [ 343.605305] btrfs_open_devices+0xc0/0xd0 [ 343.609463] btrfs_mount_root+0x91f/0x1e70 [ 343.613801] ? btrfs_decode_error+0x70/0x70 [ 343.618143] ? save_stack+0x43/0xd0 [ 343.621777] ? __kasan_slab_free+0x11a/0x170 [ 343.626189] ? kasan_slab_free+0xe/0x10 [ 343.630167] ? kfree+0xd9/0x260 [ 343.633451] ? mount_fs+0xae/0x328 [ 343.636999] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 343.641756] ? do_mount+0x564/0x30b0 [ 343.645478] ? ksys_mount+0x12d/0x140 [ 343.649286] ? __x64_sys_mount+0xbe/0x150 [ 343.653435] ? do_syscall_64+0x1b1/0x800 [ 343.657486] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.662841] ? kasan_check_read+0x11/0x20 [ 343.666977] ? do_raw_spin_unlock+0x9e/0x2e0 [ 343.671376] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 343.675947] ? kasan_check_write+0x14/0x20 [ 343.680167] ? do_raw_spin_lock+0xc1/0x200 [ 343.684403] mount_fs+0xae/0x328 [ 343.687757] ? debug_check_no_obj_freed+0x2ff/0x584 [ 343.692762] vfs_kern_mount.part.34+0xd4/0x4d0 [ 343.697333] ? may_umount+0xb0/0xb0 [ 343.700941] ? quarantine_put+0xeb/0x190 [ 343.704988] ? kfree+0x111/0x260 [ 343.708709] ? btrfs_mount+0x831/0x213e [ 343.712671] vfs_kern_mount+0x40/0x60 [ 343.716461] btrfs_mount+0x4a1/0x213e [ 343.720254] ? kasan_check_read+0x11/0x20 [ 343.724391] ? rcu_is_watching+0x85/0x140 [ 343.728530] ? btrfs_remount+0x16f0/0x16f0 [ 343.732750] ? __lockdep_init_map+0x105/0x590 [ 343.737234] ? __lockdep_init_map+0x105/0x590 [ 343.741728] ? lockdep_init_map+0x9/0x10 [ 343.745775] ? __init_waitqueue_head+0x96/0x140 [ 343.750431] ? init_wait_entry+0x1b0/0x1b0 [ 343.754649] ? memcpy+0x45/0x50 [ 343.757923] ? alloc_vfsmnt+0x771/0x9d0 [ 343.761894] ? mnt_free_id.isra.27+0x60/0x60 [ 343.766291] ? kasan_check_read+0x11/0x20 [ 343.770425] ? graph_lock+0x170/0x170 [ 343.774214] ? rcu_pm_notify+0xc0/0xc0 [ 343.778085] ? trace_hardirqs_off+0xd/0x10 [ 343.782315] ? putname+0xf2/0x130 [ 343.785757] ? find_held_lock+0x36/0x1c0 [ 343.789812] ? lock_downgrade+0x8e0/0x8e0 [ 343.793947] ? module_unload_free+0x5b0/0x5b0 [ 343.798432] mount_fs+0xae/0x328 [ 343.801784] ? btrfs_remount+0x16f0/0x16f0 [ 343.806002] ? mount_fs+0xae/0x328 [ 343.809535] ? mpi_free.cold.1+0x19/0x19 [ 343.813586] vfs_kern_mount.part.34+0xd4/0x4d0 [ 343.818160] ? may_umount+0xb0/0xb0 [ 343.821784] ? _raw_read_unlock+0x22/0x30 [ 343.825918] ? __get_fs_type+0x97/0xc0 [ 343.829813] do_mount+0x564/0x30b0 [ 343.833353] ? copy_mount_string+0x40/0x40 [ 343.837575] ? rcu_pm_notify+0xc0/0xc0 [ 343.841458] ? copy_mount_options+0x5f/0x380 [ 343.845860] ? rcu_read_lock_sched_held+0x108/0x120 [ 343.850871] ? kmem_cache_alloc_trace+0x616/0x780 [ 343.855703] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 343.861229] ? _copy_from_user+0xdf/0x150 [ 343.865368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 343.870888] ? copy_mount_options+0x285/0x380 [ 343.875374] ksys_mount+0x12d/0x140 [ 343.878992] __x64_sys_mount+0xbe/0x150 [ 343.882957] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 343.887964] do_syscall_64+0x1b1/0x800 [ 343.891836] ? finish_task_switch+0x1ca/0x840 [ 343.896340] ? syscall_return_slowpath+0x5c0/0x5c0 [ 343.901257] ? syscall_return_slowpath+0x30f/0x5c0 [ 343.906176] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 343.911531] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 343.916367] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.921540] RIP: 0033:0x45843a [ 343.924801] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 343.944481] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 343.952188] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 343.959443] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 2033/05/18 03:34:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000b900", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:56 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1400, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 343.966705] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 343.973960] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 343.981216] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000003d 2033/05/18 03:34:57 executing program 6: r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x41) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000b00)={0x0, 0x0, 0x0, 'queue1\x00'}) clock_gettime(0x0, &(0x7f0000000140)={0x0}) write$sndseq(r2, &(0x7f0000000380)=[{0x0, 0x1ff, 0x0, 0x0, @time={r3}, {}, {}, @ext={0x0, &(0x7f00000000c0)}}], 0x30) r4 = syz_open_dev$sndseq(&(0x7f000011c000)='/dev/snd/seq\x00', 0x0, 0x8000000000102) write$sndseq(r4, &(0x7f00000001c0)=[{0x1e, 0x0, 0x0, 0x3fd, @time, {}, {}, @connect}], 0x30) 2033/05/18 03:34:57 executing program 2: r0 = socket$inet(0x10, 0x3, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a600800000000000000068354015002c001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) 2033/05/18 03:34:57 executing program 5: syslog(0x3, &(0x7f00000000c0), 0x9b0a44965c0abf62) 2033/05/18 03:34:57 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x400000, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000440)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000300)=0xe8) bind(r2, &(0x7f0000000340)=@can={0x1d, r3}, 0x80) r4 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r4) keyctl$update(0x2, r5, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67000000d100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:57 executing program 1 (fault-call:0 fault-nth:62): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:57 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000180)={0x4, {{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1, 0x1, [{{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1b}}}]}, 0x110) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:57 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 344.639230] FAULT_INJECTION: forcing a failure. [ 344.639230] name failslab, interval 1, probability 0, space 0, times 0 [ 344.650873] CPU: 0 PID: 22173 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 344.657803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.667165] Call Trace: [ 344.669764] dump_stack+0x1b9/0x294 [ 344.673400] ? dump_stack_print_info.cold.2+0x52/0x52 [ 344.678611] should_fail.cold.4+0xa/0x1a [ 344.682682] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 344.687797] ? print_usage_bug+0xc0/0xc0 [ 344.691863] ? rcu_is_watching+0x85/0x140 [ 344.696019] ? rcu_report_qs_rnp+0x790/0x790 [ 344.700435] ? print_usage_bug+0xc0/0xc0 [ 344.704505] ? kasan_check_read+0x11/0x20 [ 344.708673] ? perf_trace_lock_acquire+0xe3/0x980 [ 344.713545] ? __lock_acquire+0x7f5/0x5140 [ 344.717785] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 344.722792] ? graph_lock+0x170/0x170 [ 344.726580] ? refill_stock+0x126/0x1a0 [ 344.730558] __should_failslab+0x124/0x180 [ 344.734807] should_failslab+0x9/0x14 [ 344.738596] kmem_cache_alloc+0x47/0x760 [ 344.742647] ? radix_tree_node_alloc.constprop.19+0x310/0x310 [ 344.748561] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 344.754267] __radix_tree_create+0x4ce/0x820 [ 344.758684] ? radix_tree_maybe_preload_order+0x110/0x110 [ 344.764210] ? percpu_ref_put_many+0x132/0x230 [ 344.768781] ? percpu_ref_tryget+0x2b0/0x2b0 [ 344.773178] ? __radix_tree_insert+0x8d0/0x8d0 [ 344.777756] ? mem_cgroup_try_charge+0x52f/0xa40 [ 344.782504] ? mem_cgroup_low+0x1d0/0x1d0 [ 344.786655] ? lock_acquire+0x1dc/0x520 [ 344.790636] page_cache_tree_insert+0xcf/0x550 [ 344.795226] ? file_check_and_advance_wb_err+0x5d0/0x5d0 [ 344.800666] ? rcu_is_watching+0x85/0x140 [ 344.804812] ? radix_tree_lookup_slot+0x99/0xe0 [ 344.809469] ? kasan_check_write+0x14/0x20 [ 344.813691] ? do_raw_spin_lock+0xc1/0x200 [ 344.817920] __add_to_page_cache_locked+0x526/0xd10 [ 344.822929] ? find_lock_entry+0x8a0/0x8a0 [ 344.827164] ? __lock_is_held+0xb5/0x140 [ 344.831221] ? rcu_read_lock_sched_held+0x108/0x120 [ 344.836223] ? __alloc_pages_nodemask+0xacf/0xd70 [ 344.841055] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 344.846059] ? filemap_map_pages+0x1870/0x1870 [ 344.850629] ? find_get_entries+0x131/0x1020 [ 344.855042] add_to_page_cache_lru+0x1ad/0x5c0 [ 344.859612] ? add_to_page_cache_locked+0x40/0x40 [ 344.864447] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 344.869976] ? alloc_pages_current+0x114/0x210 [ 344.874558] ? __page_cache_alloc+0x189/0x5d0 [ 344.879045] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.884569] ? __filemap_set_wb_err+0x3a0/0x3a0 [ 344.889238] ? print_usage_bug+0xc0/0xc0 [ 344.893288] ? drop_slab+0xa0/0xa0 [ 344.896818] pagecache_get_page+0x484/0xe20 [ 344.901125] ? generic_file_readonly_mmap+0x1b0/0x1b0 [ 344.906304] ? find_get_pages_contig+0x1560/0x1560 [ 344.911236] ? mark_held_locks+0xc9/0x160 [ 344.915372] ? __find_get_block+0x2b8/0xe50 [ 344.919684] ? __find_get_block+0x365/0xe50 [ 344.923993] ? check_same_owner+0x320/0x320 [ 344.928310] ? block_invalidatepage+0x500/0x500 [ 344.932976] ? check_same_owner+0x320/0x320 [ 344.937293] ? invalidate_inode_page+0x3f0/0x3f0 [ 344.942040] ? rcu_note_context_switch+0x710/0x710 [ 344.946960] ? __might_sleep+0x95/0x190 [ 344.950925] __getblk_gfp+0x39e/0xaf0 [ 344.954722] ? __find_get_block+0xe50/0xe50 [ 344.959034] ? kasan_check_write+0x14/0x20 [ 344.963259] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 344.968175] ? insert_work+0x4e0/0x4e0 [ 344.972053] ? wait_for_completion+0x870/0x870 [ 344.976623] ? __brelse+0xfe/0x170 [ 344.980157] ? mark_held_locks+0xc9/0x160 [ 344.984297] ? queue_work_on+0xe8/0x1e0 [ 344.988266] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 344.993277] __bread_gfp+0x2d/0x310 [ 344.996905] btrfs_read_dev_one_super+0xb7/0x2a0 [ 345.001651] btrfs_read_dev_super+0x6a/0xe0 [ 345.005961] ? btrfs_read_dev_one_super+0x2a0/0x2a0 [ 345.010972] btrfs_get_bdev_and_sb+0x100/0x300 [ 345.015557] open_fs_devices+0x6a5/0xc60 [ 345.019613] ? btrfs_update_device+0x640/0x640 [ 345.024192] ? rcu_read_lock_sched_held+0x108/0x120 [ 345.029203] btrfs_open_devices+0xc0/0xd0 [ 345.033348] btrfs_mount_root+0x91f/0x1e70 [ 345.037577] ? btrfs_decode_error+0x70/0x70 [ 345.041891] ? save_stack+0x43/0xd0 [ 345.045520] ? __kasan_slab_free+0x11a/0x170 [ 345.049916] ? kasan_slab_free+0xe/0x10 [ 345.053882] ? kfree+0xd9/0x260 [ 345.057166] ? mount_fs+0xae/0x328 [ 345.060693] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 345.065435] ? do_mount+0x564/0x30b0 [ 345.069139] ? ksys_mount+0x12d/0x140 [ 345.072925] ? __x64_sys_mount+0xbe/0x150 [ 345.077059] ? do_syscall_64+0x1b1/0x800 [ 345.081111] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.086463] ? kasan_check_read+0x11/0x20 [ 345.090599] ? do_raw_spin_unlock+0x9e/0x2e0 [ 345.094996] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 345.099570] ? kasan_check_write+0x14/0x20 [ 345.103799] ? do_raw_spin_lock+0xc1/0x200 [ 345.108031] mount_fs+0xae/0x328 [ 345.111394] ? debug_check_no_obj_freed+0x2ff/0x584 [ 345.116408] vfs_kern_mount.part.34+0xd4/0x4d0 [ 345.120977] ? may_umount+0xb0/0xb0 [ 345.124589] ? quarantine_put+0xeb/0x190 [ 345.128634] ? kfree+0x111/0x260 [ 345.131990] ? btrfs_mount+0x831/0x213e [ 345.135955] vfs_kern_mount+0x40/0x60 [ 345.139750] btrfs_mount+0x4a1/0x213e [ 345.143539] ? kasan_check_read+0x11/0x20 [ 345.147674] ? rcu_is_watching+0x85/0x140 [ 345.151811] ? btrfs_remount+0x16f0/0x16f0 [ 345.156038] ? __lockdep_init_map+0x105/0x590 [ 345.160518] ? __lockdep_init_map+0x105/0x590 [ 345.165002] ? lockdep_init_map+0x9/0x10 [ 345.169054] ? __init_waitqueue_head+0x96/0x140 [ 345.173706] ? init_wait_entry+0x1b0/0x1b0 [ 345.177926] ? memcpy+0x45/0x50 [ 345.181199] ? alloc_vfsmnt+0x771/0x9d0 [ 345.185160] ? mnt_free_id.isra.27+0x60/0x60 [ 345.189556] ? kasan_check_read+0x11/0x20 [ 345.193688] ? graph_lock+0x170/0x170 [ 345.197481] ? rcu_pm_notify+0xc0/0xc0 [ 345.201353] ? trace_hardirqs_off+0xd/0x10 [ 345.205577] ? mark_held_locks+0xc9/0x160 [ 345.209712] ? find_held_lock+0x36/0x1c0 [ 345.213769] ? lock_downgrade+0x8e0/0x8e0 [ 345.217905] ? module_unload_free+0x5b0/0x5b0 [ 345.222387] mount_fs+0xae/0x328 [ 345.225740] ? btrfs_remount+0x16f0/0x16f0 [ 345.229959] ? mount_fs+0xae/0x328 [ 345.233494] vfs_kern_mount.part.34+0xd4/0x4d0 [ 345.238063] ? may_umount+0xb0/0xb0 [ 345.241678] ? _raw_read_unlock+0x22/0x30 [ 345.245812] ? __get_fs_type+0x97/0xc0 [ 345.249691] do_mount+0x564/0x30b0 [ 345.253225] ? copy_mount_string+0x40/0x40 [ 345.257446] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 345.262193] ? retint_kernel+0x10/0x10 [ 345.266074] ? copy_mount_options+0x1a1/0x380 [ 345.270566] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 345.275397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.280917] ? copy_mount_options+0x285/0x380 [ 345.285400] ksys_mount+0x12d/0x140 [ 345.289022] __x64_sys_mount+0xbe/0x150 [ 345.292986] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 345.297994] do_syscall_64+0x1b1/0x800 [ 345.301870] ? finish_task_switch+0x1ca/0x840 [ 345.306353] ? syscall_return_slowpath+0x5c0/0x5c0 [ 345.311268] ? syscall_return_slowpath+0x30f/0x5c0 [ 345.316198] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 345.321553] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.326385] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.331558] RIP: 0033:0x45843a [ 345.334727] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 345.354060] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 345.361753] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 345.369006] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 345.376264] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 345.383517] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 2033/05/18 03:34:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000000180), &(0x7f0000000480)) read(r0, &(0x7f0000000380)=""/42, 0xf0) [ 345.390771] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000003e 2033/05/18 03:34:57 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:58 executing program 6: r0 = socket$kcm(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4}, 0x109) sendmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@in={0x2, 0x0, @loopback=0x7f000001}, 0x80, &(0x7f0000002500), 0x0, &(0x7f0000000180)}, 0x20000000) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) r2 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r0, r1}) sendmsg(r2, &(0x7f00000002c0)={&(0x7f0000000200)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast=0xffffffff}}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)="1c", 0x1}], 0x1, &(0x7f0000000340)}, 0x4000090) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e1, &(0x7f0000000300)={r0}) 2033/05/18 03:34:58 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67c100", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:58 executing program 1 (fault-call:0 fault-nth:63): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:58 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000040)='\x00', 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) [ 345.545999] FAULT_INJECTION: forcing a failure. [ 345.545999] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 345.557851] CPU: 1 PID: 22190 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 345.564771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.574113] Call Trace: [ 345.576701] dump_stack+0x1b9/0x294 [ 345.580329] ? dump_stack_print_info.cold.2+0x52/0x52 [ 345.585522] ? _raw_spin_unlock_irq+0x27/0x70 [ 345.590024] should_fail.cold.4+0xa/0x1a [ 345.594084] ? finish_task_switch+0x28b/0x840 [ 345.598580] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 345.603679] ? preempt_notifier_register+0x1e0/0x1e0 [ 345.608787] ? debug_check_no_locks_freed+0x310/0x310 [ 345.613982] ? __schedule+0x809/0x1e30 [ 345.617873] ? __sched_text_start+0x8/0x8 [ 345.622014] ? print_usage_bug+0xc0/0xc0 [ 345.626081] ? lock_downgrade+0x8e0/0x8e0 [ 345.630228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.635768] ? should_fail+0x21b/0xbcd [ 345.639664] __alloc_pages_nodemask+0x34e/0xd70 [ 345.644338] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 345.649352] ? schedule+0xef/0x430 [ 345.652890] ? trace_hardirqs_on+0xd/0x10 [ 345.657041] ? find_held_lock+0x36/0x1c0 [ 345.661109] ? __lock_is_held+0xb5/0x140 [ 345.665194] ? check_same_owner+0x320/0x320 [ 345.669523] cache_grow_begin+0x6e/0x6c0 [ 345.673586] kmem_cache_alloc+0x689/0x760 [ 345.677730] ? __wait_on_bit+0x130/0x130 [ 345.681796] getname_kernel+0x54/0x370 [ 345.685682] kern_path+0x1e/0x40 [ 345.689050] lookup_bdev+0xfa/0x240 [ 345.692674] ? blkdev_open+0x280/0x280 [ 345.696560] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.702095] ? btrfs_read_dev_super+0x9c/0xe0 [ 345.706593] ? kasan_check_write+0x14/0x20 [ 345.710832] blkdev_get_by_path+0x1f/0xe0 [ 345.714982] btrfs_get_bdev_and_sb+0x38/0x300 [ 345.719477] open_fs_devices+0x6a5/0xc60 [ 345.723544] ? btrfs_update_device+0x640/0x640 [ 345.728133] ? rcu_read_lock_sched_held+0x108/0x120 [ 345.733153] btrfs_open_devices+0xc0/0xd0 [ 345.737302] btrfs_mount_root+0x91f/0x1e70 [ 345.741540] ? btrfs_decode_error+0x70/0x70 [ 345.745864] ? save_stack+0x43/0xd0 [ 345.749489] ? __kasan_slab_free+0x11a/0x170 [ 345.753894] ? kasan_slab_free+0xe/0x10 [ 345.757865] ? kfree+0xd9/0x260 [ 345.761139] ? mount_fs+0xae/0x328 [ 345.764677] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 345.769427] ? do_mount+0x564/0x30b0 [ 345.773139] ? ksys_mount+0x12d/0x140 [ 345.776939] ? __x64_sys_mount+0xbe/0x150 [ 345.781082] ? do_syscall_64+0x1b1/0x800 [ 345.785151] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.790513] ? kasan_check_read+0x11/0x20 [ 345.794662] ? do_raw_spin_unlock+0x9e/0x2e0 [ 345.799069] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 345.803652] ? kasan_check_write+0x14/0x20 [ 345.807887] ? do_raw_spin_lock+0xc1/0x200 [ 345.812124] mount_fs+0xae/0x328 [ 345.815487] ? debug_check_no_obj_freed+0x2ff/0x584 [ 345.820506] vfs_kern_mount.part.34+0xd4/0x4d0 [ 345.825086] ? may_umount+0xb0/0xb0 [ 345.828705] ? quarantine_put+0xeb/0x190 [ 345.833335] ? kfree+0x111/0x260 [ 345.836699] ? btrfs_mount+0x831/0x213e [ 345.840672] vfs_kern_mount+0x40/0x60 [ 345.844473] btrfs_mount+0x4a1/0x213e [ 345.848279] ? kasan_check_read+0x11/0x20 [ 345.852424] ? rcu_is_watching+0x85/0x140 [ 345.856576] ? btrfs_remount+0x16f0/0x16f0 [ 345.860809] ? __lockdep_init_map+0x105/0x590 [ 345.865302] ? __lockdep_init_map+0x105/0x590 [ 345.869795] ? lockdep_init_map+0x9/0x10 [ 345.873854] ? __init_waitqueue_head+0x96/0x140 [ 345.878521] ? init_wait_entry+0x1b0/0x1b0 [ 345.882753] ? memcpy+0x45/0x50 [ 345.886036] ? alloc_vfsmnt+0x771/0x9d0 [ 345.890007] ? mnt_free_id.isra.27+0x60/0x60 [ 345.894416] ? kasan_check_read+0x11/0x20 [ 345.898562] ? graph_lock+0x170/0x170 [ 345.902357] ? rcu_pm_notify+0xc0/0xc0 [ 345.906238] ? trace_hardirqs_off+0xd/0x10 [ 345.910477] ? putname+0xf2/0x130 [ 345.913936] ? find_held_lock+0x36/0x1c0 [ 345.918006] ? lock_downgrade+0x8e0/0x8e0 [ 345.922152] ? module_unload_free+0x5b0/0x5b0 [ 345.926647] mount_fs+0xae/0x328 [ 345.930007] ? btrfs_remount+0x16f0/0x16f0 [ 345.934237] ? mount_fs+0xae/0x328 [ 345.937775] ? mpi_free.cold.1+0x19/0x19 [ 345.941929] vfs_kern_mount.part.34+0xd4/0x4d0 [ 345.946597] ? may_umount+0xb0/0xb0 [ 345.950222] ? _raw_read_unlock+0x22/0x30 [ 345.954365] ? __get_fs_type+0x97/0xc0 [ 345.958253] do_mount+0x564/0x30b0 [ 345.961794] ? copy_mount_string+0x40/0x40 [ 345.966026] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 345.971039] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 345.975794] ? retint_kernel+0x10/0x10 [ 345.979683] ? copy_mount_options+0x213/0x380 [ 345.984174] ? copy_mount_options+0x213/0x380 [ 345.988669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.994201] ? copy_mount_options+0x285/0x380 [ 345.998697] ksys_mount+0x12d/0x140 [ 346.002331] __x64_sys_mount+0xbe/0x150 [ 346.006303] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 346.011317] do_syscall_64+0x1b1/0x800 [ 346.015203] ? finish_task_switch+0x1ca/0x840 [ 346.019698] ? syscall_return_slowpath+0x5c0/0x5c0 [ 346.024625] ? syscall_return_slowpath+0x30f/0x5c0 [ 346.029558] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 346.034927] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.039773] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.044955] RIP: 0033:0x45843a [ 346.048134] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 346.067499] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 346.075208] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 346.082470] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 346.089734] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 2033/05/18 03:34:58 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000001c0)="0047fc2f07d82c99240970") msgctl$IPC_RMID(0x0, 0x2000000) 2033/05/18 03:34:58 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 346.096998] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 346.104260] R13: 0000000000000001 R14: 0000000000700008 R15: 000000000000003f 2033/05/18 03:34:58 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20008800, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") syslog(0x3, &(0x7f0000000000), 0x1cd) 2033/05/18 03:34:58 executing program 1 (fault-call:0 fault-nth:64): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:58 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67c200", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:58 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0xafa}, 0x2c) r0 = memfd_create(&(0x7f0000000000)='proccpuset\x00', 0x3) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000040)) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xa, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="180000c400000000000600000000000000104c00000000000000000000004d009500000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0x1, 0x3bc, &(0x7f00001a7f05)=""/251}, 0x2e) 2033/05/18 03:34:58 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x13704f, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 346.260093] FAULT_INJECTION: forcing a failure. [ 346.260093] name failslab, interval 1, probability 0, space 0, times 0 [ 346.271535] CPU: 0 PID: 22208 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 346.278461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.287808] Call Trace: [ 346.290409] dump_stack+0x1b9/0x294 [ 346.294044] ? dump_stack_print_info.cold.2+0x52/0x52 [ 346.299237] ? mutex_trylock+0x2a0/0x2a0 [ 346.303397] should_fail.cold.4+0xa/0x1a [ 346.307456] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 346.312556] ? graph_lock+0x170/0x170 [ 346.316347] ? lock_downgrade+0x8e0/0x8e0 [ 346.320484] ? lock_repin_lock+0x410/0x410 [ 346.324703] ? find_held_lock+0x36/0x1c0 [ 346.328748] ? __lock_is_held+0xb5/0x140 [ 346.332803] ? check_same_owner+0x320/0x320 [ 346.337112] ? rcu_note_context_switch+0x710/0x710 [ 346.342117] ? inode_add_lru+0x290/0x290 [ 346.346184] __should_failslab+0x124/0x180 [ 346.350406] should_failslab+0x9/0x14 [ 346.354192] kmem_cache_alloc+0x2af/0x760 [ 346.358327] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 346.363243] ? loop_clr_fd+0xd50/0xd50 [ 346.367121] getname_kernel+0x54/0x370 [ 346.370996] kern_path+0x1e/0x40 [ 346.374354] lookup_bdev+0xfa/0x240 [ 346.377969] ? blkdev_open+0x280/0x280 [ 346.381843] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 346.386412] ? kasan_check_write+0x14/0x20 [ 346.390632] ? do_raw_spin_lock+0xc1/0x200 [ 346.394855] blkdev_get_by_path+0x1f/0xe0 [ 346.398990] btrfs_get_bdev_and_sb+0x38/0x300 [ 346.403489] open_fs_devices+0x6a5/0xc60 [ 346.407541] ? btrfs_update_device+0x640/0x640 [ 346.412135] ? rcu_read_lock_sched_held+0x108/0x120 [ 346.417139] btrfs_open_devices+0xc0/0xd0 [ 346.421271] btrfs_mount_root+0x91f/0x1e70 [ 346.425495] ? btrfs_decode_error+0x70/0x70 [ 346.429807] ? save_stack+0x43/0xd0 [ 346.433420] ? __kasan_slab_free+0x11a/0x170 [ 346.437809] ? kasan_slab_free+0xe/0x10 [ 346.441766] ? kfree+0xd9/0x260 [ 346.445032] ? mount_fs+0xae/0x328 [ 346.448554] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 346.453289] ? do_mount+0x564/0x30b0 [ 346.456984] ? ksys_mount+0x12d/0x140 [ 346.460770] ? __x64_sys_mount+0xbe/0x150 [ 346.464901] ? do_syscall_64+0x1b1/0x800 [ 346.469292] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.474643] ? kasan_check_read+0x11/0x20 [ 346.478781] ? do_raw_spin_unlock+0x9e/0x2e0 [ 346.483173] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 346.487739] ? kasan_check_write+0x14/0x20 [ 346.491955] ? do_raw_spin_lock+0xc1/0x200 [ 346.496177] mount_fs+0xae/0x328 [ 346.499530] ? debug_check_no_obj_freed+0x2ff/0x584 [ 346.504531] vfs_kern_mount.part.34+0xd4/0x4d0 [ 346.509178] ? may_umount+0xb0/0xb0 [ 346.512787] ? quarantine_put+0xeb/0x190 [ 346.516835] ? kfree+0x111/0x260 [ 346.520183] ? btrfs_mount+0x831/0x213e [ 346.524140] vfs_kern_mount+0x40/0x60 [ 346.527925] btrfs_mount+0x4a1/0x213e [ 346.531711] ? kasan_check_read+0x11/0x20 [ 346.535843] ? rcu_is_watching+0x85/0x140 [ 346.539981] ? btrfs_remount+0x16f0/0x16f0 [ 346.544199] ? __lockdep_init_map+0x105/0x590 [ 346.548679] ? __lockdep_init_map+0x105/0x590 [ 346.553159] ? lockdep_init_map+0x9/0x10 [ 346.557206] ? __init_waitqueue_head+0x96/0x140 [ 346.561857] ? init_wait_entry+0x1b0/0x1b0 [ 346.566072] ? memcpy+0x45/0x50 [ 346.569338] ? alloc_vfsmnt+0x771/0x9d0 [ 346.573300] ? mnt_free_id.isra.27+0x60/0x60 [ 346.577690] ? kasan_check_read+0x11/0x20 [ 346.581819] ? graph_lock+0x170/0x170 [ 346.585604] ? rcu_pm_notify+0xc0/0xc0 [ 346.589473] ? trace_hardirqs_off+0xd/0x10 [ 346.593705] ? putname+0xf2/0x130 [ 346.597153] ? find_held_lock+0x36/0x1c0 [ 346.601201] ? lock_downgrade+0x8e0/0x8e0 [ 346.605340] ? module_unload_free+0x5b0/0x5b0 [ 346.609830] mount_fs+0xae/0x328 [ 346.613184] ? btrfs_remount+0x16f0/0x16f0 [ 346.617399] ? mount_fs+0xae/0x328 [ 346.620922] ? mpi_free.cold.1+0x19/0x19 [ 346.624973] vfs_kern_mount.part.34+0xd4/0x4d0 [ 346.629538] ? may_umount+0xb0/0xb0 [ 346.633152] ? _raw_read_unlock+0x22/0x30 [ 346.637284] ? __get_fs_type+0x97/0xc0 [ 346.641156] do_mount+0x564/0x30b0 [ 346.644693] ? copy_mount_string+0x40/0x40 [ 346.648914] ? rcu_pm_notify+0xc0/0xc0 [ 346.652791] ? copy_mount_options+0x5f/0x380 [ 346.657180] ? rcu_read_lock_sched_held+0x108/0x120 [ 346.662180] ? kmem_cache_alloc_trace+0x616/0x780 [ 346.667015] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 346.672541] ? _copy_from_user+0xdf/0x150 [ 346.676675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 346.682194] ? copy_mount_options+0x285/0x380 [ 346.686673] ksys_mount+0x12d/0x140 [ 346.690287] __x64_sys_mount+0xbe/0x150 [ 346.694247] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 346.699250] do_syscall_64+0x1b1/0x800 [ 346.703122] ? finish_task_switch+0x1ca/0x840 [ 346.707604] ? syscall_return_slowpath+0x5c0/0x5c0 [ 346.712517] ? syscall_return_slowpath+0x30f/0x5c0 [ 346.717435] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 346.722795] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.727627] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.732887] RIP: 0033:0x45843a [ 346.736056] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 346.755277] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 346.762986] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 346.770241] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 346.777491] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 346.784740] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 346.791999] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000040 2033/05/18 03:34:59 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x40, 0x0) bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x5, {0x9, 0x5, 0x7f, 0x9, 0x4, 0x3}, 0x20}, 0xe) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:34:59 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x2000, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc) getpid() ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc) fcntl$getown(r0, 0x9) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000002c0)) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000300)) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000340)=0x0) r3 = getpgid(r2) sched_setscheduler(r3, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r4 = creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x10000, 0x3, 0x100002, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) 2033/05/18 03:34:59 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000180)={0x4, {{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1, 0x1, [{{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1b}}}]}, 0x110) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) 2033/05/18 03:34:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67fd00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:34:59 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20008800, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") syslog(0x3, &(0x7f0000000000), 0x1cd) 2033/05/18 03:34:59 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0xf, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:59 executing program 1 (fault-call:0 fault-nth:65): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = memfd_create(&(0x7f0000000580)='dev ', 0x3) write(r1, &(0x7f0000000040)="16", 0x1) sendfile(r1, r1, &(0x7f0000001000), 0xffff) fcntl$addseals(r1, 0x409, 0xc) fsetxattr(r1, &(0x7f00000000c0)=@known='security.evm\x00', &(0x7f0000000100)='\x00', 0x1, 0x0) fsetxattr(r1, &(0x7f0000000140)=@random={'btrfs.', '\x00'}, &(0x7f0000000180)='security.evm\x00', 0xd, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000380)={r2, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x50, 0x8}, &(0x7f00000001c0)=0x90) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") clone(0x0, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)) 2033/05/18 03:34:59 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:34:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e6700d700", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 347.242455] FAULT_INJECTION: forcing a failure. [ 347.242455] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 347.254310] CPU: 1 PID: 22245 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 347.261230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.270577] Call Trace: [ 347.273168] dump_stack+0x1b9/0x294 [ 347.276801] ? dump_stack_print_info.cold.2+0x52/0x52 [ 347.281991] ? _raw_spin_unlock_irq+0x27/0x70 [ 347.286757] should_fail.cold.4+0xa/0x1a [ 347.290912] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 347.296033] ? debug_check_no_locks_freed+0x310/0x310 [ 347.301226] ? __might_sleep+0x95/0x190 [ 347.305201] ? kasan_check_write+0x14/0x20 [ 347.309433] ? __mutex_lock+0x7d9/0x17f0 [ 347.313494] ? kasan_check_write+0x14/0x20 [ 347.317730] ? graph_lock+0x170/0x170 [ 347.321529] ? lock_release+0xa10/0xa10 [ 347.325504] ? mutex_trylock+0x2a0/0x2a0 [ 347.329565] ? mutex_trylock+0x2a0/0x2a0 [ 347.333627] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 347.339161] ? should_fail+0x21b/0xbcd [ 347.343052] __alloc_pages_nodemask+0x34e/0xd70 [ 347.347730] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 347.352745] ? lock_downgrade+0x8e0/0x8e0 [ 347.356889] ? trace_hardirqs_on+0xd/0x10 [ 347.361037] ? find_held_lock+0x36/0x1c0 [ 347.365103] ? __lock_is_held+0xb5/0x140 [ 347.369175] ? check_same_owner+0x320/0x320 [ 347.373499] cache_grow_begin+0x6e/0x6c0 [ 347.377564] kmem_cache_alloc+0x689/0x760 [ 347.381713] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 347.386655] getname_kernel+0x54/0x370 [ 347.390547] kern_path+0x1e/0x40 [ 347.393914] lookup_bdev+0xfa/0x240 [ 347.397539] ? blkdev_open+0x280/0x280 [ 347.401425] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 347.406010] ? kasan_check_write+0x14/0x20 [ 347.410246] ? do_raw_spin_lock+0xc1/0x200 [ 347.414486] blkdev_get_by_path+0x1f/0xe0 [ 347.418636] btrfs_get_bdev_and_sb+0x38/0x300 [ 347.423134] open_fs_devices+0x6a5/0xc60 [ 347.427203] ? btrfs_update_device+0x640/0x640 [ 347.431796] ? rcu_read_lock_sched_held+0x108/0x120 [ 347.436816] btrfs_open_devices+0xc0/0xd0 [ 347.440963] btrfs_mount_root+0x91f/0x1e70 [ 347.445201] ? btrfs_decode_error+0x70/0x70 [ 347.449528] ? save_stack+0x43/0xd0 [ 347.453152] ? __kasan_slab_free+0x11a/0x170 [ 347.457557] ? kasan_slab_free+0xe/0x10 [ 347.461527] ? kfree+0xd9/0x260 [ 347.464802] ? mount_fs+0xae/0x328 [ 347.468342] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 347.473096] ? do_mount+0x564/0x30b0 [ 347.476803] ? ksys_mount+0x12d/0x140 [ 347.480600] ? __x64_sys_mount+0xbe/0x150 [ 347.484747] ? do_syscall_64+0x1b1/0x800 [ 347.488808] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.494169] ? kasan_check_read+0x11/0x20 [ 347.498318] ? do_raw_spin_unlock+0x9e/0x2e0 [ 347.502723] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 347.507303] ? kasan_check_write+0x14/0x20 [ 347.511534] ? do_raw_spin_lock+0xc1/0x200 [ 347.515773] mount_fs+0xae/0x328 [ 347.519139] ? debug_check_no_obj_freed+0x2ff/0x584 [ 347.524156] vfs_kern_mount.part.34+0xd4/0x4d0 [ 347.528739] ? may_umount+0xb0/0xb0 [ 347.532363] ? quarantine_put+0xeb/0x190 [ 347.536424] ? kfree+0x111/0x260 [ 347.539788] ? btrfs_mount+0x831/0x213e [ 347.543768] vfs_kern_mount+0x40/0x60 [ 347.547567] btrfs_mount+0x4a1/0x213e [ 347.551368] ? kasan_check_read+0x11/0x20 [ 347.555513] ? rcu_is_watching+0x85/0x140 [ 347.559662] ? btrfs_remount+0x16f0/0x16f0 [ 347.563897] ? __lockdep_init_map+0x105/0x590 [ 347.568389] ? __lockdep_init_map+0x105/0x590 [ 347.572884] ? lockdep_init_map+0x9/0x10 [ 347.576940] ? __init_waitqueue_head+0x96/0x140 [ 347.581605] ? init_wait_entry+0x1b0/0x1b0 [ 347.585837] ? memcpy+0x45/0x50 [ 347.589118] ? alloc_vfsmnt+0x771/0x9d0 [ 347.593088] ? mnt_free_id.isra.27+0x60/0x60 [ 347.597492] ? kasan_check_read+0x11/0x20 [ 347.601637] ? graph_lock+0x170/0x170 [ 347.605433] ? rcu_pm_notify+0xc0/0xc0 [ 347.609318] ? trace_hardirqs_off+0xd/0x10 [ 347.613556] ? putname+0xf2/0x130 [ 347.617005] ? find_held_lock+0x36/0x1c0 [ 347.621073] ? lock_downgrade+0x8e0/0x8e0 [ 347.625215] ? module_unload_free+0x5b0/0x5b0 [ 347.629714] mount_fs+0xae/0x328 [ 347.633076] ? btrfs_remount+0x16f0/0x16f0 [ 347.637308] ? mount_fs+0xae/0x328 [ 347.640848] ? mpi_free.cold.1+0x19/0x19 [ 347.644911] vfs_kern_mount.part.34+0xd4/0x4d0 [ 347.649492] ? may_umount+0xb0/0xb0 [ 347.653119] ? _raw_read_unlock+0x22/0x30 [ 347.657261] ? __get_fs_type+0x97/0xc0 [ 347.661148] do_mount+0x564/0x30b0 [ 347.664694] ? copy_mount_string+0x40/0x40 [ 347.668928] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 347.673947] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 347.678705] ? retint_kernel+0x10/0x10 [ 347.682600] ? copy_mount_options+0x1f0/0x380 [ 347.687097] ? copy_mount_options+0x1fa/0x380 [ 347.691594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 347.697124] ? copy_mount_options+0x285/0x380 [ 347.701619] ksys_mount+0x12d/0x140 [ 347.705246] __x64_sys_mount+0xbe/0x150 [ 347.709219] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 347.714239] do_syscall_64+0x1b1/0x800 [ 347.718124] ? finish_task_switch+0x1ca/0x840 [ 347.722621] ? syscall_return_slowpath+0x5c0/0x5c0 [ 347.727551] ? syscall_return_slowpath+0x30f/0x5c0 [ 347.732481] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 347.737850] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.742695] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.747898] RIP: 0033:0x45843a [ 347.751078] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 347.770438] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 347.778144] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 347.785409] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 347.792673] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 347.799937] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 347.807204] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000041 2033/05/18 03:35:00 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1300, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:35:00 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = getgid() getgroups(0x1, &(0x7f0000000080)=[r2]) r3 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r3) r5 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x4) getsockopt$llc_int(r5, 0x10c, 0x0, &(0x7f0000000200), &(0x7f00000001c0)=0x4) keyctl$update(0x2, r4, &(0x7f0000000600)="df0275", 0x3) 2033/05/18 03:35:00 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20008800, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") syslog(0x3, &(0x7f0000000000), 0x1cd) 2033/05/18 03:35:00 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) io_setup(0xfffffffbfffffff9, &(0x7f0000001540)=0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x22800, 0x0) fchmodat(r2, &(0x7f00000014c0)='./file0\x00', 0x0) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x40000, 0x0) munlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001280)='/proc/self/net/pfkey\x00', 0x0, 0x0) io_submit(r1, 0x4, &(0x7f0000001440)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x5, r0, &(0x7f00000000c0)="bb2da28f9394", 0x6, 0x7, 0x0, 0x1, r2}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x6, 0x4, r0, &(0x7f0000000180)="8b2613a80cdaa2568b90b84c348abf5794b55391fef2afb4252b939d066a46a92652365b3aeae50c9582a80bad83747577f632e88a0d74", 0x37, 0x7, 0x0, 0x1, r3}, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x3, 0x8, r0, &(0x7f0000000280)="f4e03167b75270db518c4ca20fad622738e4cc0b18f3f7f3dacbacdaa5c4c030d18d726278a6ad1f39b60cd24a613d6244d4f1704fa7048571a166e6f6ccc5c149bad4918776ebae7e527d07dbdd52e78670272c97019249c0c6235b43b4d445a2262766e8ff4090f27b2a782fab4c49dc4a9b3acffa7cc8c296cf3c6fe2b2c029ea8b665f9313345df119d1509f07812fa83823eb4068b2ca5afc8c76330385679901083de1e37ff894d863234e0aabcf7e64a1424c3ed2a9c4bffef5c07b1ede81a49023f4a23af3b08ebdfb228bc6c03b174f72ae3c57f320c1f3c65697e189ed4477033a27c6f83e93b305f61b93d7bda0d733a31a2d5986f68b2807fe542b801c9f1606ad1e3f066d8dfb66d51c1a74a4fd95028ae21a1830dc1978543b1a64ac47fb411f58c7e4ab37c05c1ea92fa1cc6fe5cab630d530132b831e7b017d81cf5f30e150352997a3581c30981542c2dac32537ad8f130b061497752d68cc19fe47198fd2f281fb1b5dddffc59cb23b6b23bc810ee97d884c145bca383bbe20ae89295fe6615efa930e7ec61f4910c4003c011a6124a4b0bdb37620c9dad2d7fd70528c7d35f240aa672fa5274bbe9baa092d2d8ae97f2ebb68e53c8ed906c1de33360e56a73d1dcfff86e8230dc6fd004832b6b381ffa9ff957928c51b5954b383b02844573eb5a9b414d948cefe132a040933ddaa1e505c38125635b585a8c3156c5ed4a6e790121c9fd014d8f7810cac57633b38dd979a22e08c65c8cbce99d0913309f428c33e821275b33f2026f92eef06efa2cc3d5ba269a8e62b1efd5dd6916caa91314d92aa9071fd298d3e65c0f837e0512d6e8bb90741f58df6732a91159513fe1c5fad15c2fa9d654c9825163b1082acbe2dd5c1219e2f962a259de3ca69a147a0895b9675982c7d0fb090fd302de55803c5e08adb44886804e55587b3edc8e07722b89991c808504afa049471e4d63efc159bee1c04ebca72e60293086dbe7d64aaa6eb1331866a24a2fbae2db2d6193d0c593ee139a94cf852645fdb46ea1073187a4f3580a9f4c391789fc418da0fb13b411fe7185faf67001c67e6edb3d53ff6b47f861c010433ea490661ab307d6ba78f08dd1aeff25a9b1230a1fa9d2fe86c5595456c522503e31d0b7ecd8afc15e9b605d9a9573c2c659efc6917cde7e060f06098853cbee9bed49079ac99031827d8bab28ec628aaaadd7bc6a65520579bfb8620dc5d0f019a71bf949f772d164c3cc78e1736b7caf9df20585a684a906a65961d40475f38f79483ad809a7678b4b5dfb5f199a9fedf0fc1df81620eefa71dfdbb735aca2bdea87bbf607ddbec7d37500fbe31d46948421d2343d75739187379ede1a19e05dd0abe1417563b06b1be02b54c6d458ad22c240e13143513d11bd8050182b911f88f66793d6b8fc131ccf170ff5b7cccc001ca2b414ecd4f5ca371c50e641e4b120a4a9471d63304fb5e99bc15f608c6121d7f14b8536e9a3aa615f10028b5f05ae444e6547b9cd8e701cebd0a87ac79b766ce34c324c9b1be9ecbdf227856505769a73046c2eb383c9902b7cd3bc266acd441ef4e5381942a43778bc667bdaab75635de02de32b7f1bddc1386a529de9b6b02f29d94a0f155cf4f3d415657ddc328cf2747fc3587ec0cce3f046b665c95ce26ef5812cbc40a5e4551b21b27e8649f07f8c0d2907d7b61243eb000503e5570bd10d25e993b9a92f94bac237d6c8f5f7d2ea6f095840fd995171d78cbc3a3c1d428b65ff7c46148349ae2ca7df51bd05d52f36c18faf45bf61c8d6a879f677f4253411ee2b179ca5dba784fa576d05573ae01804be2eb4abf75b1d9d6044da613b753ee3bddabe672cb427f1baac1c14b32ead2907af378884e9a4d200854b9c08bd165eeb55337374f67ff4b3ef1562ae60fd2d504f3de85e43ed2df576cbe5095e41c02e2ecbc201fb8d26facb0b236ed1fccbe29233320927ab9c159bce8f8307c31c79e0c86034966aba90dfca6eacf7d99aa8aa75aa8f8957d83bc7cc091e7f42edd95774da4547cc35425312647d3895b2bf29cc510d417dbc6d1c6df66ad4ee02a2b790181019cc002ebb015045d880075e6776121118163ee774bb0b7d797f081ffe9a6f6d55f7cb0c358276e55c22cd7ab7a41fd26338bc95c04ddb0deb5025cbf17f116697658966648e33fa2d01d0a5fe9cada1beb4cb9edb9ee79b78659ba63556437a0164fdeb30e0bba2a0e8ef4ed9bad9cbf38870aedd6e6cf5e471fe56195cc7d8ad1545f1997ba33fdf660271f8144a836aae4cb0b40bc826c35dc2232a764a493485c1df261b653c16c1720fd4185783515c09881ca30c6ee408e67f8d0392421ba30a91b3d01cf4dab180aafa0db440dd012246073cadbadf4464b6928733acb71ebcddb2524f1d8a9e0661a2e7904728f3e2900f9731596270af056361451d63bd5857d28fbbe688c80981be9561407a6c69e9d56b207a1f229f1cab5c79f6268d841b29f1bd7fed4cc776d0cb8e6fb40c5d945917f16c7678df1e209bf92b0415a742dfc0cd570b1467fd7203b30c76ac797ebd605f312016a59a4f2e315863f69b9484d361c1fa71cddc93dea7c5419e2128274e333708905535635d0477e89b67d26be3439c2cb5f1adabd8ce80bf458f3c699d90e741cd812a1eadfff2086505b9c60b36b84ec80be0e7c66da556d1f606a98746ea6afa7f4cbe4b350bbb5306b5a431563b1c1d0085a715888be6fdb38fed5fd8ca0b29ace5de7d82bac0c1b5116b69eb0ea80ca4a3e47ad58789d50423a9976b9d5f4acc252d64f99bc44feebdab330603562e634148957a6cb8ffd2e4266202b3a9a531fa4a2ec9f7bb34fd39a444082853b9cb399255ec035e0eb94be723002cb2db262efbab00c62be94ea0a6cd9529f2393808da81993aa8b072c3a0d63ba2450db71f9d8a23dcc876db24700db637c127750d10613f496ea2de005f8040eb310281bc77034bfdcd1c9a66aa9e338f69d61b0cd9732f67b0a531381036e12eec5271e31cbd4f55f638abe3ba9d87cdf922638fc6bc5faea6d3f3e148bd96bf1dda7e41472b407f1a44cd26f76539f7c35a394907980738943c01e42411274aad1a6329e27eee35912cef4d0b808fb8301daba50a28f0fd690d82791d3390be5c6a3fcf2a3ec41a0d4ba43a4f1ed3725ed14a903d84f84ae7ddd80b60b7a1ea0c3c9de044dad7961fc38196c43356ed753a403c080e7fa708dd8b047641fee76cb8705db0d60293120adc6bae26408abac94cc9169be229ca1e895e47d816f7aaa13e9b7a1f9f0cf7f11855435cbcc46a5e8f75b4fedaae392260a08fa087d55a504420698a6765c6f2cdf7f20d003e3808796277f562f00a2aa0f37e9c0aaa0848e43ba8c2ae338d67e800f8ed9dfc33444fe3f6dfb9c6026fa7695419dea7e4aebcb2adf804b3a5327888b4ba8f9120dba7121ffef0920d4b7ce4752aac4288288faca61c1fefc3fc0e6dd767ad44009eb81f02a10f9d7b205948da9c77d175c137ba52fa2b09526eb7488453ebdf76685b179597d41aebf3525dc195f94e6cde2e08db7280a39dfe838c3cc6e2ce071cc24505dd56be83c3536ee6ad0d521722102ea99ac93078cdfef66e6150a6f4016c54d8965d8c68263e860309b39fc576ee7a3e0027b679b8cc34914ddb6d260de27720f48c57fccad54eb756105669ac48d9a47ef685d3366c04f497c8db9f1599e686458db564803ea52b0229c3095e37750d88cb9ed958db47b103c5fcd33041cebd320d46e3f02b88d7349fd2f9fa63ed7e2aac823cdd9427770a41afdf59bbcd13ed3173667332c818f5a5c093b2982e155becbdaea7a22772b8aa06289335591fc573c094f5242e94c88689967281d4cc4206f5d6271413e6626a7103e940fe76a2a8c1dd46400ff62b02f9a9f4a9a242d606ee6fa92a49c30b8dcc98a62725a0e2ab24df9fe2b79d64118fd86a46a4b3e402f7db63105eff76554d6fb2d72a579a88224dfb470c2a0f1fbd1123d086939cb06ad81c508d94d68c126110171bff265b1f8441c43cec3337e799c3ee3751f88a9c2b8e51a9721e339590b9e850e81425ff636e3ad256e37f35940f635abc88e89fb040ebeccb6b9ce48c56274e00ffa285ad62b7132fd80b60ae11cbcbee5c3f05380c557ee593f90a21897018dc48c8e5a4ad8e23c80eef9c00137a15577b430866247b34c51933ddc91d151023884bf6e84fab10c37d62a24f1cdede2bbe08f1387d062d0c22b4c9dde65688b4860819658d90782dc50a4f1fb09bfef67b664e0455def4ba75bc23d55106b99133681429dc9daf746f5e05f52842dd31b0d27f10ee0dca1f3aa8122e90794955b3818e2834bbeafb7757db0ea77d2a147293da810543cb5005de96156c4b661e67b79c6e3a6a22139e24e8f08f28f28e8fd9e91e17de00f3cef13ef45c08e404a8a70e6f7efd48468f604ab7b0d881eba1549ecd5254a933a78a7346f0644bf10a0540b5fec6fef68efb625b6ac0555e38b62c4e79974860fb35317e9098ecb07aa43bc01d4b1cc505fa62a67a631497d2deac2c00b272bb80ea7ea1a9f9f06ad520a788a4d99636fedc4d3c00822298ef17254fb3876c24897a45e290eb9c1038f4ecf16405dd519c05bec441d3c4a3510844f6f9a507727f74d9a8cb8dbfec37feccb1471de7fa60365fe66d7f1c158df116cbdbf410681e6586a92a8162a2b5816764450ca282a5c44e84b065459b6cb967b53c58a24d55e85bb45fa5e3dccd347120d10549e6530f788abf0e8e4c2556174598743d2d916abd9f27b4c9d539a4b988f0cf6b65055ed9a93b00ccd807a082718fddfcce9bdcdffd8edb302c63d3928a046e7ea843549ba71786f7d8a174ed6d167c6bd572a16c727286bf8ba9483a6e02a6738ba8e2def56cc7eae54b16dfca21b6cd2af89b8b1c9ecb5b28bdc2420a66e309663ac67e7e14f4b6894364e0f87481a4f1d3d36893534e93224b74b487f6d6b7343ffa2857ae5cc9e85f4e3ce956d2eb715aa62748345aa01d7c46bcf2752d6d16520b74fd22e0d52b3f3064f12c7be2f12e3e0f6cfb8d92946174d95666ecb79dcac0b4937808bd20aba6b9e47a7218c5377fa234eb3919dba3862ee545a4866757a4f81c505e9c6f330b38c6ffc5cfcfa286d4d98178afc1b4398fe3d337f89c8ba75fd5e1f4f67aa7a8c59796cadea61d178d6a228466806995c8c73d7ac9642676eb776ab8efa2c04e5497cdcfbe7476d96a07e28da56f804dd317d7389ff9fa5ba1fbab65154f659256524c03aa427ce7d72b0e50dc838c59764eb77a0d4c9b33533bf510b6fc7d4c9fa46f0026a0f0ae0d7ed250e5c09e941aefbf638833fd363ec353b8accbd867b32e2f3f47b2796168c8e09b1d349c8b0e4a3473a7e16bbd5c91ab48f272fc2872cda4f7d8fdf0c0bd1ef7134baa5bd6b909cac2b2d1dd7b7a0fff2e1681ab86b49cedd311410810b3457f1418e61588a82dea57d3b4caf633e408afec7ae3e87d289a5d26f5dc314db3aa004ac45dffcc7fe4e7c02005f26d42589d8e2dc2cb055be7e390170202508a574497abfc1f1d1a94394d847a6bac4dcf781fd349c14af51fdfc82f4c723b4b2d5e85ace7416f35ad17b61183ff54291670d9cac597836b9c04662164a7fad9b0654a4ee41f2b5711a778afa14681123bdb28d4241ecaf61cb438a9296b30e207254d2ad00fd69402ddb86a059c452505da3997357bf1315c1b48fad569a8a15a1334561412d5c5d4a2b", 0x1000, 0x64d9, 0x0, 0x0, r4}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x7, 0xff, r0, &(0x7f0000001300)="b6fb486a5360ecd5e825061f6601ebb639517514b306861a248fc78245271ff00c5c92e5af23e684eb8cd58c1a0daf24607638901512e60a47f3b7a04c2f0f8fbc7e8fe6e055f68cfeb31ef92ac217c489f716ad7b695d89304653352b5f3878cbd0e84f41c908776e943b35968b680a996471fd4449e8ba9c9bdb8b820186f0b7cd7689858c8d591c6328e04558b66a38490e1d8b48deccea6eff1f7a9b6b211f05d85c73eb0b396925b9269ecd5f860e6185f1004e2ab9af6c80d6934a7a463b1523f437f9437a2ab39c9d51883c869ec153356875544167", 0xd9, 0x28000000000, 0x0, 0x1}]) ioctl(r0, 0x8912, &(0x7f0000000240)="1bd45006000000d1240970") unlink(&(0x7f0000001480)='./file0\x00') socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x205, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @rand_addr=0x80000000, {[@timestamp={0x44, 0x4}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000000)) 2033/05/18 03:35:00 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67de00", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:35:00 executing program 1 (fault-call:0 fault-nth:66): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:35:00 executing program 6: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00009f3fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00003c1000)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg(r2, &(0x7f00000031c0)=[{{&(0x7f0000000140)=@can={0x1d}, 0x80, &(0x7f0000000780)=[{&(0x7f00000006c0)="1436430d48d97d3a32f6d8a3b38a641d2645315dde43a6bd599b18781b751695b1a8e759c119cf225c14fa707eba93bedb51b627eabdca612b078440427bed079dcfcc5fb24e11f19e50a4f3e3e2db8a3e9a1cebc4811c20f1e9425968cfa6a30aa224e202ee3bbea69d6a2611bad64f", 0x70}], 0x1, &(0x7f0000003640)=ANY=[]}}], 0x1, 0x48015) sendmsg$alg(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r2, &(0x7f0000003580)={&(0x7f0000000040)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, 0x19, &(0x7f00000034c0)=[{&(0x7f0000003440)=""/112, 0x70}], 0x1, &(0x7f0000003500)=""/106, 0x6a}, 0x0) 2033/05/18 03:35:00 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000140)=0x8) preadv(r0, &(0x7f0000000780)=[{&(0x7f00000006c0)=""/130, 0x82}], 0x1, 0x0) mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) creat(&(0x7f0000ccb000)='./bus\x00', 0x0) open(&(0x7f0000043000)='./bus\x00', 0x2, 0x0) [ 348.241120] FAULT_INJECTION: forcing a failure. [ 348.241120] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 348.252982] CPU: 0 PID: 22267 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 348.259913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.269265] Call Trace: [ 348.271862] dump_stack+0x1b9/0x294 [ 348.275506] ? dump_stack_print_info.cold.2+0x52/0x52 [ 348.280716] should_fail.cold.4+0xa/0x1a [ 348.284794] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 348.289921] ? debug_check_no_locks_freed+0x310/0x310 [ 348.295138] ? __might_sleep+0x95/0x190 [ 348.299127] ? kasan_check_write+0x14/0x20 [ 348.303370] ? __mutex_lock+0x7d9/0x17f0 [ 348.307443] ? kasan_check_write+0x14/0x20 [ 348.311685] ? graph_lock+0x170/0x170 [ 348.315493] ? lock_release+0xa10/0xa10 [ 348.319477] ? perf_trace_lock_acquire+0xe3/0x980 [ 348.324333] ? mutex_trylock+0x2a0/0x2a0 [ 348.328408] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.333959] ? should_fail+0x21b/0xbcd [ 348.337861] __alloc_pages_nodemask+0x34e/0xd70 [ 348.342540] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 348.347563] ? lock_downgrade+0x8e0/0x8e0 [ 348.351722] ? find_held_lock+0x36/0x1c0 [ 348.355793] ? __lock_is_held+0xb5/0x140 [ 348.359870] ? check_same_owner+0x320/0x320 [ 348.364211] cache_grow_begin+0x6e/0x6c0 [ 348.368293] kmem_cache_alloc+0x689/0x760 [ 348.372446] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 348.377394] getname_kernel+0x54/0x370 [ 348.381290] kern_path+0x1e/0x40 [ 348.384665] lookup_bdev+0xfa/0x240 2033/05/18 03:35:00 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da436ffff070000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 348.388298] ? blkdev_open+0x280/0x280 [ 348.392201] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 348.396793] ? kasan_check_write+0x14/0x20 [ 348.401036] ? do_raw_spin_lock+0xc1/0x200 [ 348.405280] blkdev_get_by_path+0x1f/0xe0 [ 348.409439] btrfs_get_bdev_and_sb+0x38/0x300 [ 348.413950] open_fs_devices+0x6a5/0xc60 [ 348.418028] ? btrfs_update_device+0x640/0x640 [ 348.422631] ? rcu_read_lock_sched_held+0x108/0x120 [ 348.427684] btrfs_open_devices+0xc0/0xd0 [ 348.431845] btrfs_mount_root+0x91f/0x1e70 [ 348.436094] ? btrfs_decode_error+0x70/0x70 [ 348.440431] ? save_stack+0x43/0xd0 [ 348.444065] ? __kasan_slab_free+0x11a/0x170 [ 348.448475] ? kasan_slab_free+0xe/0x10 [ 348.452462] ? kfree+0xd9/0x260 [ 348.455732] ? mount_fs+0xae/0x328 [ 348.459262] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 348.464103] ? do_mount+0x564/0x30b0 [ 348.467802] ? ksys_mount+0x12d/0x140 [ 348.471597] ? __x64_sys_mount+0xbe/0x150 [ 348.475729] ? do_syscall_64+0x1b1/0x800 [ 348.479786] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.485139] ? kasan_check_read+0x11/0x20 [ 348.489282] ? do_raw_spin_unlock+0x9e/0x2e0 [ 348.493679] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 348.498259] ? kasan_check_write+0x14/0x20 [ 348.502481] ? do_raw_spin_lock+0xc1/0x200 [ 348.506707] mount_fs+0xae/0x328 [ 348.510063] ? debug_check_no_obj_freed+0x2ff/0x584 [ 348.515155] vfs_kern_mount.part.34+0xd4/0x4d0 [ 348.519729] ? may_umount+0xb0/0xb0 [ 348.523340] ? quarantine_put+0xeb/0x190 [ 348.527388] ? kfree+0x111/0x260 [ 348.530739] ? btrfs_mount+0x831/0x213e [ 348.534703] vfs_kern_mount+0x40/0x60 [ 348.538494] btrfs_mount+0x4a1/0x213e [ 348.542284] ? kasan_check_read+0x11/0x20 [ 348.546419] ? rcu_is_watching+0x85/0x140 [ 348.550562] ? btrfs_remount+0x16f0/0x16f0 [ 348.554785] ? __lockdep_init_map+0x105/0x590 [ 348.559264] ? __lockdep_init_map+0x105/0x590 [ 348.563755] ? lockdep_init_map+0x9/0x10 [ 348.567804] ? __init_waitqueue_head+0x96/0x140 [ 348.572460] ? init_wait_entry+0x1b0/0x1b0 [ 348.576687] ? memcpy+0x45/0x50 [ 348.579963] ? alloc_vfsmnt+0x771/0x9d0 [ 348.583927] ? mnt_free_id.isra.27+0x60/0x60 [ 348.588323] ? kasan_check_read+0x11/0x20 [ 348.592459] ? graph_lock+0x170/0x170 [ 348.596250] ? rcu_pm_notify+0xc0/0xc0 [ 348.600122] ? trace_hardirqs_off+0xd/0x10 [ 348.604355] ? putname+0xf2/0x130 [ 348.607803] ? find_held_lock+0x36/0x1c0 [ 348.611860] ? lock_downgrade+0x8e0/0x8e0 [ 348.616011] ? module_unload_free+0x5b0/0x5b0 [ 348.620505] mount_fs+0xae/0x328 [ 348.623861] ? btrfs_remount+0x16f0/0x16f0 [ 348.628091] ? mount_fs+0xae/0x328 [ 348.631615] ? mpi_free.cold.1+0x19/0x19 [ 348.635676] vfs_kern_mount.part.34+0xd4/0x4d0 [ 348.640250] ? may_umount+0xb0/0xb0 [ 348.643873] ? _raw_read_unlock+0x22/0x30 [ 348.648011] ? __get_fs_type+0x97/0xc0 [ 348.651896] do_mount+0x564/0x30b0 [ 348.655426] ? copy_mount_string+0x40/0x40 [ 348.659648] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 348.664661] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 348.669426] ? retint_kernel+0x10/0x10 [ 348.673311] ? copy_mount_options+0x1f0/0x380 [ 348.677794] ? copy_mount_options+0x206/0x380 [ 348.682277] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.687805] ? copy_mount_options+0x285/0x380 [ 348.692294] ksys_mount+0x12d/0x140 [ 348.695909] __x64_sys_mount+0xbe/0x150 [ 348.699870] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 348.704877] do_syscall_64+0x1b1/0x800 [ 348.708759] ? finish_task_switch+0x1ca/0x840 [ 348.713240] ? syscall_return_slowpath+0x5c0/0x5c0 [ 348.718162] ? syscall_return_slowpath+0x30f/0x5c0 [ 348.723081] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 348.728438] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 348.733285] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.738457] RIP: 0033:0x45843a [ 348.741627] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 348.760948] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 348.768646] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 348.775900] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 348.783159] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 2033/05/18 03:35:01 executing program 5: r0 = memfd_create(&(0x7f00000000c0)="23f596c52b39106ec413e4a88fe10100002b00", 0x3) mq_unlink(&(0x7f0000000000)='&\x00') fcntl$addseals(r0, 0x409, 0x8) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x200000011, r0, 0x0) [ 348.790422] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 348.797674] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000042 2033/05/18 03:35:01 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x200, 0x0) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f0000000280)={0x7352, 0x5, 0x0, [{0x1000000000, 0x3, 0x2, 0x7f, 0x2}, {0x6, 0x1f, 0xbb, 0x1, 0x2, 0x7, 0x2}, {0x5, 0x0, 0x5, 0x7ff, 0x86c0000000000000, 0x7, 0x55c2}, {0x5, 0x4, 0xe4, 0x80, 0x7, 0x100, 0x101}, {0x98, 0x8, 0x401, 0x40, 0x2, 0x4, 0x401}]}) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @loopback=0x7f000001}], 0x10) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f000056effc), 0x4) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="10000000dfe782d7c4cf1b1269fc9102b620adcac90a4140bbb1160f7be60053"], &(0x7f00000012c0)=0x18) 2033/05/18 03:35:01 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67d300", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) 2033/05/18 03:35:01 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a04000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) 2033/05/18 03:35:01 executing program 5: socket$inet_dccp(0x2, 0x6, 0x0) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x803, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r0, &(0x7f0000000080)="0cdccbbbbbe99b669d8154e86e67ced7657390f4f69d0897b9b0c14ecabfa8acbfad3dddf5061c97b2800a937535437abc68150ddc08c13412208389be48e1bb874affd46cb9cdd5af59b11732fe4055909b1634a439b92e4294ee5216652dc1104b45aeb6f84c7e1637c802ba675a553b4e1f5d83", &(0x7f0000000100)=""/86}, 0x18) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x100000000) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'veth1_to_bridge\x00'}, 0x18) ioctl(r1, 0x800000000008982, &(0x7f0000000000)) 2033/05/18 03:35:01 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000015c0)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b3", 0x1, r2) keyctl$update(0x2, r3, &(0x7f0000000600)="df0275", 0x3) r4 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x0, 0x400000) mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000002, 0x2113, r4, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xfffffffffffffffd, 0x400) r6 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x10080, 0x0) ioctl$KVM_HYPERV_EVENTFD(r5, 0x4018aebd, &(0x7f0000000100)={0x2, r6}) 2033/05/18 03:35:01 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20008800, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") syslog(0x3, &(0x7f0000000000), 0x1cd) 2033/05/18 03:35:01 executing program 1 (fault-call:0 fault-nth:67): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 348.965986] QAT: Invalid ioctl 2033/05/18 03:35:01 executing program 6: socket(0xa, 0x1fe, 0x0) r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_SCSI_RESET(r0, 0x1267, 0x707000) 2033/05/18 03:35:01 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000040)={0x26, "726e67e400", 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 348.998984] QAT: Invalid ioctl 2033/05/18 03:35:01 executing program 0: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363a00000000000000060000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f00000000c0)) [ 349.035605] QAT: Invalid ioctl [ 349.039007] QAT: Invalid ioctl [ 349.170150] FAULT_INJECTION: forcing a failure. [ 349.170150] name failslab, interval 1, probability 0, space 0, times 0 [ 349.181775] CPU: 1 PID: 22303 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 349.188702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.198044] Call Trace: [ 349.200636] dump_stack+0x1b9/0x294 [ 349.204265] ? dump_stack_print_info.cold.2+0x52/0x52 [ 349.209453] ? kasan_check_write+0x14/0x20 [ 349.213686] ? bio_init+0x138/0x250 [ 349.217318] should_fail.cold.4+0xa/0x1a [ 349.221380] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 349.226482] ? lockdep_init_map+0x9/0x10 [ 349.230540] ? btrfs_init_work+0x154/0x330 [ 349.234766] ? run_scheduled_bios+0x1180/0x1180 [ 349.239432] ? graph_lock+0x170/0x170 [ 349.243232] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 349.248249] ? lockdep_init_map+0x9/0x10 [ 349.252307] ? __lock_is_held+0xb5/0x140 [ 349.256372] ? rcu_note_context_switch+0x710/0x710 [ 349.261303] ? check_same_owner+0x320/0x320 [ 349.265623] ? __might_sleep+0x95/0x190 [ 349.269599] ? rcu_note_context_switch+0x710/0x710 [ 349.274529] ? kasan_check_write+0x14/0x20 [ 349.278760] ? __mutex_lock+0x7d9/0x17f0 [ 349.282818] __should_failslab+0x124/0x180 [ 349.287051] should_failslab+0x9/0x14 [ 349.290849] __kmalloc+0x2c8/0x760 [ 349.294387] ? close_fs_devices+0x497/0xfa0 [ 349.298707] close_fs_devices+0x497/0xfa0 [ 349.302859] ? btrfs_alloc_device+0x8b0/0x8b0 [ 349.307356] ? blkdev_put+0x98/0x540 [ 349.311076] ? blkdev_get_by_path+0x3f/0xe0 [ 349.315401] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 349.320941] ? kasan_check_write+0x14/0x20 [ 349.325189] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 349.330114] ? open_fs_devices+0x851/0xc60 [ 349.334346] ? wait_for_completion+0x870/0x870 [ 349.338928] ? btrfs_update_device+0x640/0x640 [ 349.343529] btrfs_close_devices+0x29/0x150 [ 349.347852] btrfs_mount_root+0x1419/0x1e70 [ 349.352176] ? btrfs_decode_error+0x70/0x70 [ 349.356500] ? save_stack+0x43/0xd0 [ 349.360121] ? __kasan_slab_free+0x11a/0x170 [ 349.364524] ? kasan_slab_free+0xe/0x10 [ 349.368490] ? kfree+0xd9/0x260 [ 349.371767] ? mount_fs+0xae/0x328 [ 349.375301] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 349.380049] ? do_mount+0x564/0x30b0 [ 349.383754] ? ksys_mount+0x12d/0x140 [ 349.387548] ? __x64_sys_mount+0xbe/0x150 [ 349.391690] ? do_syscall_64+0x1b1/0x800 [ 349.395748] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.401110] ? kasan_check_read+0x11/0x20 [ 349.405255] ? do_raw_spin_unlock+0x9e/0x2e0 [ 349.409663] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 349.414247] ? kasan_check_write+0x14/0x20 [ 349.418478] ? do_raw_spin_lock+0xc1/0x200 [ 349.422712] mount_fs+0xae/0x328 [ 349.426076] ? debug_check_no_obj_freed+0x2ff/0x584 [ 349.431091] vfs_kern_mount.part.34+0xd4/0x4d0 [ 349.435672] ? may_umount+0xb0/0xb0 [ 349.439293] ? quarantine_put+0xeb/0x190 [ 349.443348] ? kfree+0x111/0x260 [ 349.446708] ? btrfs_mount+0x831/0x213e [ 349.450678] vfs_kern_mount+0x40/0x60 [ 349.454477] btrfs_mount+0x4a1/0x213e [ 349.458279] ? kasan_check_read+0x11/0x20 [ 349.462428] ? rcu_is_watching+0x85/0x140 [ 349.466582] ? btrfs_remount+0x16f0/0x16f0 [ 349.470815] ? __lockdep_init_map+0x105/0x590 [ 349.475307] ? __lockdep_init_map+0x105/0x590 [ 349.479800] ? lockdep_init_map+0x9/0x10 [ 349.483864] ? __init_waitqueue_head+0x96/0x140 [ 349.488530] ? init_wait_entry+0x1b0/0x1b0 [ 349.492757] ? memcpy+0x45/0x50 [ 349.496038] ? alloc_vfsmnt+0x771/0x9d0 [ 349.500008] ? mnt_free_id.isra.27+0x60/0x60 [ 349.504416] ? kasan_check_read+0x11/0x20 [ 349.508556] ? graph_lock+0x170/0x170 [ 349.512355] ? rcu_pm_notify+0xc0/0xc0 [ 349.516238] ? trace_hardirqs_off+0xd/0x10 [ 349.520473] ? putname+0xf2/0x130 [ 349.523924] ? find_held_lock+0x36/0x1c0 [ 349.527989] ? lock_downgrade+0x8e0/0x8e0 [ 349.532135] ? module_unload_free+0x5b0/0x5b0 [ 349.536629] mount_fs+0xae/0x328 [ 349.539989] ? btrfs_remount+0x16f0/0x16f0 [ 349.544229] ? mount_fs+0xae/0x328 [ 349.547767] ? mpi_free.cold.1+0x19/0x19 [ 349.551827] vfs_kern_mount.part.34+0xd4/0x4d0 [ 349.556417] ? may_umount+0xb0/0xb0 [ 349.560046] ? _raw_read_unlock+0x22/0x30 [ 349.564186] ? __get_fs_type+0x97/0xc0 [ 349.568077] do_mount+0x564/0x30b0 [ 349.571620] ? copy_mount_string+0x40/0x40 [ 349.575850] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 349.580863] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 349.585620] ? retint_kernel+0x10/0x10 [ 349.589512] ? copy_mount_options+0x1f0/0x380 [ 349.594006] ? copy_mount_options+0x1f6/0x380 [ 349.598501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 349.604037] ? copy_mount_options+0x285/0x380 [ 349.608533] ksys_mount+0x12d/0x140 [ 349.612161] __x64_sys_mount+0xbe/0x150 [ 349.616130] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 349.621145] do_syscall_64+0x1b1/0x800 [ 349.625119] ? finish_task_switch+0x1ca/0x840 [ 349.629614] ? syscall_return_slowpath+0x5c0/0x5c0 [ 349.634539] ? syscall_return_slowpath+0x30f/0x5c0 [ 349.639468] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 349.644834] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 349.649678] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.654861] RIP: 0033:0x45843a [ 349.658038] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 349.677401] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 349.685131] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 349.692394] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 349.699660] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 349.706923] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 349.714184] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000043 [ 349.721980] ------------[ cut here ]------------ [ 349.726745] kernel BUG at fs/btrfs/volumes.c:1032! [ 349.731918] invalid opcode: 0000 [#1] SMP KASAN [ 349.736597] CPU: 1 PID: 22303 Comm: syz-executor1 Not tainted 4.17.0+ #86 [ 349.743510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.752871] RIP: 0010:close_fs_devices+0xba7/0xfa0 [ 349.757784] Code: 56 18 48 89 f8 48 c1 e8 03 80 3c 18 00 0f 85 2b 03 00 00 49 83 6c 24 30 01 e9 25 f8 ff ff e8 90 f4 b3 fe 0f 0b e8 89 f4 b3 fe <0f> 0b 48 89 f7 e8 ef 64 f0 fe e9 f6 f5 ff ff e8 75 f4 b3 fe 0f 0b [ 349.777053] RSP: 0018:ffff8801af6ff050 EFLAGS: 00010246 [ 349.782408] RAX: 0000000000040000 RBX: dffffc0000000000 RCX: ffffc9000c70c000 [ 349.789666] RDX: 0000000000040000 RSI: ffffffff82c56437 RDI: 0000000000000286 [ 349.796928] RBP: ffff8801af6ff350 R08: ffffed003b5e46d7 R09: ffffed003b5e46d6 [ 349.804187] R10: ffffed003b5e46d6 R11: ffff8801daf236b3 R12: ffff8801c58ac190 [ 349.811450] R13: 0000000000000000 R14: ffff8801b1a6a940 R15: ffff8801b4d7d680 [ 349.818716] FS: 00007f7870680700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 349.826932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 349.833338] CR2: 0000000000704094 CR3: 00000001c51e8000 CR4: 00000000001406e0 [ 349.840602] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 349.847861] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 349.855118] Call Trace: [ 349.857707] ? btrfs_alloc_device+0x8b0/0x8b0 [ 349.862197] ? blkdev_put+0x98/0x540 [ 349.865907] ? blkdev_get_by_path+0x3f/0xe0 [ 349.870227] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 349.875760] ? kasan_check_write+0x14/0x20 [ 349.879991] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 349.884915] ? open_fs_devices+0x851/0xc60 [ 349.889142] ? wait_for_completion+0x870/0x870 [ 349.893717] ? btrfs_update_device+0x640/0x640 [ 349.898304] btrfs_close_devices+0x29/0x150 [ 349.902619] btrfs_mount_root+0x1419/0x1e70 [ 349.906939] ? btrfs_decode_error+0x70/0x70 [ 349.911256] ? save_stack+0x43/0xd0 [ 349.914875] ? __kasan_slab_free+0x11a/0x170 [ 349.919278] ? kasan_slab_free+0xe/0x10 [ 349.923241] ? kfree+0xd9/0x260 [ 349.926514] ? mount_fs+0xae/0x328 [ 349.930044] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 349.934800] ? do_mount+0x564/0x30b0 [ 349.938503] ? ksys_mount+0x12d/0x140 [ 349.942298] ? __x64_sys_mount+0xbe/0x150 [ 349.946441] ? do_syscall_64+0x1b1/0x800 [ 349.950492] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.955851] ? kasan_check_read+0x11/0x20 [ 349.959991] ? do_raw_spin_unlock+0x9e/0x2e0 [ 349.964395] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 349.968971] ? kasan_check_write+0x14/0x20 [ 349.973200] ? do_raw_spin_lock+0xc1/0x200 [ 349.977429] mount_fs+0xae/0x328 [ 349.980787] ? debug_check_no_obj_freed+0x2ff/0x584 [ 349.985797] vfs_kern_mount.part.34+0xd4/0x4d0 [ 349.990371] ? may_umount+0xb0/0xb0 [ 349.993990] ? quarantine_put+0xeb/0x190 [ 349.998043] ? kfree+0x111/0x260 [ 350.001409] ? btrfs_mount+0x831/0x213e [ 350.005379] vfs_kern_mount+0x40/0x60 [ 350.009175] btrfs_mount+0x4a1/0x213e [ 350.012972] ? kasan_check_read+0x11/0x20 [ 350.017111] ? rcu_is_watching+0x85/0x140 [ 350.021253] ? btrfs_remount+0x16f0/0x16f0 [ 350.025483] ? __lockdep_init_map+0x105/0x590 [ 350.029972] ? __lockdep_init_map+0x105/0x590 [ 350.034459] ? lockdep_init_map+0x9/0x10 [ 350.038515] ? __init_waitqueue_head+0x96/0x140 [ 350.043178] ? init_wait_entry+0x1b0/0x1b0 [ 350.047404] ? memcpy+0x45/0x50 [ 350.050680] ? alloc_vfsmnt+0x771/0x9d0 [ 350.054648] ? mnt_free_id.isra.27+0x60/0x60 [ 350.059048] ? kasan_check_read+0x11/0x20 [ 350.063183] ? graph_lock+0x170/0x170 [ 350.066974] ? rcu_pm_notify+0xc0/0xc0 [ 350.070848] ? trace_hardirqs_off+0xd/0x10 [ 350.075077] ? putname+0xf2/0x130 [ 350.078521] ? find_held_lock+0x36/0x1c0 [ 350.082588] ? lock_downgrade+0x8e0/0x8e0 [ 350.086725] ? module_unload_free+0x5b0/0x5b0 [ 350.091211] mount_fs+0xae/0x328 [ 350.094570] ? btrfs_remount+0x16f0/0x16f0 [ 350.098796] ? mount_fs+0xae/0x328 [ 350.102327] ? mpi_free.cold.1+0x19/0x19 [ 350.106380] vfs_kern_mount.part.34+0xd4/0x4d0 [ 350.110956] ? may_umount+0xb0/0xb0 [ 350.114577] ? _raw_read_unlock+0x22/0x30 [ 350.118712] ? __get_fs_type+0x97/0xc0 [ 350.122596] do_mount+0x564/0x30b0 [ 350.126134] ? copy_mount_string+0x40/0x40 [ 350.130361] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 350.135370] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 350.140116] ? retint_kernel+0x10/0x10 [ 350.144004] ? copy_mount_options+0x1f0/0x380 [ 350.148491] ? copy_mount_options+0x1f6/0x380 [ 350.152980] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 350.158512] ? copy_mount_options+0x285/0x380 [ 350.163002] ksys_mount+0x12d/0x140 [ 350.166623] __x64_sys_mount+0xbe/0x150 [ 350.170591] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 350.175599] do_syscall_64+0x1b1/0x800 [ 350.179477] ? finish_task_switch+0x1ca/0x840 [ 350.183966] ? syscall_return_slowpath+0x5c0/0x5c0 [ 350.188889] ? syscall_return_slowpath+0x30f/0x5c0 [ 350.193812] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 350.199167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.204001] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.209318] RIP: 0033:0x45843a [ 350.212494] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 350.231753] RSP: 002b:00007f787067fba8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 350.239451] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045843a [ 350.246711] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 00007f787067fbf0 [ 350.253968] RBP: 0000000000000001 R08: 00000000200000c0 R09: 0000000020000080 [ 350.261225] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 350.268482] R13: 0000000000000001 R14: 0000000000700008 R15: 0000000000000043 [ 350.275745] Modules linked in: [ 350.278997] Dumping ftrace buffer: [ 350.282600] (ftrace buffer empty) [ 350.286765] ---[ end trace 383b0406a01f2edd ]--- [ 350.291567] RIP: 0010:close_fs_devices+0xba7/0xfa0 [ 350.296532] Code: 56 18 48 89 f8 48 c1 e8 03 80 3c 18 00 0f 85 2b 03 00 00 49 83 6c 24 30 01 e9 25 f8 ff ff e8 90 f4 b3 fe 0f 0b e8 89 f4 b3 fe <0f> 0b 48 89 f7 e8 ef 64 f0 fe e9 f6 f5 ff ff e8 75 f4 b3 fe 0f 0b [ 350.315792] RSP: 0018:ffff8801af6ff050 EFLAGS: 00010246 [ 350.321172] RAX: 0000000000040000 RBX: dffffc0000000000 RCX: ffffc9000c70c000 [ 350.328460] RDX: 0000000000040000 RSI: ffffffff82c56437 RDI: 0000000000000286 [ 350.335745] RBP: ffff8801af6ff350 R08: ffffed003b5e46d7 R09: ffffed003b5e46d6 [ 350.343028] R10: ffffed003b5e46d6 R11: ffff8801daf236b3 R12: ffff8801c58ac190 [ 350.350315] R13: 0000000000000000 R14: ffff8801b1a6a940 R15: ffff8801b4d7d680 [ 350.357604] FS: 00007f7870680700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 350.365845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 350.371737] CR2: 0000000000704094 CR3: 00000001c51e8000 CR4: 00000000001406e0 [ 350.379033] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 350.386310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 350.393599] Kernel panic - not syncing: Fatal exception [ 350.399469] Dumping ftrace buffer: [ 350.402987] (ftrace buffer empty) [ 350.406671] Kernel Offset: disabled [ 350.410274] Rebooting in 86400 seconds..