[ 43.890803][ T26] audit: type=1800 audit(1562125252.827:27): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 43.910805][ T26] audit: type=1800 audit(1562125252.827:28): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 44.554614][ T26] audit: type=1800 audit(1562125253.557:29): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 44.576983][ T26] audit: type=1800 audit(1562125253.557:30): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.47' (ECDSA) to the list of known hosts. 2019/07/03 03:41:04 fuzzer started 2019/07/03 03:41:06 dialing manager at 10.128.0.26:36823 2019/07/03 03:41:06 syscalls: 2465 2019/07/03 03:41:06 code coverage: enabled 2019/07/03 03:41:06 comparison tracing: enabled 2019/07/03 03:41:06 extra coverage: extra coverage is not supported by the kernel 2019/07/03 03:41:06 setuid sandbox: enabled 2019/07/03 03:41:06 namespace sandbox: enabled 2019/07/03 03:41:06 Android sandbox: /sys/fs/selinux/policy does not exist 2019/07/03 03:41:06 fault injection: enabled 2019/07/03 03:41:06 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/07/03 03:41:06 net packet injection: enabled 2019/07/03 03:41:06 net device setup: enabled 03:42:05 executing program 0: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) syzkaller login: [ 116.666548][ T7833] IPVS: ftp: loaded support on port[0] = 21 03:42:05 executing program 1: futex(0x0, 0x85, 0x0, 0x0, 0x0, 0x0) [ 116.789876][ T7833] chnl_net:caif_netlink_parms(): no params data found [ 116.860324][ T7833] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.882621][ T7833] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.890838][ T7833] device bridge_slave_0 entered promiscuous mode [ 116.899667][ T7833] bridge0: port 2(bridge_slave_1) entered blocking state 03:42:05 executing program 2: syz_mount_image$msdos(&(0x7f00000069c0)='msdos\x00', &(0x7f0000006a00)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000006c80)={[{@fat=@check_normal='check=normal'}]}) [ 116.907300][ T7833] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.915314][ T7833] device bridge_slave_1 entered promiscuous mode [ 116.933475][ T7833] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 116.943438][ T7833] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 116.945914][ T7836] IPVS: ftp: loaded support on port[0] = 21 [ 116.986818][ T7833] team0: Port device team_slave_0 added [ 117.013208][ T7833] team0: Port device team_slave_1 added [ 117.094908][ T7833] device hsr_slave_0 entered promiscuous mode 03:42:06 executing program 3: clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) [ 117.172818][ T7833] device hsr_slave_1 entered promiscuous mode [ 117.235014][ T7839] IPVS: ftp: loaded support on port[0] = 21 [ 117.299477][ T7841] IPVS: ftp: loaded support on port[0] = 21 [ 117.315568][ T7833] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.322861][ T7833] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.330739][ T7833] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.337908][ T7833] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.349764][ T7836] chnl_net:caif_netlink_parms(): no params data found 03:42:06 executing program 4: syz_mount_image$msdos(&(0x7f0000000080)='msdos\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)={[{@nodots='nodots'}]}) [ 117.486212][ T7836] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.494936][ T7836] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.504580][ T7836] device bridge_slave_0 entered promiscuous mode [ 117.520655][ T7833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.567904][ T7836] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.577935][ T7836] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.586087][ T7836] device bridge_slave_1 entered promiscuous mode [ 117.601953][ T7846] IPVS: ftp: loaded support on port[0] = 21 [ 117.602272][ T7833] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.619978][ T7839] chnl_net:caif_netlink_parms(): no params data found [ 117.645818][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 117.659561][ T5] bridge0: port 1(bridge_slave_0) entered disabled state 03:42:06 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_nanosleep(0x1, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x0) [ 117.668603][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.679318][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 117.736488][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 117.753464][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.760571][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.769119][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 117.778071][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.785195][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.811104][ T7836] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.824933][ T7836] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.848912][ T7849] IPVS: ftp: loaded support on port[0] = 21 [ 117.878297][ T7839] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.886314][ T7839] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.894048][ T7839] device bridge_slave_0 entered promiscuous mode [ 117.909809][ T7836] team0: Port device team_slave_0 added [ 117.917091][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.925764][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 117.934540][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 117.943113][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 117.968968][ T7839] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.976823][ T7839] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.985407][ T7839] device bridge_slave_1 entered promiscuous mode [ 117.994414][ T7836] team0: Port device team_slave_1 added [ 118.009890][ T7841] chnl_net:caif_netlink_parms(): no params data found [ 118.038646][ T7839] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.048567][ T7839] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.059656][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 118.068409][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.145084][ T7836] device hsr_slave_0 entered promiscuous mode [ 118.193294][ T7836] device hsr_slave_1 entered promiscuous mode [ 118.233378][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 118.241836][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 118.251080][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 118.259353][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 118.269715][ T7833] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 118.280569][ T7839] team0: Port device team_slave_0 added [ 118.308123][ T7839] team0: Port device team_slave_1 added [ 118.319972][ T7841] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.327657][ T7841] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.336707][ T7841] device bridge_slave_0 entered promiscuous mode [ 118.344555][ T7841] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.351599][ T7841] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.360059][ T7841] device bridge_slave_1 entered promiscuous mode [ 118.378226][ T7841] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.389943][ T7841] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.439286][ T7849] chnl_net:caif_netlink_parms(): no params data found [ 118.494984][ T7839] device hsr_slave_0 entered promiscuous mode [ 118.533166][ T7839] device hsr_slave_1 entered promiscuous mode [ 118.608762][ T7841] team0: Port device team_slave_0 added [ 118.619383][ T7841] team0: Port device team_slave_1 added [ 118.640018][ T7846] chnl_net:caif_netlink_parms(): no params data found [ 118.705144][ T7841] device hsr_slave_0 entered promiscuous mode [ 118.752900][ T7841] device hsr_slave_1 entered promiscuous mode [ 118.796857][ T7839] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.803974][ T7839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 118.820623][ T7833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.828433][ T7849] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.836401][ T7849] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.845296][ T7849] device bridge_slave_0 entered promiscuous mode [ 118.854546][ T7849] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.861747][ T7849] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.869610][ T7849] device bridge_slave_1 entered promiscuous mode [ 118.891465][ T17] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.950598][ T7846] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.958103][ T7846] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.966203][ T7846] device bridge_slave_0 entered promiscuous mode [ 118.974812][ T7849] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.987515][ T7849] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 119.004782][ T7849] team0: Port device team_slave_0 added [ 119.012506][ T7849] team0: Port device team_slave_1 added [ 119.026868][ T7846] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.037123][ T7846] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.047217][ T7846] device bridge_slave_1 entered promiscuous mode [ 119.069820][ T7846] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 119.087932][ T7836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 119.137046][ T7861] FAT-fs (loop0): bogus number of reserved sectors [ 119.143830][ T7861] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 119.153426][ T7861] FAT-fs (loop0): Can't find a valid FAT filesystem [ 119.161912][ T7849] device hsr_slave_0 entered promiscuous mode [ 119.205388][ T7849] device hsr_slave_1 entered promiscuous mode [ 119.215110][ T7861] FAT-fs (loop0): bogus number of reserved sectors [ 119.221757][ T7861] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 119.231347][ T7861] FAT-fs (loop0): Can't find a valid FAT filesystem 03:42:08 executing program 0: timer_create(0x0, 0x0, &(0x7f0000000380)) timer_gettime(0x0, &(0x7f0000000340)) [ 119.248999][ T7846] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 119.268029][ T7839] 8021q: adding VLAN 0 to HW filter on device bond0 03:42:08 executing program 0: [ 119.327973][ T7844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.346800][ T7844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.354690][ T7844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.363751][ T7844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.374170][ T7839] 8021q: adding VLAN 0 to HW filter on device team0 03:42:08 executing program 0: [ 119.403354][ T7836] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.420905][ T7841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 119.428489][ T7844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.443027][ T7844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready 03:42:08 executing program 0: [ 119.451462][ T7844] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.458607][ T7844] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.472093][ T7846] team0: Port device team_slave_0 added [ 119.493734][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 03:42:08 executing program 0: [ 119.502231][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.511074][ T3002] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.518290][ T3002] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.541422][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 03:42:08 executing program 0: [ 119.554557][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.564913][ T3002] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.571980][ T3002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.572354][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 03:42:08 executing program 0: [ 119.601316][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.616545][ T3002] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.623675][ T3002] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.634163][ T7846] team0: Port device team_slave_1 added [ 119.652736][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 119.660694][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.674117][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.681956][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 119.691507][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 119.704237][ T7841] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.795424][ T7846] device hsr_slave_0 entered promiscuous mode [ 119.832997][ T7846] device hsr_slave_1 entered promiscuous mode [ 119.873360][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 119.881946][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 119.891024][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 119.899650][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 119.907942][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 119.916447][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 119.924849][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 119.933186][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 119.941497][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 119.959297][ T7836] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 119.971242][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 119.980048][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 119.988857][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.997982][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 120.006548][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.013636][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.021343][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 120.030381][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 120.038973][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.047849][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.056177][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.076490][ T7849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.083530][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.092037][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 120.101225][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 120.109839][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 120.118464][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 120.138849][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 120.147717][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 120.156799][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 120.166820][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 120.175359][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.184603][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 120.193114][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 120.201534][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 120.210237][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 120.226784][ T7839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 120.240667][ T7839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 120.259005][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 120.267787][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 120.276471][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 120.286880][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 120.295604][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 120.304042][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 120.312171][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 120.320481][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 120.331774][ T7841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 120.346650][ T7836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.357575][ T7849] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.376100][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 120.385942][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 120.401284][ T7837] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.408403][ T7837] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.416666][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 120.425430][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 120.433721][ T7837] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.440737][ T7837] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.449221][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.471493][ T7841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.490513][ T7839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.504959][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 120.518124][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 120.528192][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.537874][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 120.546651][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 120.555391][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 120.587424][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 03:42:09 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) [ 120.611343][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 120.620935][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 120.630899][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 120.645630][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 120.666020][ T7849] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 120.705105][ T7898] FAT-fs (loop1): bogus number of reserved sectors [ 120.749035][ T7846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.756242][ T7898] FAT-fs (loop1): Can't find a valid FAT filesystem [ 120.787888][ T7846] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.798576][ T7849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.809309][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 120.819209][ T7898] FAT-fs (loop1): bogus number of reserved sectors [ 120.827264][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 120.840630][ T7911] FAT-fs (loop2): bogus number of reserved sectors [ 120.842664][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 120.855487][ T7898] FAT-fs (loop1): Can't find a valid FAT filesystem [ 120.873479][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 120.874232][ T7911] FAT-fs (loop2): Can't find a valid FAT filesystem [ 120.881898][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.895289][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.913112][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 120.921853][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 120.930771][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.937881][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.945837][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 120.963143][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.971412][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 120.981334][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.990066][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 121.000482][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 121.009387][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 121.017916][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 121.026480][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 121.038659][ T7846] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 121.050310][ T7846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 121.064037][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 121.071907][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 121.087200][ T7851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 121.109825][ T7846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.118799][ T7911] FAT-fs (loop2): bogus number of reserved sectors [ 121.118810][ T7911] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:10 executing program 2: semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0) 03:42:10 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) [ 121.262416][ C0] hrtimer: interrupt took 37403 ns [ 121.434171][ T7936] FAT-fs (loop4): bogus number of reserved sectors [ 121.480754][ T7936] FAT-fs (loop4): Can't find a valid FAT filesystem [ 121.545768][ T7936] FAT-fs (loop4): bogus number of reserved sectors [ 121.553014][ T7936] FAT-fs (loop4): Can't find a valid FAT filesystem 03:42:10 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:10 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000d80)='hfsplus\x00', &(0x7f0000000dc0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@nobarrier='nobarrier'}]}) 03:42:10 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:10 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003040)=ANY=[@ANYBLOB="2800000000000000020100000400000072aeee1a75044c697644df195395667696a6a85f665600001010000000000000ff00000036000000ed0ec6874e57fc12848ff0795d54cd54d06161bcec8015ecd967ccd96aa649d6b006efa09971cdbe0529cde0dc9742bc2827369a692a142ae2c6de484c275e528e9934dbf5048f758f099ed06f099b92f8f14f22a1f634550a97d1e0853ec57adb736494bf836144b5feeb0881045683ca7c24c49289ce902e9aa1271651d8176a40a48c704098c1d5803b16bd767a9280aa5ba186409c19a10191ee5a67d740a04ed27c08262bda78af04ab6aa27b2598b96bd4e8aecd538a258042e7f18f40488f4e38ea8f934d30b93e40356d96fc26761b2cb241f364ed7b2fd16bd2b7b1f08ee0ffc9b3bb4027d53983fecbab155eafff79b59765326d01213fcc10b6e1332eca8ccdfe5988d47e4169440e1edb85560238c164e40cf9a009e90d497b40382b9a23c874fa7da6746cd792f8ea4c85923275e03f21e917f566c631d709db0ec7091a3ecb23d97538d2a7e3187714924e09d8378eb1e55b1d47d903f44744890aba44c81fcaa050f2f16985394bbb750031bfd40be19a2faffa27c24bfb3c113c1fd12274f5a2da65af6aaf8855b4284fca070b258b2f0c414009ac46ce1a6171d00d4c7b6fb4bb975d69b7ccf874dc2031d0a02d1927a0d1ab20ba5a66c16b76017ef6b389113dc5fa241bda4aa472e7cc49fd740dae2ebaa5991efa9ba68a1627f8778ce1f80eb2dedbb220c757b2966071a6c5253d081c67175089d45d72c4bd24f20920a4e605a6c4a68d941288b54070b791a84507df485ec5bd42b8befb523a2a460647f47743cce4748defda45207f77565eac11af42995c6cb44d17918949e88e2e3c5e1b41cf3d75b6232ea32d7fb0e474823fcc9a71b494b72ac778f28dc4249c786caa7544ec888338bde65f879898802b5d3c7307565ea01894dfa77a958412d13bc921c7e5c874c81dedd3618d4b9c2c3c448fc494914e34fd7477285a99bec00a0146cf7e3c506dead07a6c9f45d1794b8c78e2a77c47d3e741b5f1540271cf258cd92c2511de313d8f3b9307c544b7acdfed1076f4f1b4e417743d899635e22f6ad0620f988c1c51e6b8ad3914a683faa0a13842896167a685136897d2a09eec0dc7d2b9cbaf6c17dd99a6d3bf5dabca66488eb536cddda2d6ee2a004adfd9fe46207ecb5bb9682ed928057b1daaf3c22449af9f9c267d7eba44e933339686824a334064088212fc160b3fe04dc19b3d7f5a0edff457ea51f830fb7e0a6c49018036de80d26f3d80cab0b3f2a93096187693828d67c9bc63570a27fc9216279fc91306ff40aa26aac75487bab76d29c7a190539fefa3838f2608112cb12411650feb72dd0ca6e182064daeb70b7f1add51db4ac4c580da77a514438b69e5226c3df5fe1cf337bcd4180189fd369da17e20b39c77204ef06d5c605d07fd671e1c5c499c98cca81a03af1f7f6215c542246f737ca9ddb3ee8e21f30529a8c8611b570958053afe3d88d856b496b1f9406f972e822d1f8c1ae3185c8f595cd19a70c48b6368ffda40c56f20eb9f0df90e93a3df3e796701447f56d29f925d16b9a5a0fffccf66f3d914df2cebaf58709ea2ea6183ca3866f4d7ba3bfe4901f2a7a1e444009b7406df9f9269e78c264f74284adffb9bc28a2e38d304dbfaf8f0250e5c4377f71a57a40283d7827e5a3f27d7e2627073b48ec2b833113d16e8f3cc450970cdc95513d226bda6b8f5a13463deff819f0694366e59759312d35384ecc45396c7d348fd3ec1d72daddb0c95425edf444b5dbc0ccc9c7b93970e1007d96aa0e89964ece96bde40beeea8a329a463ac21de2de700a58e7bd7791921d5cf436b3ff1b9fa4a9ebe088e934afa2214ee9339b1d54c0ee57f3dc9aab708801fcd49c353930b50caaa1eab63559d147d7a5dd501575ab4bf5739aca981d5f028786306efd70584532a37030bb338e0105946d9428530cd9a5e2847c4bd4ff75cab6abc1b4f7aa47dd270600ebda6acbc0ee972fa366951a9b58ebd69316b004dba48c8aa56542bb90861d880f8a5ebb34a580be2141d98d55f476d0ab514e1c2710a23c779f5c78bd9c373f18bd784304ca01750c1204065ca56b924c262ea35e414dd017276d2b7380a2985bb04ea9c6357d5232e9d056196cbff2940f133350c72e6438c07e3b694f0034d4e7b3acf7bfaf48788086f7891e651eb9fcdb58eb44f1ffeebd4c982abdc2a8e85993cb3211eb503b73ad4c243d34b19fd301c8e51e49256a40c09e2fe80c7c7e055a9ff3f80e53b73e1fcbe270a7cb360bcbc31dac4f96ecd0074b76e76b90fbf47171598ece0b0cd8bf312751d3d2db37c9afb68629fde7d846e5672b5dcde75b69066f4d9ecea3adc9588962e00ba6b8f411c81994ddafa11a91618d6795c772b7994f1998641125898aa0fda006add0f5e91544a54db4808f6adb48b321d6326b283add38eedffe0ea9e4514c2bcf37e7f261490a1b3c4c8ffdff7343d454b12d6127fc30f78c3fda50b8a3ce6237dac2af9f8a6cfcc3e854107e56d4d7d847f190a176ee359f71bca9beaa52e193641487fd8ecc8bddc9bdb9536389e478cd330938d35ef2693224223f83eeefde209860006b7e6894cb578959a7080272692737b6e9530ef13b0d9a55d9117d5d7e82e14a027194a275c4ddafee5f824578a6120ddfba22755cda5033346f0d33195165a80d7de9aaa1729b21b03b18828d590888fa213742a8b69ed933c6093e6f6d55dafb82d7ff58ba73fa6419255577f0cbb7a569aa535aed00150c57ffb316853f2f7f8895e4797abc3e213e6b4a3be20b7d82d8cd90c16a255d5fc4ff06d5a835eed6aefde68a45dbd0fa5227f629f3a8d0f878bd81c1572b56eb49d6fb14c5f905a486e66cdeeb6ad6c62bddec8695f74510488e3ead75ba04e5378039165428b153a365d4ebfa6a35f5d97baf1bb72941ff03c89de1c00a5ecef5c61aa770914a76b36629c65d97a2d21c4aa02cda6e958dcdb142651160f60999ac01959c880ee54d8bcf7f6676e9660df665111b7a90e94aea25396d5dfc150d198f10c18156ffdf98efb1f5050df5dd4766c6d48377936db95d47eda6d85671cafb84564e16d21f8b881346d686e5b0340e890f615de95f3a061f24ace4a22f5f31214b1e77f73c468a5a9663e780ad53f42497debded8a856e93b"], 0x8f6}, 0x4c8c4) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:10 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:10 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={[{@part={'part', 0x3d, 0x1ff0000000000000}}]}) [ 121.644012][ T7954] hfsplus: part requires an argument [ 121.649456][ T7954] hfsplus: unable to parse mount options [ 121.667470][ T7962] hfsplus: unable to find HFS+ superblock [ 121.677552][ T7957] FAT-fs (loop1): bogus number of reserved sectors [ 121.705322][ T7957] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:10 executing program 5: 03:42:10 executing program 5: 03:42:10 executing program 3: 03:42:10 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:10 executing program 2: 03:42:11 executing program 3: 03:42:11 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:11 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:11 executing program 5: 03:42:11 executing program 3: [ 122.124139][ T7986] FAT-fs (loop1): bogus number of reserved sectors 03:42:11 executing program 5: 03:42:11 executing program 2: [ 122.181648][ T7986] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:11 executing program 5: 03:42:11 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:11 executing program 3: 03:42:11 executing program 2: 03:42:11 executing program 5: 03:42:11 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) [ 122.470023][ T8005] FAT-fs (loop1): bogus number of reserved sectors [ 122.505778][ T8005] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:11 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)) 03:42:11 executing program 0: set_mempolicy(0x0, &(0x7f0000000080), 0x0) 03:42:11 executing program 2: mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x4ca32, 0xffffffffffffffff, 0x8000000) 03:42:11 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000002a40)}, {0x0}, {0x0}], 0x3, &(0x7f0000003040)=ANY=[@ANYBLOB="2800000000000000020100000400000072aeee1a75044c697644df195395667696a6a85f665600001010000000000000ff00000036000000ed0ec6874e57fc12848ff0795d54cd54d06161bcec8015ecd967ccd96aa649d6b006efa09971cdbe0529cde0dc9742bc2827369a692a142ae2c6de484c275e528e9934dbf5048f758f099ed06f099b92f8f14f22a1f634550a97d1e0853ec57adb736494bf836144b5feeb0881045683ca7c24c49289ce902e9aa1271651d8176a40a48c704098c1d5803b16bd767a9280aa5ba186409c19a10191ee5a67d740a04ed27c08262bda78af04ab6aa27b2598b96bd4e8aecd538a258042e7f18f40488f4e38ea8f934d30b93e40356d96fc26761b2cb241f364ed7b2fd16bd2b7b1f08ee0ffc9b3bb4027d53983fecbab155eafff79b59765326d01213fcc10b6e1332eca8ccdfe5988d47e4169440e1edb85560238c164e40cf9a009e90d497b40382b9a23c874fa7da6746cd792f8ea4c85923275e03f21e917f566c631d709db0ec7091a3ecb23d97538d2a7e3187714924e09d8378eb1e55b1d47d903f44744890aba44c81fcaa050f2f16985394bbb750031bfd40be19a2faffa27c24bfb3c113c1fd12274f5a2da65af6aaf8855b4284fca070b258b2f0c414009ac46ce1a6171d00d4c7b6fb4bb975d69b7ccf874dc2031d0a02d1927a0d1ab20ba5a66c16b76017ef6b389113dc5fa241bda4aa472e7cc49fd740dae2ebaa5991efa9ba68a1627f8778ce1f80eb2dedbb220c757b2966071a6c5253d081c67175089d45d72c4bd24f20920a4e605a6c4a68d941288b54070b791a84507df485ec5bd42b8befb523a2a460647f47743cce4748defda45207f77565eac11af42995c6cb44d17918949e88e2e3c5e1b41cf3d75b6232ea32d7fb0e474823fcc9a71b494b72ac778f28dc4249c786caa7544ec888338bde65f879898802b5d3c7307565ea01894dfa77a958412d13bc921c7e5c874c81dedd3618d4b9c2c3c448fc494914e34fd7477285a99bec00a0146cf7e3c506dead07a6c9f45d1794b8c78e2a77c47d3e741b5f1540271cf258cd92c2511de313d8f3b9307c544b7acdfed1076f4f1b4e417743d899635e22f6ad0620f988c1c51e6b8ad3914a683faa0a13842896167a685136897d2a09eec0dc7d2b9cbaf6c17dd99a6d3bf5dabca66488eb536cddda2d6ee2a004adfd9fe46207ecb5bb9682ed928057b1daaf3c22449af9f9c267d7eba44e933339686824a334064088212fc160b3fe04dc19b3d7f5a0edff457ea51f830fb7e0a6c49018036de80d26f3d80cab0b3f2a93096187693828d67c9bc63570a27fc9216279fc91306ff40aa26aac75487bab76d29c7a190539fefa3838f2608112cb12411650feb72dd0ca6e182064daeb70b7f1add51db4ac4c580da77a514438b69e5226c3df5fe1cf337bcd4180189fd369da17e20b39c77204ef06d5c605d07fd671e1c5c499c98cca81a03af1f7f6215c542246f737ca9ddb3ee8e21f30529a8c8611b570958053afe3d88d856b496b1f9406f972e822d1f8c1ae3185c8f595cd19a70c48b6368ffda40c56f20eb9f0df90e93a3df3e796701447f56d29f925d16b9a5a0fffccf66f3d914df2cebaf58709ea2ea6183ca3866f4d7ba3bfe4901f2a7a1e444009b7406df9f9269e78c264f74284adffb9bc28a2e38d304dbfaf8f0250e5c4377f71a57a40283d7827e5a3f27d7e2627073b48ec2b833113d16e8f3cc450970cdc95513d226bda6b8f5a13463deff819f0694366e59759312d35384ecc45396c7d348fd3ec1d72daddb0c95425edf444b5dbc0ccc9c7b93970e1007d96aa0e89964ece96bde40beeea8a329a463ac21de2de700a58e7bd7791921d5cf436b3ff1b9fa4a9ebe088e934afa2214ee9339b1d54c0ee57f3dc9aab708801fcd49c353930b50caaa1eab63559d147d7a5dd501575ab4bf5739aca981d5f028786306efd70584532a37030bb338e0105946d9428530cd9a5e2847c4bd4ff75cab6abc1b4f7aa47dd270600ebda6acbc0ee972fa366951a9b58ebd69316b004dba48c8aa56542bb90861d880f8a5ebb34a580be2141d98d55f476d0ab514e1c2710a23c779f5c78bd9c373f18bd784304ca01750c1204065ca56b924c262ea35e414dd017276d2b7380a2985bb04ea9c6357d5232e9d056196cbff2940f133350c72e6438c07e3b694f0034d4e7b3acf7bfaf48788086f7891e651eb9fcdb58eb44f1ffeebd4c982abdc2a8e85993cb3211eb503b73ad4c243d34b19fd301c8e51e49256a40c09e2fe80c7c7e055a9ff3f80e53b73e1fcbe270a7cb360bcbc31dac4f96ecd0074b76e76b90fbf47171598ece0b0cd8bf312751d3d2db37c9afb68629fde7d846e5672b5dcde75b69066f4d9ecea3adc958896"], 0x6b9}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:11 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) [ 122.600737][ T8016] hfsplus: invalid gid specified [ 122.605935][ T8016] hfsplus: unable to parse mount options 03:42:11 executing program 1: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) [ 122.704091][ T8016] hfsplus: invalid gid specified 03:42:11 executing program 2: mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x4ca32, 0xffffffffffffffff, 0x8000000) [ 122.747484][ T8016] hfsplus: unable to parse mount options 03:42:11 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x9, &(0x7f0000000040), 0x0) 03:42:11 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) 03:42:11 executing program 4: 03:42:11 executing program 2: 03:42:11 executing program 0: 03:42:12 executing program 3: 03:42:12 executing program 0: perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:12 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@force='force'}]}) [ 123.068106][ T8051] hfsplus: invalid gid specified 03:42:12 executing program 1: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:12 executing program 2: syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2120010, 0x0) 03:42:12 executing program 3: keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000f00), 0x0, 0x0, 0x0) 03:42:12 executing program 0: syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={[], [{@euid_gt={'euid>'}}]}) [ 123.141747][ T8051] hfsplus: unable to parse mount options 03:42:12 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) 03:42:12 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) [ 123.349808][ T8071] hfsplus: unable to find HFS+ superblock [ 123.417277][ T8082] hfs: unable to parse mount options [ 123.470104][ T8091] hfsplus: invalid gid specified [ 123.480301][ T8091] hfsplus: unable to parse mount options 03:42:12 executing program 1: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:12 executing program 2: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 123.569778][ T8094] hfs: type requires a 4 character value [ 123.591438][ T8094] hfs: unable to parse mount options [ 123.674238][ T8082] hfs: unable to parse mount options 03:42:12 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) 03:42:12 executing program 0: open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x800) write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x6) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x1) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000540)=""/229) [ 123.734002][ T8094] hfs: type requires a 4 character value [ 123.743084][ T8071] hfsplus: unable to find HFS+ superblock [ 123.774677][ T8094] hfs: unable to parse mount options 03:42:12 executing program 4: prctl$PR_SET_TIMERSLACK(0x1d, 0xfffffffffffff1d6) prctl$PR_GET_TIMERSLACK(0x1e) 03:42:12 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) [ 124.014853][ T8123] hfsplus: invalid gid specified [ 124.022348][ T8123] hfsplus: unable to parse mount options 03:42:13 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x20000000) 03:42:13 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:13 executing program 5: syz_mount_image$hfsplus(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) [ 124.270315][ T8141] hfs: type requires a 4 character value 03:42:13 executing program 0: open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x800) write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x6) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x1) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000540)=""/229) 03:42:13 executing program 4: open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x800) write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x6) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x1) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000540)=""/229) [ 124.339992][ T8141] hfs: unable to parse mount options 03:42:13 executing program 2: syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) 03:42:13 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:13 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) 03:42:13 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003040)=ANY=[]}, 0x4c8c4) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:13 executing program 5: syz_mount_image$hfsplus(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) 03:42:13 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@discard='discard'}]}) 03:42:13 executing program 0: open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x800) write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x6) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x1) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000540)=""/229) 03:42:13 executing program 4: [ 124.817518][ T8188] hfs: type requires a 4 character value [ 124.858209][ T8188] hfs: unable to parse mount options 03:42:13 executing program 4: 03:42:13 executing program 5: syz_mount_image$hfsplus(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) 03:42:13 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:14 executing program 4: 03:42:14 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) 03:42:14 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000d80)='hfsplus\x00', &(0x7f0000000dc0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@nobarrier='nobarrier'}, {@barrier='barrier'}]}) 03:42:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003040)=ANY=[]}, 0x4c8c4) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:14 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) [ 125.122122][ T8219] FAT-fs (loop1): bogus number of reserved sectors [ 125.161124][ T8219] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:14 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000d80)='hfsplus\x00', &(0x7f0000000dc0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@type={'type', 0x3d, "ded99d4a"}}]}) [ 125.209305][ T8224] hfs: type requires a 4 character value [ 125.240918][ T8224] hfs: unable to parse mount options 03:42:14 executing program 3: syz_mount_image$hfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) [ 125.350329][ T8236] hfsplus: unable to find HFS+ superblock 03:42:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x100000000014, 0x4, 0x4, 0x39e1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x3c) 03:42:14 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:14 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) [ 125.484524][ T8243] hfsplus: unable to find HFS+ superblock [ 125.490420][ T8236] hfsplus: unable to find HFS+ superblock 03:42:14 executing program 4: 03:42:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x100000000014, 0x4, 0x4, 0x39e1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x3c) 03:42:14 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) 03:42:14 executing program 0: 03:42:14 executing program 3: syz_mount_image$hfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) 03:42:14 executing program 4: [ 125.780734][ T8260] FAT-fs (loop1): bogus number of reserved sectors [ 125.803186][ T8260] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:14 executing program 2: 03:42:14 executing program 0: 03:42:14 executing program 4: 03:42:14 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:14 executing program 0: 03:42:15 executing program 2: 03:42:15 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:15 executing program 4: 03:42:15 executing program 3: syz_mount_image$hfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) [ 126.133069][ T8300] FAT-fs (loop1): bogus number of reserved sectors 03:42:15 executing program 0: 03:42:15 executing program 4: [ 126.176271][ T8306] hfsplus: unable to find HFS+ superblock [ 126.184597][ T8300] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:15 executing program 2: 03:42:15 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x1, 0x1000000000000c, 0x8, 0x10000000007, 0x0, 0x1}, 0x3c) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x23) 03:42:15 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 03:42:15 executing program 4: fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xffffffffbffffffe) 03:42:15 executing program 0: open(&(0x7f0000000000)='./file0\x00', 0x10000000040, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x20022, 0x0) 03:42:15 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:15 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:15 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) 03:42:15 executing program 0: [ 126.503128][ T8339] futex_wake_op: syz-executor.4 tries to shift op by -1; fix this program [ 126.528134][ T8337] FAT-fs (loop1): bogus number of reserved sectors 03:42:15 executing program 4: 03:42:15 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) [ 126.560795][ T8337] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:15 executing program 2: [ 126.696947][ T8346] hfsplus: unable to find HFS+ superblock 03:42:15 executing program 4: 03:42:15 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 03:42:15 executing program 2: 03:42:15 executing program 0: syz_mount_image$msdos(&(0x7f00000069c0)='msdos\x00', &(0x7f0000006a00)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000006c80)={[{@fat=@sys_immutable='sys_immutable'}, {@fat=@check_normal='check=normal'}]}) 03:42:15 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="71756965742c747970653dbb"]) [ 126.873083][ T8366] FAT-fs (loop1): bogus number of reserved sectors [ 126.879640][ T8366] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:15 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:15 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 03:42:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 126.915957][ T8373] FAT-fs (loop0): bogus number of reserved sectors [ 126.948214][ T8373] FAT-fs (loop0): Can't find a valid FAT filesystem 03:42:16 executing program 2: 03:42:16 executing program 1: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 03:42:16 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:16 executing program 2: syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={[{@type={'type', 0x3d, "95edbdac"}}]}) 03:42:16 executing program 4: [ 127.107145][ T8384] hfsplus: unable to find HFS+ superblock [ 127.132931][ T8373] FAT-fs (loop0): bogus number of reserved sectors [ 127.139475][ T8373] FAT-fs (loop0): Can't find a valid FAT filesystem 03:42:16 executing program 0: 03:42:16 executing program 4: 03:42:16 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=']) [ 127.335075][ T8396] hfs: can't find a HFS filesystem on dev loop3 [ 127.454439][ T8395] FAT-fs (loop1): bogus number of reserved sectors [ 127.461303][ T8402] hfs: can't find a HFS filesystem on dev loop2 [ 127.470120][ T8411] hfsplus: unable to parse mount options 03:42:16 executing program 0: 03:42:16 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) 03:42:16 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 127.507101][ T8395] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:16 executing program 0: perf_event_open(0x0, 0xffffffffffffffff, 0xb, 0xffffffffffffff9c, 0x3) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xffffffffbffffffe) 03:42:16 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) [ 127.678774][ T8423] hfs: can't find a HFS filesystem on dev loop3 03:42:16 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=']) 03:42:16 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, 0x0) socket$inet(0x2, 0x0, 0x0) [ 127.755429][ T8445] futex_wake_op: syz-executor.0 tries to shift op by -1; fix this program 03:42:16 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x0, 0x0) 03:42:16 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) 03:42:16 executing program 1: socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x58000000}, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0xffffff3a, 0x0, @ipv4={[0x3580], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0) 03:42:16 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:16 executing program 2: request_key(&(0x7f00000003c0)='keyring\x00', &(0x7f0000000400)={'syz'}, 0x0, 0xfffffffffffffffc) [ 127.939398][ T8462] hfsplus: unable to parse mount options 03:42:17 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) 03:42:17 executing program 1: 03:42:17 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid=']) 03:42:17 executing program 4: socket$inet(0x2, 0x3, 0x0) 03:42:17 executing program 2: [ 128.103055][ T8480] hfs: can't find a HFS filesystem on dev loop3 03:42:17 executing program 0: 03:42:17 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[]) 03:42:17 executing program 1: [ 128.199538][ T8503] hfsplus: unable to parse mount options 03:42:17 executing program 2: syz_mount_image$msdos(&(0x7f00000069c0)='msdos\x00', &(0x7f0000006a00)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000006c80)={[{@fat=@sys_immutable='sys_immutable'}]}) 03:42:17 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, 0x0}, 0x4c8c4) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) [ 128.363560][ T8517] hfs: can't find a HFS filesystem on dev loop3 [ 128.366324][ T8524] FAT-fs (loop2): bogus number of reserved sectors 03:42:17 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:17 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESHEX]) 03:42:17 executing program 4: socket$inet(0x2, 0x3, 0x0) [ 128.404265][ T8524] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:17 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[]) 03:42:17 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000012c0)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) [ 128.572108][ T8533] hfsplus: unable to parse mount options [ 128.579576][ T8524] FAT-fs (loop2): bogus number of reserved sectors [ 128.599748][ T8524] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:17 executing program 0: 03:42:17 executing program 4: socket$inet(0x2, 0x3, 0x0) 03:42:17 executing program 2: [ 128.646670][ T8548] FAT-fs (loop1): bogus number of reserved sectors [ 128.661404][ T8548] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 128.670744][ T8548] FAT-fs (loop1): Can't find a valid FAT filesystem [ 128.722792][ T8554] hfs: can't find a HFS filesystem on dev loop3 03:42:17 executing program 0: [ 128.921355][ T8548] FAT-fs (loop1): bogus number of reserved sectors [ 128.929968][ T8548] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 128.955119][ T8548] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:18 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESHEX]) 03:42:18 executing program 0: 03:42:18 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[]) 03:42:18 executing program 4: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) 03:42:18 executing program 2: 03:42:18 executing program 1: [ 129.162367][ T8578] hfsplus: unable to parse mount options [ 129.169438][ T8580] hfs: can't find a HFS filesystem on dev loop3 03:42:18 executing program 1: 03:42:18 executing program 0: syz_mount_image$msdos(&(0x7f00000069c0)='msdos\x00', &(0x7f0000006a00)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:18 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:18 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESHEX]) 03:42:18 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={[{@fat=@check_strict='check=strict'}]}) 03:42:18 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB]) 03:42:18 executing program 4: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) [ 129.381795][ T8606] hfsplus: unable to parse mount options [ 129.420176][ T8603] FAT-fs (loop2): bogus number of reserved sectors [ 129.443156][ T8608] FAT-fs (loop0): bogus number of reserved sectors [ 129.472172][ T8603] FAT-fs (loop2): Can't find a valid FAT filesystem [ 129.472328][ T8608] FAT-fs (loop0): Can't find a valid FAT filesystem [ 129.486143][ T8613] FAT-fs (loop1): bogus number of reserved sectors 03:42:18 executing program 4: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x3, 0x0) [ 129.499832][ T8613] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:18 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRESHEX]) [ 129.731630][ T8620] hfs: can't find a HFS filesystem on dev loop3 [ 129.749427][ T8636] hfsplus: unable to parse mount options 03:42:18 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x0, 0x0) 03:42:18 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:18 executing program 0: [ 129.790453][ T8613] FAT-fs (loop1): bogus number of reserved sectors [ 129.813354][ T8613] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:18 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRESHEX]) 03:42:18 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x0, 0x0) 03:42:18 executing program 1: 03:42:19 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB]) 03:42:19 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x1, 0x1000000000000c, 0x8, 0x10000000007, 0x0, 0x1}, 0x3c) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x23) [ 129.968170][ T8655] FAT-fs (loop2): bogus number of reserved sectors [ 130.002550][ T8655] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:19 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000002a40)="56dcedd45df0918105c114145a7309b93c03009d8be4f921ccc462f560ef9e", 0x1f}, {0x0}, {0x0}, {&(0x7f0000002c40)="be", 0x1}], 0x4, &(0x7f0000003040)=ANY=[]}, 0x4c8c4) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:19 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x0, 0x0) 03:42:19 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 130.102121][ T8660] hfsplus: unable to parse mount options 03:42:19 executing program 0: 03:42:19 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRESHEX]) [ 130.274906][ T8683] FAT-fs (loop2): bogus number of reserved sectors [ 130.293129][ T8676] hfs: can't find a HFS filesystem on dev loop3 [ 130.309596][ T8683] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:19 executing program 0: 03:42:19 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB]) [ 130.355081][ T8692] hfsplus: unable to parse mount options 03:42:19 executing program 4: 03:42:19 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000002a40)="56dcedd45df0918105c114145a7309b93c03009d8be4f921ccc462f560ef9e", 0x1f}, {0x0}, {0x0}, {&(0x7f0000002c40)="be", 0x1}], 0x4, &(0x7f0000003040)=ANY=[]}, 0x4c8c4) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:19 executing program 0: 03:42:19 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gi', @ANYRESHEX]) 03:42:19 executing program 4: 03:42:19 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 130.547738][ T8704] hfs: can't find a HFS filesystem on dev loop3 03:42:19 executing program 0: syz_mount_image$jfs(&(0x7f00000007c0)='jfs\x00', &(0x7f0000000c00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='resize=0x0000000000000003,resize=0x0000000000001000,usrquota,discard']) 03:42:19 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,']) [ 130.707910][ T8719] hfsplus: unable to parse mount options 03:42:19 executing program 4: syz_mount_image$jfs(&(0x7f00000007c0)='jfs\x00', &(0x7f0000000c00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='resize=0x0000000000000003,resize=0x0000000000001000,usrquota,discard=0']) [ 130.762915][ T8720] FAT-fs (loop2): bogus number of reserved sectors [ 130.769473][ T8720] FAT-fs (loop2): Can't find a valid FAT filesystem [ 130.796698][ T8731] JFS: discard option not supported on device 03:42:19 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) [ 130.819163][ T8731] resize option for remount only [ 130.973734][ T8733] hfs: can't find a HFS filesystem on dev loop3 [ 131.005150][ T8739] JFS: discard option not supported on device [ 131.014481][ T8731] JFS: discard option not supported on device 03:42:20 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) [ 131.020580][ T8731] resize option for remount only 03:42:20 executing program 2: syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:20 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gi', @ANYRESHEX]) 03:42:20 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,']) [ 131.062732][ T8739] resize option for remount only 03:42:20 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 03:42:20 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) [ 131.264935][ T8754] hfsplus: unable to parse mount options [ 131.280206][ T8757] hfs: can't find a HFS filesystem on dev loop3 03:42:20 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gi', @ANYRESHEX]) 03:42:20 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,']) 03:42:20 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:20 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/\x00yz0\x00\xbb\xd3\xc2\x83\x0f*\x10.\xd2\x06\v\xdc\x00\xca\n\xfc\n\n\xb4\x04\x00\x00]\x8e\xc4t\xc2\x81\xf5\xf1\xa6\xd1\x18\xbc8\xd1\xa3\x1dlz\x9a\xa6o\a&\x82\xcf\t\xde\f\xb8\xbe\xf5Z\x1aS\n=,\xee\x9e\xd8%\x16\xa5\x00\xcaq\xb2\xd0Bk\x9e\xcd\x1e%g\xf5_\xc22\x02\x1c\xb7\xb1\xdca\x80V\xac\xf41\x02zU++7\xcfS\x17\xc9\x19G\x89\xfb\xfb\xfe\xc9\x15\x9d\xe6\ar\x99\"\"3Lg\xe8N\xc1', 0x1ff) 03:42:20 executing program 2: syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:20 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') chdir(0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 131.532258][ T8787] hfs: can't find a HFS filesystem on dev loop3 03:42:20 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) [ 131.587032][ T8790] hfsplus: unable to parse mount options 03:42:20 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,typ']) 03:42:20 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/\x00yz0\x00\xbb\xd3\xc2\x83\x0f*\x10.\xd2\x06\v\xdc\x00\xca\n\xfc\n\n\xb4\x04\x00\x00]\x8e\xc4t\xc2\x81\xf5\xf1\xa6\xd1\x18\xbc8\xd1\xa3\x1dlz\x9a\xa6o\a&\x82\xcf\t\xde\f\xb8\xbe\xf5Z\x1aS\n=,\xee\x9e\xd8%\x16\xa5\x00\xcaq\xb2\xd0Bk\x9e\xcd\x1e%g\xf5_\xc22\x02\x1c\xb7\xb1\xdca\x80V\xac\xf41\x02zU++7\xcfS\x17\xc9\x19G\x89\xfb\xfb\xfe\xc9\x15\x9d\xe6\ar\x99\"\"3Lg\xe8N\xc1', 0x1ff) 03:42:20 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:20 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') chdir(0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:20 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid', @ANYRESHEX]) [ 131.819282][ T8813] hfs: unable to parse mount options 03:42:20 executing program 2: syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:20 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/\x00yz0\x00\xbb\xd3\xc2\x83\x0f*\x10.\xd2\x06\v\xdc\x00\xca\n\xfc\n\n\xb4\x04\x00\x00]\x8e\xc4t\xc2\x81\xf5\xf1\xa6\xd1\x18\xbc8\xd1\xa3\x1dlz\x9a\xa6o\a&\x82\xcf\t\xde\f\xb8\xbe\xf5Z\x1aS\n=,\xee\x9e\xd8%\x16\xa5\x00\xcaq\xb2\xd0Bk\x9e\xcd\x1e%g\xf5_\xc22\x02\x1c\xb7\xb1\xdca\x80V\xac\xf41\x02zU++7\xcfS\x17\xc9\x19G\x89\xfb\xfb\xfe\xc9\x15\x9d\xe6\ar\x99\"\"3Lg\xe8N\xc1', 0x1ff) 03:42:20 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,typ']) 03:42:21 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:21 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') chdir(0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/\x00yz0\x00\xbb\xd3\xc2\x83\x0f*\x10.\xd2\x06\v\xdc\x00\xca\n\xfc\n\n\xb4\x04\x00\x00]\x8e\xc4t\xc2\x81\xf5\xf1\xa6\xd1\x18\xbc8\xd1\xa3\x1dlz\x9a\xa6o\a&\x82\xcf\t\xde\f\xb8\xbe\xf5Z\x1aS\n=,\xee\x9e\xd8%\x16\xa5\x00\xcaq\xb2\xd0Bk\x9e\xcd\x1e%g\xf5_\xc22\x02\x1c\xb7\xb1\xdca\x80V\xac\xf41\x02zU++7\xcfS\x17\xc9\x19G\x89\xfb\xfb\xfe\xc9\x15\x9d\xe6\ar\x99\"\"3Lg\xe8N\xc1', 0x1ff) [ 132.081880][ T8855] hfsplus: unable to parse mount options 03:42:21 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:21 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') chdir(0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 132.175986][ T8857] hfs: unable to parse mount options 03:42:21 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,typ']) 03:42:21 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:21 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid', @ANYRESHEX]) 03:42:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:21 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:21 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') chdir(0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 132.445024][ T8884] hfs: unable to parse mount options 03:42:21 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 132.485090][ T8887] hfsplus: unable to parse mount options 03:42:21 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,type=']) 03:42:21 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='gid', @ANYRESHEX]) 03:42:21 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 132.755711][ T8921] hfs: unable to parse mount options 03:42:21 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,type=']) 03:42:21 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) [ 132.816037][ T8931] hfsplus: unable to parse mount options 03:42:21 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) setregid(0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:21 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 133.034401][ T8952] hfs: unable to parse mount options 03:42:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:22 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpgid(0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x0, 0x0, 0x0) clock_gettime(0x0, 0x0) clock_nanosleep(0x0, 0x1, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:22 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 3: syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='quiet,type=']) 03:42:22 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780), &(0x7f00000007c0)=0xc) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 133.235041][ T8969] FAT-fs (loop2): bogus number of reserved sectors 03:42:22 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 133.279066][ T8969] FAT-fs (loop2): Can't find a valid FAT filesystem [ 133.288983][ T8983] hfs: unable to parse mount options 03:42:22 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:22 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) getgroups(0x1, &(0x7f00000005c0)=[0x0]) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:22 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 3: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) clone(0x0, 0x0, 0x0, 0x0, 0x0) 03:42:22 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:22 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000940)) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 5: [ 133.581438][ T9008] FAT-fs (loop2): bogus number of reserved sectors [ 133.618685][ T9008] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:22 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:22 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 5: 03:42:22 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) syz_genetlink_get_family_id$ipvs(0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:22 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:22 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:22 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) [ 133.916240][ T9046] FAT-fs (loop2): bogus number of reserved sectors 03:42:23 executing program 5: perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000140)='user\x00', 0x0, 0x0, 0xfffffffffffffff8) add_key(&(0x7f0000000200)='id_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffa) keyctl$unlink(0x9, 0x0, 0x0) chdir(&(0x7f0000000480)='./file0\x00') add_key$keyring(0x0, &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0x0) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) removexattr(&(0x7f0000000440)='./file0\x00', &(0x7f0000000800)=ANY=[]) mkdir(&(0x7f0000000340)='./file0//ile0\x00', 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) sched_setaffinity(0x0, 0x0, 0x0) getgroups(0x0, 0x0) setregid(0x0, 0x0) rmdir(&(0x7f0000000240)='./file0//ile0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 133.985027][ T9046] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:23 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x7c, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:23 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:23 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) 03:42:23 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioprio_get$uid(0x3, 0x0) 03:42:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)) 03:42:23 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:23 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:23 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) 03:42:23 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:23 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) [ 134.411901][ T9102] FAT-fs (loop2): bogus number of reserved sectors 03:42:23 executing program 5: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x0, 0x0, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0xfaabcf18abd152d5, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2000000000000009, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x20000000000007) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) clone(0x2002000, 0x0, 0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/\x00yz0\x00\xbb\xd3\xc2\x83\x0f*\x10.\xd2\x06\v\xdc\x00\xca\n\xfc\n\n\xb4\x04\x00\x00]\x8e\xc4t\xc2\x81\xf5\xf1\xa6\xd1\x18\xbc8\xd1\xa3\x1dlz\x9a\xa6o\a&\x82\xcf\t\xde\f\xb8\xbe\xf5Z\x1aS\n=,\xee\x9e\xd8%\x16\xa5\x00\xcaq\xb2\xd0Bk\x9e\xcd\x1e%g\xf5_\xc22\x02\x1c\xb7\xb1\xdca\x80V\xac\xf41\x02zU++7\xcfS\x17\xc9\x19G\x89\xfb\xfb\xfe\xc9\x15\x9d\xe6\ar\x99\"\"3Lg\xe8N\xc1', 0x1ff) 03:42:23 executing program 4: modify_ldt$write2(0x11, &(0x7f0000000000), 0x10) 03:42:23 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) eventfd(0x7fff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 134.476908][ T9102] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:23 executing program 4: 03:42:23 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)) 03:42:23 executing program 4: 03:42:23 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:23 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:23 executing program 5: [ 134.717858][ T9137] 9pnet_virtio: no channels available for device 127.0.0.1 [ 134.725511][ T9134] FAT-fs (loop2): bogus number of reserved sectors [ 134.750574][ T9134] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:23 executing program 4: 03:42:23 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) keyctl$read(0xb, 0x0, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:23 executing program 5: 03:42:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)) 03:42:23 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:24 executing program 4: 03:42:24 executing program 0: add_key(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffa) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:24 executing program 3: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:24 executing program 5: [ 135.079652][ T9167] FAT-fs (loop2): bogus number of reserved sectors [ 135.116607][ T9171] 9pnet_virtio: no channels available for device 127.0.0.1 03:42:24 executing program 4: mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ff7000/0x3000)=nil) mprotect(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0) 03:42:24 executing program 0: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 135.208555][ T9167] FAT-fs (loop2): Can't find a valid FAT filesystem 03:42:24 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b40000000000000074000001000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x1, 0xffffffffffffff18, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffc66, 0x10, &(0x7f0000000080), 0xf9}, 0x48) 03:42:24 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:24 executing program 4: 03:42:24 executing program 0: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) [ 135.389616][ T9193] 9pnet_virtio: no channels available for device 127.0.0.1 03:42:24 executing program 3: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:24 executing program 4: 03:42:24 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000180)='hfsplus\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB='type=']) 03:42:24 executing program 0: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) 03:42:24 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b40000000000000074000001000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) 03:42:24 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:24 executing program 3: syz_mount_image$msdos(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:24 executing program 2: 03:42:24 executing program 4: 03:42:24 executing program 0: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) [ 135.673611][ T9220] hfsplus: unable to parse mount options 03:42:24 executing program 4: fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x0, 0x0, 0x0) clone(0x3ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0xfaabcf18abd152d5, 0x0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x9a61db56, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) clone(0x2002000, 0x0, 0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 03:42:24 executing program 1: syz_mount_image$msdos(&(0x7f00000069c0)='msdos\x00', &(0x7f0000006a00)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000006c80)={[{@fat=@tz_utc='tz=UTC'}]}) [ 135.807006][ T9220] hfsplus: unable to parse mount options 03:42:24 executing program 2: semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000000)=""/252) 03:42:24 executing program 5: semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f00000056c0)=""/98) 03:42:24 executing program 0: 03:42:24 executing program 4: 03:42:25 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:25 executing program 0: [ 136.098981][ T9261] FAT-fs (loop1): bogus number of reserved sectors 03:42:25 executing program 5: write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioprio_get$pid(0x2, 0x0) 03:42:25 executing program 2: 03:42:25 executing program 4: [ 136.152710][ T9261] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:25 executing program 0: 03:42:25 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) [ 136.353822][ T9261] FAT-fs (loop1): bogus number of reserved sectors [ 136.360519][ T9261] FAT-fs (loop1): Can't find a valid FAT filesystem 03:42:25 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:25 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000080)={0x0, "a9f7dbf5a403fa5a679b4101f7aa2e3cff257ca983dfe4b939e6eade08a53a7e", 0x2}) socket$inet(0x2, 0x0, 0x0) 03:42:25 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000100)='hfsplus\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='uid=', @ANYRESHEX]) 03:42:25 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:25 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080600e7070006040000000000000000f5000001ffffffffffff00000000"], 0x0) 03:42:25 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}, 0x2c, {[{@common=@privport='privport'}]}}) 03:42:25 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) recvmsg(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) [ 136.583312][ T9294] hfsplus: invalid uid specified [ 136.594180][ T9294] hfsplus: unable to parse mount options 03:42:25 executing program 4 (fault-call:0 fault-nth:0): msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 136.706442][ T9294] hfsplus: invalid uid specified 03:42:25 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) [ 136.782927][ T9319] 9pnet_virtio: no channels available for device 127.0.0.1 [ 136.791227][ T9294] hfsplus: unable to parse mount options [ 136.822056][ T9324] FAULT_INJECTION: forcing a failure. 03:42:25 executing program 0 (fault-call:1 fault-nth:0): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 136.822056][ T9324] name failslab, interval 1, probability 0, space 0, times 1 03:42:25 executing program 5 (fault-call:0 fault-nth:0): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 136.912828][ T9330] FAULT_INJECTION: forcing a failure. [ 136.912828][ T9330] name failslab, interval 1, probability 0, space 0, times 1 [ 136.929642][ T9324] CPU: 0 PID: 9324 Comm: syz-executor.4 Not tainted 5.2.0-rc7 #12 [ 136.937493][ T9324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.947552][ T9324] Call Trace: [ 136.950845][ T9324] dump_stack+0x1d8/0x2f8 [ 136.955163][ T9324] should_fail+0x608/0x860 [ 136.959560][ T9324] ? setup_fault_attr+0x2b0/0x2b0 [ 136.964599][ T9324] __should_failslab+0x11a/0x160 [ 136.969533][ T9324] ? ext4_init_io_end+0x29/0x100 [ 136.974466][ T9324] should_failslab+0x9/0x20 [ 136.978952][ T9324] kmem_cache_alloc+0x56/0x2b0 [ 136.983696][ T9324] ext4_init_io_end+0x29/0x100 [ 136.988443][ T9324] ext4_writepages+0x1035/0x3da0 [ 136.993386][ T9324] ? check_preemption_disabled+0x47/0x280 [ 136.999109][ T9324] ? ext4_readpage+0x170/0x170 [ 137.003864][ T9324] ? __lock_acquire+0xcf7/0x1a40 [ 137.008809][ T9324] ? __lock_acquire+0xcf7/0x1a40 [ 137.013746][ T9324] ? 0xffffffff81000000 [ 137.017892][ T9324] ? ext4_readpage+0x170/0x170 [ 137.022638][ T9324] do_writepages+0x15a/0x290 [ 137.027215][ T9324] ? __writepage+0xc0/0xc0 [ 137.031622][ T9324] ? kasan_check_read+0x11/0x20 [ 137.036484][ T9324] ? do_raw_spin_unlock+0x49/0x260 [ 137.041607][ T9324] ? _raw_spin_unlock+0x2c/0x50 [ 137.046471][ T9324] __filemap_fdatawrite_range+0x2ee/0x3a0 [ 137.052192][ T9324] ? filemap_check_errors+0xf0/0xf0 [ 137.057384][ T9324] ? trace_lock_acquire+0x190/0x190 [ 137.062571][ T9324] file_write_and_wait_range+0x1b8/0x390 [ 137.068194][ T9324] __generic_file_fsync+0x76/0x1a0 [ 137.073318][ T9324] ext4_sync_file+0x2a0/0x950 [ 137.077997][ T9324] vfs_fsync_range+0xfd/0x1a0 [ 137.082669][ T9324] __se_sys_msync+0x3a8/0x490 [ 137.087331][ T9324] __x64_sys_msync+0x7b/0x90 [ 137.091995][ T9324] do_syscall_64+0xfe/0x140 [ 137.096486][ T9324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 137.102362][ T9324] RIP: 0033:0x4597c9 [ 137.106263][ T9324] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 137.125856][ T9324] RSP: 002b:00007f2eeb0fdc78 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 137.134265][ T9324] RAX: ffffffffffffffda RBX: 00007f2eeb0fdc90 RCX: 00000000004597c9 [ 137.142219][ T9324] RDX: 0000000000000004 RSI: 087abbe8d1cc6ad9 RDI: 0000000020952000 [ 137.150177][ T9324] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 03:42:25 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 137.158148][ T9324] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2eeb0fe6d4 [ 137.166103][ T9324] R13: 00000000004c5d3f R14: 00000000004da688 R15: 0000000000000003 [ 137.174550][ T9330] CPU: 1 PID: 9330 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 137.182373][ T9330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.192440][ T9330] Call Trace: [ 137.195876][ T9330] dump_stack+0x1d8/0x2f8 [ 137.200254][ T9330] should_fail+0x608/0x860 [ 137.204705][ T9330] ? setup_fault_attr+0x2b0/0x2b0 [ 137.209777][ T9330] ? ksys_mount+0x38/0x100 [ 137.214228][ T9330] __should_failslab+0x11a/0x160 [ 137.219186][ T9330] ? ksys_mount+0x38/0x100 [ 137.223798][ T9330] should_failslab+0x9/0x20 [ 137.228515][ T9330] __kmalloc_track_caller+0x79/0x310 [ 137.233820][ T9330] ? strnlen_user+0x1e0/0x260 [ 137.238480][ T9330] strndup_user+0x76/0x130 [ 137.242882][ T9330] ksys_mount+0x38/0x100 [ 137.247105][ T9330] __x64_sys_mount+0xbf/0xd0 [ 137.251678][ T9330] do_syscall_64+0xfe/0x140 [ 137.256169][ T9330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 137.262040][ T9330] RIP: 0033:0x4597c9 [ 137.265913][ T9330] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 137.285496][ T9330] RSP: 002b:00007fbee288bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 137.293888][ T9330] RAX: ffffffffffffffda RBX: 00007fbee288bc90 RCX: 00000000004597c9 [ 137.301839][ T9330] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000080 [ 137.309790][ T9330] RBP: 000000000075bf20 R08: 00000000200001c0 R09: 0000000000000000 [ 137.317741][ T9330] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbee288c6d4 [ 137.325699][ T9330] R13: 00000000004c5be1 R14: 00000000004da3d0 R15: 0000000000000003 03:42:26 executing program 2 (fault-call:0 fault-nth:0): msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:26 executing program 4 (fault-call:0 fault-nth:1): msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 137.384012][ T9334] 9pnet_virtio: no channels available for device 127.0.0.1 03:42:26 executing program 0 (fault-call:1 fault-nth:1): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 137.438186][ T9338] FAULT_INJECTION: forcing a failure. [ 137.438186][ T9338] name failslab, interval 1, probability 0, space 0, times 0 03:42:26 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 137.512541][ T9344] FAULT_INJECTION: forcing a failure. [ 137.512541][ T9344] name failslab, interval 1, probability 0, space 0, times 0 [ 137.542834][ T9338] CPU: 0 PID: 9338 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 137.550687][ T9338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.560853][ T9338] Call Trace: [ 137.564164][ T9338] dump_stack+0x1d8/0x2f8 [ 137.568535][ T9338] should_fail+0x608/0x860 [ 137.572971][ T9338] ? setup_fault_attr+0x2b0/0x2b0 [ 137.578027][ T9338] __should_failslab+0x11a/0x160 [ 137.582984][ T9338] ? __se_sys_memfd_create+0x153/0x560 [ 137.588456][ T9338] should_failslab+0x9/0x20 [ 137.592976][ T9338] __kmalloc+0x7a/0x310 [ 137.597133][ T9338] ? strnlen_user+0x1e0/0x260 [ 137.601824][ T9338] __se_sys_memfd_create+0x153/0x560 [ 137.605610][ T9350] FAULT_INJECTION: forcing a failure. [ 137.605610][ T9350] name failslab, interval 1, probability 0, space 0, times 0 [ 137.607116][ T9338] ? __x64_sys_memfd_create+0x70/0x70 [ 137.607133][ T9338] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 137.621742][ T9348] FAULT_INJECTION: forcing a failure. [ 137.621742][ T9348] name failslab, interval 1, probability 0, space 0, times 0 [ 137.625178][ T9338] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 137.625191][ T9338] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 137.625199][ T9338] ? do_syscall_64+0x1d/0x140 [ 137.625212][ T9338] __x64_sys_memfd_create+0x5b/0x70 [ 137.625222][ T9338] do_syscall_64+0xfe/0x140 [ 137.625238][ T9338] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 137.625253][ T9338] RIP: 0033:0x4597c9 [ 137.644725][ T9351] 9pnet_virtio: no channels available for device 127.0.0.1 [ 137.648900][ T9338] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:26 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 137.648906][ T9338] RSP: 002b:00007f6a32530a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 137.648917][ T9338] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 137.648928][ T9338] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 137.669034][ T9338] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 137.722490][ T9338] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a325316d4 [ 137.722497][ T9338] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 137.734214][ T9344] CPU: 0 PID: 9344 Comm: syz-executor.2 Not tainted 5.2.0-rc7 #12 [ 137.762529][ T9344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.772595][ T9344] Call Trace: [ 137.775896][ T9344] dump_stack+0x1d8/0x2f8 [ 137.780271][ T9344] should_fail+0x608/0x860 [ 137.784710][ T9344] ? setup_fault_attr+0x2b0/0x2b0 [ 137.789748][ T9344] __should_failslab+0x11a/0x160 [ 137.794694][ T9344] ? ext4_init_io_end+0x29/0x100 [ 137.799725][ T9344] should_failslab+0x9/0x20 [ 137.804239][ T9344] kmem_cache_alloc+0x56/0x2b0 [ 137.809009][ T9344] ext4_init_io_end+0x29/0x100 [ 137.813773][ T9344] ext4_writepages+0x1035/0x3da0 [ 137.818709][ T9344] ? check_preemption_disabled+0x47/0x280 [ 137.824460][ T9344] ? ext4_readpage+0x170/0x170 [ 137.829228][ T9344] ? __lock_acquire+0xcf7/0x1a40 [ 137.834177][ T9344] ? __lock_acquire+0xcf7/0x1a40 [ 137.839210][ T9344] ? 0xffffffff81000000 [ 137.843362][ T9344] ? ext4_readpage+0x170/0x170 [ 137.848117][ T9344] do_writepages+0x15a/0x290 [ 137.852712][ T9344] ? __writepage+0xc0/0xc0 [ 137.857117][ T9344] ? kasan_check_read+0x11/0x20 03:42:26 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 137.861953][ T9344] ? do_raw_spin_unlock+0x49/0x260 [ 137.867056][ T9344] ? _raw_spin_unlock+0x2c/0x50 [ 137.871912][ T9344] __filemap_fdatawrite_range+0x2ee/0x3a0 [ 137.877630][ T9344] ? filemap_check_errors+0xf0/0xf0 [ 137.882837][ T9344] ? trace_lock_acquire+0x190/0x190 [ 137.888031][ T9344] file_write_and_wait_range+0x1b8/0x390 [ 137.893658][ T9344] __generic_file_fsync+0x76/0x1a0 [ 137.898777][ T9344] ext4_sync_file+0x2a0/0x950 [ 137.903452][ T9344] vfs_fsync_range+0xfd/0x1a0 [ 137.908132][ T9344] __se_sys_msync+0x3a8/0x490 [ 137.912807][ T9344] __x64_sys_msync+0x7b/0x90 [ 137.917390][ T9344] do_syscall_64+0xfe/0x140 [ 137.921887][ T9344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 137.927866][ T9344] RIP: 0033:0x4597c9 [ 137.931748][ T9344] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 137.951355][ T9344] RSP: 002b:00007f93d3aafc78 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 137.959757][ T9344] RAX: ffffffffffffffda RBX: 00007f93d3aafc90 RCX: 00000000004597c9 [ 137.967724][ T9344] RDX: 0000000000000004 RSI: 087abbe8d1cc6ad9 RDI: 0000000020952000 [ 137.975801][ T9344] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 137.983786][ T9344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93d3ab06d4 [ 137.991754][ T9344] R13: 00000000004c5d3f R14: 00000000004da688 R15: 0000000000000003 [ 137.999743][ T9348] CPU: 1 PID: 9348 Comm: syz-executor.4 Not tainted 5.2.0-rc7 #12 [ 138.007555][ T9348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.007561][ T9348] Call Trace: [ 138.007585][ T9348] dump_stack+0x1d8/0x2f8 [ 138.007601][ T9348] should_fail+0x608/0x860 [ 138.007612][ T9348] ? setup_fault_attr+0x2b0/0x2b0 [ 138.007645][ T9348] __should_failslab+0x11a/0x160 [ 138.007660][ T9348] ? mempool_alloc_slab+0x4d/0x70 [ 138.007677][ T9348] should_failslab+0x9/0x20 [ 138.007684][ T9348] kmem_cache_alloc+0x56/0x2b0 [ 138.007692][ T9348] ? mempool_free+0x350/0x350 [ 138.007700][ T9348] mempool_alloc_slab+0x4d/0x70 [ 138.007708][ T9348] mempool_alloc+0x15f/0x6b0 [ 138.007724][ T9348] ? mempool_resize+0x900/0x900 [ 138.007734][ T9348] ? rcu_lock_release+0x15/0x20 [ 138.007741][ T9348] ? __unlock_page_memcg+0x126/0x140 [ 138.007754][ T9348] ? __test_set_page_writeback+0xa1d/0xc10 [ 138.040131][ T9348] bio_alloc_bioset+0x210/0x670 [ 138.040154][ T9348] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 138.040168][ T9348] ? bio_chain_endio+0x110/0x110 [ 138.105659][ T9348] ext4_bio_write_page+0x10f0/0x1980 [ 138.110947][ T9348] mpage_process_page_bufs+0x796/0x910 [ 138.116401][ T9348] mpage_prepare_extent_to_map+0x9b0/0xd70 [ 138.122394][ T9348] ? trace_ext4_writepages+0x290/0x290 [ 138.127857][ T9348] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 138.133563][ T9348] ? ext4_init_io_end+0x29/0x100 [ 138.138488][ T9348] ? trace_kmem_cache_alloc+0xcd/0x130 [ 138.143937][ T9348] ? ext4_init_io_end+0x29/0x100 [ 138.148865][ T9348] ? ext4_init_io_end+0x29/0x100 [ 138.153789][ T9348] ? kasan_check_write+0x14/0x20 [ 138.158721][ T9348] ext4_writepages+0x1078/0x3da0 [ 138.171209][ T9348] ? check_preemption_disabled+0x47/0x280 [ 138.176955][ T9348] ? ext4_readpage+0x170/0x170 [ 138.181703][ T9348] ? __lock_acquire+0xcf7/0x1a40 [ 138.186634][ T9348] ? __lock_acquire+0xcf7/0x1a40 [ 138.191574][ T9348] ? 0xffffffff81000000 [ 138.195721][ T9348] ? ext4_readpage+0x170/0x170 [ 138.200476][ T9348] do_writepages+0x15a/0x290 [ 138.205060][ T9348] ? __writepage+0xc0/0xc0 [ 138.209464][ T9348] ? kasan_check_read+0x11/0x20 [ 138.214300][ T9348] ? do_raw_spin_unlock+0x49/0x260 [ 138.219489][ T9348] ? _raw_spin_unlock+0x2c/0x50 [ 138.224336][ T9348] __filemap_fdatawrite_range+0x2ee/0x3a0 [ 138.231593][ T9348] ? filemap_check_errors+0xf0/0xf0 [ 138.236796][ T9348] ? trace_lock_acquire+0x190/0x190 [ 138.241993][ T9348] file_write_and_wait_range+0x1b8/0x390 [ 138.247639][ T9348] __generic_file_fsync+0x76/0x1a0 [ 138.252743][ T9348] ext4_sync_file+0x2a0/0x950 [ 138.257414][ T9348] vfs_fsync_range+0xfd/0x1a0 [ 138.262090][ T9348] __se_sys_msync+0x3a8/0x490 [ 138.266784][ T9348] __x64_sys_msync+0x7b/0x90 [ 138.271365][ T9348] do_syscall_64+0xfe/0x140 [ 138.275856][ T9348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 138.281734][ T9348] RIP: 0033:0x4597c9 [ 138.285620][ T9348] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 138.305225][ T9348] RSP: 002b:00007f2eeb0fdc78 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 138.313632][ T9348] RAX: ffffffffffffffda RBX: 00007f2eeb0fdc90 RCX: 00000000004597c9 [ 138.321596][ T9348] RDX: 0000000000000004 RSI: 087abbe8d1cc6ad9 RDI: 0000000020952000 [ 138.329557][ T9348] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 138.337514][ T9348] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2eeb0fe6d4 [ 138.345469][ T9348] R13: 00000000004c5d3f R14: 00000000004da688 R15: 0000000000000003 [ 138.353478][ T9350] CPU: 0 PID: 9350 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 03:42:27 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:27 executing program 5 (fault-call:0 fault-nth:1): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 138.362508][ T9350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.372574][ T9350] Call Trace: [ 138.372597][ T9350] dump_stack+0x1d8/0x2f8 [ 138.372611][ T9350] should_fail+0x608/0x860 [ 138.372627][ T9350] ? setup_fault_attr+0x2b0/0x2b0 [ 138.372638][ T9350] ? ksys_mount+0x6a/0x100 [ 138.372659][ T9350] __should_failslab+0x11a/0x160 [ 138.384667][ T9350] ? ksys_mount+0x6a/0x100 [ 138.384681][ T9350] should_failslab+0x9/0x20 [ 138.384691][ T9350] __kmalloc_track_caller+0x79/0x310 [ 138.384708][ T9350] ? strnlen_user+0x1e0/0x260 [ 138.394429][ T9350] strndup_user+0x76/0x130 [ 138.394442][ T9350] ksys_mount+0x6a/0x100 [ 138.394454][ T9350] __x64_sys_mount+0xbf/0xd0 [ 138.394470][ T9350] do_syscall_64+0xfe/0x140 [ 138.394490][ T9350] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 138.394501][ T9350] RIP: 0033:0x4597c9 [ 138.394511][ T9350] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:27 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 138.394516][ T9350] RSP: 002b:00007fbee288bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 138.394524][ T9350] RAX: ffffffffffffffda RBX: 00007fbee288bc90 RCX: 00000000004597c9 [ 138.394530][ T9350] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000080 [ 138.394535][ T9350] RBP: 000000000075bf20 R08: 00000000200001c0 R09: 0000000000000000 [ 138.394540][ T9350] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbee288c6d4 [ 138.394546][ T9350] R13: 00000000004c5be1 R14: 00000000004da3d0 R15: 0000000000000003 [ 138.406944][ T9352] FAT-fs (loop3): bogus number of reserved sectors [ 138.427862][ T9361] FAULT_INJECTION: forcing a failure. [ 138.427862][ T9361] name failslab, interval 1, probability 0, space 0, times 0 [ 138.435922][ T9352] FAT-fs (loop3): Can't find a valid FAT filesystem [ 138.500950][ T9361] CPU: 0 PID: 9361 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 138.534231][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.534238][ T9361] Call Trace: [ 138.534256][ T9361] dump_stack+0x1d8/0x2f8 [ 138.534271][ T9361] should_fail+0x608/0x860 [ 138.534283][ T9361] ? setup_fault_attr+0x2b0/0x2b0 [ 138.534301][ T9361] __should_failslab+0x11a/0x160 [ 138.534313][ T9361] ? shmem_alloc_inode+0x1b/0x40 [ 138.534323][ T9361] should_failslab+0x9/0x20 [ 138.534332][ T9361] kmem_cache_alloc+0x56/0x2b0 [ 138.534341][ T9361] ? kasan_check_write+0x14/0x20 [ 138.534349][ T9361] ? shmem_fallocate+0xcd0/0xcd0 [ 138.534360][ T9361] shmem_alloc_inode+0x1b/0x40 [ 138.534368][ T9361] ? shmem_fallocate+0xcd0/0xcd0 [ 138.534384][ T9361] new_inode_pseudo+0x68/0x240 [ 138.548745][ T9361] new_inode+0x28/0x1c0 [ 138.624745][ T9361] ? kasan_check_read+0x11/0x20 [ 138.629618][ T9361] shmem_get_inode+0x11b/0x700 [ 138.634397][ T9361] ? __alloc_fd+0x523/0x5d0 [ 138.638900][ T9361] __shmem_file_setup+0x129/0x280 [ 138.643923][ T9361] shmem_file_setup+0x2f/0x40 [ 138.648609][ T9361] __se_sys_memfd_create+0x32f/0x560 [ 138.653953][ T9361] ? __x64_sys_memfd_create+0x70/0x70 [ 138.659307][ T9361] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 138.664925][ T9361] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 138.670447][ T9361] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 138.676150][ T9361] ? do_syscall_64+0x1d/0x140 [ 138.680813][ T9361] __x64_sys_memfd_create+0x5b/0x70 [ 138.685997][ T9361] do_syscall_64+0xfe/0x140 [ 138.690494][ T9361] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 138.696361][ T9361] RIP: 0033:0x4597c9 [ 138.700232][ T9361] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:27 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:27 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:27 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:27 executing program 5 (fault-call:0 fault-nth:2): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 138.719913][ T9361] RSP: 002b:00007f6a32530a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 138.728332][ T9361] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 138.736300][ T9361] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 138.744271][ T9361] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 138.752232][ T9361] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a325316d4 [ 138.760183][ T9361] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:27 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:27 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 138.971669][ T9381] FAULT_INJECTION: forcing a failure. [ 138.971669][ T9381] name failslab, interval 1, probability 0, space 0, times 0 03:42:28 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:28 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x5) 03:42:28 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x5) 03:42:28 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='.27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 139.013239][ T9382] FAT-fs (loop3): bogus number of reserved sectors [ 139.053205][ T9382] FAT-fs (loop3): Can't find a valid FAT filesystem 03:42:28 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 139.101960][ T9381] CPU: 1 PID: 9381 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 139.109822][ T9381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.119891][ T9381] Call Trace: [ 139.123199][ T9381] dump_stack+0x1d8/0x2f8 [ 139.127655][ T9381] should_fail+0x608/0x860 [ 139.132063][ T9381] ? setup_fault_attr+0x2b0/0x2b0 [ 139.137094][ T9381] __should_failslab+0x11a/0x160 [ 139.142018][ T9381] ? security_inode_alloc+0x36/0x1e0 [ 139.147332][ T9381] should_failslab+0x9/0x20 [ 139.151818][ T9381] kmem_cache_alloc+0x56/0x2b0 [ 139.156564][ T9381] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 139.162259][ T9381] security_inode_alloc+0x36/0x1e0 [ 139.167348][ T9381] inode_init_always+0x3b5/0x8d0 [ 139.172267][ T9381] ? shmem_fallocate+0xcd0/0xcd0 [ 139.177211][ T9381] new_inode_pseudo+0x7f/0x240 [ 139.181955][ T9381] new_inode+0x28/0x1c0 [ 139.186101][ T9381] ? kasan_check_read+0x11/0x20 [ 139.190965][ T9381] shmem_get_inode+0x11b/0x700 [ 139.195728][ T9381] ? __alloc_fd+0x523/0x5d0 [ 139.200216][ T9381] __shmem_file_setup+0x129/0x280 [ 139.205223][ T9381] shmem_file_setup+0x2f/0x40 [ 139.209888][ T9381] __se_sys_memfd_create+0x32f/0x560 [ 139.215150][ T9381] ? __x64_sys_memfd_create+0x70/0x70 [ 139.220514][ T9381] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 139.226136][ T9381] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 139.231578][ T9381] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 139.237275][ T9381] ? do_syscall_64+0x1d/0x140 [ 139.241928][ T9381] __x64_sys_memfd_create+0x5b/0x70 [ 139.247102][ T9381] do_syscall_64+0xfe/0x140 [ 139.251588][ T9381] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 139.257631][ T9381] RIP: 0033:0x4597c9 [ 139.261500][ T9381] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 139.281078][ T9381] RSP: 002b:00007f6a32530a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 139.289480][ T9381] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 139.297445][ T9381] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 139.305394][ T9381] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 139.313341][ T9381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a325316d4 [ 139.321498][ T9381] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:28 executing program 5 (fault-call:0 fault-nth:3): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:28 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:42:28 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='/27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:28 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x8) 03:42:28 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x8) 03:42:28 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:28 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x14) 03:42:28 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x14) [ 139.548416][ T9408] FAT-fs (loop3): bogus number of reserved sectors [ 139.578534][ T9408] FAT-fs (loop3): Can't find a valid FAT filesystem 03:42:28 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:28 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\\27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:28 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x84) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000040)) 03:42:28 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)) [ 139.813270][ T9442] FAULT_INJECTION: forcing a failure. [ 139.813270][ T9442] name failslab, interval 1, probability 0, space 0, times 0 [ 139.829438][ T9440] FAT-fs (loop3): bogus number of reserved sectors [ 139.837115][ T9440] FAT-fs (loop3): Can't find a valid FAT filesystem [ 139.844344][ T9442] CPU: 1 PID: 9442 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 139.852167][ T9442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.862231][ T9442] Call Trace: [ 139.865542][ T9442] dump_stack+0x1d8/0x2f8 [ 139.869889][ T9442] should_fail+0x608/0x860 [ 139.874329][ T9442] ? setup_fault_attr+0x2b0/0x2b0 [ 139.879470][ T9442] __should_failslab+0x11a/0x160 [ 139.884426][ T9442] ? __d_alloc+0x2d/0x6e0 [ 139.888771][ T9442] should_failslab+0x9/0x20 [ 139.893294][ T9442] kmem_cache_alloc+0x56/0x2b0 [ 139.898073][ T9442] __d_alloc+0x2d/0x6e0 [ 139.902244][ T9442] ? ktime_get_coarse_real_ts64+0xaf/0xc0 [ 139.907962][ T9442] d_alloc_pseudo+0x1d/0x70 [ 139.912465][ T9442] alloc_file_pseudo+0x128/0x310 [ 139.917386][ T9442] ? lockdep_init_map+0x2a/0x680 [ 139.922304][ T9442] ? alloc_empty_file_noaccount+0x80/0x80 [ 139.928021][ T9442] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 139.934334][ T9442] ? kasan_check_write+0x14/0x20 [ 139.939278][ T9442] ? clear_nlink+0x87/0xe0 [ 139.943686][ T9442] __shmem_file_setup+0x1a2/0x280 [ 139.948711][ T9442] shmem_file_setup+0x2f/0x40 [ 139.953391][ T9442] __se_sys_memfd_create+0x32f/0x560 [ 139.958677][ T9442] ? __x64_sys_memfd_create+0x70/0x70 [ 139.964051][ T9442] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 139.969688][ T9442] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 139.975145][ T9442] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 139.980857][ T9442] ? do_syscall_64+0x1d/0x140 [ 139.985558][ T9442] __x64_sys_memfd_create+0x5b/0x70 [ 139.990749][ T9442] do_syscall_64+0xfe/0x140 [ 139.995240][ T9442] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 140.001109][ T9442] RIP: 0033:0x4597c9 [ 140.004983][ T9442] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 140.024570][ T9442] RSP: 002b:00007f6a32530a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 140.032973][ T9442] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 140.040940][ T9442] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 140.049849][ T9442] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 140.057892][ T9442] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a325316d4 [ 140.067414][ T9442] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:29 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='1\n7.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:29 executing program 2: msync(&(0x7f0000953000/0x3000)=nil, 0x3000, 0x800000000000004) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x40000, 0x0) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f0000000180)) prctl$PR_SET_FPEMU(0xa, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x7fffffff}, &(0x7f0000000080)=0x8) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f00000000c0)={'nr0\x00', {0x2, 0x4e22, @remote}}) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={r1, 0x0, &(0x7f00000000c0)}, &(0x7f0000000140)=0x10) 03:42:29 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0xfe9f) 03:42:29 executing program 5 (fault-call:0 fault-nth:4): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:29 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)) 03:42:29 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:29 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='1.7.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 140.208908][ T9462] FAULT_INJECTION: forcing a failure. [ 140.208908][ T9462] name failslab, interval 1, probability 0, space 0, times 0 [ 140.222091][ T9456] FAT-fs (loop3): bogus number of reserved sectors [ 140.260969][ T9462] CPU: 1 PID: 9462 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 140.268830][ T9462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.278896][ T9462] Call Trace: [ 140.280070][ T9456] FAT-fs (loop3): Can't find a valid FAT filesystem [ 140.282198][ T9462] dump_stack+0x1d8/0x2f8 [ 140.282226][ T9462] should_fail+0x608/0x860 [ 140.297573][ T9462] ? setup_fault_attr+0x2b0/0x2b0 [ 140.302623][ T9462] __should_failslab+0x11a/0x160 03:42:29 executing program 2: r0 = syz_open_dev$amidi(&(0x7f00000002c0)='/dev/amidi#\x00', 0x8, 0x10000400200) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="cc0000000cf227c88ec938fc4420114af41ac787ec52d80e25ebe963f5b4ddeaadf90c9740cebbd30d95a37820e34ca0c10aed87bc6cc28954c8ab147e667da318711b67885da9582ef73f794a7285ce55d181e4999e82aead02d64f107cb23065a83bcbd28aebcbe98276113438913514e62f4a490858f2abe6bdc2c529beb94e9ca8e879d36bb868f16a4e36ef34c891a0e159e199a9b141c206b46a5d90dd1ac70a861ee94d0737d39504f319c29f128a151444ba432ad1355deea38785e62747ef3066e7cebb463c825425ab1afe"], &(0x7f0000000140)=0xd4) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000001c0)={r1, 0x10001, 0x8, 0x1, 0x6, 0x7}, 0x14) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000180)={0x5, 0x7, 0x0, 0x0, 0x2, 0x6, 0xfff, 0x8, r1}, 0x20) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000000)) 03:42:29 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 140.307580][ T9462] ? __alloc_file+0x29/0x350 [ 140.312193][ T9462] should_failslab+0x9/0x20 [ 140.316716][ T9462] kmem_cache_alloc+0x56/0x2b0 [ 140.321490][ T9462] __alloc_file+0x29/0x350 [ 140.321501][ T9462] ? alloc_empty_file+0x4c/0x1b0 [ 140.321513][ T9462] alloc_empty_file+0xac/0x1b0 [ 140.321524][ T9462] alloc_file+0x60/0x4c0 [ 140.321542][ T9462] alloc_file_pseudo+0x25b/0x310 [ 140.330876][ T9462] ? alloc_empty_file_noaccount+0x80/0x80 [ 140.330889][ T9462] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 03:42:29 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:29 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='1\\7.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 140.330906][ T9462] ? kasan_check_write+0x14/0x20 [ 140.330914][ T9462] ? clear_nlink+0x87/0xe0 [ 140.330928][ T9462] __shmem_file_setup+0x1a2/0x280 [ 140.371237][ T9462] shmem_file_setup+0x2f/0x40 [ 140.375952][ T9462] __se_sys_memfd_create+0x32f/0x560 [ 140.381270][ T9462] ? __x64_sys_memfd_create+0x70/0x70 [ 140.386664][ T9462] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 140.392312][ T9462] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 140.397792][ T9462] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 140.403522][ T9462] ? do_syscall_64+0x1d/0x140 [ 140.408755][ T9462] __x64_sys_memfd_create+0x5b/0x70 [ 140.413964][ T9462] do_syscall_64+0xfe/0x140 [ 140.418466][ T9462] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 140.424367][ T9462] RIP: 0033:0x4597c9 [ 140.428260][ T9462] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 140.447851][ T9462] RSP: 002b:00007f6a32530a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 03:42:29 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_score\x00') setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0x8}, 0x1) getdents64(r0, &(0x7f0000000080)=""/4096, 0x1000) 03:42:29 executing program 5 (fault-call:0 fault-nth:5): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) [ 140.456257][ T9462] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 140.464211][ T9462] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 140.472162][ T9462] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 140.480140][ T9462] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a325316d4 [ 140.488230][ T9462] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:29 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:29 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)) [ 140.612258][ T9479] FAULT_INJECTION: forcing a failure. [ 140.612258][ T9479] name failslab, interval 1, probability 0, space 0, times 0 [ 140.695647][ T9479] CPU: 0 PID: 9479 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 140.703502][ T9479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.713566][ T9479] Call Trace: [ 140.716870][ T9479] dump_stack+0x1d8/0x2f8 [ 140.721214][ T9479] should_fail+0x608/0x860 [ 140.725648][ T9479] ? setup_fault_attr+0x2b0/0x2b0 [ 140.730683][ T9479] __should_failslab+0x11a/0x160 [ 140.735639][ T9479] ? security_file_alloc+0x36/0x200 03:42:29 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='12\n.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 140.735967][ T9493] FAT-fs (loop3): bogus number of reserved sectors [ 140.740843][ T9479] should_failslab+0x9/0x20 [ 140.740856][ T9479] kmem_cache_alloc+0x56/0x2b0 [ 140.740877][ T9479] security_file_alloc+0x36/0x200 [ 140.754354][ T9493] FAT-fs (loop3): Can't find a valid FAT filesystem [ 140.756615][ T9479] __alloc_file+0xb1/0x350 [ 140.756628][ T9479] alloc_empty_file+0xac/0x1b0 [ 140.756642][ T9479] alloc_file+0x60/0x4c0 [ 140.781803][ T9479] alloc_file_pseudo+0x25b/0x310 [ 140.786730][ T9479] ? alloc_empty_file_noaccount+0x80/0x80 [ 140.792483][ T9479] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 140.798818][ T9479] ? kasan_check_write+0x14/0x20 [ 140.803749][ T9479] ? clear_nlink+0x87/0xe0 [ 140.808155][ T9479] __shmem_file_setup+0x1a2/0x280 [ 140.813462][ T9479] shmem_file_setup+0x2f/0x40 [ 140.818124][ T9479] __se_sys_memfd_create+0x32f/0x560 [ 140.823401][ T9479] ? __x64_sys_memfd_create+0x70/0x70 [ 140.828769][ T9479] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 140.834382][ T9479] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 140.839829][ T9479] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 140.845633][ T9479] ? do_syscall_64+0x1d/0x140 [ 140.850299][ T9479] __x64_sys_memfd_create+0x5b/0x70 [ 140.855503][ T9479] do_syscall_64+0xfe/0x140 [ 140.859994][ T9479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 140.865874][ T9479] RIP: 0033:0x4597c9 [ 140.869781][ T9479] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:29 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:29 executing program 4: r0 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@l2, &(0x7f00000000c0)=0x80, 0x800) ioctl$sock_bt_hci(r0, 0x0, &(0x7f0000000100)="38a5349cf7ac0f9800a3156f06b4d3f2298c7e6822df2ac2c46d076d7041a619587082f35635fd6133db6926f9696d5b5c6e928f001a1be403b91edcacdd48d0e83bcfe683a9bb7b19c0674182ffd32bf7089112059b128e7d82cafd255df09f2c4f8e1175a916994fe858f46136b9f8bdce9adb2f079838261722b321e2731802bfe540c0bcd886") r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x7fffffff, 0xffffffffffffffff, 0x0, 0xf9, 0xf73}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:29 executing program 2: r0 = accept4$rose(0xffffffffffffff9c, &(0x7f0000000000)=@full={0xb, @dev, @netrom, 0x0, [@bcast, @remote, @rose, @rose, @bcast]}, &(0x7f0000000040)=0x40, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x400c1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in=@broadcast, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000200)=0xe8) r3 = geteuid() getresuid(&(0x7f0000000240)=0x0, &(0x7f0000000280), &(0x7f00000002c0)) setresuid(r2, r3, r4) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f00000000c0)=[r0, r0, r0, r0], 0x4) getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000380)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000480)={&(0x7f0000000300), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@deltclass={0x78, 0x29, 0x20, 0x70bd28, 0x25dfdbfd, {0x0, r5, {0x6, 0xfff2}, {0x0, 0xf}, {0x10}}, [@TCA_RATE={0x8, 0x5, {0x8, 0x4}}, @tclass_kind_options=@c_cbq={{0x8, 0x1, 'cbq\x00'}, {0x24, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0xc, 0x7}, 0x8, 0xf3f5}}, @TCA_CBQ_FOPT={0x10, 0x3, {{0x3, 0xfff7}, 0xd3, 0x4a8e0fc7}}]}}, @TCA_RATE={0x8, 0x5, {0x0, 0x7fffffff}}, @tclass_kind_options=@c_dsmark={{0xc, 0x1, 'dsmark\x00'}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x8, 0x5, 0x8}}}]}, 0x78}}, 0x20000000) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) msync(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4) [ 140.889481][ T9479] RSP: 002b:00007f6a32530a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 140.897978][ T9479] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 140.905946][ T9479] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 140.913919][ T9479] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 140.921876][ T9479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a325316d4 [ 140.929937][ T9479] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:30 executing program 5 (fault-call:0 fault-nth:6): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:30 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask'}}]}) 03:42:30 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 03:42:30 executing program 2: msync(&(0x7f0000953000/0x3000)=nil, 0x3000, 0xfffffffffffffffe) 03:42:30 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='12..0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:30 executing program 4: r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0xffffffff, 0x10000) ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000100)) msync(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x2) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000000)=""/53, &(0x7f0000000040)=0x35) [ 141.121717][ T9513] FAULT_INJECTION: forcing a failure. [ 141.121717][ T9513] name failslab, interval 1, probability 0, space 0, times 0 [ 141.160222][ T9515] FAT-fs (loop3): bogus number of reserved sectors 03:42:30 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f00000001c0)='/dev/snd/pcmC#D#c\x00', 0xd0, 0x4000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000080)={0xc71, 0x2, 0x5, 'queue1\x00', 0x1}) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000140)=0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000180)={0x1, r2}) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:30 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='12\\.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 141.245382][ T9515] FAT-fs (loop3): Can't find a valid FAT filesystem [ 141.290835][ T9513] CPU: 0 PID: 9513 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 141.298681][ T9513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.308731][ T9513] Call Trace: [ 141.312014][ T9513] dump_stack+0x1d8/0x2f8 [ 141.316340][ T9513] should_fail+0x608/0x860 [ 141.320766][ T9513] ? setup_fault_attr+0x2b0/0x2b0 [ 141.325802][ T9513] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 141.331515][ T9513] __should_failslab+0x11a/0x160 [ 141.336437][ T9513] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 141.342135][ T9513] should_failslab+0x9/0x20 [ 141.346636][ T9513] __kmalloc+0x7a/0x310 [ 141.350775][ T9513] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 141.356474][ T9513] tomoyo_realpath_from_path+0xdc/0x7c0 [ 141.361999][ T9513] tomoyo_path_perm+0x218/0x8b0 [ 141.366827][ T9513] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 141.372881][ T9513] ? trace_lock_acquire+0x190/0x190 [ 141.378072][ T9513] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 141.383775][ T9513] tomoyo_path_truncate+0x1c/0x20 [ 141.388776][ T9513] security_path_truncate+0xd5/0x150 [ 141.394038][ T9513] do_sys_ftruncate+0x3b1/0x6b0 [ 141.400578][ T9513] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 141.406373][ T9513] ? debug_smp_processor_id+0x1c/0x20 [ 141.411728][ T9513] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 141.417775][ T9513] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 141.423563][ T9513] ? __x64_sys_memfd_create+0x70/0x70 [ 141.428911][ T9513] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 141.434632][ T9513] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 141.440089][ T9513] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 141.445796][ T9513] ? do_syscall_64+0x1d/0x140 [ 141.450468][ T9513] __x64_sys_ftruncate+0x60/0x70 [ 141.455388][ T9513] do_syscall_64+0xfe/0x140 [ 141.459937][ T9513] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 141.465813][ T9513] RIP: 0033:0x459797 [ 141.469687][ T9513] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:30 executing program 4: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x100000000, 0x280000) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) write$FUSE_WRITE(r0, &(0x7f0000000080)={0x18, 0x0, 0x8, {0x63}}, 0x18) 03:42:30 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) [ 141.489271][ T9513] RSP: 002b:00007f6a32530a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 141.497760][ T9513] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000459797 [ 141.505713][ T9513] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000004 [ 141.513668][ T9513] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 141.521720][ T9513] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000004 [ 141.529688][ T9513] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 141.546387][ T9513] ERROR: Out of memory at tomoyo_realpath_from_path. [ 141.583467][ T9513] FAT-fs (loop5): bogus number of reserved sectors [ 141.590512][ T9513] FAT-fs (loop5): Can't find a valid FAT filesystem 03:42:30 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask'}}]}) 03:42:30 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 03:42:30 executing program 5 (fault-call:0 fault-nth:7): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:30 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ptrace$setregs(0xf, r0, 0x7fffffff, &(0x7f0000000080)="1c6a30d1aa9951efb8cb5b875cb7f76db257958997e4a6f291ce292a20d9dfae240e03831b0e2414ad00bc8214661a796bec24b3011908157d084093efd53d1c3754fcdc9ddbacca51de8b973ed15c9b77040bcfcecd7ca26c06354b76fa80e6cb4a7af5b6bcbb326b11") 03:42:30 executing program 2: msync(&(0x7f0000950000/0x4000)=nil, 0x4000, 0xa) 03:42:30 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127\n0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 141.812225][ T9555] FAT-fs (loop3): bogus number of reserved sectors [ 141.866453][ T9570] FAULT_INJECTION: forcing a failure. [ 141.866453][ T9570] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 141.872506][ T9555] FAT-fs (loop3): Can't find a valid FAT filesystem [ 141.879700][ T9570] CPU: 0 PID: 9570 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 141.879718][ T9570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.879723][ T9570] Call Trace: [ 141.879747][ T9570] dump_stack+0x1d8/0x2f8 [ 141.912213][ T9570] should_fail+0x608/0x860 03:42:30 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127/0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:30 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000952000/0x2000)=nil) 03:42:30 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x80000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/98) [ 141.916645][ T9570] ? setup_fault_attr+0x2b0/0x2b0 [ 141.921684][ T9570] ? __bfs+0x550/0x550 [ 141.925770][ T9570] should_fail_alloc_page+0x55/0x60 [ 141.930990][ T9570] prepare_alloc_pages+0x283/0x460 [ 141.936135][ T9570] __alloc_pages_nodemask+0x11c/0x790 [ 141.941523][ T9570] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 141.947086][ T9570] ? __lock_acquire+0xcf7/0x1a40 [ 141.952048][ T9570] ? check_preemption_disabled+0x47/0x280 [ 141.957788][ T9570] kmem_getpages+0x46/0x480 [ 141.962300][ T9570] cache_grow_begin+0x7e/0x2c0 [ 141.967172][ T9570] cache_alloc_refill+0x311/0x3f0 [ 141.972206][ T9570] ? check_preemption_disabled+0xb7/0x280 [ 141.977942][ T9570] __kmalloc+0x2e5/0x310 [ 141.982195][ T9570] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 141.987926][ T9570] tomoyo_realpath_from_path+0xdc/0x7c0 [ 141.993481][ T9570] tomoyo_path_perm+0x218/0x8b0 [ 141.998332][ T9570] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 142.004395][ T9570] ? trace_lock_acquire+0x190/0x190 [ 142.009601][ T9570] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 142.015319][ T9570] tomoyo_path_truncate+0x1c/0x20 [ 142.020326][ T9570] security_path_truncate+0xd5/0x150 [ 142.025608][ T9570] do_sys_ftruncate+0x3b1/0x6b0 [ 142.030446][ T9570] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 142.036233][ T9570] ? debug_smp_processor_id+0x1c/0x20 [ 142.041581][ T9570] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 142.047626][ T9570] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 142.053333][ T9570] ? __x64_sys_memfd_create+0x70/0x70 [ 142.058704][ T9570] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 142.064332][ T9570] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 142.069770][ T9570] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 142.075475][ T9570] ? do_syscall_64+0x1d/0x140 [ 142.080139][ T9570] __x64_sys_ftruncate+0x60/0x70 [ 142.085056][ T9570] do_syscall_64+0xfe/0x140 [ 142.089537][ T9570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 142.095405][ T9570] RIP: 0033:0x459797 [ 142.099273][ T9570] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 142.118867][ T9570] RSP: 002b:00007f6a32530a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 142.127270][ T9570] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000459797 [ 142.135363][ T9570] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000004 [ 142.143329][ T9570] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 142.151297][ T9570] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000004 03:42:31 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='/27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 142.159256][ T9570] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 142.239861][ T9570] FAT-fs (loop5): bogus number of reserved sectors 03:42:31 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask'}}]}) 03:42:31 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127\\0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:31 executing program 4: r0 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x5) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000400)={0x0, 0xcc, &(0x7f0000000300)=[@in6={0xa, 0x4e22, 0x6, @mcast1, 0x7fff}, @in6={0xa, 0x4e20, 0x80000000, @rand_addr="ebdccdabe6e9aa564fac3bee2a1f7361", 0x6}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e22, 0x2834, @rand_addr="646ee40690b21b8179b1e165cfdc3714", 0x7}, @in={0x2, 0x4e20, @rand_addr=0x7fffffff}, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e23, 0x8, @mcast2, 0x800}, @in6={0xa, 0x4e21, 0x400, @mcast1, 0x1}, @in={0x2, 0x4e24}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000480)={r1, 0xb0b, 0x9, 0x200, 0x20d, 0x2c}, &(0x7f00000004c0)=0x14) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) getpeername(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f00000000c0)=0x80) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0xb4, &(0x7f0000000100)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x12}}, @in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x4e22, 0x7, @remote, 0x3}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e20, 0x4, @remote, 0xbf}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e23, 0x81, @rand_addr="e79d11b5251608e4a95edbf2ef2a7e89", 0x100000001}, @in={0x2, 0x4e21, @multicast2}]}, &(0x7f0000000200)=0x10) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000240)={0x0, 0x10000, 0x1, 0xf3, 0x9, 0x2, 0x1, 0xffffffffffff9129, r3}, 0x20) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x34400, 0x0) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000280)={0xffffffffffffffc0}, 0x1) 03:42:31 executing program 1: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000952000/0x2000)=nil) [ 142.324399][ T9570] FAT-fs (loop5): Can't find a valid FAT filesystem 03:42:31 executing program 5 (fault-call:0 fault-nth:8): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:31 executing program 2: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x40000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xc0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x9, 0x4}, 0x0, 0x0, &(0x7f0000000180)={0x0, 0xb, 0x2, 0x5}, &(0x7f00000001c0)=0x401, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=0xcc}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={r0, 0x10, &(0x7f0000000340)={&(0x7f0000000040)=""/149, 0x95, r1}}, 0xfffffffffffffd98) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) openat$null(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/null\x00', 0x40, 0x0) [ 142.435129][ T9591] FAT-fs (loop3): bogus number of reserved sectors 03:42:31 executing program 4: r0 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0xffffffff, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000140)='/dev/radio#\x00', 0x3, 0x2) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x0, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYBLOB="06000000000000001f00008008000000060011000900000000000000000000005db360090100000006000000010001000600000000000000070000c00700000037090000020000000700000000000000010000c04effffff6d000000070000004c070000000000000e0000800700000001ffe110cde64316b980aa040000ff0100000100008000000000190000800600000000020000ff7f"]) 03:42:31 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:31 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.\n.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:31 executing program 2: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x240, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f000094f000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 142.519332][ T9591] FAT-fs (loop3): Can't find a valid FAT filesystem [ 142.543014][ T9611] FAULT_INJECTION: forcing a failure. [ 142.543014][ T9611] name failslab, interval 1, probability 0, space 0, times 0 03:42:31 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 142.589231][ T9611] CPU: 1 PID: 9611 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 142.597094][ T9611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.607162][ T9611] Call Trace: [ 142.610471][ T9611] dump_stack+0x1d8/0x2f8 [ 142.614820][ T9611] should_fail+0x608/0x860 [ 142.619246][ T9611] ? setup_fault_attr+0x2b0/0x2b0 [ 142.624282][ T9611] ? tomoyo_encode2+0x273/0x5a0 [ 142.629148][ T9611] __should_failslab+0x11a/0x160 [ 142.634095][ T9611] ? tomoyo_encode2+0x273/0x5a0 [ 142.638931][ T9611] should_failslab+0x9/0x20 [ 142.643521][ T9611] __kmalloc+0x7a/0x310 [ 142.647673][ T9611] tomoyo_encode2+0x273/0x5a0 [ 142.652438][ T9611] ? dynamic_dname+0x1a0/0x1a0 [ 142.657191][ T9611] tomoyo_realpath_from_path+0x769/0x7c0 [ 142.662807][ T9611] tomoyo_path_perm+0x218/0x8b0 [ 142.667634][ T9611] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 142.673680][ T9611] ? trace_lock_acquire+0x190/0x190 [ 142.678875][ T9611] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 142.684670][ T9611] tomoyo_path_truncate+0x1c/0x20 [ 142.689675][ T9611] security_path_truncate+0xd5/0x150 [ 142.694941][ T9611] do_sys_ftruncate+0x3b1/0x6b0 [ 142.699784][ T9611] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 142.705596][ T9611] ? debug_smp_processor_id+0x1c/0x20 [ 142.710966][ T9611] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 142.717026][ T9611] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 142.722726][ T9611] ? __x64_sys_memfd_create+0x70/0x70 [ 142.728084][ T9611] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 142.733701][ T9611] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 142.739142][ T9611] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 142.744843][ T9611] ? do_syscall_64+0x1d/0x140 [ 142.749514][ T9611] __x64_sys_ftruncate+0x60/0x70 [ 142.754433][ T9611] do_syscall_64+0xfe/0x140 [ 142.758921][ T9611] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 142.764812][ T9611] RIP: 0033:0x459797 [ 142.768689][ T9611] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 142.788283][ T9611] RSP: 002b:00007f6a32530a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 142.796696][ T9611] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000459797 [ 142.804665][ T9611] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000004 [ 142.812633][ T9611] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 142.822569][ T9611] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000004 [ 142.830529][ T9611] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:31 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400000, 0x0) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040), &(0x7f0000000080)=0x10) [ 142.840124][ T9611] ERROR: Out of memory at tomoyo_realpath_from_path. [ 142.922687][ T9611] FAT-fs (loop5): bogus number of reserved sectors [ 142.929244][ T9611] FAT-fs (loop5): Can't find a valid FAT filesystem 03:42:32 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x2000) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x1, 0x0) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/41}) 03:42:32 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.%.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:32 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:32 executing program 3: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x40000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xc0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x9, 0x4}, 0x0, 0x0, &(0x7f0000000180)={0x0, 0xb, 0x2, 0x5}, &(0x7f00000001c0)=0x401, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=0xcc}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={r0, 0x10, &(0x7f0000000340)={&(0x7f0000000040)=""/149, 0x95, r1}}, 0xfffffffffffffd98) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) openat$null(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/null\x00', 0x40, 0x0) 03:42:32 executing program 5 (fault-call:0 fault-nth:9): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:32 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)=0x0) ioprio_set$pid(0x3, r0, 0xd5b) 03:42:32 executing program 3: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x40000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xc0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x9, 0x4}, 0x0, 0x0, &(0x7f0000000180)={0x0, 0xb, 0x2, 0x5}, &(0x7f00000001c0)=0x401, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=0xcc}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={r0, 0x10, &(0x7f0000000340)={&(0x7f0000000040)=""/149, 0x95, r1}}, 0xfffffffffffffd98) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) openat$null(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/null\x00', 0x40, 0x0) 03:42:32 executing program 4: r0 = shmget$private(0x0, 0x1000, 0x66, &(0x7f0000ffe000/0x1000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f0000000200)=""/164) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getgid() setresgid(r1, r2, r3) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80000, 0x10) ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000952000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2000}) accept4$packet(r4, &(0x7f0000001480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000014c0)=0x14, 0x80000) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000001500)={'vcan0\x00', r5}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r6 = shmget$private(0x0, 0x4000, 0x8, &(0x7f0000953000/0x4000)=nil) ioctl$EVIOCGABS2F(r4, 0x8018456f, &(0x7f0000000140)=""/132) shmctl$SHM_STAT(r6, 0xd, &(0x7f0000000080)=""/155) 03:42:32 executing program 1: mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:32 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}}, [0x6, 0x3569, 0x745f, 0x0, 0x4, 0x69a, 0x4, 0x6, 0x6, 0x9, 0x4, 0xffffffffffffffff, 0x1ff, 0x3f, 0x1800000000000000]}, &(0x7f0000000140)=0x100) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r1, 0x2, 0x1f}, 0xc) [ 143.238309][ T9655] FAULT_INJECTION: forcing a failure. [ 143.238309][ T9655] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 143.251550][ T9655] CPU: 1 PID: 9655 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 143.259351][ T9655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.259356][ T9655] Call Trace: [ 143.259376][ T9655] dump_stack+0x1d8/0x2f8 [ 143.259392][ T9655] should_fail+0x608/0x860 [ 143.259404][ T9655] ? setup_fault_attr+0x2b0/0x2b0 03:42:32 executing program 1: mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 143.259418][ T9655] ? __bfs+0x550/0x550 [ 143.259431][ T9655] should_fail_alloc_page+0x55/0x60 [ 143.259443][ T9655] prepare_alloc_pages+0x283/0x460 [ 143.300856][ T9655] __alloc_pages_nodemask+0x11c/0x790 [ 143.306243][ T9655] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 143.311798][ T9655] ? __lock_acquire+0xcf7/0x1a40 [ 143.317106][ T9655] ? check_preemption_disabled+0x47/0x280 [ 143.322842][ T9655] kmem_getpages+0x46/0x480 [ 143.327358][ T9655] cache_grow_begin+0x7e/0x2c0 [ 143.332132][ T9655] cache_alloc_refill+0x311/0x3f0 03:42:32 executing program 2: msync(&(0x7f0000950000/0x1000)=nil, 0x1000, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x400200, 0xf0) [ 143.337166][ T9655] ? check_preemption_disabled+0xb7/0x280 [ 143.337184][ T9655] __kmalloc+0x2e5/0x310 [ 143.337205][ T9655] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 143.352867][ T9655] tomoyo_realpath_from_path+0xdc/0x7c0 [ 143.358434][ T9655] tomoyo_path_perm+0x218/0x8b0 [ 143.363312][ T9655] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 143.369392][ T9655] ? trace_lock_acquire+0x190/0x190 [ 143.374628][ T9655] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 143.380344][ T9655] tomoyo_path_truncate+0x1c/0x20 03:42:32 executing program 1: mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 143.380357][ T9655] security_path_truncate+0xd5/0x150 [ 143.380372][ T9655] do_sys_ftruncate+0x3b1/0x6b0 [ 143.395962][ T9655] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 143.404263][ T9655] ? debug_smp_processor_id+0x1c/0x20 [ 143.409647][ T9655] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 143.415737][ T9655] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 143.415753][ T9655] ? __x64_sys_memfd_create+0x70/0x70 [ 143.426826][ T9655] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 143.432452][ T9655] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 143.432465][ T9655] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 143.432474][ T9655] ? do_syscall_64+0x1d/0x140 [ 143.432488][ T9655] __x64_sys_ftruncate+0x60/0x70 [ 143.432501][ T9655] do_syscall_64+0xfe/0x140 [ 143.457731][ T9655] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 143.463622][ T9655] RIP: 0033:0x459797 [ 143.463634][ T9655] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:32 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.-.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:32 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x9}, 0x2) 03:42:32 executing program 3 (fault-call:0 fault-nth:0): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) [ 143.463639][ T9655] RSP: 002b:00007f6a32530a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 143.463648][ T9655] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000459797 [ 143.463653][ T9655] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000004 [ 143.463658][ T9655] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 143.463663][ T9655] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000004 [ 143.463668][ T9655] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 143.609760][ T9683] FAULT_INJECTION: forcing a failure. [ 143.609760][ T9683] name failslab, interval 1, probability 0, space 0, times 0 [ 143.627005][ T9655] FAT-fs (loop5): bogus number of reserved sectors [ 143.652515][ T9683] CPU: 0 PID: 9683 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 143.660452][ T9683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.670516][ T9683] Call Trace: [ 143.671105][ T9655] FAT-fs (loop5): Can't find a valid FAT filesystem [ 143.673813][ T9683] dump_stack+0x1d8/0x2f8 [ 143.673832][ T9683] should_fail+0x608/0x860 [ 143.673845][ T9683] ? setup_fault_attr+0x2b0/0x2b0 [ 143.673867][ T9683] __should_failslab+0x11a/0x160 [ 143.673880][ T9683] ? __se_sys_memfd_create+0x153/0x560 [ 143.673891][ T9683] should_failslab+0x9/0x20 [ 143.673899][ T9683] __kmalloc+0x7a/0x310 [ 143.673907][ T9683] ? strnlen_user+0x1e0/0x260 [ 143.673921][ T9683] __se_sys_memfd_create+0x153/0x560 [ 143.673932][ T9683] ? __x64_sys_memfd_create+0x70/0x70 [ 143.673942][ T9683] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 143.673952][ T9683] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 143.673965][ T9683] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 143.745342][ T9683] ? do_syscall_64+0x1d/0x140 [ 143.750042][ T9683] __x64_sys_memfd_create+0x5b/0x70 [ 143.755252][ T9683] do_syscall_64+0xfe/0x140 [ 143.759767][ T9683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 143.765663][ T9683] RIP: 0033:0x4597c9 [ 143.769560][ T9683] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 143.789167][ T9683] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 03:42:32 executing program 5 (fault-call:0 fault-nth:10): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:32 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:32 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127...0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:32 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001640)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x2}]}, {0x0, [0x0, 0x61, 0x30]}}, 0x0, 0x29}, 0x20) msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x7) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 143.797581][ T9683] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 143.805828][ T9683] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 143.813895][ T9683] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 143.821850][ T9683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3795fd16d4 [ 143.829813][ T9683] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:32 executing program 2: msync(&(0x7f0000953000/0x1000)=nil, 0x1000, 0x1000000000001) 03:42:32 executing program 3 (fault-call:0 fault-nth:1): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:32 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.\\.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:33 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x4) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x7, 0x3, 0x1, 0x8, 0x1, 0x3}, &(0x7f0000000080)=0xad) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 144.014393][ T9708] FAULT_INJECTION: forcing a failure. [ 144.014393][ T9708] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 144.021325][ T9709] FAULT_INJECTION: forcing a failure. [ 144.021325][ T9709] name failslab, interval 1, probability 0, space 0, times 0 [ 144.027641][ T9708] CPU: 1 PID: 9708 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 144.027651][ T9708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.027656][ T9708] Call Trace: [ 144.027677][ T9708] dump_stack+0x1d8/0x2f8 [ 144.027694][ T9708] should_fail+0x608/0x860 [ 144.027705][ T9708] ? setup_fault_attr+0x2b0/0x2b0 [ 144.027728][ T9708] should_fail_alloc_page+0x55/0x60 [ 144.027738][ T9708] prepare_alloc_pages+0x283/0x460 [ 144.027753][ T9708] __alloc_pages_nodemask+0x11c/0x790 [ 144.027769][ T9708] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 144.027787][ T9708] ? fsnotify+0x14b2/0x1580 [ 144.027805][ T9708] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 144.027817][ T9708] kmem_getpages+0x46/0x480 [ 144.027832][ T9708] cache_grow_begin+0x7e/0x2c0 [ 144.116671][ T9708] cache_alloc_refill+0x311/0x3f0 [ 144.121684][ T9708] ? check_preemption_disabled+0xb7/0x280 [ 144.127394][ T9708] kmem_cache_alloc+0x288/0x2b0 [ 144.132232][ T9708] ? getname_flags+0xba/0x640 [ 144.136901][ T9708] getname_flags+0xba/0x640 [ 144.141405][ T9708] getname+0x19/0x20 [ 144.145284][ T9708] do_sys_open+0x2fc/0x620 [ 144.149691][ T9708] ? file_open_root+0x440/0x440 [ 144.154530][ T9708] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 144.160708][ T9708] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 144.166412][ T9708] ? __x64_sys_memfd_create+0x70/0x70 [ 144.171774][ T9708] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 144.177397][ T9708] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 144.182842][ T9708] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 144.188562][ T9708] ? do_syscall_64+0x1d/0x140 [ 144.193232][ T9708] __x64_sys_open+0x87/0x90 [ 144.197735][ T9708] do_syscall_64+0xfe/0x140 [ 144.202234][ T9708] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 144.208113][ T9708] RIP: 0033:0x4136b1 [ 144.211994][ T9708] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 144.233161][ T9708] RSP: 002b:00007f6a32530a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 144.241563][ T9708] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 144.249519][ T9708] RDX: 00007f6a32530b0a RSI: 0000000000000002 RDI: 00007f6a32530b00 [ 144.257476][ T9708] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 144.265433][ T9708] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 144.273481][ T9708] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 144.281507][ T9709] CPU: 0 PID: 9709 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 144.289403][ T9709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.299444][ T9709] Call Trace: [ 144.299464][ T9709] dump_stack+0x1d8/0x2f8 [ 144.299478][ T9709] should_fail+0x608/0x860 [ 144.299488][ T9709] ? setup_fault_attr+0x2b0/0x2b0 [ 144.299506][ T9709] __should_failslab+0x11a/0x160 [ 144.299517][ T9709] ? shmem_alloc_inode+0x1b/0x40 [ 144.299526][ T9709] should_failslab+0x9/0x20 [ 144.299535][ T9709] kmem_cache_alloc+0x56/0x2b0 [ 144.299542][ T9709] ? kasan_check_write+0x14/0x20 [ 144.299549][ T9709] ? shmem_fallocate+0xcd0/0xcd0 [ 144.299558][ T9709] shmem_alloc_inode+0x1b/0x40 [ 144.299565][ T9709] ? shmem_fallocate+0xcd0/0xcd0 [ 144.299578][ T9709] new_inode_pseudo+0x68/0x240 [ 144.335683][ T9709] new_inode+0x28/0x1c0 03:42:33 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:33 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/hwrng\x00', 0x0, 0x0) sendmsg$alg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="512ad4b1f855890f14e8b4bdaf089a409ea1686881522270b7643ce9b510f94210c0416ff5045da3eefcccc59ce5ae5cacc79046acc0b994ab4968d0edbe031e7d7bb780eb0152a21f6026d58de676a83d1356622529b89aa444acd675e6795cad4ce46714441b967b4051af80c7f2fcc7417bc42f6a38913cd383db0a352f4d9d466fdbeb094d9e2bb06e5874", 0x8d}, {&(0x7f0000000180)="547b5076f7e5974f83f6b1662b13e3ec0551c7882f28b48e0e1ee9babe3d09baac6c74866eab1e217cd26249dedb7be09e0e015819d7005790b8637693b6ef7c67d7efef9d2c217425960c0afa9801cfdc26043b3e67bb1f252a39773dce3579f31d7084c11179e289f105c114fd557e79d40c624d8cdb4fb0839c72c0a777610d5517fcd0dd53c04425a4e5269eb8919fc89a4b2f3359b5334ad9aad7ad111a66ee49615d5bb895f2f840e587a5a1f50119fd036fd848f085a8faa6eb5b1505d0837e56b2aa7a3ca645f63a7bf66c23afade0f204cd", 0xd6}, {&(0x7f0000000280)="f8afa4d6604b77a770e87deead60ef5b3fe86f3c00f0212b99e7c950b6c33097e443155b0108ae6377680ae785a2c3f1fa16607e91cbadb4c799885f50eb0ef744d559892586daf5bb193ee4a2c8c71d66d45813d29c95de0ae14527872ae20809139358dc989ec9d7df61dd66ded5510d903b4c350ab218bc8222664c84e8ef76b0f195fcdda581b720a06b501e7ff172b0e5a0bc04d874281fd7cb27217f747a639b5183384268e97420dac68acaff0f4f1c0447bcfa16a0c3dacceff3b1cc3ab95cb228a576acc677c5f36072ce1fb91de39d3a2bc5b23326e772f6e5c88be626fb244c9dcb621147d06322", 0xed}, {&(0x7f0000000380)="9f6073dd63e86730a43576ab3bb98f255a02a54315370ac417156145263ea02729e164b4cfa25b37e9e0de814b504eec27058455eb5c9de9bcdf9389094a6f7affb530d45e2085291a", 0x49}, {&(0x7f0000000400)="3a28c12317d0a446f53909", 0xb}, {&(0x7f0000000440)="beb218ea8f53a41a4b4003823427d9232d82ff3944076e15552005cf63d659cf10af5f1967b68be51ec9", 0x2a}, {&(0x7f0000000000)="e539b3cb6b2b040a85c06505e6f00c5f2d68327a08fd9b08dea0dddc0478e8e3f7484050c820df2c9eda2c6e23aa77b045e9ae8e82ea", 0x36}, {&(0x7f00000004c0)="d7c34177cd63d6516a428df7da1e1a826386e3d3f3c323d105906007ee641947d945b4f4b3f7829db001b62daf7f97f959305bb1d2b41fe222b8e7f9ecd86fba91a73bf87acb169f6f73955d3e7102e1e611", 0x52}, {&(0x7f0000000540)="c5f6bc47a10553fefcfdb5ca402844fca6d7d35f6345949fdb71ea00d4b812c5e9094a804b3d393ae143472d0d8d29f6e15eb6e6bf4f6cd1f9cf1874a6a08be964f008a770aafe8676ce071a524b9bb218e9b6a0", 0x54}, {&(0x7f00000005c0)="9bdbd8870248f0ab8b7a2aa40f5711dbe3ef9483efde52551027fafdbd221fc67390b04cf9a1401fd1368dad4e449a510deef6049c20e496b19dc026c6f192caf40c934cb4fa66018b53de9f118724f291e7fc9273333f40bf3f55bb262ed515adcc51a8656b1c1d106c2dae31cc1ff4d6af7028139fd318dea5dcdf5428f6ac8bd7538ff8cadab0d2597839", 0x8c}], 0x3aa, &(0x7f0000000980)=ANY=[@ANYBLOB="480000000000000017010000020000002e000000710aa93fd118b6ab294702f9840e1b6b4dea1d2cf8be30bc340013904d5be709711131021568d74edb977f226ef500000000000018000000000000001701000004000000e900000000000000180000000000000017010000030000000000000000000000380000000000000017010000020000002400000057a5066dfb2b08e471f33e8b9b3c7068bd331f036c296e2832dac7c1446ffeb72271bd309000000000000000170100000200000078000000e88304745094953d1e1ce6b7169b2a09bf9560d3bddd01cc024355ca3c02016867fdc04ee7b11385eed95c2b32dbbc8974333db2ad10b7dd51ac2910e30ab00129759f3f5760a8a5a34fd579ce120dd44067d9d0bb5ecc5185a4aab583603767ff3a6a83bf7ab8c23f0a242cd5ee6ba8c853440f2215af8b0000000012f6907c6e58babe24ae5ea4c622070e9e42a188277a028bd49714d6092cfb20e127df295c59"], 0x140, 0x8010}, 0x0) ioctl$SIOCAX25GETINFO(r0, 0x89ed, &(0x7f0000000900)) ioctl$sock_rose_SIOCADDRT(r0, 0x890b, &(0x7f0000000740)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x7, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x6, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6) [ 144.335700][ T9709] ? kasan_check_read+0x11/0x20 [ 144.345539][ T9709] shmem_get_inode+0x11b/0x700 [ 144.345551][ T9709] ? __alloc_fd+0x523/0x5d0 [ 144.345562][ T9709] __shmem_file_setup+0x129/0x280 [ 144.345573][ T9709] shmem_file_setup+0x2f/0x40 [ 144.345586][ T9709] __se_sys_memfd_create+0x32f/0x560 [ 144.345596][ T9709] ? __x64_sys_memfd_create+0x70/0x70 [ 144.345607][ T9709] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 144.345619][ T9709] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 144.345630][ T9709] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 144.345642][ T9709] ? do_syscall_64+0x1d/0x140 [ 144.369130][ T9709] __x64_sys_memfd_create+0x5b/0x70 [ 144.369145][ T9709] do_syscall_64+0xfe/0x140 [ 144.369163][ T9709] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 144.383413][ T9709] RIP: 0033:0x4597c9 [ 144.383424][ T9709] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:42:33 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0\n0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:33 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x100000000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 144.383429][ T9709] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 144.383437][ T9709] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 144.383442][ T9709] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 144.383448][ T9709] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 144.383454][ T9709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3795fd16d4 [ 144.383459][ T9709] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 144.580459][ T9708] FAT-fs (loop5): bogus number of reserved sectors [ 144.632046][ T9708] FAT-fs (loop5): Can't find a valid FAT filesystem 03:42:33 executing program 5 (fault-call:0 fault-nth:11): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:33 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x400000, 0x0) ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f0000000480)={0x3f, 0x3, 0x8}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mlock2(&(0x7f0000953000/0x1000)=nil, 0x1000, 0x1) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000380)=0xe8) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x96b9, 0x3, &(0x7f0000000200)=[{&(0x7f0000000080)="03d6217ac2a95731325ec227133d6f7908ca169e291f1163f6762cbd7e23dffb7f56a1b55f0430", 0x27, 0x6}, {&(0x7f00000000c0)}, {&(0x7f0000000100)="ba71ffca801140868d0a638057abc5e4ae648a0fd31aed14c059dd49fb1e636c0a20d3d2abfc51c5df607c7ecea306dbd5f4a0abfd4e4439efe4d05172af3761e6649a36a4982500dae06aeed3d65aa6775562489f01aa75e20b417e755921bae5221740cca62a3ba962248fcb7cb4324fb63f6a61965ed7ea2b9e736a2db4af08da74091e8cb434adf1f06c57d3ecffc0a5ce530c089d3596a810942d7c4bf0d0a570b779667d155979da2ac9675169d9de754430effc6a54d1432b9602db26a5018dfea438b9cbabed3a8b5b83ee055948dc61bcb89d502d672fe74814b84e4593a29a1bf64716aa98e730fcf065eb6380", 0xf2, 0x7}], 0x20, &(0x7f00000003c0)={[{@noload='noload'}, {@noacl='noacl'}, {@nouid32='nouid32'}, {@nogrpid='nogrpid'}], [{@smackfsdef={'smackfsdef', 0x3d, 'cgroupnodev^'}}, {@euid_eq={'euid', 0x3d, r1}}, {@subj_type={'subj_type', 0x3d, '^-+)'}}, {@smackfsdef={'smackfsdef', 0x3d, '<-md5sum'}}, {@permit_directio='permit_directio'}, {@func={'func', 0x3d, 'MMAP_CHECK'}}]}) 03:42:33 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:33 executing program 3 (fault-call:0 fault-nth:2): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:33 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0/0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:33 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x80000) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000140)={0x6c, 0x21a1, 0x40000000, 0xeb0, 0x17, 0x364, 0x7f, 0x5, 0x42a384f5, 0x74, 0x23f, 0xcc}) accept4$ax25(r0, &(0x7f00000000c0)={{0x3, @null}, [@null, @netrom, @bcast, @remote, @bcast, @null, @null]}, &(0x7f0000000040)=0x48, 0x800) [ 144.753509][ T9743] FAULT_INJECTION: forcing a failure. [ 144.753509][ T9743] name failslab, interval 1, probability 0, space 0, times 0 [ 144.765230][ T9746] FAULT_INJECTION: forcing a failure. [ 144.765230][ T9746] name failslab, interval 1, probability 0, space 0, times 0 [ 144.785194][ T9746] CPU: 0 PID: 9746 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 144.793041][ T9746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.793048][ T9746] Call Trace: [ 144.793075][ T9746] dump_stack+0x1d8/0x2f8 [ 144.793092][ T9746] should_fail+0x608/0x860 [ 144.793106][ T9746] ? setup_fault_attr+0x2b0/0x2b0 [ 144.793127][ T9746] __should_failslab+0x11a/0x160 [ 144.793138][ T9746] ? __alloc_file+0x29/0x350 [ 144.793149][ T9746] should_failslab+0x9/0x20 [ 144.793157][ T9746] kmem_cache_alloc+0x56/0x2b0 [ 144.793170][ T9746] ? stack_trace_save+0x1e0/0x1e0 [ 144.793181][ T9746] __alloc_file+0x29/0x350 [ 144.793190][ T9746] ? alloc_empty_file+0x4c/0x1b0 [ 144.793202][ T9746] alloc_empty_file+0xac/0x1b0 [ 144.793213][ T9746] path_openat+0x12b/0x4400 [ 144.793225][ T9746] ? arch_stack_walk+0x98/0xe0 [ 144.793239][ T9746] ? __bfs+0x550/0x550 [ 144.793255][ T9746] ? stack_trace_save+0x111/0x1e0 [ 144.877385][ T9746] ? __lock_acquire+0xcf7/0x1a40 [ 144.882312][ T9746] ? check_preemption_disabled+0x47/0x280 [ 144.888119][ T9746] ? do_filp_open+0x430/0x430 [ 144.892798][ T9746] ? __lock_acquire+0xcf7/0x1a40 [ 144.897760][ T9746] ? expand_files+0x511/0xa90 [ 144.897775][ T9746] do_filp_open+0x1f7/0x430 [ 144.906935][ T9746] ? vfs_tmpfile+0x230/0x230 [ 144.911541][ T9746] ? kasan_check_read+0x11/0x20 [ 144.916403][ T9746] ? do_raw_spin_unlock+0x49/0x260 [ 144.921520][ T9746] ? _raw_spin_unlock+0x2c/0x50 [ 144.926401][ T9746] ? get_unused_fd_flags+0x97/0xb0 [ 144.931687][ T9746] do_sys_open+0x343/0x620 [ 144.936111][ T9746] ? file_open_root+0x440/0x440 [ 144.940947][ T9746] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 144.947008][ T9746] ? prepare_exit_to_usermode+0x1e1/0x4f0 03:42:33 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:33 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0\\0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 144.952736][ T9746] ? __x64_sys_memfd_create+0x70/0x70 [ 144.958121][ T9746] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 144.963766][ T9746] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 144.969230][ T9746] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 144.975053][ T9746] ? do_syscall_64+0x1d/0x140 [ 144.979730][ T9746] __x64_sys_open+0x87/0x90 [ 144.984230][ T9746] do_syscall_64+0xfe/0x140 [ 144.988736][ T9746] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 144.994613][ T9746] RIP: 0033:0x4136b1 [ 144.998494][ T9746] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 145.018088][ T9746] RSP: 002b:00007f6a32530a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 145.026492][ T9746] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 145.034453][ T9746] RDX: 00007f6a32530b0a RSI: 0000000000000002 RDI: 00007f6a32530b00 [ 145.042407][ T9746] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 145.050377][ T9746] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 145.058345][ T9746] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 145.077979][ T9743] CPU: 0 PID: 9743 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 145.085822][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.095992][ T9743] Call Trace: [ 145.099272][ T9743] dump_stack+0x1d8/0x2f8 [ 145.103592][ T9743] should_fail+0x608/0x860 [ 145.107997][ T9743] ? setup_fault_attr+0x2b0/0x2b0 [ 145.113030][ T9743] __should_failslab+0x11a/0x160 [ 145.117960][ T9743] ? security_inode_alloc+0x36/0x1e0 [ 145.123228][ T9743] should_failslab+0x9/0x20 [ 145.127716][ T9743] kmem_cache_alloc+0x56/0x2b0 [ 145.132468][ T9743] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 145.138198][ T9743] security_inode_alloc+0x36/0x1e0 [ 145.143298][ T9743] inode_init_always+0x3b5/0x8d0 [ 145.148217][ T9743] ? shmem_fallocate+0xcd0/0xcd0 [ 145.153136][ T9743] new_inode_pseudo+0x7f/0x240 [ 145.157895][ T9743] new_inode+0x28/0x1c0 [ 145.162022][ T9743] ? kasan_check_read+0x11/0x20 [ 145.166856][ T9743] shmem_get_inode+0x11b/0x700 [ 145.171596][ T9743] ? __alloc_fd+0x523/0x5d0 [ 145.176075][ T9743] __shmem_file_setup+0x129/0x280 [ 145.181075][ T9743] shmem_file_setup+0x2f/0x40 [ 145.185746][ T9743] __se_sys_memfd_create+0x32f/0x560 [ 145.191019][ T9743] ? __x64_sys_memfd_create+0x70/0x70 [ 145.196399][ T9743] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 145.202269][ T9743] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 145.207703][ T9743] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 145.213401][ T9743] ? do_syscall_64+0x1d/0x140 [ 145.218090][ T9743] __x64_sys_memfd_create+0x5b/0x70 [ 145.223281][ T9743] do_syscall_64+0xfe/0x140 [ 145.227775][ T9743] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 145.233641][ T9743] RIP: 0033:0x4597c9 03:42:34 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2) getpgrp(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000300)={0x0, 0xf0, "63f33c87b7f1e65d092225b558a4a2534d2daac103abb1e9ff5e020191816c1e547a1c01e92cc35831612f5b0eae86592cd3ddd58664b109c439eefc450d5f59b5a2edb12bfa572d61d29c4692d0ea273774dde7a363c9c61504fa0b9f2f72e5c3e5561edd2da5f7b2df4ff3a332022cec569e1cb57ce65cf2514366b37d71723d06630117f414861ef78acecf141bcaf056215841978190fd138155b1e8b31b8459587c71c55865bff38cffd4b8c71add659ee2cfbf8af665bc0031d9c0b9d18804b73a3aeb33570478a32960facb1e7dfb2a8b1c477ad7aa72db5d557ac3c64dfb7881c23cd66f48ae3a0514dc9379"}, &(0x7f0000000400)=0xf8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000440)={r1, @in6={{0xa, 0x4e22, 0xffff, @remote, 0x2}}}, &(0x7f0000000500)=0x84) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000140)={{{@in=@broadcast, @in=@remote}}, {{@in6=@mcast2}, 0x0, @in6}}, &(0x7f0000000240)=0xe8) getgroups(0x4, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0xffffffffffffffff]) r2 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@ipx, &(0x7f0000000080)=0x80, 0x80800) ioctl$sock_inet_sctp_SIOCINQ(r2, 0x541b, &(0x7f00000000c0)) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000002c0)={r1, 0xffb, 0x2c}, &(0x7f0000000540)=0x8) [ 145.237509][ T9743] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 145.257119][ T9743] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 145.265521][ T9743] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 145.273498][ T9743] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 145.281452][ T9743] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 145.289403][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3795fd16d4 [ 145.297355][ T9743] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:34 executing program 5 (fault-call:0 fault-nth:12): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:34 executing program 3 (fault-call:0 fault-nth:3): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:34 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x200, 0x0) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000040)=0xf) 03:42:34 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:34 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x4) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x200, 0x0) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000040)={0x0, 0x4, 0x4, 0x29, &(0x7f0000952000/0x1000)=nil, 0xe900000000000}) 03:42:34 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.\n.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 145.490184][ T9770] FAULT_INJECTION: forcing a failure. [ 145.490184][ T9770] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 145.503434][ T9770] CPU: 0 PID: 9770 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 145.511243][ T9770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.521308][ T9770] Call Trace: [ 145.524617][ T9770] dump_stack+0x1d8/0x2f8 [ 145.529055][ T9770] should_fail+0x608/0x860 [ 145.533492][ T9770] ? setup_fault_attr+0x2b0/0x2b0 03:42:34 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 145.538532][ T9770] ? __bfs+0x550/0x550 [ 145.542619][ T9770] should_fail_alloc_page+0x55/0x60 [ 145.547834][ T9770] prepare_alloc_pages+0x283/0x460 [ 145.552964][ T9770] __alloc_pages_nodemask+0x11c/0x790 [ 145.558364][ T9770] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 145.563925][ T9770] ? __lock_acquire+0xcf7/0x1a40 [ 145.568877][ T9770] ? check_preemption_disabled+0x47/0x280 [ 145.574611][ T9770] kmem_getpages+0x46/0x480 [ 145.579124][ T9770] cache_grow_begin+0x7e/0x2c0 [ 145.583894][ T9770] cache_alloc_refill+0x311/0x3f0 03:42:34 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x2) [ 145.588921][ T9770] ? check_preemption_disabled+0xb7/0x280 [ 145.594650][ T9770] __kmalloc+0x2e5/0x310 [ 145.598898][ T9770] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 145.604632][ T9770] tomoyo_realpath_from_path+0xdc/0x7c0 [ 145.610196][ T9770] tomoyo_check_open_permission+0x1f2/0x9e0 [ 145.616110][ T9770] ? tomoyo_check_path_number_acl+0x240/0x240 [ 145.622187][ T9770] ? smk_access+0x4f0/0x4f0 [ 145.626708][ T9770] tomoyo_file_open+0x141/0x190 [ 145.626728][ T9770] security_file_open+0x65/0x2f0 [ 145.626742][ T9770] do_dentry_open+0x397/0x1060 [ 145.626761][ T9770] ? finish_open+0xe0/0xe0 [ 145.626772][ T9770] ? inode_permission+0xe3/0x580 [ 145.626787][ T9770] vfs_open+0x73/0x80 [ 145.626797][ T9770] path_openat+0x136d/0x4400 [ 145.626814][ T9770] ? arch_stack_walk+0x98/0xe0 [ 145.659216][ T9770] ? stack_trace_save+0x111/0x1e0 [ 145.659242][ T9770] ? do_filp_open+0x430/0x430 [ 145.673663][ T9770] ? __lock_acquire+0xcf7/0x1a40 [ 145.678651][ T9770] ? expand_files+0x511/0xa90 [ 145.683344][ T9770] do_filp_open+0x1f7/0x430 03:42:34 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.%.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 145.687859][ T9770] ? vfs_tmpfile+0x230/0x230 [ 145.692580][ T9770] ? kasan_check_read+0x11/0x20 [ 145.697437][ T9770] ? do_raw_spin_unlock+0x49/0x260 [ 145.702568][ T9770] ? _raw_spin_unlock+0x2c/0x50 [ 145.707449][ T9770] ? get_unused_fd_flags+0x97/0xb0 [ 145.712583][ T9770] do_sys_open+0x343/0x620 [ 145.712599][ T9770] ? file_open_root+0x440/0x440 [ 145.712609][ T9770] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 145.712623][ T9770] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 145.712631][ T9770] ? __x64_sys_memfd_create+0x70/0x70 [ 145.712642][ T9770] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 145.712650][ T9770] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 145.712661][ T9770] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 145.712670][ T9770] ? do_syscall_64+0x1d/0x140 [ 145.712681][ T9770] __x64_sys_open+0x87/0x90 [ 145.712693][ T9770] do_syscall_64+0xfe/0x140 [ 145.712710][ T9770] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 145.712719][ T9770] RIP: 0033:0x4136b1 03:42:34 executing program 2: msync(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1) [ 145.712729][ T9770] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 145.712734][ T9770] RSP: 002b:00007f6a32530a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 145.744754][ T9770] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 145.744762][ T9770] RDX: 00007f6a32530b0a RSI: 0000000000000002 RDI: 00007f6a32530b00 [ 145.744769][ T9770] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 145.744775][ T9770] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 03:42:34 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 145.744782][ T9770] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 145.804455][ T9784] FAULT_INJECTION: forcing a failure. [ 145.804455][ T9784] name failslab, interval 1, probability 0, space 0, times 0 [ 145.857897][ T9784] CPU: 1 PID: 9784 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 145.868527][ T9784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.871785][ T9770] FAT-fs (loop5): bogus number of reserved sectors [ 145.878594][ T9784] Call Trace: [ 145.878618][ T9784] dump_stack+0x1d8/0x2f8 [ 145.878635][ T9784] should_fail+0x608/0x860 [ 145.878647][ T9784] ? setup_fault_attr+0x2b0/0x2b0 [ 145.878670][ T9784] __should_failslab+0x11a/0x160 [ 145.878682][ T9784] ? __d_alloc+0x2d/0x6e0 [ 145.878693][ T9784] should_failslab+0x9/0x20 [ 145.878709][ T9784] kmem_cache_alloc+0x56/0x2b0 [ 145.885359][ T9770] FAT-fs (loop5): Can't find a valid FAT filesystem [ 145.888498][ T9784] __d_alloc+0x2d/0x6e0 [ 145.888516][ T9784] ? ktime_get_coarse_real_ts64+0xaf/0xc0 [ 145.888531][ T9784] d_alloc_pseudo+0x1d/0x70 [ 145.897261][ T9784] alloc_file_pseudo+0x128/0x310 [ 145.897275][ T9784] ? lockdep_init_map+0x2a/0x680 [ 145.897287][ T9784] ? alloc_empty_file_noaccount+0x80/0x80 [ 145.897297][ T9784] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 145.897312][ T9784] ? kasan_check_write+0x14/0x20 [ 145.968616][ T9784] ? clear_nlink+0x87/0xe0 [ 145.973017][ T9784] __shmem_file_setup+0x1a2/0x280 [ 145.978031][ T9784] shmem_file_setup+0x2f/0x40 [ 145.983872][ T9784] __se_sys_memfd_create+0x32f/0x560 [ 145.989271][ T9784] ? __x64_sys_memfd_create+0x70/0x70 [ 145.994636][ T9784] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 146.000272][ T9784] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 146.005714][ T9784] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 146.011425][ T9784] ? do_syscall_64+0x1d/0x140 [ 146.016086][ T9784] __x64_sys_memfd_create+0x5b/0x70 [ 146.021274][ T9784] do_syscall_64+0xfe/0x140 [ 146.025794][ T9784] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 146.031666][ T9784] RIP: 0033:0x4597c9 [ 146.035554][ T9784] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 146.055148][ T9784] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 146.063556][ T9784] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 146.071514][ T9784] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 146.079472][ T9784] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 146.087428][ T9784] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3795fd16d4 [ 146.096357][ T9784] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:35 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = add_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="6d2701911ac44e6a5da602cb5a155de7deb3c2dd3bb782c3937d8cbc16bc0388fafcc502d6d3a86990", 0x29, 0xfffffffffffffff9) r1 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r0) r2 = syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x8, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000200)=0x0) ioctl$TIOCSPGRP(r2, 0x5410, &(0x7f0000000280)=r3) r4 = openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x200000, 0x0) connect$ax25(r4, &(0x7f0000000140)={{0x3, @bcast, 0x2}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @null, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x48) keyctl$negate(0xd, r0, 0xc0, r1) 03:42:35 executing program 5 (fault-call:0 fault-nth:13): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:35 executing program 3 (fault-call:0 fault-nth:4): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:35 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x4, 0x80) ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f00000002c0)=""/221) msync(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000001c0)={0x1, r0}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x109100, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0xf5, 0x0, [0xffff, 0x10000, 0xfffffffffffffbff, 0xd3]}) ioctl$SIOCGSTAMP(r1, 0x8906, &(0x7f00000000c0)) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000040)=0x2) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000100)={0x93, 0x7, 0x1, 0x0, 0x24, 0x1, 0x2, 0x1, 0xfffffffffffffffc, 0x9, 0x5}, 0xb) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x5) unshare(0x10000) 03:42:35 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.-.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:35 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 146.277765][ T9805] FAULT_INJECTION: forcing a failure. [ 146.277765][ T9805] name failslab, interval 1, probability 0, space 0, times 0 [ 146.312638][ T9805] CPU: 0 PID: 9805 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 146.320493][ T9805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.330558][ T9805] Call Trace: [ 146.333856][ T9805] dump_stack+0x1d8/0x2f8 [ 146.338193][ T9805] should_fail+0x608/0x860 [ 146.342631][ T9805] ? setup_fault_attr+0x2b0/0x2b0 [ 146.347683][ T9805] __should_failslab+0x11a/0x160 [ 146.352646][ T9805] ? __alloc_file+0x29/0x350 [ 146.357245][ T9805] should_failslab+0x9/0x20 [ 146.361762][ T9805] kmem_cache_alloc+0x56/0x2b0 [ 146.366541][ T9805] __alloc_file+0x29/0x350 [ 146.370976][ T9805] ? alloc_empty_file+0x4c/0x1b0 [ 146.375942][ T9805] alloc_empty_file+0xac/0x1b0 [ 146.380716][ T9805] alloc_file+0x60/0x4c0 [ 146.384980][ T9805] alloc_file_pseudo+0x25b/0x310 [ 146.388538][ T9815] FAULT_INJECTION: forcing a failure. [ 146.388538][ T9815] name failslab, interval 1, probability 0, space 0, times 0 [ 146.389931][ T9805] ? alloc_empty_file_noaccount+0x80/0x80 [ 146.389944][ T9805] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 146.389961][ T9805] ? kasan_check_write+0x14/0x20 [ 146.419574][ T9805] ? clear_nlink+0x87/0xe0 [ 146.424003][ T9805] __shmem_file_setup+0x1a2/0x280 [ 146.429042][ T9805] shmem_file_setup+0x2f/0x40 [ 146.433733][ T9805] __se_sys_memfd_create+0x32f/0x560 [ 146.439041][ T9805] ? __x64_sys_memfd_create+0x70/0x70 [ 146.444424][ T9805] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 146.450066][ T9805] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 146.455542][ T9805] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 146.461283][ T9805] ? do_syscall_64+0x1d/0x140 [ 146.465979][ T9805] __x64_sys_memfd_create+0x5b/0x70 [ 146.471191][ T9805] do_syscall_64+0xfe/0x140 [ 146.475711][ T9805] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 146.481609][ T9805] RIP: 0033:0x4597c9 [ 146.485506][ T9805] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 146.505208][ T9805] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 146.513622][ T9805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 03:42:35 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80000, 0x0) ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f0000000040)={0x100000001, 0x6}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:35 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xd34, 0x800) openat$cgroup_subtree(r0, &(0x7f00000000c0)='cgroup.subtree_control\x00', 0x2, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x105000, 0x0) openat$cgroup_int(r1, &(0x7f0000000040)='rdma.max\x00', 0x2, 0x0) 03:42:35 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 146.521605][ T9805] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 146.529574][ T9805] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 146.529581][ T9805] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3795fd16d4 [ 146.529587][ T9805] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 146.576084][ T9815] CPU: 1 PID: 9815 Comm: syz-executor.5 Not tainted 5.2.0-rc7 #12 [ 146.583945][ T9815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.594013][ T9815] Call Trace: [ 146.597318][ T9815] dump_stack+0x1d8/0x2f8 [ 146.601671][ T9815] should_fail+0x608/0x860 [ 146.606079][ T9815] ? setup_fault_attr+0x2b0/0x2b0 [ 146.606094][ T9815] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 146.606109][ T9815] __should_failslab+0x11a/0x160 [ 146.606125][ T9815] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 146.616829][ T9815] should_failslab+0x9/0x20 [ 146.616837][ T9815] __kmalloc+0x7a/0x310 [ 146.616847][ T9815] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 146.616857][ T9815] tomoyo_realpath_from_path+0xdc/0x7c0 [ 146.616873][ T9815] tomoyo_check_open_permission+0x1f2/0x9e0 [ 146.616888][ T9815] ? tomoyo_check_path_number_acl+0x240/0x240 [ 146.616902][ T9815] ? smk_access+0x4f0/0x4f0 [ 146.636182][ T9815] tomoyo_file_open+0x141/0x190 [ 146.636198][ T9815] security_file_open+0x65/0x2f0 [ 146.647441][ T9815] do_dentry_open+0x397/0x1060 [ 146.647460][ T9815] ? finish_open+0xe0/0xe0 [ 146.647470][ T9815] ? inode_permission+0xe3/0x580 [ 146.647486][ T9815] vfs_open+0x73/0x80 [ 146.647498][ T9815] path_openat+0x136d/0x4400 [ 146.647510][ T9815] ? arch_stack_walk+0x98/0xe0 [ 146.647534][ T9815] ? stack_trace_save+0x111/0x1e0 [ 146.659456][ T9815] ? check_preemption_disabled+0x47/0x280 [ 146.659477][ T9815] ? do_filp_open+0x430/0x430 [ 146.659494][ T9815] ? __lock_acquire+0xcf7/0x1a40 [ 146.668999][ T9815] ? expand_files+0x511/0xa90 03:42:35 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 146.669013][ T9815] do_filp_open+0x1f7/0x430 [ 146.730969][ T9815] ? vfs_tmpfile+0x230/0x230 [ 146.735577][ T9815] ? kasan_check_read+0x11/0x20 [ 146.740441][ T9815] ? do_raw_spin_unlock+0x49/0x260 [ 146.745567][ T9815] ? _raw_spin_unlock+0x2c/0x50 [ 146.750446][ T9815] ? get_unused_fd_flags+0x97/0xb0 [ 146.755573][ T9815] do_sys_open+0x343/0x620 [ 146.760010][ T9815] ? file_open_root+0x440/0x440 [ 146.764867][ T9815] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 146.770945][ T9815] ? prepare_exit_to_usermode+0x1e1/0x4f0 03:42:35 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 146.776669][ T9815] ? __x64_sys_memfd_create+0x70/0x70 [ 146.782049][ T9815] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 146.787693][ T9815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 146.793244][ T9815] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 146.793260][ T9815] ? do_syscall_64+0x1d/0x140 [ 146.793274][ T9815] __x64_sys_open+0x87/0x90 [ 146.793285][ T9815] do_syscall_64+0xfe/0x140 [ 146.793305][ T9815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 146.803662][ T9815] RIP: 0033:0x4136b1 03:42:35 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 146.803672][ T9815] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 146.803677][ T9815] RSP: 002b:00007f6a32530a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 146.803687][ T9815] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 146.803692][ T9815] RDX: 00007f6a32530b0a RSI: 0000000000000002 RDI: 00007f6a32530b00 [ 146.803697][ T9815] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 03:42:35 executing program 3 (fault-call:0 fault-nth:5): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) [ 146.803702][ T9815] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 146.803712][ T9815] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 146.933002][ T9845] FAULT_INJECTION: forcing a failure. [ 146.933002][ T9845] name failslab, interval 1, probability 0, space 0, times 0 [ 146.956752][ T9845] CPU: 1 PID: 9845 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 146.964610][ T9845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.974685][ T9845] Call Trace: [ 146.978015][ T9845] dump_stack+0x1d8/0x2f8 [ 146.982380][ T9845] should_fail+0x608/0x860 [ 146.986819][ T9845] ? setup_fault_attr+0x2b0/0x2b0 [ 146.991888][ T9845] __should_failslab+0x11a/0x160 [ 146.996848][ T9845] ? security_file_alloc+0x36/0x200 [ 147.002155][ T9845] should_failslab+0x9/0x20 [ 147.006680][ T9845] kmem_cache_alloc+0x56/0x2b0 [ 147.011475][ T9845] security_file_alloc+0x36/0x200 [ 147.016509][ T9815] ERROR: Out of memory at tomoyo_realpath_from_path. [ 147.016952][ T9845] __alloc_file+0xb1/0x350 [ 147.028005][ T9845] alloc_empty_file+0xac/0x1b0 [ 147.032755][ T9845] alloc_file+0x60/0x4c0 [ 147.032768][ T9845] alloc_file_pseudo+0x25b/0x310 [ 147.032782][ T9845] ? alloc_empty_file_noaccount+0x80/0x80 [ 147.032792][ T9845] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 147.032806][ T9845] ? kasan_check_write+0x14/0x20 [ 147.032818][ T9845] ? clear_nlink+0x87/0xe0 [ 147.039964][ T9815] FAT-fs (loop5): bogus number of reserved sectors [ 147.042466][ T9845] __shmem_file_setup+0x1a2/0x280 [ 147.042481][ T9845] shmem_file_setup+0x2f/0x40 [ 147.042493][ T9845] __se_sys_memfd_create+0x32f/0x560 [ 147.042504][ T9845] ? __x64_sys_memfd_create+0x70/0x70 [ 147.042524][ T9845] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 147.048629][ T9815] FAT-fs (loop5): Can't find a valid FAT filesystem [ 147.054541][ T9845] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 147.054554][ T9845] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 147.054563][ T9845] ? do_syscall_64+0x1d/0x140 [ 147.054577][ T9845] __x64_sys_memfd_create+0x5b/0x70 [ 147.054592][ T9845] do_syscall_64+0xfe/0x140 [ 147.070412][ T9845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 147.070426][ T9845] RIP: 0033:0x4597c9 [ 147.085352][ T9845] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 147.085359][ T9845] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 147.085374][ T9845] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004597c9 [ 147.085379][ T9845] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be6cc [ 147.085384][ T9845] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 147.085390][ T9845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3795fd16d4 [ 147.085396][ T9845] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:36 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0...1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:36 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:36 executing program 2: ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) flistxattr(0xffffffffffffffff, &(0x7f0000000100)=""/65, 0x41) recvmmsg(0xffffffffffffffff, &(0x7f0000001900), 0x0, 0x2, &(0x7f0000001980)={0x0, 0x989680}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x200, 0x24040) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1) r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, &(0x7f00000000c0)={'TPROXY\x00\x00\x00\xf8\xff\xff\xff\xff\xff\xff\xff\x00'}, &(0x7f0000000080)=0x1e) ioctl(r2, 0xffffffffffff7fb7, &(0x7f0000000080)) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:36 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x183000, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000100)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000200)=0xe8) r2 = getgid() mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xc00}}, {@default_permissions='default_permissions'}], [{@smackfsroot={'smackfsroot', 0x3d, 'vmnet1'}}, {@smackfsdef={'smackfsdef', 0x3d, 'proc^vboxnet1^'}}, {@subj_user={'subj_user'}}, {@pcr={'pcr', 0x3d, 0x3f}}]}}) socket$inet(0x2, 0x80000, 0x5) 03:42:36 executing program 3 (fault-call:0 fault-nth:6): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) [ 147.291161][ T9857] FAULT_INJECTION: forcing a failure. [ 147.291161][ T9857] name failslab, interval 1, probability 0, space 0, times 0 [ 147.323181][ T9857] CPU: 0 PID: 9857 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 147.331043][ T9857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.341104][ T9857] Call Trace: [ 147.344407][ T9857] dump_stack+0x1d8/0x2f8 [ 147.348750][ T9857] should_fail+0x608/0x860 [ 147.353182][ T9857] ? setup_fault_attr+0x2b0/0x2b0 [ 147.358212][ T9857] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 147.363949][ T9857] __should_failslab+0x11a/0x160 [ 147.368897][ T9857] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 147.374620][ T9857] should_failslab+0x9/0x20 [ 147.379118][ T9857] __kmalloc+0x7a/0x310 [ 147.383278][ T9857] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 147.389009][ T9857] tomoyo_realpath_from_path+0xdc/0x7c0 [ 147.394570][ T9857] tomoyo_path_perm+0x218/0x8b0 [ 147.400800][ T9857] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 147.406878][ T9857] ? trace_lock_acquire+0x190/0x190 [ 147.412102][ T9857] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 147.417814][ T9857] tomoyo_path_truncate+0x1c/0x20 [ 147.422845][ T9857] security_path_truncate+0xd5/0x150 [ 147.428136][ T9857] do_sys_ftruncate+0x3b1/0x6b0 [ 147.433001][ T9857] ? __x32_compat_sys_truncate+0x1b0/0x1b0 03:42:36 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.\\.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 147.438811][ T9857] ? debug_smp_processor_id+0x1c/0x20 [ 147.444186][ T9857] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 147.450260][ T9857] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 147.455978][ T9857] ? __x64_sys_memfd_create+0x70/0x70 [ 147.461476][ T9857] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 147.467109][ T9857] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 147.472567][ T9857] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 147.478281][ T9857] ? do_syscall_64+0x1d/0x140 [ 147.482948][ T9857] __x64_sys_ftruncate+0x60/0x70 [ 147.482959][ T9857] do_syscall_64+0xfe/0x140 [ 147.482976][ T9857] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 147.482985][ T9857] RIP: 0033:0x459797 [ 147.482995][ T9857] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 147.483000][ T9857] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 147.483010][ T9857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000459797 03:42:36 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0\n1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:36 executing program 2: msync(&(0x7f0000953000/0x1000)=nil, 0x1000, 0x5) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket(0x3, 0x1, 0x5) recvfrom$unix(r1, &(0x7f0000000240)=""/101, 0x65, 0x1, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffff9c, 0x0, 0x1, &(0x7f0000000040)='\x00', 0xffffffffffffffff}, 0x30) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000380)=r2) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = dup(r3) sendto$unix(r5, &(0x7f0000000180)="850d985cc74d4a04f3e9e0400faa7de3e03f76809097f576098d9b608819a8ff40f1f141be517575084137b3d648fe642436", 0x32, 0x800, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e) r6 = socket$caif_stream(0x25, 0x1, 0x1) sendmsg$nl_netfilter(r0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1200002}, 0xc, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB="500100000f07000228bd7000fedbdf250f000000080029000000000008003c00f3c49bd3ba1f968b3184f5ad36845ba32b4a3f5d8204a79db3cb791b776fbb38d5de839b564e4f4df21764b95428d8d6ea61e84642ca1cad87cb2bbfe87ec711be1c46655d634d2b2c94ed9022d56f633a7f38c87de159ef7ac117dee1d6fcb572a1b3debb764dfb9851c3ea1dd258be9db4f0cbec40153c8c0e", @ANYRES32=r2, @ANYBLOB="0c00750008001700ac1414aa20012900b8b74ce32e41bac954ceb7954a4877087ec591b741a208004d00", @ANYRES32=r4, @ANYBLOB="1aa17198870d3204e19673b03e3e3fe90ee8f4212712a8b0b6c3ad137ed078f6ad98309cc03149c42b05cbbebc2215cf94ddfabf5ca1605d2571144ff66d96846d232daa430ea00678bae86a6f465cf1f8dcb9e5abd76fba109bda358c64478e00c62ac2584797c82a7cc6624820934e8be75261bf099f2f65b007818d717f49e1fa4d9f073fa15400e789fddd4348ff30fbc2dc3495424f3626f7ec5f0e00d115fbb6d755a3e61d5e2a68efba09624c4c629c59dfba3daf3b8536bcbc4a87064bea1bd2675d6211e39c29f1d4a26946c0e8b5e71de1f90788f0926d49cd7c9af948702f8648b7f06dfab7cd30080092007fffffff08006c00", @ANYRES32=r6, @ANYBLOB="5596e8d5b8f7980a0ed24a2eb93fead0eb2e271a2795423ec0f03228542b23e319792427c70bc66bb3b78da21f717f045eb811ef452b6a37faed4dc6067e29ef7a6145d4976d459d266247418d5a64cb800125b368bb55f11340af477a5d7c4ee5e17be6f1d7bac015100f5c852f60a3041cb662011797f3adf377305190a6663f0400aca7976a3aed408e10bf6cb92eeeb7aad3ed55e7ef6381a3ff826ff3444a0d27a9f23cf1fffd5aef93ac4f41c86e"], 0x150}, 0x1, 0x0, 0x0, 0x8001}, 0x20000000) [ 147.483015][ T9857] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000004 [ 147.483022][ T9857] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 147.483027][ T9857] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000004 [ 147.483033][ T9857] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 147.489264][ T9860] 9pnet_virtio: no channels available for device [ 147.489264][ T9860] 27.0.0.1 [ 147.502636][ T9857] ERROR: Out of memory at tomoyo_realpath_from_path. [ 147.639276][ T9867] FAT-fs (loop5): bogus number of reserved sectors 03:42:36 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:36 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x100000000, 0x600) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x106, 0x7}}, 0x20) r2 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000100)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), r1, r2}}, 0x18) 03:42:36 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0/1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 147.682597][ T9867] FAT-fs (loop5): Can't find a valid FAT filesystem 03:42:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='\nsdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:36 executing program 3 (fault-call:0 fault-nth:7): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:36 executing program 2: lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000040)={'U+', 0x1}, 0x28, 0x3) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x101000, 0x0) epoll_pwait(r0, &(0x7f00000000c0), 0x0, 0x67, &(0x7f0000000100)={0x7f}, 0x8) [ 147.810159][ T9890] 9pnet_virtio: no channels available for device [ 147.810159][ T9890] 27.0.0.1 03:42:36 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) lsetxattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@random={'user.', '-mime_type\x00'}, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x18, 0x3) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f00000000c0)={0x6, 0x118, 0xfa00, {{0xfffffffffffffff7, 0x200, "bf1e8dd667fa57c3f10e991c7b5e70572ef0e920b1aed877e6a1c282fb8ae843db27eb4ebd5cfd765bbd05401d209bc0b89ba2ab6de01265507f386139a23e8924209ee671f7b64367f03a66134a0a6c7b6001a5bee6c1b81179ec8099e0d2c5cde4cc48976aed0bb22372191bc181d53e051d384c76515adb55dbe1f8141915f35a7a11263ce9d0bbd34e795f7982e914c4238ab9fabfb1b582bc41dcbc166e8daae12546d4e629063b4d9e42e8cdae714d2f0562e4a9d8b5dcf8b51f881066406f7ab603bc365110d5a593fd2d1e55fa115e5bf971b3b8857568365ec2d7eddb93b12f2f3d1af548ec9caf126e6bf33d806b14bc8b17dc0fb2c6930ffdee0a", 0x68, 0xe4, 0x0, 0x9, 0x3, 0x20, 0x3, 0x1}, r1}}, 0x120) msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x800000000000001) 03:42:36 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='\n27.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 147.877730][ T9897] FAULT_INJECTION: forcing a failure. [ 147.877730][ T9897] name failslab, interval 1, probability 0, space 0, times 0 [ 147.914087][ T9897] CPU: 0 PID: 9897 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 147.921939][ T9897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.932000][ T9897] Call Trace: [ 147.935310][ T9897] dump_stack+0x1d8/0x2f8 [ 147.939652][ T9897] should_fail+0x608/0x860 [ 147.944098][ T9897] ? setup_fault_attr+0x2b0/0x2b0 [ 147.949124][ T9897] ? tomoyo_encode2+0x273/0x5a0 [ 147.953975][ T9897] __should_failslab+0x11a/0x160 [ 147.953990][ T9897] ? tomoyo_encode2+0x273/0x5a0 [ 147.954002][ T9897] should_failslab+0x9/0x20 [ 147.954011][ T9897] __kmalloc+0x7a/0x310 [ 147.954025][ T9897] tomoyo_encode2+0x273/0x5a0 [ 147.954040][ T9897] ? dynamic_dname+0x1a0/0x1a0 [ 147.954053][ T9897] tomoyo_realpath_from_path+0x769/0x7c0 [ 147.954069][ T9897] tomoyo_path_perm+0x218/0x8b0 [ 147.968337][ T9897] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 147.968357][ T9897] ? trace_lock_acquire+0x190/0x190 [ 147.968395][ T9897] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 148.010087][ T9897] tomoyo_path_truncate+0x1c/0x20 [ 148.015120][ T9897] security_path_truncate+0xd5/0x150 [ 148.020407][ T9897] do_sys_ftruncate+0x3b1/0x6b0 [ 148.025264][ T9897] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 148.031076][ T9897] ? debug_smp_processor_id+0x1c/0x20 [ 148.036446][ T9897] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 148.042606][ T9897] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 148.048329][ T9897] ? __x64_sys_memfd_create+0x70/0x70 [ 148.053706][ T9897] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 148.059333][ T9897] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 148.064787][ T9897] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 148.064798][ T9897] ? do_syscall_64+0x1d/0x140 03:42:36 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0\\1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:37 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:37 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x40000008) [ 148.064812][ T9897] __x64_sys_ftruncate+0x60/0x70 [ 148.064821][ T9897] do_syscall_64+0xfe/0x140 [ 148.064837][ T9897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 148.064847][ T9897] RIP: 0033:0x459797 [ 148.064857][ T9897] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 148.064861][ T9897] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 148.064871][ T9897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000459797 [ 148.064876][ T9897] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000004 [ 148.064882][ T9897] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 148.064888][ T9897] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000004 [ 148.064894][ T9897] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 148.083298][ T9897] ERROR: Out of memory at tomoyo_realpath_from_path. 03:42:37 executing program 1: ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) flistxattr(0xffffffffffffffff, &(0x7f0000000100)=""/65, 0x41) recvmmsg(0xffffffffffffffff, &(0x7f0000001900), 0x0, 0x2, &(0x7f0000001980)={0x0, 0x989680}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x200, 0x24040) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1) r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, &(0x7f00000000c0)={'TPROXY\x00\x00\x00\xf8\xff\xff\xff\xff\xff\xff\xff\x00'}, &(0x7f0000000080)=0x1e) ioctl(r2, 0xffffffffffff7fb7, &(0x7f0000000080)) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:37 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f0000000080)) socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x17, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="850000005000006d2000000000000000000000007d12146ee3c560c8e4404cc696427d1614bf22632d46cd6e6ffaef741bc5372af7d45124d46645376705e100000000fa082c6a110236df3abe35270c0b3a319a3d5af563a8cf10c85e8ceb275e842f95d3cb3e2f4db71b26ff6ddbf8627f9bf8cae310c39520488cfc5a450d0be2d890b319b0dccd9535166426a5b657fc8c8ad9847a35ae8d1789dafe7f544300608e1a1bc9667604896bc973c5901803c51a0fadb8a9c8d36d0b012580a68fe301b2fbea774eb9cce5278bb07546265c6a1c64c08c61e220702fcf04"], &(0x7f0000000240)='GPL\x00', 0x1, 0x10a, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000000c0)={@broadcast, @remote, 0x0}, &(0x7f0000000100)=0xc) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@mcast2, 0x1a, r1}) arch_prctl$ARCH_SET_GS(0x1001, 0x1ff) [ 148.127132][ T9911] 9pnet_virtio: no channels available for device [ 148.127132][ T9911] 27.0.0.1 03:42:37 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2, 0x0) write$P9_RMKNOD(r0, &(0x7f0000000040)={0x14, 0x13, 0x2, {0x10, 0x4, 0x2}}, 0x14) prctl$PR_SET_TSC(0x1a, 0x2) 03:42:37 executing program 3 (fault-call:0 fault-nth:8): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:37 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='%sdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:37 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0..\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:37 executing program 4: msync(&(0x7f0000953000/0x10000)=nil, 0x10000, 0x1000000000004) 03:42:37 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 148.417857][ T9939] FAULT_INJECTION: forcing a failure. [ 148.417857][ T9939] name failslab, interval 1, probability 0, space 0, times 0 [ 148.435126][ T9939] CPU: 0 PID: 9939 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 148.442965][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 148.453143][ T9939] Call Trace: [ 148.456448][ T9939] dump_stack+0x1d8/0x2f8 [ 148.460788][ T9939] should_fail+0x608/0x860 [ 148.465200][ T9939] ? setup_fault_attr+0x2b0/0x2b0 [ 148.470216][ T9939] __should_failslab+0x11a/0x160 [ 148.475160][ T9939] ? getname_flags+0xba/0x640 [ 148.479825][ T9939] should_failslab+0x9/0x20 [ 148.484595][ T9939] kmem_cache_alloc+0x56/0x2b0 [ 148.489343][ T9939] getname_flags+0xba/0x640 [ 148.493834][ T9939] getname+0x19/0x20 [ 148.497961][ T9939] do_sys_open+0x2fc/0x620 [ 148.502367][ T9939] ? file_open_root+0x440/0x440 [ 148.507202][ T9939] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 148.513259][ T9939] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 148.518980][ T9939] ? __x64_sys_memfd_create+0x70/0x70 [ 148.524329][ T9939] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 148.529939][ T9939] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 148.535388][ T9939] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 148.541097][ T9939] ? do_syscall_64+0x1d/0x140 [ 148.545758][ T9939] __x64_sys_open+0x87/0x90 [ 148.550250][ T9939] do_syscall_64+0xfe/0x140 [ 148.554751][ T9939] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 148.560631][ T9939] RIP: 0033:0x4136b1 [ 148.564511][ T9939] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 148.584112][ T9939] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 148.592522][ T9939] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 148.600504][ T9939] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 148.608456][ T9939] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 148.616423][ T9939] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 148.624380][ T9939] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:37 executing program 3 (fault-call:0 fault-nth:9): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:37 executing program 2: r0 = accept4$bt_l2cap(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000040)=0xe, 0x800) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000080)={0x9, 0x70e82058}, 0x2) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:37 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0./\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:37 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:37 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x208000, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) [ 148.789031][ T9961] FAULT_INJECTION: forcing a failure. [ 148.789031][ T9961] name failslab, interval 1, probability 0, space 0, times 0 [ 148.813592][ T9961] CPU: 1 PID: 9961 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 148.821428][ T9961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 148.821435][ T9961] Call Trace: [ 148.821456][ T9961] dump_stack+0x1d8/0x2f8 [ 148.821474][ T9961] should_fail+0x608/0x860 [ 148.843666][ T9961] ? setup_fault_attr+0x2b0/0x2b0 [ 148.848717][ T9961] __should_failslab+0x11a/0x160 [ 148.853670][ T9961] ? __alloc_file+0x29/0x350 [ 148.858305][ T9961] should_failslab+0x9/0x20 [ 148.862899][ T9961] kmem_cache_alloc+0x56/0x2b0 [ 148.862914][ T9961] ? stack_trace_save+0x1e0/0x1e0 [ 148.862927][ T9961] __alloc_file+0x29/0x350 [ 148.862936][ T9961] ? alloc_empty_file+0x4c/0x1b0 [ 148.862949][ T9961] alloc_empty_file+0xac/0x1b0 [ 148.862961][ T9961] path_openat+0x12b/0x4400 [ 148.862976][ T9961] ? arch_stack_walk+0x98/0xe0 [ 148.877154][ T9961] ? __bfs+0x550/0x550 [ 148.877175][ T9961] ? stack_trace_save+0x111/0x1e0 [ 148.877192][ T9961] ? check_preemption_disabled+0x47/0x280 [ 148.886869][ T9961] ? __lock_acquire+0xcf7/0x1a40 [ 148.886893][ T9961] ? do_filp_open+0x430/0x430 [ 148.886905][ T9961] ? __lock_acquire+0xcf7/0x1a40 [ 148.915972][ T9961] ? expand_files+0x511/0xa90 [ 148.915988][ T9961] do_filp_open+0x1f7/0x430 [ 148.915999][ T9961] ? vfs_tmpfile+0x230/0x230 [ 148.916014][ T9961] ? kasan_check_read+0x11/0x20 [ 148.916024][ T9961] ? do_raw_spin_unlock+0x49/0x260 [ 148.916040][ T9961] ? _raw_spin_unlock+0x2c/0x50 [ 148.916060][ T9961] ? get_unused_fd_flags+0x97/0xb0 [ 148.930360][ T9961] do_sys_open+0x343/0x620 [ 148.930375][ T9961] ? file_open_root+0x440/0x440 [ 148.930386][ T9961] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 148.930403][ T9961] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 148.930410][ T9961] ? __x64_sys_memfd_create+0x70/0x70 03:42:37 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 148.930425][ T9961] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 148.965070][ T9961] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 148.965085][ T9961] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 148.965096][ T9961] ? do_syscall_64+0x1d/0x140 [ 148.965111][ T9961] __x64_sys_open+0x87/0x90 [ 148.965121][ T9961] do_syscall_64+0xfe/0x140 [ 148.965138][ T9961] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 148.965150][ T9961] RIP: 0033:0x4136b1 [ 148.987137][ T9961] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 148.987145][ T9961] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 148.987156][ T9961] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 148.987162][ T9961] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 148.987168][ T9961] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 148.987174][ T9961] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 03:42:38 executing program 4: r0 = accept(0xffffffffffffff9c, 0x0, &(0x7f0000000000)) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), 0x4) msync(&(0x7f0000952000/0x3000)=nil, 0x3000, 0x0) 03:42:38 executing program 2: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x20002, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x3ff, 0x402000) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000080)={0x3, r1}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 148.987179][ T9961] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:38 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='\\sdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:38 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:38 executing program 3 (fault-call:0 fault-nth:10): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:38 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\\\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 149.202877][ T9991] FAULT_INJECTION: forcing a failure. [ 149.202877][ T9991] name failslab, interval 1, probability 0, space 0, times 0 03:42:38 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x40000, 0x0) ioctl$RTC_PLL_GET(r0, 0x80207011, &(0x7f0000000040)) syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x0, 0x400) 03:42:38 executing program 2: msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4) r0 = msgget$private(0x0, 0x10) msgrcv(r0, &(0x7f0000000000)={0x0, ""/5}, 0xd, 0x3, 0x1000) [ 149.291344][ T9991] CPU: 0 PID: 9991 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 149.299210][ T9991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 149.309278][ T9991] Call Trace: [ 149.312589][ T9991] dump_stack+0x1d8/0x2f8 [ 149.316925][ T9991] should_fail+0x608/0x860 [ 149.316940][ T9991] ? setup_fault_attr+0x2b0/0x2b0 [ 149.316961][ T9991] __should_failslab+0x11a/0x160 [ 149.326469][ T9991] ? getname_flags+0xba/0x640 [ 149.326484][ T9991] should_failslab+0x9/0x20 [ 149.326492][ T9991] kmem_cache_alloc+0x56/0x2b0 [ 149.326504][ T9991] getname_flags+0xba/0x640 [ 149.326515][ T9991] getname+0x19/0x20 [ 149.326526][ T9991] do_sys_open+0x2fc/0x620 [ 149.326537][ T9991] ? file_open_root+0x440/0x440 [ 149.326546][ T9991] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 149.326557][ T9991] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 149.326564][ T9991] ? __x64_sys_memfd_create+0x70/0x70 [ 149.326574][ T9991] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 149.326582][ T9991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 149.326592][ T9991] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 149.326604][ T9991] ? do_syscall_64+0x1d/0x140 [ 149.369085][ T9991] __x64_sys_open+0x87/0x90 [ 149.369104][ T9991] do_syscall_64+0xfe/0x140 [ 149.369122][ T9991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 149.369137][ T9991] RIP: 0033:0x4136b1 03:42:38 executing program 3 (fault-call:0 fault-nth:11): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:38 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x02', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:38 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:38 executing program 4: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0xa800, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x6}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={r1, 0x2}, 0x8) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 149.391390][ T9991] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 149.391398][ T9991] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 149.391409][ T9991] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 149.391415][ T9991] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 149.391421][ T9991] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 149.391427][ T9991] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 149.391433][ T9991] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 149.563568][T10017] FAULT_INJECTION: forcing a failure. [ 149.563568][T10017] name failslab, interval 1, probability 0, space 0, times 0 03:42:38 executing program 4: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x800, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x7, 0x8}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000080)) 03:42:38 executing program 1: mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 149.628485][T10017] CPU: 0 PID: 10017 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 149.636426][T10017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 149.646500][T10017] Call Trace: [ 149.649818][T10017] dump_stack+0x1d8/0x2f8 [ 149.654173][T10017] should_fail+0x608/0x860 [ 149.658604][T10017] ? setup_fault_attr+0x2b0/0x2b0 [ 149.663676][T10017] __should_failslab+0x11a/0x160 [ 149.669070][T10017] ? __alloc_file+0x29/0x350 [ 149.673766][T10017] should_failslab+0x9/0x20 [ 149.678340][T10017] kmem_cache_alloc+0x56/0x2b0 [ 149.683103][T10017] ? stack_trace_save+0x1e0/0x1e0 [ 149.688302][T10017] __alloc_file+0x29/0x350 [ 149.692715][T10017] ? alloc_empty_file+0x4c/0x1b0 [ 149.697684][T10017] alloc_empty_file+0xac/0x1b0 [ 149.702435][T10017] path_openat+0x12b/0x4400 [ 149.706926][T10017] ? arch_stack_walk+0x98/0xe0 [ 149.711690][T10017] ? __bfs+0x550/0x550 [ 149.715764][T10017] ? stack_trace_save+0x111/0x1e0 [ 149.720778][T10017] ? __lock_acquire+0xcf7/0x1a40 [ 149.725699][T10017] ? check_preemption_disabled+0x47/0x280 [ 149.732881][T10017] ? do_filp_open+0x430/0x430 [ 149.737646][T10017] ? __lock_acquire+0xcf7/0x1a40 [ 149.742702][T10017] ? expand_files+0x511/0xa90 [ 149.747458][T10017] do_filp_open+0x1f7/0x430 [ 149.751949][T10017] ? vfs_tmpfile+0x230/0x230 [ 149.756543][T10017] ? kasan_check_read+0x11/0x20 [ 149.761377][T10017] ? do_raw_spin_unlock+0x49/0x260 [ 149.766476][T10017] ? _raw_spin_unlock+0x2c/0x50 [ 149.771319][T10017] ? get_unused_fd_flags+0x97/0xb0 [ 149.776422][T10017] do_sys_open+0x343/0x620 [ 149.780824][T10017] ? file_open_root+0x440/0x440 [ 149.785660][T10017] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 149.791718][T10017] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 149.797420][T10017] ? __x64_sys_memfd_create+0x70/0x70 [ 149.802788][T10017] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 149.808427][T10017] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 149.813899][T10017] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 149.819636][T10017] ? do_syscall_64+0x1d/0x140 [ 149.824326][T10017] __x64_sys_open+0x87/0x90 [ 149.828827][T10017] do_syscall_64+0xfe/0x140 [ 149.833331][T10017] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 149.839840][T10017] RIP: 0033:0x4136b1 [ 149.843737][T10017] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 149.863372][T10017] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 149.871871][T10017] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 149.879840][T10017] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 149.887803][T10017] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 149.895768][T10017] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 149.903757][T10017] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m\ndos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:39 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x03', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:39 executing program 3 (fault-call:0 fault-nth:12): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:39 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x04', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:39 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 150.066041][T10039] FAULT_INJECTION: forcing a failure. [ 150.066041][T10039] name failslab, interval 1, probability 0, space 0, times 0 [ 150.080207][T10039] CPU: 0 PID: 10039 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 150.088127][T10039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 150.098214][T10039] Call Trace: [ 150.098237][T10039] dump_stack+0x1d8/0x2f8 [ 150.098253][T10039] should_fail+0x608/0x860 [ 150.098265][T10039] ? setup_fault_attr+0x2b0/0x2b0 [ 150.098279][T10039] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 150.098298][T10039] __should_failslab+0x11a/0x160 [ 150.115307][T10039] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 150.115320][T10039] should_failslab+0x9/0x20 [ 150.115330][T10039] __kmalloc+0x7a/0x310 [ 150.115341][T10039] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 150.115354][T10039] tomoyo_realpath_from_path+0xdc/0x7c0 [ 150.115371][T10039] tomoyo_check_open_permission+0x1f2/0x9e0 [ 150.115387][T10039] ? tomoyo_check_path_number_acl+0x240/0x240 [ 150.131897][T10039] ? smk_access+0x4f0/0x4f0 [ 150.157748][T10039] tomoyo_file_open+0x141/0x190 [ 150.173105][T10039] security_file_open+0x65/0x2f0 [ 150.173125][T10039] do_dentry_open+0x397/0x1060 [ 150.173144][T10039] ? finish_open+0xe0/0xe0 [ 150.173153][T10039] ? inode_permission+0xe3/0x580 [ 150.173166][T10039] vfs_open+0x73/0x80 [ 150.173177][T10039] path_openat+0x136d/0x4400 [ 150.173189][T10039] ? arch_stack_walk+0x98/0xe0 [ 150.173213][T10039] ? stack_trace_save+0x111/0x1e0 [ 150.173236][T10039] ? do_filp_open+0x430/0x430 [ 150.173246][T10039] ? __lock_acquire+0xcf7/0x1a40 [ 150.173278][T10039] ? expand_files+0x511/0xa90 [ 150.183071][T10039] do_filp_open+0x1f7/0x430 [ 150.183085][T10039] ? vfs_tmpfile+0x230/0x230 [ 150.183103][T10039] ? kasan_check_read+0x11/0x20 [ 150.183115][T10039] ? do_raw_spin_unlock+0x49/0x260 [ 150.183131][T10039] ? _raw_spin_unlock+0x2c/0x50 [ 150.183151][T10039] ? get_unused_fd_flags+0x97/0xb0 [ 150.183164][T10039] do_sys_open+0x343/0x620 [ 150.183175][T10039] ? file_open_root+0x440/0x440 [ 150.183184][T10039] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 150.183199][T10039] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 150.183210][T10039] ? __x64_sys_memfd_create+0x70/0x70 [ 150.201081][T10039] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 150.201096][T10039] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 150.201108][T10039] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 150.201119][T10039] ? do_syscall_64+0x1d/0x140 [ 150.201134][T10039] __x64_sys_open+0x87/0x90 [ 150.201147][T10039] do_syscall_64+0xfe/0x140 [ 150.201168][T10039] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 150.215966][T10039] RIP: 0033:0x4136b1 [ 150.215979][T10039] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 150.215985][T10039] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 150.215995][T10039] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 03:42:39 executing program 2: r0 = dup(0xffffffffffffff9c) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x7b) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:39 executing program 4: getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e23, 0x1, @remote, 0x1000}}, 0x6, 0x20, 0x80000000, 0x6}, &(0x7f0000000380)=0x98) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x4, 0x7, 0x1, 0x7c76f772, 0x6, 0x4, 0x8, 0x7fff, r0}, &(0x7f0000000080)=0x20) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000)={r1, 0x4, 0x7, 0x101}, 0x10) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xbc, r2, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x64, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8c4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x148}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}]}, @TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xbe}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7ff}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x400}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 03:42:39 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x05', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:39 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 150.216002][T10039] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 150.216008][T10039] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 150.216014][T10039] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 150.216020][T10039] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 150.260733][T10039] ERROR: Out of memory at tomoyo_realpath_from_path. 03:42:39 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x06', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:39 executing program 3 (fault-call:0 fault-nth:13): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:39 executing program 1: mkdir(0x0, 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m#dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:39 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f00000002c0)={&(0x7f0000000040), 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x19c, r1, 0x701, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0xf0, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x41b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9ae}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xcdc9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_MEDIA={0x98, 0x5, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7d3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffffffffff5d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x51}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x8000}, 0x81) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:39 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x20000, 0x0) mkdir(&(0x7f0000000500)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000004c0)='sysfs\x00\xff\xddt]j\x9d\x0e\x00\xcc\xbb\x8e*\xfc\xb2]CwU\xaf\xf8\xc1\xde\xf1Et\xa7I\x1aI4\xd8\xeaN\x1f\xe1\x90b\x8b?\xaf\xae\x9c\xf4\x1ct\x9c\x87', 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") fsetxattr$security_evm(r1, &(0x7f0000000000)='security.evm\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="03"], 0x1, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x200, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f00000000c0)=r3) r4 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000000)={0x1, 0x0, [{}]}) [ 150.609498][T10081] FAULT_INJECTION: forcing a failure. [ 150.609498][T10081] name failslab, interval 1, probability 0, space 0, times 0 03:42:39 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:39 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\a', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 150.729917][T10081] CPU: 1 PID: 10081 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 150.737864][T10081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 150.747934][T10081] Call Trace: [ 150.751238][T10081] dump_stack+0x1d8/0x2f8 [ 150.755603][T10081] should_fail+0x608/0x860 [ 150.760032][T10081] ? setup_fault_attr+0x2b0/0x2b0 [ 150.765079][T10081] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 150.770815][T10081] __should_failslab+0x11a/0x160 03:42:39 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 150.775764][T10081] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 150.775776][T10081] should_failslab+0x9/0x20 [ 150.775786][T10081] __kmalloc+0x7a/0x310 [ 150.775797][T10081] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 150.775809][T10081] tomoyo_realpath_from_path+0xdc/0x7c0 [ 150.775825][T10081] tomoyo_check_open_permission+0x1f2/0x9e0 [ 150.775839][T10081] ? tomoyo_check_path_number_acl+0x240/0x240 [ 150.775849][T10081] ? smk_access+0x4f0/0x4f0 [ 150.775888][T10081] tomoyo_file_open+0x141/0x190 [ 150.786071][T10081] security_file_open+0x65/0x2f0 03:42:39 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x7) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000040)=0xa22, &(0x7f0000000080)=0x4) 03:42:39 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 150.786087][T10081] do_dentry_open+0x397/0x1060 [ 150.786106][T10081] ? finish_open+0xe0/0xe0 [ 150.786117][T10081] ? inode_permission+0xe3/0x580 [ 150.786132][T10081] vfs_open+0x73/0x80 [ 150.841895][T10081] path_openat+0x136d/0x4400 [ 150.850436][T10081] ? arch_stack_walk+0x98/0xe0 [ 150.855230][T10081] ? stack_trace_save+0x111/0x1e0 [ 150.860283][T10081] ? check_preemption_disabled+0x47/0x280 [ 150.866030][T10081] ? do_filp_open+0x430/0x430 [ 150.870714][T10081] ? __lock_acquire+0xcf7/0x1a40 [ 150.875663][T10081] ? expand_files+0x511/0xa90 03:42:39 executing program 4: msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xa) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x62000, 0x0) ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x9) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x2d) [ 150.875674][T10081] do_filp_open+0x1f7/0x430 [ 150.875685][T10081] ? vfs_tmpfile+0x230/0x230 [ 150.875706][T10081] ? kasan_check_read+0x11/0x20 [ 150.875719][T10081] ? do_raw_spin_unlock+0x49/0x260 [ 150.899424][T10081] ? _raw_spin_unlock+0x2c/0x50 [ 150.904305][T10081] ? get_unused_fd_flags+0x97/0xb0 [ 150.909436][T10081] do_sys_open+0x343/0x620 [ 150.913865][T10081] ? file_open_root+0x440/0x440 [ 150.918731][T10081] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 150.924459][T10081] ? __x64_sys_memfd_create+0x70/0x70 03:42:39 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 150.929842][T10081] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 150.935486][T10081] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 150.940962][T10081] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 150.946701][T10081] ? do_syscall_64+0x1d/0x140 [ 150.951394][T10081] __x64_sys_open+0x87/0x90 [ 150.955917][T10081] do_syscall_64+0xfe/0x140 [ 150.960600][T10081] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 150.966476][T10081] RIP: 0033:0x4136b1 [ 150.966486][T10081] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 150.966491][T10081] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 150.966500][T10081] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 150.966505][T10081] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 150.966521][T10081] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 150.966526][T10081] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 150.966530][T10081] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 151.004033][T10081] ERROR: Out of memory at tomoyo_realpath_from_path. 03:42:40 executing program 3 (fault-call:0 fault-nth:14): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:40 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x6) 03:42:40 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m%dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:40 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\b', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 4: msync(&(0x7f0000952000/0x4000)=nil, 0x4000, 0x9) 03:42:40 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x40, 0x0) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000180)=""/54) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x240000, 0x20) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netlink\x00') fcntl$setstatus(r2, 0x4, 0x2000) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000943000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000080)="65f2add149493e0f0f50e8b4baf80c66b884105b8d66efbafc0cb8cd44efa2dccf0f01be4dd466360fa40e7e42008fc94801233e0fc75d0bb808010f00d8", 0x3e}], 0x1, 0x2, &(0x7f0000000100)=[@cr4={0x1, 0x10}, @cr4={0x1, 0x2}], 0x2) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:40 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) 03:42:40 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\t', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 151.331028][T10141] QAT: Invalid ioctl [ 151.332906][T10140] FAULT_INJECTION: forcing a failure. [ 151.332906][T10140] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 151.348583][T10140] CPU: 1 PID: 10140 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 151.356476][T10140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 151.367061][T10140] Call Trace: [ 151.370377][T10140] dump_stack+0x1d8/0x2f8 [ 151.374733][T10140] should_fail+0x608/0x860 [ 151.379162][T10140] ? setup_fault_attr+0x2b0/0x2b0 [ 151.384229][T10140] ? __bfs+0x550/0x550 [ 151.388497][T10140] should_fail_alloc_page+0x55/0x60 [ 151.393716][T10140] prepare_alloc_pages+0x283/0x460 [ 151.401321][T10140] __alloc_pages_nodemask+0x11c/0x790 [ 151.406722][T10140] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 151.412291][T10140] ? __lock_acquire+0xcf7/0x1a40 [ 151.417247][T10140] ? check_preemption_disabled+0x47/0x280 [ 151.417267][T10140] kmem_getpages+0x46/0x480 [ 151.417279][T10140] cache_grow_begin+0x7e/0x2c0 [ 151.417297][T10140] cache_alloc_refill+0x311/0x3f0 [ 151.432252][T10140] ? check_preemption_disabled+0xb7/0x280 [ 151.432270][T10140] __kmalloc+0x2e5/0x310 [ 151.432283][T10140] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 151.432295][T10140] tomoyo_realpath_from_path+0xdc/0x7c0 [ 151.432312][T10140] tomoyo_check_open_permission+0x1f2/0x9e0 [ 151.464388][T10140] ? tomoyo_check_path_number_acl+0x240/0x240 [ 151.470475][T10140] ? smk_access+0x4f0/0x4f0 [ 151.475079][T10140] tomoyo_file_open+0x141/0x190 [ 151.479951][T10140] security_file_open+0x65/0x2f0 [ 151.484918][T10140] do_dentry_open+0x397/0x1060 [ 151.489708][T10140] ? finish_open+0xe0/0xe0 [ 151.494147][T10140] ? inode_permission+0xe3/0x580 [ 151.499113][T10140] vfs_open+0x73/0x80 [ 151.503105][T10140] path_openat+0x136d/0x4400 [ 151.507712][T10140] ? arch_stack_walk+0x98/0xe0 [ 151.512505][T10140] ? stack_trace_save+0x111/0x1e0 [ 151.517735][T10140] ? check_preemption_disabled+0x47/0x280 [ 151.523476][T10140] ? do_filp_open+0x430/0x430 03:42:40 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 151.528165][T10140] ? __lock_acquire+0xcf7/0x1a40 [ 151.533143][T10140] ? expand_files+0x511/0xa90 [ 151.537834][T10140] do_filp_open+0x1f7/0x430 [ 151.542345][T10140] ? vfs_tmpfile+0x230/0x230 [ 151.546950][T10140] ? kasan_check_read+0x11/0x20 [ 151.551811][T10140] ? do_raw_spin_unlock+0x49/0x260 [ 151.556936][T10140] ? _raw_spin_unlock+0x2c/0x50 [ 151.561803][T10140] ? get_unused_fd_flags+0x97/0xb0 [ 151.566924][T10140] do_sys_open+0x343/0x620 [ 151.571354][T10140] ? file_open_root+0x440/0x440 [ 151.576208][T10140] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 151.582261][T10140] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 151.587963][T10140] ? __x64_sys_memfd_create+0x70/0x70 [ 151.593326][T10140] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 151.598951][T10140] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 151.604412][T10140] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 151.610120][T10140] ? do_syscall_64+0x1d/0x140 [ 151.614790][T10140] __x64_sys_open+0x87/0x90 [ 151.619296][T10140] do_syscall_64+0xfe/0x140 [ 151.623798][T10140] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 151.629676][T10140] RIP: 0033:0x4136b1 [ 151.633572][T10140] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 151.653154][T10140] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 151.661681][T10140] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 151.669657][T10140] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 151.677629][T10140] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 151.685588][T10140] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 151.693558][T10140] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 151.712359][T10141] QAT: Invalid ioctl 03:42:40 executing program 3 (fault-call:0 fault-nth:15): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:40 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\n', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m*dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:40 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x10) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000380)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@empty}}, &(0x7f0000000200)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x12, 0xa, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffff80000000}, [@ldst={0x0, 0x3, 0x1, 0x1, 0xb, 0xb0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0xdf8, 0x0, 0x0, 0x0, 0x9}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9fd0, 0x0, 0x0, 0x0, 0x90e9}, @alu={0x7, 0x4, 0x0, 0xb, 0xa, 0x8, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='syzkaller\x00', 0x100000000, 0x18, &(0x7f0000000100)=""/24, 0x40f00, 0x1, [], r1, 0x13, r0, 0x8, &(0x7f0000000240)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x1, 0x2254, 0x5}, 0x10}, 0x70) chroot(&(0x7f0000000140)='./file0\x00') sendmsg$nl_xfrm(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40080010}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) mbind(&(0x7f0000953000/0x3000)=nil, 0x3000, 0xc003, &(0x7f0000000000)=0x3ff, 0x100000001, 0x1) 03:42:40 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0) signalfd4(r0, &(0x7f00000000c0)={0x4}, 0x8, 0x80000) r1 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000040)=0x1c) r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000140)='NET_DM\x00') sendmsg$NET_DM_CMD_START(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800040}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x401, 0x70bd29, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) mmap(&(0x7f0000952000/0x1000)=nil, 0x1000, 0x1000005, 0x20012, r1, 0x0) 03:42:40 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\v', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:40 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x80000) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x7f, 0x802) fanotify_mark(r0, 0x78, 0x7d24a3865440ce74, r1, &(0x7f0000000080)='./file0\x00') openat$cgroup_type(r0, &(0x7f00000000c0)='cgroup.type\x00', 0x2, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 151.910818][T10179] FAULT_INJECTION: forcing a failure. [ 151.910818][T10179] name failslab, interval 1, probability 0, space 0, times 0 03:42:40 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:41 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x58840) ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000040)=0x81) msync(&(0x7f0000956000/0x1000)=nil, 0x1000, 0x4) open(&(0x7f0000000080)='./file0\x00', 0x800, 0x0) [ 152.050896][T10193] 9pnet_virtio: no channels available for device 127.0.0. [ 152.050896][T10193] [ 152.061983][T10179] CPU: 1 PID: 10179 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 152.070005][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 152.080133][T10179] Call Trace: [ 152.083450][T10179] dump_stack+0x1d8/0x2f8 [ 152.087812][T10179] should_fail+0x608/0x860 [ 152.092248][T10179] ? setup_fault_attr+0x2b0/0x2b0 03:42:41 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) [ 152.097304][T10179] ? tomoyo_encode2+0x273/0x5a0 [ 152.097330][T10179] __should_failslab+0x11a/0x160 [ 152.107097][T10179] ? tomoyo_encode2+0x273/0x5a0 [ 152.107108][T10179] should_failslab+0x9/0x20 [ 152.107118][T10179] __kmalloc+0x7a/0x310 [ 152.107129][T10179] tomoyo_encode2+0x273/0x5a0 [ 152.107142][T10179] tomoyo_realpath_from_path+0x769/0x7c0 [ 152.107158][T10179] tomoyo_check_open_permission+0x1f2/0x9e0 [ 152.107175][T10179] ? tomoyo_check_path_number_acl+0x240/0x240 [ 152.142889][T10179] ? smk_access+0x4f0/0x4f0 [ 152.147443][T10179] tomoyo_file_open+0x141/0x190 [ 152.147461][T10179] security_file_open+0x65/0x2f0 [ 152.147477][T10179] do_dentry_open+0x397/0x1060 [ 152.147495][T10179] ? finish_open+0xe0/0xe0 [ 152.157258][T10179] ? inode_permission+0xe3/0x580 [ 152.157271][T10179] vfs_open+0x73/0x80 [ 152.157282][T10179] path_openat+0x136d/0x4400 [ 152.157294][T10179] ? arch_stack_walk+0x98/0xe0 [ 152.157321][T10179] ? stack_trace_save+0x111/0x1e0 [ 152.189730][T10179] ? check_preemption_disabled+0x47/0x280 [ 152.195474][T10179] ? do_filp_open+0x430/0x430 03:42:41 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) [ 152.200164][T10179] ? __lock_acquire+0xcf7/0x1a40 [ 152.205127][T10179] ? expand_files+0x511/0xa90 [ 152.209814][T10179] do_filp_open+0x1f7/0x430 [ 152.214337][T10179] ? vfs_tmpfile+0x230/0x230 [ 152.218952][T10179] ? kasan_check_read+0x11/0x20 [ 152.223812][T10179] ? do_raw_spin_unlock+0x49/0x260 [ 152.230810][T10179] ? _raw_spin_unlock+0x2c/0x50 [ 152.235695][T10179] ? get_unused_fd_flags+0x97/0xb0 [ 152.240914][T10179] do_sys_open+0x343/0x620 [ 152.245353][T10179] ? file_open_root+0x440/0x440 [ 152.250222][T10179] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 152.256281][T10179] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 152.261999][T10179] ? __x64_sys_memfd_create+0x70/0x70 [ 152.267369][T10179] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 152.273176][T10179] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 152.278628][T10179] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 152.284349][T10179] ? do_syscall_64+0x1d/0x140 [ 152.289051][T10179] __x64_sys_open+0x87/0x90 [ 152.293549][T10179] do_syscall_64+0xfe/0x140 [ 152.298057][T10179] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 152.303980][T10179] RIP: 0033:0x4136b1 [ 152.307872][T10179] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 152.327486][T10179] RSP: 002b:00007f3795fd0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 152.335891][T10179] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004136b1 [ 152.343854][T10179] RDX: 00007f3795fd0b0a RSI: 0000000000000002 RDI: 00007f3795fd0b00 [ 152.351814][T10179] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 152.359771][T10179] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 152.367761][T10179] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 152.378367][T10179] ERROR: Out of memory at tomoyo_realpath_from_path. [ 152.430029][T10209] 9pnet_virtio: no channels available for device 127.0.0. [ 152.430029][T10209] 03:42:41 executing program 3 (fault-call:0 fault-nth:16): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:41 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\f', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:41 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m+dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:41 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0xfffffffffffffe5d) pselect6(0x40, &(0x7f0000000040)={0x10000, 0x3ff, 0x7, 0x4, 0xdb, 0x3fb, 0x3, 0xb1}, &(0x7f0000000080)={0x1, 0x0, 0x7ff, 0x73, 0x5, 0x5, 0xcac0, 0x9eff}, &(0x7f00000000c0)={0x6, 0xffff, 0x7fffffff, 0x80000000, 0x634, 0x3, 0x2, 0x100000001}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={0x80f4}, 0x8}) 03:42:41 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.\n\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 03:42:41 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\r', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:41 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x101400, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000040)={0x0, 0x3, 0x8, [0x3, 0x6, 0x5, 0x6, 0x100000000, 0x0, 0x5, 0x6]}, &(0x7f0000000080)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000000c0)={r1, 0x10001}, 0x8) 03:42:41 executing program 2: r0 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x3, 0x2) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000040)=""/107) msync(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2) [ 152.597761][T10224] 9pnet_virtio: no channels available for device 127.0.0. [ 152.597761][T10224] 03:42:41 executing program 1: [ 152.650663][T10227] FAULT_INJECTION: forcing a failure. [ 152.650663][T10227] name failslab, interval 1, probability 0, space 0, times 0 03:42:41 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x0e', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:41 executing program 1: 03:42:41 executing program 2: lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000080)={0x0, 0xfb, 0x8e, 0x3, 0xfff, "5f5c04c89cc9ebaed4a60f32da5d87ce", "e445e5f17d29680367f1d3fca0ff76da1bfe4c4425c2b48d1a24e1bf53662895ddeaa1724ce2781aa1a87fad18dd7b036e6f46f464f1ac3f594031e4cfed123a22cd473f5152fd5f90645d5280853c62bba937399d3e3f6d663de256e481c6be1bcdd5b030da5648be4382eabc6a8be966dae70b930cc1c077"}, 0x8e, 0x3) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@random={'osx.', '{/}\x00'}) [ 152.792494][T10227] CPU: 1 PID: 10227 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 152.800472][T10227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 152.810624][T10227] Call Trace: [ 152.813965][T10227] dump_stack+0x1d8/0x2f8 [ 152.818285][T10227] should_fail+0x608/0x860 [ 152.822787][T10227] ? setup_fault_attr+0x2b0/0x2b0 [ 152.827912][T10227] ? tomoyo_encode2+0x273/0x5a0 [ 152.832760][T10227] __should_failslab+0x11a/0x160 [ 152.837702][T10227] ? tomoyo_encode2+0x273/0x5a0 [ 152.842545][T10227] should_failslab+0x9/0x20 [ 152.847049][T10227] __kmalloc+0x7a/0x310 [ 152.851200][T10227] tomoyo_encode2+0x273/0x5a0 [ 152.855862][T10227] tomoyo_realpath_from_path+0x769/0x7c0 [ 152.863045][T10227] tomoyo_path_number_perm+0x1e0/0x740 [ 152.868500][T10227] ? trace_lock_acquire+0x190/0x190 [ 152.873712][T10227] ? tomoyo_check_path_acl+0x180/0x180 [ 152.879174][T10227] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 152.885756][T10227] ? fget_many+0x30/0x30 [ 152.889978][T10227] ? file_open_root+0x440/0x440 [ 152.894807][T10227] tomoyo_file_ioctl+0x23/0x30 [ 152.899563][T10227] security_file_ioctl+0x6d/0xd0 [ 152.904479][T10227] __x64_sys_ioctl+0xa3/0x120 [ 152.909134][T10227] do_syscall_64+0xfe/0x140 [ 152.913617][T10227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 152.919492][T10227] RIP: 0033:0x459637 [ 152.923374][T10227] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 152.942954][T10227] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.951341][T10227] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 152.959295][T10227] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 152.967243][T10227] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 152.975198][T10227] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 152.983174][T10227] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 [ 153.044471][T10227] ERROR: Out of memory at tomoyo_realpath_from_path. 03:42:42 executing program 3 (fault-call:0 fault-nth:17): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:42 executing program 2: msync(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x48) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x200000, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000140)={0x10205, 0x0, &(0x7f00009ff000/0x600000)=nil}) move_pages(r0, 0x6, &(0x7f0000000040)=[&(0x7f0000fec000/0x14000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000fe5000/0xf000)=nil, &(0x7f0000fe8000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000080)=[0x7, 0x8d6b, 0x1, 0x578, 0x400, 0xffff, 0x2, 0x9, 0x1ff, 0x10000], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r2, 0x720, 0x70bd2c, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0xfffffffffffffffa}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x3, 0x10000, 0x9, 0x401]}]}, 0x30}}, 0x40) 03:42:42 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x10', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:42 executing program 1: 03:42:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m-dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:42 executing program 4: msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1) unshare(0x50010000) r0 = dup(0xffffffffffffffff) getsockopt$ax25_int(r0, 0x101, 0x7, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x200000, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00', 0x0}) statx(r1, &(0x7f0000000140)='./file0\x00', 0xc00, 0x7ff, &(0x7f0000000300)) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@gettclass={0x24, 0x2a, 0x200, 0x70bd2a, 0x25dfdbfb, {0x0, r2, {0x0, 0xb}, {0xc, 0xffff}, {0x18, 0xe}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4000080) ioctl$KVM_GET_TSC_KHZ(r1, 0xaea3) timerfd_gettime(r1, &(0x7f0000000080)) 03:42:42 executing program 1: [ 153.311306][T10280] FAULT_INJECTION: forcing a failure. [ 153.311306][T10280] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 153.324558][T10280] CPU: 0 PID: 10280 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 153.332449][T10280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 153.342512][T10280] Call Trace: [ 153.345806][T10280] dump_stack+0x1d8/0x2f8 [ 153.350146][T10280] should_fail+0x608/0x860 [ 153.354570][T10280] ? setup_fault_attr+0x2b0/0x2b0 03:42:42 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x11', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:42 executing program 4: msync(&(0x7f000094b000/0x14000)=nil, 0x14000, 0x1) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x103000, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000080)={&(0x7f0000000040)=[0x6, 0xffff, 0x1ff, 0x5fd], 0x4, 0x8001, 0x1, 0x10001, 0x7, 0x101, {0x3f, 0x7f, 0x7, 0xfffffffffffffff7, 0x7, 0x3, 0x7b4, 0x1ff, 0x2, 0x9, 0x6, 0x3d09103, 0xfffffffffffffffb, 0x2, "66522ddd16c11ca7d7e1b5492369f4be31057225bea83c29c5067c7b82c09bd1"}}) [ 153.360590][T10280] ? __bfs+0x550/0x550 [ 153.364657][T10280] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 153.371253][T10280] should_fail_alloc_page+0x55/0x60 [ 153.376460][T10280] prepare_alloc_pages+0x283/0x460 [ 153.381581][T10280] __alloc_pages_nodemask+0x11c/0x790 [ 153.386968][T10280] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 153.392534][T10280] ? __lock_acquire+0xcf7/0x1a40 [ 153.399111][T10280] ? check_preemption_disabled+0x47/0x280 [ 153.404840][T10280] kmem_getpages+0x46/0x480 [ 153.409350][T10280] cache_grow_begin+0x7e/0x2c0 [ 153.414117][T10280] cache_alloc_refill+0x311/0x3f0 [ 153.419143][T10280] ? check_preemption_disabled+0xb7/0x280 [ 153.424863][T10280] __kmalloc+0x2e5/0x310 [ 153.429104][T10280] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 153.434832][T10280] tomoyo_realpath_from_path+0xdc/0x7c0 [ 153.440389][T10280] tomoyo_path_number_perm+0x1e0/0x740 [ 153.445846][T10280] ? trace_lock_acquire+0x190/0x190 [ 153.451049][T10280] ? tomoyo_check_path_acl+0x180/0x180 03:42:42 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{0x0}, {0x0}, {0x0}], 0x3, &(0x7f0000003040)=ANY=[@ANYBLOB="2800000000000000020100000400000072aeee1a75044c697644df195395667696a6a85f665600001010000000000000ff00000036000000ed0ec6874e57fc12848ff0795d54cd54d06161bcec8015ecd967ccd96aa649d6b006efa09971cdbe0529cde0dc9742bc2827369a692a142ae2c6de484c275e528e9934dbf5048f758f099ed06f099b92f8f14f22a1f634550a97d1e0853ec57adb736494bf836144b5feeb0881045683ca7c24c49289ce902e9aa1271651d8176a40a48c704098c1d5803b16bd767a9280aa5ba186409c19a10191ee5a67d740a04ed27c08262bda78af04ab6aa27b2598b96bd4e8aecd538a258042e7f18f40488f4e38ea8f934d30b93e40356d96fc26761b2cb241f364ed7b2fd16bd2b7b1f08ee0ffc9b3bb4027d53983fecbab155eafff79b59765326d01213fcc10b6e1332eca8ccdfe5988d47e4169440e1edb85560238c164e40cf9a009e90d497b40382b9a23c874fa7da6746cd792f8ea4c85923275e03f21e917f566c631d709db0ec7091a3ecb23d97538d2a7e3187714924e09d8378eb1e55b1d47d903f44744890aba44c81fcaa050f2f16985394bbb750031bfd40be19a2faffa27c24bfb3c113c1fd12274f5a2da65af6aaf8855b4284fca070b258b2f0c414009ac46ce1a6171d00d4c7b6fb4bb975d69b7ccf874dc2031d0a02d1927a0d1ab20ba5a66c16b76017ef6b389113dc5fa241bda4aa472e7cc49fd740dae2ebaa5991efa9ba68a1627f8778ce1f80eb2dedbb220c757b2966071a6c5253d081c67175089d45d72c4bd24f20920a4e605a6c4a68d941288b54070b791a84507df485ec5bd42b8befb523a2a460647f47743cce4748defda45207f77565eac11af42995c6cb44d17918949e88e2e3c5e1b41cf3d75b6232ea32d7fb0e474823fcc9a71b494b72ac778f28dc4249c786caa7544ec888338bde65f879898802b5d3c7307565ea01894dfa77a958412d13bc921c7e5c874c81dedd3618d4b9c2c3c448fc494914e34fd7477285a99bec00a0146cf7e3c506dead07a6c9f45d1794b8c78e2a77c47d3e741b5f1540271cf258cd92c2511de313d8f3b9307c544b7acdfed1076f4f1b4e417743d899635e22f6ad0620f988c1c51e6b8ad3914a683faa0a13842896167a685136897d2a09eec0dc7d2b9cbaf6c17dd99a6d3bf5dabca66488eb536cddda2d6ee2a004adfd9fe46207ecb5bb9682ed928057b1daaf3c22449af9f9c267d7eba44e933339686824a334064088212fc160b3fe04dc19b3d7f5a0edff457ea51f830fb7e0a6c49018036de80d26f3d80cab0b3f2a93096187693828d67c9bc63570a27fc9216279fc91306ff40aa26aac75487bab76d29c7a190539fefa3838f2608112cb12411650feb72dd0ca6e182064daeb70b7f1add51db4ac4c580da77a514438b69e5226c3df5fe1cf337bcd4180189fd369da17e20b39c77204ef06d5c605d07fd671e1c5c499c98cca81a03af1f7f6215c542246f737ca9ddb3ee8e21f30529a8c8611b570958053afe3d88d856b496b1f9406f972e822d1f8c1ae3185c8f595cd19a70c48b6368ffda40c56f20eb9f0df90e93a3df3e796701447f56d29f925d16b9a5a0fffccf66f3d914df2cebaf58709ea2ea6183ca3866f4d7ba3bfe4901f2a7a1e444009b7406df9f9269e78c264f74284adffb9bc28a2e38d304dbfaf8f0250e5c4377f71a57a40283d7827e5a3f27d7e2627073b48ec2b833113d16e8f3cc450970cdc95513d226bda6b8f5a13463deff819f0694366e59759312d35384ecc45396c7d348fd3ec1d72daddb0c95425edf444b5dbc0ccc9c7b93970e1007d96aa0e89964ece96bde40beeea8a329a463ac21de2de700a58e7bd7791921d5cf436b3ff1b9fa4a9ebe088e934afa2214ee9339b1d54c0ee57f3dc9aab708801fcd49c353930b50caaa1eab63559d147d7a5dd501575ab4bf5739aca981d5f028786306efd70584532a37030bb338e0105946d9428530cd9a5e2847c4bd4ff75cab6abc1b4f7aa47dd270600ebda6acbc0ee972fa366951a9b58ebd69316b004dba48c8aa56542bb90861d880f8a5ebb34a580be2141d98d55f476d0ab514e1c2710a23c779f5c78bd9c373f18bd784304ca01750c1204065ca56b924c262ea35e414dd017276d2b7380a2985bb04ea9c6357d5232e9d056196cbff2940f133350c72e6438c07e3b694f0034d4e7b3acf7bfaf48788086f7891e651eb9fcdb58eb44f1ffeebd4c982abdc2a8e85993cb3211eb503b73ad4c243d34b19fd301c8e51e49256a40c09e2fe80"], 0x66a}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:42 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x12', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:42 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$amidi(&(0x7f0000000640)='/dev/amidi#\x00', 0x100, 0x103000) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r1, 0x0, 0x70bd27, 0x25dfdbfe, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x48805) r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x40, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x9, 0xfffffffffffffffd) getsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000100), &(0x7f0000000140)=0x4) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x101000, 0x0) getsockname$packet(r4, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000280)=0x14) connect$bt_sco(r3, &(0x7f0000000040)={0x1f, {0x7, 0x4, 0x1, 0x0, 0x2, 0x200}}, 0x8) sendmsg$can_raw(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x1d, r5}, 0x10, &(0x7f0000000380)={&(0x7f0000000300)=@canfd={{0x2, 0xfffffffffffffffd, 0x9, 0x3}, 0x24, 0x2, 0x0, 0x0, "25408edd523aece9fb1d761bbea88561fe9fa10902125f779d5708bc8df5914cb57e3bcda8b5fc22a91473aa2d459c9cb97e0155c7110b87b5a613ef06030a16"}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x20000011) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="7403b9a6", @ANYRES16=r6, @ANYBLOB="000326bd7000fcdbdf250f000000240009000800020000ec2e80080002008100000008000100ffff00000800010005000000ec000100240002000800030007000000080002000800000008000300090000000800040020000000180001006574683a76657468305f746f5f7465616d00000044000400200001000a004e2400000002ff02000000000000000000000000000105000000cd2a98a81929303000000049fe88000000000000000000000000010102000000100001007564703a73797a3200000000100001007564703a73797a3100000000d018d519ff0000000c00020008000200920c000034000200080003000500000008000100070000000800030003000000080001001c00000008000300c0ffffff08000300030000006c000100040002002c0004001400010002004e21e000000200000000000000001400020002004e21ac1414bb0000000000000000380004001400010002004e22000000000000000000000000200002000a004e2400008001ff020000000000000000000000000001008000002801010008000300ff0700002c0004001400010002004e23ac14140c00000000000000001400020002004e20ac1e00010000000000000000180001006574683a7465616d5f736c6176655f31000000000c0002000800030005000000340002000800010010000000080001001000000008000300070000000800030004000000082e67805b000000080001000500000038000400200001000a004e2400000007ff020000000000000000000000000001040000001400020002004e20ffffffff000000000000000044000400200001000a004e2300000003fe8000000000000000000000000000bb08000000200002000a004e2400000081fe880000000000000000000000000101040500001000010069623a767863616e310000000c00020008000300ffffff7f300007000c000300050000000000000008000100000000000c0003003ddc0000000000000c000300ac000000000000003400070008000100060000000c00040005000000000000000c000300090000000000000008000200020000000800020008000000580004000c00010073797a30000000001400070008000200f8ffffff08000300ff7f1b003400070008000400040000000800020000000100080001001d0000000800030007000000080001001500000008000300040000002d6d7d4cd15f1968b06f16d12c6c44fa3a337ab80b1a2661de01a746e47e4d1cd6c91b6cc1936eb290423ab6f137685c02b42251d9f5bbfa38c4144528a86f85daf3edbffebccda256d317f09bcd16853c093fced6baa7614644faa516103adae7b379a74054effe131f9310135095b4b19cf4defa69592ae3eafccfcd7b6f4f"], 0x374}, 0x1, 0x0, 0x0, 0x800}, 0x40) getsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000180), &(0x7f0000000080)=0x4) [ 153.456508][T10280] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 153.463123][T10280] ? fget_many+0x30/0x30 [ 153.467393][T10280] ? debug_smp_processor_id+0x1c/0x20 [ 153.472765][T10280] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 153.478833][T10280] tomoyo_file_ioctl+0x23/0x30 [ 153.483600][T10280] security_file_ioctl+0x6d/0xd0 [ 153.488528][T10280] __x64_sys_ioctl+0xa3/0x120 [ 153.493187][T10280] do_syscall_64+0xfe/0x140 [ 153.493204][T10280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 153.493212][T10280] RIP: 0033:0x459637 [ 153.493222][T10280] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 153.493227][T10280] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 153.493236][T10280] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 153.493241][T10280] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 153.493246][T10280] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 153.493251][T10280] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 153.493257][T10280] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:42 executing program 3 (fault-call:0 fault-nth:18): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:42 executing program 2: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000000)=0x7) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:42 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1%', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m.dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:42 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{0x0}, {0x0}, {0x0}], 0x3, &(0x7f0000003040)=ANY=[@ANYBLOB="2800000000000000020100000400000072aeee1a75044c697644df195395667696a6a85f665600001010000000000000ff00000036000000ed0ec6874e57fc12848ff0795d54cd54d06161bcec8015ecd967ccd96aa649d6b006efa09971cdbe0529cde0dc9742bc2827369a692a142ae2c6de484c275e528e9934dbf5048f758f099ed06f099b92f8f14f22a1f634550a97d1e0853ec57adb736494bf836144b5feeb0881045683ca7c24c49289ce902e9aa1271651d8176a40a48c704098c1d5803b16bd767a9280aa5ba186409c19a10191ee5a67d740a04ed27c08262bda78af04ab6aa27b2598b96bd4e8aecd538a258042e7f18f40488f4e38ea8f934d30b93e40356d96fc26761b2cb241f364ed7b2fd16bd2b7b1f08ee0ffc9b3bb4027d53983fecbab155eafff79b59765326d01213fcc10b6e1332eca8ccdfe5988d47e4169440e1edb85560238c164e40cf9a009e90d497b40382b9a23c874fa7da6746cd792f8ea4c85923275e03f21e917f566c631d709db0ec7091a3ecb23d97538d2a7e3187714924e09d8378eb1e55b1d47d903f44744890aba44c81fcaa050f2f16985394bbb750031bfd40be19a2faffa27c24bfb3c113c1fd12274f5a2da65af6aaf8855b4284fca070b258b2f0c414009ac46ce1a6171d00d4c7b6fb4bb975d69b7ccf874dc2031d0a02d1927a0d1ab20ba5a66c16b76017ef6b389113dc5fa241bda4aa472e7cc49fd740dae2ebaa5991efa9ba68a1627f8778ce1f80eb2dedbb220c757b2966071a6c5253d081c67175089d45d72c4bd24f20920a4e605a6c4a68d941288b54070b791a84507df485ec5bd42b8befb523a2a460647f47743cce4748defda45207f77565eac11af42995c6cb44d17918949e88e2e3c5e1b41cf3d75b6232ea32d7fb0e474823fcc9a71b494b72ac778f28dc4249c786caa7544ec888338bde65f879898802b5d3c7307565ea01894dfa77a958412d13bc921c7e5c874c81dedd3618d4b9c2c3c448fc494914e34fd7477285a99bec00a0146cf7e3c506dead07a6c9f45d1794b8c78e2a77c47d3e741b5f1540271cf258cd92c2511de313d8f3b9307c544b7acdfed1076f4f1b4e417743d899635e22f6ad0620f988c1c51e6b8ad3914a683faa0a13842896167a685136897d2a09eec0dc7d2b9cbaf6c17dd99a6d3bf5dabca66488eb536cddda2d6ee2a004adfd9fe46207ecb5bb9682ed928057b1daaf3c22449af9f9c267d7eba44e933339686824a334064088212fc160b3fe04dc19b3d7f5a0edff457ea51f830fb7e0a6c49018036de80d26f3d80cab0b3f2a93096187693828d67c9bc63570a27fc9216279fc91306ff40aa26aac75487bab76d29c7a190539fefa3838f2608112cb12411650feb72dd0ca6e182064daeb70b7f1add51db4ac4c580da77a514438b69e5226c3df5fe1cf337bcd4180189fd369da17e20b39c77204ef06d5c605d07fd671e1c5c499c98cca81a03af1f7f6215c542246f737ca9ddb3ee8e21f30529a8c8611b570958053afe3d88d856b496b1f9406f972e822d1f8c1ae3185c8f595cd19a70c48b6368ffda40c56f20eb9f0df90e93a3df3e796701447f56d29f925d16b9a5a0fffccf66f3d914df2cebaf58709ea2ea6183ca3866f4d7ba3bfe4901f2a7a1e444009b7406df9f9269e78c264f74284adffb9bc28a2e38d304dbfaf8f0250e5c4377f71a57a40283d7827e5a3f27d7e2627073b48ec2b833113d16e8f3cc450970cdc95513d226bda6b8f5a13463deff819f0694366e59759312d35384ecc45396c7d348fd3ec1d72daddb0c95425edf444b5dbc0ccc9c7b93970e1007d96aa0e89964ece96bde40beeea8a329a463ac21de2de700a58e7bd7791921d5cf436b3ff1b9fa4a9ebe088e934afa2214ee9339b1d54c0ee57f3dc9aab708801fcd49c353930b50caaa1eab63559d147d7a5dd501575ab4bf5739aca981d5f028786306efd70584532a37030bb338e0105946d9428530cd9a5e2847c4bd4ff75cab6abc1b4f7aa47dd270600ebda6acbc0ee972fa366951a9b58ebd69316b004dba48c8aa56542bb90861d880f8a5ebb34a580be2141d98d55f476d0ab514e1c2710a23c779f5c78bd9c373f18bd784304ca01750c1204065ca56b924c262ea35e414dd017276d2b7380a2985bb04ea9c6357d5232e9d056196cbff2940f133350c72e6438c07e3b694f0034d4e7b3acf7bfaf48788086f7891e651eb9fcdb58eb44f1ffeebd4c982abdc2a8e85993cb3211eb503b73ad4c243d34b19fd301c8e51e49256a40c09e2fe80"], 0x66a}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:42 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f00000000c0)={@local, @ipv4={[], [], @empty}, @local, 0xcb, 0x1, 0x6, 0x100, 0x7, 0x129d0493c95878ce, r1}) [ 153.954004][T10329] FAULT_INJECTION: forcing a failure. [ 153.954004][T10329] name failslab, interval 1, probability 0, space 0, times 0 [ 153.982775][T10329] CPU: 1 PID: 10329 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 153.990749][T10329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.000822][T10329] Call Trace: [ 154.004127][T10329] dump_stack+0x1d8/0x2f8 [ 154.008483][T10329] should_fail+0x608/0x860 [ 154.012924][T10329] ? setup_fault_attr+0x2b0/0x2b0 [ 154.017964][T10329] ? tomoyo_encode2+0x273/0x5a0 [ 154.022832][T10329] __should_failslab+0x11a/0x160 [ 154.027782][T10329] ? tomoyo_encode2+0x273/0x5a0 [ 154.032652][T10329] should_failslab+0x9/0x20 [ 154.037169][T10329] __kmalloc+0x7a/0x310 [ 154.041348][T10329] tomoyo_encode2+0x273/0x5a0 [ 154.046033][T10329] tomoyo_realpath_from_path+0x769/0x7c0 [ 154.051678][T10329] tomoyo_path_number_perm+0x1e0/0x740 [ 154.057149][T10329] ? trace_lock_acquire+0x190/0x190 [ 154.062368][T10329] ? tomoyo_check_path_acl+0x180/0x180 [ 154.067848][T10329] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 154.074470][T10329] ? fget_many+0x30/0x30 [ 154.078714][T10329] ? debug_smp_processor_id+0x1c/0x20 [ 154.084065][T10329] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 154.090128][T10329] tomoyo_file_ioctl+0x23/0x30 [ 154.094876][T10329] security_file_ioctl+0x6d/0xd0 [ 154.099805][T10329] __x64_sys_ioctl+0xa3/0x120 [ 154.104463][T10329] do_syscall_64+0xfe/0x140 [ 154.108951][T10329] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 154.114822][T10329] RIP: 0033:0x459637 [ 154.118700][T10329] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 154.138281][T10329] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.146683][T10329] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 03:42:43 executing program 2: msync(&(0x7f0000953000/0x1000)=nil, 0x1000, 0x3) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0xe3ec3d20f6ee297d, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000040)={0x6}, 0x4) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10, 0xfffffffffffffffe, 0x7}, 0x10) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) 03:42:43 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1.', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 154.154634][T10329] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 154.162584][T10329] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 154.170533][T10329] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 154.178482][T10329] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:43 executing program 4: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000000)) [ 154.200680][T10329] ERROR: Out of memory at tomoyo_realpath_from_path. 03:42:43 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)=[{0x0}, {&(0x7f00000028c0)=""/83, 0x53}], 0x2}, 0x2) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x4c8c4) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:43 executing program 4: msync(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2) 03:42:43 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x5) 03:42:43 executing program 3 (fault-call:0 fault-nth:19): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:43 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\\', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:43 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m/dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:43 executing program 4: msync(&(0x7f0000952000/0x3000)=nil, 0x3000, 0x2) r0 = socket$vsock_dgram(0x28, 0x2, 0x0) bind$vsock_dgram(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10) 03:42:43 executing program 2: msync(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x8) r0 = getpgid(0x0) move_pages(r0, 0x2, &(0x7f0000000000)=[&(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x8001], &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x2) 03:42:43 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x04', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:43 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000100)=0x1c, 0x80800) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x43, 0x0) getsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) getpeername$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000180)=0x1c) [ 154.520275][T10361] FAULT_INJECTION: forcing a failure. [ 154.520275][T10361] name failslab, interval 1, probability 0, space 0, times 0 03:42:43 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000002a40)}, {0x0}], 0x2, &(0x7f0000003040)=ANY=[@ANYBLOB="2800000000000000020100000400000072aeee1a75044c697644df195395667696a6a85f665600001010000000000000ff00000036000000ed0ec6874e57fc12848ff0795d54cd54d06161bcec8015ecd967ccd96aa649d6b006efa09971cdbe0529cde0dc9742bc2827369a692a142ae2c6de484c275e528e9934dbf5048f758f099ed06f099b92f8f14f22a1f634550a97d1e0853ec57adb736494bf836144b5feeb0881045683ca7c24c49289ce902e9aa1271651d8176a40a48c704098c1d5803b16bd767a9280aa5ba186409c19a10191ee5a67d740a04ed27c08262bda78af04ab6aa27b2598b96bd4e8aecd538a258042e7f18f40488f4e38ea8f934d30b93e40356d96fc26761b2cb241f364ed7b2fd16bd2b7b1f08ee0ffc9b3bb4027d53983fecbab155eafff79b59765326d01213fcc10b6e1332eca8ccdfe5988d47e4169440e1edb85560238c164e40cf9a009e90d497b40382b9a23c874fa7da6746cd792f8ea4c85923275e03f21e917f566c631d709db0ec7091a3ecb23d97538d2a7e3187714924e09d8378eb1e55b1d47d903f44744890aba44c81fcaa050f2f16985394bbb750031bfd40be19a2faffa27c24bfb3c113c1fd12274f5a2da65af6aaf8855b4284fca070b258b2f0c414009ac46ce1a6171d00d4c7b6fb4bb975d69b7ccf874dc2031d0a02d1927a0d1ab20ba5a66c16b76017ef6b389113dc5fa241bda4aa472e7cc49fd740dae2ebaa5991efa9ba68a1627f8778ce1f80eb2dedbb220c757b2966071a6c5253d081c67175089d45d72c4bd24f20920a4e605a6c4a68d941288b54070b791a84507df485ec5bd42b8befb523a2a460647f47743cce4748defda45207f77565eac11af42995c6cb44d17918949e88e2e3c5e1b41cf3d75b6232ea32d7fb0e474823fcc9a71b494b72ac778f28dc4249c786caa7544ec888338bde65f879898802b5d3c7307565ea01894dfa77a958412d13bc921c7e5c874c81dedd3618d4b9c2c3c448fc494914e34fd7477285a99bec00a0146cf7e3c506dead07a6c9f45d1794b8c78e2a77c47d3e741b5f1540271cf258cd92c2511de313d8f3b9307c544b7acdfed1076f4f1b4e417743d899635e22f6ad0620f988c1c51e6b8ad3914a683faa0a13842896167a685136897d2a09eec0dc7d2b9cbaf6c17dd99a6d3bf5dabca66488eb536cddda2d6ee2a004adfd9fe46207ecb5bb9682ed928057b1daaf3c22449af9f9c267d7eba44e933339686824a334064088212fc160b3fe04dc19b3d7f5a0edff457ea51f830fb7e0a6c49018036de80d26f3d80cab0b3f2a93096187693828d67c9bc63570a27fc9216279fc91306ff40aa26aac75487bab76d29c7a190539fefa3838f2608112cb12411650feb72dd0ca6e182064daeb70b7f1add51db4ac4c580da77a514438b69e5226c3df5fe1cf337bcd4180189fd369da17e20b39c77204ef06d5c605d07fd671e1c5c499c98cca81a03af1f7f6215c542246f737ca9ddb3ee8e21f30529a8c8611b570958053afe3d88d856b496b1f9406f972e822d1f8c1ae3185c8f595cd19a70c48b6368ffda40c56f20eb9f0df90e93a3df3e796701447f56d29f925d16b9a5a0fffccf66f3d914df2cebaf58709ea2ea6183ca3866f4d7ba3bfe4901f2a7a1e444009b7406df9f9269e78c264f74284adffb9bc28a2e38d304dbfaf8f0250e5c4377f71a57a40283d7827e5a3f27d7e2627073b48ec2b833113d16e8f3cc450970cdc95513d226bda6b8f5a13463deff819f0694366e59759312d35384ecc45396c7d348fd3ec1d72daddb0c95425edf444b5dbc0ccc9c7b93970e1007d96aa0e89964ece96bde40beeea8a329a463ac21de2de700a58e7bd7791921d5cf436b3ff1b9fa4a9ebe088e934afa2214ee9339b1d54c0ee57f3dc9aab708801fcd49c353930b50caaa1eab63559d147d7a5dd501575ab4bf5739aca981d5f028786306efd70584532a37030bb338e0105946d9428530cd9a5e2847c4bd4ff75cab6abc1b4f7aa47dd270600ebda6acbc0ee972fa366951a9b58ebd69316b004dba48c8aa56542bb90861d880f8a5ebb34a580be2141d98d55f476d0ab514e1c2710a23c779f5c78bd9c373f18bd784304ca01750c1204065ca56b924c262ea35e414dd017276d2b7380a2985bb04ea9c6357d5232e9d056196cbff2940f133350c72e6438c07e3b694f0034d4e7b3acf7bfaf48788086f7891e651eb9fcdb58eb44f1ffeebd4c982abdc2a8e85993cb3211eb503b73ad4c243d34b19fd301c8e51e49256a40c09e2fe80c7c7e055a9ff3f80e53b73e1fcbe270a7cb360bcbc31dac4f96ecd0074b76e76b90fbf47171598ece0b0cd8bf312751d3d2db37c9afb68629fde7d846e5672b5dcde75b69066f4d9ecea3adc958896"], 0x6b9}, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:43 executing program 4: r0 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2) r1 = request_key(&(0x7f0000001280)='rxrpc\x00', &(0x7f00000012c0)={'syz', 0x0}, &(0x7f0000001300)='vboxnet0loprocuser^\x00', 0x0) r2 = request_key(&(0x7f0000001340)='big_key\x00', &(0x7f0000001380)={'syz', 0x2}, &(0x7f00000013c0)='/[((posix_acl_access\x00', 0xffffffffffffffff) keyctl$reject(0x13, r1, 0x9, 0xc316, r2) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000080)={{0x2, 0x5}, 'port1\x00', 0x81, 0x0, 0xcf44, 0x7fffffff, 0x8000, 0x7, 0xffffffff, 0x0, 0x1, 0xf9}) r3 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r4 = add_key(&(0x7f00000001c0)='id_resolver\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="ea5ee57910dc7d2d37072c41b3cd3e14e2d33a1f5b1618c0f80431c80be49cfebf8d970c22036d6bc146521755e8efc8935d3f6cf6f3fc90216e90c6f1b7ff8c80ead7b55e76cc8f2f94ef9ed05eed6facdc811610213996e77c1c62b730151a1c83a9c6be22221bc600f5e9a8ac8d23c585c0defcc696761bd67878f298780a07c3ba77d377c8121a976d27d5565f436934517deceb0f7ae202a86e33ed187a7c8162eff137edf3f15dd9fd00d739fc00800ee3a5e0ffc7fc0b3842d8ab9c54cea43e39d3dab6f2850c52e1aedbdfc7dea53fb3e9b6a5cfe9cc5edcc697025cc77b58edf093ff73fbaac875e9b68f9fc8faccbfc49bcaa89372dd2e90ae4014b44c76920db33c48151c22e9bbdf807916c0a04ea13f76ffd18260cea4b761e2941f778e8ab34a5f2ce0470071b105862245d5a689b9b6609386d55366fe4cd06612ae9c04ac8043969fdd05a9994cc4dd02b9675ea0ed24ed277a35661477fe27632683d461cc7438b48a5048849e56dbf34df5635c06c276b7f4cffeec659326751b525b52dadfc753eadd3d922e67c44606739cdc455e62175ec902e68b9e6e7787e6c2f086d7180aeb30cd51e7f10fcf9557cb6f613469d8b0be7917150917cb8dce7611e522571410870f9f71dd67b18a842cab6c334411ec232e30763510bd67a9d8772ebcce2f23935a4276e6fc8f289b9c2991c444115e9dbc8efdf2ee3386cec9a42a85af9000311fbd0b2b7a77938f2bc714193abf1a8fdf7dda9f811fd4ebf89744cb29d613fd6cacd205c0ee44ce5c9d4ad39596dba8632b6c7605fa7bbba9e54ad3aee52f4e5184752c214c25feb729baf6cba2885d34312b3622c27cc943dbcd252c19692e03a5295ad261838299ec22c478697d9534e5825ee373ff6ff9d1c8c809c8ce49b7eeb5f9f066e1124557e2fc4e5819db953c1eae519cfc64ea696c74f351b52f27f055377aef8d9707fc876e53346da260e26b0474b895537aed8b28355fc2596b073adb8fd7a989950d8800f8cf8c031f88a978a022295dfbf5bd86cbb139c27a8e74e069623b5395e8f111bf769d578172bdf3675f7f1ad38a1c82221e0f5e74f58afe73fc172baec96c2790e8d3d8ddbb11d9d0b9b06669e1ba99268ca1c86bbe45b945c0d3bda29e662d9787b3da946e08998018dc34625c11457e5d0cc55ff2ca3471d1b94056738dde458b13c0fc9299297897df32b1f471cf12ed8b443db4aa41f7c2111d08badb9fa78ce80de66488bd7a49ef0d35e44b4ea4bf69ee473a6ca5a3b9198828b0325b4ede1c344804bf1c0b9e02e6bec59b799c2b5dc374e101fcb10a045a05d78e5a9b6e861c449fee7c9ba17362f9d370bf23de84b526ff3947f7c1adf9b081b001df292ec146d19a6151aa2904dc70ed4f54e3adca954eef6ebfa796c63a40531f9e2a7b3ca8052ce357f148fd431bbf091baaa76ba86964ccc2fcb64a8935bf865bd2dd887589fea2c900cb8e3d93ebc33ca170e3784e98798b5a3edd12d515feab12b0cff9e2f45676ac69ac34d05a345dbb1b0d1d0b550529a9b4785df3215556dcfac8535de4b968f89f83e581f93d6f46bd327d07be14a00c260afac60eab8f2c7d6bc117542b61cbae09b54c850475bb8954bab86a49acbe184cab80b7e1e58068cd1ab3b1719f1f74c36e7383e0417e2d6eb9bd30e069319dba0f78bb671b248991f5a01824bf2ed34736d2fdba74049c8ac26df9c0de1e230c4f1b98e929a074b99ba95d1dbbf631a7ca7849b9caad73e5b0fbca8bc833bd6f5cbe6c3ba76ebe4207b4fd400bbb0b802fa7b54670545aa22cfd3da7d2e58850f9cb8a133e884d084d146dd884584f3138145df4e51e2b4890b0658d79738a619bc594e493c9a4906b21c7399bb5b83ad2cf5ce0b0e4d42b5d6dc25eb8b1fffe9426e21aabfb129d7fdafebc64a8c3880279764373663a6fbdde5b58b580244e4c51a98a26421f9aee8ee18ece517390ecb460343830f4e82a07d099ec358950a71b7a1d8c29951ec3c351eb6189f27aa8bcc5353ff145c8bfe4e82242595fcb37fb51c96b553e2a0053e7a97848634eae8148ce54a768c6469fe20fe7d04cdc021172a5465c1282ee4a2b730acd2c59f19a6a3ca8928fbbf4074e01d6d47f5957fcd49897e6e2bbe96f18d629cb197c35f83808670432322408b0ae4b0f161158be0151b4f7719e411a7ad848464782236a8badf1c33e7407875c659a3251ffb3e8163c1e13df71192a12b638a37866d28815e8c741933ade5b9086e0327cf27b26eefb0a2b207c308a501a5000af431a5430fdc55266bb06e3a7c1b91bf34dbdc1ffd11650eeb0f9bc802558810e61e13815e52c962597e886076de90c2f856501b20b47e9ffeecb1e5d464555e1bd200250d8d8a736b22918c97a9416014f6eca111c113aba9925a49d501be1dc444c3039c0102888bb31bf6787b59f535e15bd2dd7fbd1122add9bcb43db95da01298716e760d0b1cc3a5893d831221ad7d9a87c50bd1160a96ea578ee204b98eecddbdd1516c5549c791a4f8207c68629f4f05f542df09627d23c2c6fdd1f574ce4557875555181330b3bda58f76c53969ebb53b44e657dd91e65a4185bcbda1c78fca2e0ea91f88f6de3b6dbeaf512d4253fc4bd5786839aeedb9c9b41ecb2ac99306c5f4f64cd4c7a6e3123ffd851a90ea4676e86125bb4d073bc2c1a094d2b621ab6e4ef41987f605e4af998e2e3aa27761da9aed12691b9b0c0a323a1460254c2e163f01c145d5b8d7d16f8455375e4021cfcd3eb45b68d28d52d23589e04c9e40d85824ba9787781fc53d13f302896f6bb5f022fc2764a134e35d9282f3f1375f16507f0ba3d32ae35b77864e5811ca4a4a210f6ee74908c43f561249cc2949fddbb4203d91f8e57c8ba477f17cfea1ea5486b54ef55ef60c3c8cb6b1535aa3dbfb4fb96b7ddc7b54b134029fb595e56fbbfd268d3707e37aee42623c6443108f8fc47de2171e16d677becdb2531194d953ac6cc4de2fe86badfa6037147cd5d482bc289b8a8a39e8ae7ab58fd0a6a9b812157c0020f67f4467a69475b74139a525932c487623b2cd8565f6b0900147957d4f8cfb3b2a97315829c1049b5323c5ee5ea420b05ec4a36a0d6a094c12843bdeb8e109945e7aca7cd17a7886ec91400e14f3aa64b9a35e98e4916a65cc5c9b523d571fca234f7a755d5dfa01161abdbe7f628c7abfd5281374209ad9541c681394f06de855b90f47a0d5a2206846d7c7d4a47a9178c5907d80c63740a8ca5bceff5fc9cffc42ca8e39c23c464ff23deb571f310211457e878671ec92af2d714ba860ec1957992f927a81a2a24e1743e5c8f83350ec8120fe00740fb9fecad59b50da7879016595b87c684caf20df662abff1b68c6fc4e08c1a62c2d66382cb1751c58b18be4cf0e670603a5e160e211d772d9f40e4a424d3ee7bdddf930664ea1beaf9ea5c8df443422398881fdb6594166f15e21965f4eff77afe56ef4f7f9b66b6edcf9e088e6788d884c2ef295a30d505c5d13b319d0a7a668509613318386f4aaee76be56610497964109767bada5656ef05c017ef13f38b889c7877e548ab81db9815bbdf6a5d9880b02582229715563643a13d9a6edbf60cf0608a06950688ffd364061872a31ab673def9a2b3e3b9f751380c07f7922cd4c5b5aba83e1e534695a35638cc2a0965edca0e43d1bab414bf443ae4a718b8e9c46c986174f527df8c59a0c087104a3038f3fca699bb8e6c716e7df14a307de54b410b23ecd00ee705827bf16d32cbc61d7a3f7e1ad0cd336784030e34e90015d03385ba2e33f46497245f9267362ad010f022962957fe0217f122f5a3110476ba1ce92f1200db3d35da7503ff503e9f6b3cc3c22bb3f23167f986b6f91d08b93b6c973b6facd526bc408fa943aee01dd6431658ab54b7b0d2aa397adc170a1975682cd50a67419209ad017018e50816dbc04e6633fccc322a5cb925dcc456d4a3345150eb781efa84be6bba6bd9448cf991b0982b88a0eda976c2af0d041d7072c06a5be00b03741a90b28165558c3deae0636a27909ade066acb69bcfcb4e2c9fa3211d8c228ac6a784372957ccad9420b345036296fc95841ea2e414d478ae9035fbb95e9854e58b428fc2b1c6cc4253d7ef68afc0100f85af0f387df2f6e754afb7b267bcce68b00b3a578c68bb263e7876b831677454128455da2eb45d4dedbd5bde703d067037d86db721b6da3a7897313df03c767ad0acb011e621314f2edf7eb23e14f0affb4fa7d37695756cf399db4b29d3c261b60656387bf7ccfa0dca7f064965e921d60ae8cccffaf822940ddb0fb697d33ab6fa1f17793d36f062b3fd9cceada9bd032eb10aeb54919b3dc9e8235e13df025c65b6624d26e5dfe2ca9e907662798599eecd2e886783e07da8b44a236ea0944328fc684e0de28a662c5bc05a96c22e3b23a25c7458d65084c2cc9273ef86c4da812a25e9b89bb39dc11d956bf29333d5e6a5cc15bf3bb59e2b603af4fe0d68664cc208e57e13279c0e5bd04ee42a6a44e93cd2d91450d28738ecd35da808c2ac5e55ace21a0502efc490c50bae5f3aef1e8dc6ded1b8ed8cb726f79757041d5716ed10be000a8e4a2bd6ff3ddfaccfa28fc3843ea28308f326c02cbf124b69f02b32f56478f379a44f3bbe8a6f1d34a6b02dca9a29f8dbfd372d15862986683305641add176599f126fefc1d6a6a31e2063a141b6233e9bd9ed6b9dcf2c429566e9e43db76e74865b180e2f0b17fa30b56f9f1514e034910475454dbf26fa329319b8e9e29fed9624bf95abf3c8e3b645a2a8bb8cf7b9f8f4d909a8d1eb968f9ce816ea1e2a20a959ad184146298d2ab9527e8b9318735cfa643d5207acd2b9fffd6760dedc768bc43e961ea2b3fb7748e621761a85dc12dd2b0d5dafbc49117fb840b9d2741f075a85678f5e86faf47e487ad7890af25b535c8f25b0744e4599103a19a568048238771858fec3d8f5fe7d99fd78a425e663a9385c04eee327eb1c841763489d7b8aad828e88d7bfb742a83be5e1f9e31f21b076d26ffc32fb9fc8a5b7ef876e69958159d528d99be41a1bd86d1b751de312364ee3893e53ade921820364cb262c93c5015cecda2bf79fd4214d851e3dbe240fca9b6b21236aa618e75e81d4911148f4e9db9c41345ad11fd6a89964c92e63e5bb0f1927745358371a3c8efc0dd538dea5f4836dcbc96aad96dc3337ee0d47ebd3098f365f43762f7740f9f106aff6d36ba37990066196d2d5edd90cd4511708d0dcf8bc082e070f6b0254433c4ee89930b6c9d2900b5b957f8637478c5b3423bc9687cac49307209706613444ce6d3cb34e5ef3a19caff5e1961d60c1e7384c266839d54a3dc21efbe1eebb1de6dc20be16aebb8331bbb84a156c7061110a47e36d0f1502759cad665d963218ef683e0121b853ab34e46c2692d36e5039ebf4fadf457aaf1d52fb27b86db469c090723a2cde56387caa11756c3b955a5888a680f27193692ebabf3a68ccbcb882b1eff8718d3e7b9e7d72b299ee0f9464841a5d5c6402d474b122cda82ef303eb9e43b781a5cc4594c6f988c05fbd87d7b2946c6520d60322b34edb4e3ab7be3915461aee11796714a315348c312e920b254c212ada73c2998b4fccc87db6a30910acb4c4a5ec624dd0afcaf80a0e3c2117f24202a250523ce3628f9db067f0e5f84c64f2c014e57df585ac3a2ed4813f32aa8ebaeb21ad919a1756c06293ec9615de5ac91c354c8323e395166", 0x1000, 0xfffffffffffffff9) keyctl$negate(0xd, r3, 0x4, r4) prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000000)) ioctl$TCGETS(r0, 0x5401, &(0x7f0000001240)) [ 154.578512][T10361] CPU: 0 PID: 10361 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 154.586455][T10361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.596514][T10361] Call Trace: [ 154.599798][T10361] dump_stack+0x1d8/0x2f8 [ 154.604120][T10361] should_fail+0x608/0x860 [ 154.608527][T10361] ? setup_fault_attr+0x2b0/0x2b0 [ 154.613658][T10361] __should_failslab+0x11a/0x160 [ 154.618587][T10361] should_failslab+0x9/0x20 [ 154.623073][T10361] kmem_cache_alloc_trace+0x5d/0x2c0 [ 154.628332][T10361] ? __kthread_create_on_node+0x101/0x420 [ 154.634028][T10361] ? loop_set_fd+0x1130/0x1130 [ 154.638767][T10361] __kthread_create_on_node+0x101/0x420 [ 154.644409][T10361] ? kthread_create_on_node+0x130/0x130 [ 154.649955][T10361] ? lockdep_unregister_key+0x660/0x660 [ 154.655484][T10361] ? blkdev_get+0x863/0x9d0 [ 154.659962][T10361] ? loop_set_fd+0xad/0x1130 [ 154.664536][T10361] ? loop_set_fd+0x1130/0x1130 [ 154.669278][T10361] kthread_create_on_node+0xcc/0x130 [ 154.674542][T10361] ? tsk_fork_get_node+0x70/0x70 [ 154.679459][T10361] ? lockdep_init_map+0x2a/0x680 [ 154.684380][T10361] loop_set_fd+0x67d/0x1130 [ 154.688866][T10361] ? check_preemption_disabled+0x47/0x280 [ 154.694563][T10361] ? match_held_lock+0x280/0x280 [ 154.699504][T10361] lo_ioctl+0x17a/0x2400 [ 154.703734][T10361] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 154.710321][T10361] ? match_held_lock+0x280/0x280 [ 154.715258][T10361] ? kobj_lookup+0xc2/0x450 [ 154.719742][T10361] ? lo_release+0x1f0/0x1f0 [ 154.724225][T10361] ? match_held_lock+0x280/0x280 [ 154.729148][T10361] ? __bfs+0x550/0x550 [ 154.733200][T10361] ? __bfs+0x550/0x550 [ 154.737277][T10361] ? __bfs+0x550/0x550 [ 154.741324][T10361] ? match_held_lock+0x280/0x280 [ 154.746239][T10361] ? __lock_acquire+0xcf7/0x1a40 [ 154.751150][T10361] ? __bfs+0x550/0x550 [ 154.755209][T10361] ? __lock_acquire+0xcf7/0x1a40 [ 154.760131][T10361] ? __lock_acquire+0xcf7/0x1a40 [ 154.765170][T10361] ? check_preemption_disabled+0x47/0x280 [ 154.771265][T10361] ? trace_lock_acquire+0x190/0x190 [ 154.776449][T10361] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 154.783020][T10361] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 154.789591][T10361] ? rcu_lock_release+0x9/0x30 [ 154.794341][T10361] ? stack_trace_save+0x1e0/0x1e0 [ 154.799344][T10361] ? rcu_lock_release+0x26/0x30 [ 154.804171][T10361] ? is_bpf_text_address+0x398/0x3b0 [ 154.809429][T10361] ? stack_trace_save+0x1e0/0x1e0 [ 154.814446][T10361] ? __kernel_text_address+0x9a/0x110 [ 154.819843][T10361] ? unwind_get_return_address+0x4c/0x90 [ 154.825459][T10361] ? arch_stack_walk+0x98/0xe0 [ 154.830211][T10361] ? stack_trace_save+0x111/0x1e0 [ 154.835226][T10361] ? lo_release+0x1f0/0x1f0 [ 154.839724][T10361] blkdev_ioctl+0x917/0x2c10 [ 154.844329][T10361] ? tomoyo_path_number_perm+0x587/0x740 [ 154.850070][T10361] ? trace_hardirqs_off+0x74/0x80 [ 154.855099][T10361] ? quarantine_put+0xb7/0x1f0 [ 154.859846][T10361] ? tomoyo_path_number_perm+0x587/0x740 [ 154.865560][T10361] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 154.870845][T10361] ? __kasan_slab_free+0x19d/0x1e0 [ 154.875956][T10361] ? __kasan_slab_free+0x12a/0x1e0 [ 154.881043][T10361] ? kasan_slab_free+0xe/0x10 [ 154.885696][T10361] ? kfree+0xae/0x120 [ 154.889658][T10361] ? tomoyo_path_number_perm+0x587/0x740 [ 154.895269][T10361] ? tomoyo_file_ioctl+0x23/0x30 [ 154.900226][T10361] ? security_file_ioctl+0x6d/0xd0 [ 154.905319][T10361] ? __x64_sys_ioctl+0xa3/0x120 [ 154.910146][T10361] ? do_syscall_64+0xfe/0x140 [ 154.914803][T10361] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 154.920849][T10361] ? kasan_check_write+0x14/0x20 [ 154.925762][T10361] ? do_raw_spin_lock+0x143/0x3a0 [ 154.930771][T10361] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 154.936560][T10361] ? rcu_lock_release+0x9/0x30 [ 154.941299][T10361] ? tomoyo_path_number_perm+0x5f0/0x740 [ 154.946902][T10361] ? trace_lock_acquire+0x190/0x190 [ 154.952077][T10361] ? tomoyo_check_path_acl+0x180/0x180 [ 154.957516][T10361] block_ioctl+0xbd/0x100 [ 154.961819][T10361] ? blkdev_iopoll+0x100/0x100 [ 154.966562][T10361] do_vfs_ioctl+0x7d4/0x1890 [ 154.971144][T10361] ? ioctl_preallocate+0x240/0x240 [ 154.976254][T10361] ? fget_many+0x30/0x30 [ 154.980476][T10361] ? debug_smp_processor_id+0x1c/0x20 [ 154.985827][T10361] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 154.991871][T10361] ? tomoyo_file_ioctl+0x23/0x30 [ 154.996805][T10361] ? security_file_ioctl+0xa1/0xd0 [ 155.001898][T10361] __x64_sys_ioctl+0xe3/0x120 [ 155.006555][T10361] do_syscall_64+0xfe/0x140 [ 155.011062][T10361] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 155.016933][T10361] RIP: 0033:0x459637 [ 155.020820][T10361] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 155.040436][T10361] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.048837][T10361] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 155.056796][T10361] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 155.064751][T10361] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 155.072739][T10361] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 155.080692][T10361] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:44 executing program 3 (fault-call:0 fault-nth:20): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:44 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:44 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) msync(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x100, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={0x0, 0x8}, &(0x7f0000000640)=0x8) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000680)={r1, 0x4, 0x3a, "c39a7f3dac772e551235961774a10f665b92e1930b39c0c13b6887a78a384b049c73726695cd2c12c76e8163036e0d0715fbea8bfb67396f19bd"}, 0x42) open$dir(&(0x7f0000000040)='./file0\x00', 0x2, 0x3b) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000700)={r1, 0x800}, 0x8) sendmsg$nfc_llcp(r0, &(0x7f0000000600)={&(0x7f0000000080)={0x27, 0x0, 0x1, 0x5, 0x4, 0x6d7f7d3b, "f35fe8f69a68b4dc9b4477776c1693ed184415c8f475c42f9a9479512a8090aed2965733ca2ef8b15fe1bb91e4ddf14dd6ed827c6afcbf6aee0b03c436e617", 0x7}, 0x60, &(0x7f0000000580)=[{&(0x7f0000000100)}, {&(0x7f0000000140)="23e67e41180cfc2c90507e263eb197ff0ca8748bd4074cbd5fd1e39f25fad05956c6ddb3beac0e628f20444135e8d75d96c1b12532be8def33dfff86796c34ae1da202f4920373e7f7b24703f0391aa67119d6cbf842dcab78b183f745f511f99b35567b2a0c0f85fcb5f19717f6e7faa8a3092b2a285aef9bfe24cedd378cad6e48ac3591c86437aa8dfcf5f6f4a174d0264b99e373e9a1e908b9af7e119e9d4d5a4b1924291bfbd4677a9accc1628250621147b5e4ff8281b0287ef400f2ebfd165bc21813de6bb9963bc4956ae93bad502eccf27ffea744bf3f4e422ece02cbca89cebb1badffc87d133a", 0xec}, {&(0x7f0000000240)="5e9f07ef55e258da62978f4f4267e6ce2afc38bc5c68a131020d5f18657c8507e5493bc447a3d6da7c88", 0x2a}, {&(0x7f0000000280)="22ee0b84d249fbb92b583c0de746d9e0576b562aa86314adf1b5247694b690f35c4df5e6eea1723b6150921565b658cb96257788aa23c0f4fd7ee3bba975a7c744faf31149aa4c20712d65253f786d9c70beadd0fb76ed3761b5b6f200f2c1df9a054d3f60e20af08f333d1f759251c2114cf948f8f62d0fcd1e80035652f742d815fa5cb027c4c276b83060f5243e82eaddac031f76077006a7ba5d743f32734dca35be215b56d2b78e13e9ddba550cd7d1c9df5631e6ce0b1411e11dc4d5a40d14c7d62c58eb0240a23dbc60d916a9f20f69b00a4eb5808afef96c26135393dac38db635be292e6a4113d7b1efe78993ed09511d5b20b2f6d1550e", 0xfc}, {&(0x7f0000000380)="90d29218f4fd8d518c3b199b0a161ddf8c26a37fb95668a12e835a51ee6dc9016bc5345da40196e59017ed758f649fb954294364f558ec9d06647e32b37c55e557f9a4129b6f2965d900f9aa740c289be578dbf900babe362127bdeac5f62317929741180397d82aace36f1846134434f7c77262e30111073dae1d2270ff7518cb2e45fb17ebfaebbf12410577b69d56e77bf3bb6c7587f3bc055364a912781b8477fcd7473976f1327d152db61366d6496934c5de622b8680fb127daee801893343637f372803677897704bbc6e19b9cc98ae8898fc", 0xd6}, {&(0x7f0000000480)="76294327c51a8894ba91adb60b5667daa9a6f9cdd4a1ad1f553c45de194705df1369c39487da6ddb8a86d80668791e39c5d43c0ea4d8166cfbbbcdc6442b5a430c3ac1dfca566b22bbf5a64a84e0375d493159196b80035cb2ef92fcabf0ebc8e9f1500d1eb3e1213bf86d602d144805a896813f1395bb61dc00895bd6337008b0db7633da4824bed48360cc49b577617a64cbd20bd0046efeed6bc166ac861b6108e6acfca4379144bd585185734c688d413388275740aff0a6cea53aacefe83df6fdaeec5d649be26f040516c2", 0xce}], 0x6, 0x0, 0x0, 0x800}, 0x4000000) 03:42:44 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x9}, 0x10) 03:42:44 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x02', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 155.311521][T10395] FAULT_INJECTION: forcing a failure. [ 155.311521][T10395] name failslab, interval 1, probability 0, space 0, times 0 [ 155.338803][T10395] CPU: 0 PID: 10395 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 155.346748][T10395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 155.356821][T10395] Call Trace: [ 155.360110][T10395] dump_stack+0x1d8/0x2f8 [ 155.364434][T10395] should_fail+0x608/0x860 [ 155.368878][T10395] ? setup_fault_attr+0x2b0/0x2b0 [ 155.373928][T10395] __should_failslab+0x11a/0x160 [ 155.378861][T10395] ? __kernfs_new_node+0xd9/0x6e0 [ 155.383885][T10395] should_failslab+0x9/0x20 [ 155.388474][T10395] kmem_cache_alloc+0x56/0x2b0 [ 155.393228][T10395] __kernfs_new_node+0xd9/0x6e0 [ 155.399922][T10395] ? __lock_acquire+0xcf7/0x1a40 [ 155.404953][T10395] ? kernfs_new_node+0x170/0x170 [ 155.409900][T10395] ? trace_lock_acquire+0x190/0x190 [ 155.415111][T10395] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 155.421720][T10395] kernfs_create_dir_ns+0x9b/0x230 [ 155.426834][T10395] internal_create_group+0x234/0xde0 [ 155.432135][T10395] ? bd_set_size+0x97/0xb0 [ 155.436579][T10395] ? sysfs_create_group+0x30/0x30 [ 155.441605][T10395] ? up_write+0xb0/0x1b0 [ 155.445843][T10395] sysfs_create_group+0x1f/0x30 [ 155.450719][T10395] loop_set_fd+0xc7c/0x1130 [ 155.455221][T10395] lo_ioctl+0x17a/0x2400 [ 155.459448][T10395] ? match_held_lock+0x280/0x280 [ 155.464387][T10395] ? lo_release+0x1f0/0x1f0 [ 155.468969][T10395] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 155.474266][T10395] ? _raw_spin_unlock_irqrestore+0x77/0xe0 [ 155.480063][T10395] ? match_held_lock+0x280/0x280 [ 155.484981][T10395] ? __bfs+0x550/0x550 [ 155.489028][T10395] ? __bfs+0x550/0x550 [ 155.493078][T10395] ? __bfs+0x550/0x550 [ 155.497311][T10395] ? match_held_lock+0x280/0x280 [ 155.502255][T10395] ? __lock_acquire+0xcf7/0x1a40 [ 155.507201][T10395] ? __bfs+0x550/0x550 [ 155.511274][T10395] ? __lock_acquire+0xcf7/0x1a40 [ 155.516225][T10395] ? __lock_acquire+0xcf7/0x1a40 [ 155.521175][T10395] ? check_preemption_disabled+0x47/0x280 [ 155.526881][T10395] ? trace_lock_acquire+0x190/0x190 [ 155.532072][T10395] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 155.538658][T10395] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 155.545242][T10395] ? rcu_lock_release+0x9/0x30 [ 155.550078][T10395] ? stack_trace_save+0x1e0/0x1e0 [ 155.555100][T10395] ? rcu_lock_release+0x26/0x30 [ 155.559933][T10395] ? is_bpf_text_address+0x398/0x3b0 [ 155.565201][T10395] ? stack_trace_save+0x1e0/0x1e0 [ 155.570207][T10395] ? __kernel_text_address+0x9a/0x110 [ 155.575599][T10395] ? unwind_get_return_address+0x4c/0x90 [ 155.581300][T10395] ? arch_stack_walk+0x98/0xe0 [ 155.586050][T10395] ? stack_trace_save+0x111/0x1e0 [ 155.591059][T10395] ? lo_release+0x1f0/0x1f0 [ 155.595542][T10395] blkdev_ioctl+0x917/0x2c10 [ 155.600113][T10395] ? tomoyo_path_number_perm+0x587/0x740 [ 155.605750][T10395] ? trace_hardirqs_off+0x74/0x80 [ 155.610763][T10395] ? quarantine_put+0xb7/0x1f0 [ 155.615512][T10395] ? tomoyo_path_number_perm+0x587/0x740 [ 155.621133][T10395] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 155.626406][T10395] ? __kasan_slab_free+0x19d/0x1e0 [ 155.631502][T10395] ? __kasan_slab_free+0x12a/0x1e0 [ 155.636592][T10395] ? kasan_slab_free+0xe/0x10 [ 155.641244][T10395] ? kfree+0xae/0x120 [ 155.645209][T10395] ? tomoyo_path_number_perm+0x587/0x740 [ 155.650832][T10395] ? tomoyo_file_ioctl+0x23/0x30 [ 155.655858][T10395] ? security_file_ioctl+0x6d/0xd0 [ 155.660969][T10395] ? __x64_sys_ioctl+0xa3/0x120 [ 155.665801][T10395] ? do_syscall_64+0xfe/0x140 [ 155.670453][T10395] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 155.676515][T10395] ? kasan_check_write+0x14/0x20 [ 155.681429][T10395] ? do_raw_spin_lock+0x143/0x3a0 [ 155.686462][T10395] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 155.692267][T10395] ? rcu_lock_release+0x9/0x30 [ 155.697032][T10395] ? tomoyo_path_number_perm+0x5f0/0x740 [ 155.702641][T10395] ? trace_lock_acquire+0x190/0x190 [ 155.707816][T10395] ? tomoyo_check_path_acl+0x180/0x180 [ 155.713253][T10395] block_ioctl+0xbd/0x100 [ 155.717554][T10395] ? blkdev_iopoll+0x100/0x100 [ 155.722294][T10395] do_vfs_ioctl+0x7d4/0x1890 [ 155.726866][T10395] ? ioctl_preallocate+0x240/0x240 [ 155.731961][T10395] ? fget_many+0x30/0x30 [ 155.736182][T10395] ? file_open_root+0x440/0x440 [ 155.741009][T10395] ? tomoyo_file_ioctl+0x23/0x30 [ 155.745935][T10395] ? security_file_ioctl+0xa1/0xd0 [ 155.751034][T10395] __x64_sys_ioctl+0xe3/0x120 [ 155.755688][T10395] do_syscall_64+0xfe/0x140 [ 155.760167][T10395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 155.766128][T10395] RIP: 0033:0x459637 [ 155.770023][T10395] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 155.789697][T10395] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.798096][T10395] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 155.806046][T10395] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 155.813994][T10395] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 155.821940][T10395] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 155.829922][T10395] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:44 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m0dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:44 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) recvmsg(0xffffffffffffffff, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)=[{&(0x7f00000028c0)=""/83, 0x53}], 0x1}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:44 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x06', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:44 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x4, 0x2e200000000, 0x81, 0x7e8, 0x8e91, 0x7}) 03:42:44 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x400, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0x3ff, 0x8) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) recvfrom(r1, &(0x7f0000000040)=""/94, 0x5e, 0x42, 0x0, 0x1c3) 03:42:45 executing program 3 (fault-call:0 fault-nth:21): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:45 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:45 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x501, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)=0x1000) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 156.116821][T10434] FAULT_INJECTION: forcing a failure. [ 156.116821][T10434] name failslab, interval 1, probability 0, space 0, times 0 [ 156.178771][T10434] CPU: 1 PID: 10434 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 156.186709][T10434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.196768][T10434] Call Trace: [ 156.200067][T10434] dump_stack+0x1d8/0x2f8 [ 156.204404][T10434] should_fail+0x608/0x860 [ 156.208840][T10434] ? setup_fault_attr+0x2b0/0x2b0 [ 156.213895][T10434] __should_failslab+0x11a/0x160 [ 156.218834][T10434] ? __kernfs_new_node+0xd9/0x6e0 [ 156.223846][T10434] should_failslab+0x9/0x20 [ 156.229475][T10434] kmem_cache_alloc+0x56/0x2b0 [ 156.234221][T10434] __kernfs_new_node+0xd9/0x6e0 [ 156.239052][T10434] ? kernfs_new_node+0x170/0x170 [ 156.243985][T10434] ? kasan_check_write+0x14/0x20 [ 156.248898][T10434] ? __mutex_unlock_slowpath+0x18c/0x630 [ 156.254505][T10434] ? mutex_unlock+0x10/0x10 [ 156.258989][T10434] kernfs_new_node+0x97/0x170 [ 156.263644][T10434] __kernfs_create_file+0x4a/0x2f0 [ 156.268730][T10434] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 156.274085][T10434] internal_create_group+0x511/0xde0 [ 156.279348][T10434] ? sysfs_create_group+0x30/0x30 [ 156.284352][T10434] ? up_write+0xb0/0x1b0 [ 156.288669][T10434] sysfs_create_group+0x1f/0x30 [ 156.293496][T10434] loop_set_fd+0xc7c/0x1130 [ 156.297982][T10434] lo_ioctl+0x17a/0x2400 [ 156.303957][T10434] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 156.310521][T10434] ? match_held_lock+0x280/0x280 [ 156.315431][T10434] ? kobj_lookup+0xc2/0x450 [ 156.319907][T10434] ? lo_release+0x1f0/0x1f0 [ 156.324385][T10434] ? match_held_lock+0x280/0x280 [ 156.329315][T10434] ? __bfs+0x550/0x550 [ 156.333361][T10434] ? __bfs+0x550/0x550 [ 156.337410][T10434] ? __bfs+0x550/0x550 [ 156.341465][T10434] ? match_held_lock+0x280/0x280 [ 156.346381][T10434] ? __lock_acquire+0xcf7/0x1a40 [ 156.351290][T10434] ? __bfs+0x550/0x550 [ 156.355339][T10434] ? __lock_acquire+0xcf7/0x1a40 [ 156.360255][T10434] ? __lock_acquire+0xcf7/0x1a40 [ 156.365259][T10434] ? check_preemption_disabled+0x47/0x280 [ 156.370957][T10434] ? trace_lock_acquire+0x190/0x190 [ 156.376134][T10434] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 156.382712][T10434] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 156.389283][T10434] ? rcu_lock_release+0x9/0x30 [ 156.394027][T10434] ? stack_trace_save+0x1e0/0x1e0 [ 156.399024][T10434] ? rcu_lock_release+0x26/0x30 [ 156.403849][T10434] ? is_bpf_text_address+0x398/0x3b0 [ 156.409112][T10434] ? stack_trace_save+0x1e0/0x1e0 [ 156.414113][T10434] ? __kernel_text_address+0x9a/0x110 [ 156.419459][T10434] ? unwind_get_return_address+0x4c/0x90 [ 156.425069][T10434] ? arch_stack_walk+0x98/0xe0 [ 156.429816][T10434] ? stack_trace_save+0x111/0x1e0 [ 156.434819][T10434] ? lo_release+0x1f0/0x1f0 [ 156.439301][T10434] blkdev_ioctl+0x917/0x2c10 [ 156.443872][T10434] ? tomoyo_path_number_perm+0x587/0x740 [ 156.449492][T10434] ? trace_hardirqs_off+0x74/0x80 [ 156.454497][T10434] ? quarantine_put+0xb7/0x1f0 [ 156.459239][T10434] ? tomoyo_path_number_perm+0x587/0x740 [ 156.464846][T10434] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 156.470110][T10434] ? __kasan_slab_free+0x19d/0x1e0 [ 156.475198][T10434] ? __kasan_slab_free+0x12a/0x1e0 [ 156.480289][T10434] ? kasan_slab_free+0xe/0x10 [ 156.484955][T10434] ? kfree+0xae/0x120 [ 156.488914][T10434] ? tomoyo_path_number_perm+0x587/0x740 [ 156.494520][T10434] ? tomoyo_file_ioctl+0x23/0x30 [ 156.499434][T10434] ? security_file_ioctl+0x6d/0xd0 [ 156.504609][T10434] ? __x64_sys_ioctl+0xa3/0x120 [ 156.509435][T10434] ? do_syscall_64+0xfe/0x140 [ 156.514089][T10434] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 156.520133][T10434] ? kasan_check_write+0x14/0x20 [ 156.525051][T10434] ? do_raw_spin_lock+0x143/0x3a0 [ 156.530065][T10434] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 156.535856][T10434] ? rcu_lock_release+0x9/0x30 [ 156.540603][T10434] ? tomoyo_path_number_perm+0x5f0/0x740 [ 156.546228][T10434] ? trace_lock_acquire+0x190/0x190 [ 156.551407][T10434] ? tomoyo_check_path_acl+0x180/0x180 [ 156.556844][T10434] block_ioctl+0xbd/0x100 [ 156.561154][T10434] ? blkdev_iopoll+0x100/0x100 [ 156.565916][T10434] do_vfs_ioctl+0x7d4/0x1890 [ 156.570498][T10434] ? ioctl_preallocate+0x240/0x240 [ 156.575656][T10434] ? fget_many+0x30/0x30 [ 156.579874][T10434] ? debug_smp_processor_id+0x1c/0x20 [ 156.585220][T10434] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 156.591264][T10434] ? tomoyo_file_ioctl+0x23/0x30 [ 156.596181][T10434] ? security_file_ioctl+0xa1/0xd0 [ 156.601284][T10434] __x64_sys_ioctl+0xe3/0x120 [ 156.605943][T10434] do_syscall_64+0xfe/0x140 [ 156.610425][T10434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 156.616379][T10434] RIP: 0033:0x459637 [ 156.620252][T10434] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 156.640112][T10434] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 156.648506][T10434] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 156.656571][T10434] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 156.664521][T10434] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 156.672474][T10434] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 03:42:45 executing program 4: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@loopback, @multicast2, @empty}, 0xc) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 156.680431][T10434] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:45 executing program 3 (fault-call:0 fault-nth:22): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:45 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x18}, 0xc) r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video1\x00', 0x2, 0x0) ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000080)={0xe, @output={0x1000, 0x1, {0x5, 0x757fce58}, 0x6, 0x1ff}}) open_by_handle_at(r1, &(0x7f0000000180)={0x1008, 0x5, "343855915ea1b2ce978242edcb6e7493d443b5e8baf4418345a7acc19050e878db60e107186552ee0bd44f0c51d39d9a841fd9d96fd76984c0a1596f87624303bb53872e5de62c22dc662dc986b7852314d692d14eb17c241416eb48ad3618fe03441c60536d3f55d5b8bb030738fc6771a17593112636aa64d519a31bf06c40dbb3bf77bdf95f95c2307ab73a0dd1bc5c8796a83d77a7edcb9576d90340b70c1f907d4cd3099c423c9287c1d8b1e84313872e6704ff5a053cb414fe76233f35d96fff795b511b8d6554298829fc68b28074311450bcef85445c873e22682a64d8f4cbab4dc89a537aa10d462e93d5080e707372962e5073f9078cd1b70801651ad368229759c607c75c254a7920d363defdcf0e0e1808d042b5c2e384d750ece2cacc3fc07eb3b7bf60071655d4a2d0d59b0f6111a37498cea50635162a826c248ae813864675f668b05e7150c0f5269245a1193cad46df74790a42744426f076db029090f1e4074a9cf3eeea62a84ba9245ae2f2f2cb1f4d3819ba72f0419564037543f57344091d70d5b0450855fc0eb46b1d1a77c59eaa562447916a7a1a82634d1d066105a5052c89c51ad61a5d48869da149830a8ebe135374ab134708c8765b9cb872eb15c21b75b8fb1f72edfa78af7cafab4df9fabc5b0a24f7a40c9eadcd1868dcdaa3e487ef7dc5dc3ff7ce3aa723f3cef28033ff50267a75dad55b0b44e1c2cf1eba293159d206f132f0c3af6da8be009ef00b4a62547c03a86c8e743f2c79cd0d385632804bb58deca2ca4404a1af6b0ea512ebb4814ae8770c1a0968dc549ff0ea614a94dbf841f3ef599a4290bbf628f4ed365a4ea5ed7d295ee8d700baee7bde61b766d5b1e9d7fa332bc3bc84d1752aaef65d833fd2da84ac8a2c724745e1d7f39c446b8e108bc5b53ddde41a5ff804ab77df5c13890c105096e3c803479aa105d81fabff168e8ff115359ccf82861abbf07537fb32d41da264e6f00e89d9e0467a165baca87ab8a93d0a6dc2ee1c50eadbbf91a8675f4ea0b9f06d760f400f2a75749617f5b3019335560a8f0fcaa5395a60f2be7ce95f884b867a2d90112f13bac129d763b8ed5d897348e11cd55a6e3d30cff645270b5fc228c9f9da8e034534d28c51e4b629e0bf898fe969535195de71a3b3dff1c49796f051694abe88471f31e21420f1867d8e7bfe0ba512eaf1ed1b4be4faa60dc3c1bdd9ea81feef501381d36f79515c272ef6e518c2bfbe94249aebac01d5bac4006b843b3788348ab50cb357e1a2b01fbbeb3d15bcddaf7df9d25a95107caf4f9e51632b905560b509e9301c08af9e56f2af1f754a260e1b0f1a94ef2506046af3a5c58db48ad0b6afde609aa47e7e42fc47d9e2daa826186034894cee3edfbc1e8000e107f83ac0c08c0499fe646e020bd70ae53badeb654fbc050092103664e1535c6c95b4cfd2c31f7ac8d8da31e526edd0fe381ecf42662f6d3c1f6b8063b8252cbbcd319775e4f52cee683221840f3fd87446d489c0a13ff684f5f054d6aed7f16cc30d37d8845b367ff2d7bfff3ebae41f5ccaf1889846ac57eef64c92c16f3dce295f3c1c4ac0213d16ea6abc30697cda8972093ab367fed717e5dfd0675b70b326fb16f1156f507898a3a0ffc8a11aef49dd9a203f36579bcfeebdb9889740dc06a63ef911d5cb9c88ffd54a912f0c5a538543970f588e1e9a320e862df26a0ef12987c682e4cc7dc71f3a302eb0299602df38c714321d3274292a096f6f8f1ec3b19cc35dcbc299d7b3f31c99039b5fd90ba3b2a01d9f8ea50eb504e5d3db5180ddb3c385fabb1c8f22024b9a7d22dff2af70bf48fb1bad9df67d96cb17fb5ad719654a59c2dc15b7d815be6e26e81ad81d1c7335759e944eb6d2db747db5e7b556fefe343757ec38f784892cb967013669469239761ab36951600b86b9e774308bddac49c11d0f0fdc53d6050a515aa383ce794c1ab66764214a2de5f96356688cb73d0c40b8e28d40c69e5af744d9067790f463b8232f695c3b36ef190a64add224ba51214b788c556b4b3586a2e5eff0982c155db9c54395c397076b1a8e5843d65619e2c7086ff65a3d7c130a2dcdb0bdac606d91cd5281e33a9bb2eb601e3769edd3c78afed52549e5f5ad854bfc732e9695b861d3158603926efd2e2cb439c1ad9bd13aa83e4364a7b4054926778ff9c2de19eae123948cf5f15f0bd669c3661f9ea895c02b1b3979dda5fad503fe32c57ee20eca539795343f6e07ef1313ddddff390f9cf8bcb9deb27f62f195a0bb4dbb3a38e9fd6f5c66dc8925fcb6063b0ab1b33ff28d9b3786f856b7209300ce44dbb6fe3d7b903f0cfb31c51e8c3bf9b36f79091e9985a55a6dbe6ea92af14d587d03c4aed3e11775764c6308e63e50155099381607295b7af0d339672f9f5abd00fe79396ed9e72dbb7355cc452b0ce3ec379ad0afae52f3018345a300617d89be17badeee4ec7c298ecc73028e3a1d21bb1e52971f280acdcb6a2343eb957a9242b6359ec93ded17d35898bf23b6c406b6054e9d3ebd194c17a5782b1f8d1d0052aefd4db4cc992991e133b4fff557ba7aa96b2005dc5bba51af60db5a28a7a52bbdb0ae95524a8e96cc4be879fc18f91417be57d47b32e37dacde0fbb7c57efa9fc8b4abaec19fb28ed0e3cf486441487756c70b00baf6e3ff6918ac26c58405cd61dce90a31039df3b18f39f84a2806b8cbb616904eae32e44c9d3ba8ae2e290e0d58d56c611ad722a523ff28f0828fd4f0fda5586b432edd4d9a712dd08a8c6a4ca1676734e133d8486af30d4ba37f1e0d8915c2afec370dcdf84f14a559fea29efff2fadb38ed64d9ae30b79f8aca77f9471fb4ed21b9ddc6cea8b9d8048a3ee14f86ac2970c5e61a4f076373a9ca6fa4f0ae58df1458201b797c8a67829e2526987f9683d800db09b0c6874feab3cc325fcb358a46a6a44ce0eb0cabb6e83878e933e498606e917b15451f905e42dcbab02f333b19556eb8c031b6365747f214916c81d9222c6606821abc646150344806f7105576a4fbb44872c80a425a33587a5c98f5ac56eed5d3db1245632d9a8e8cf722840ea897c9b48d6bbec90a15821f4dabc48d1c39d460b01986ad6838aa06158e4b13993a143ac4bb76abbcc7beee6c02be48cd53da03a0ad37823ecb5dda3c9fee2d38ebf8db6ac251275a7d5b881955ceab1efc2b5a3349c815d208c03885975448f65b0e039f7d101c8d8e25cd283629636e1de6ac0cf9ce289ec354e879e1271943ff4e4aef612074a744a912c995859b88adec60a5896d53b938f5d546d289845b457e0a1144110d016dab20ad92f723336dd574c48ddec767cd61e9dcb490741710c6b9ce9cc8b48aa636a6440e04b84fdffaaafb9ef7a2b89cdbe77c3d169b9c83e9b87beb8d698b3f082353c1a2ef94b7360348c743b2edf1e558d821549bc64cfc8b75668d981f08a478e11ccb6d7b6d5651544ffb4f0a86fa006601dafc68ea1ad0177698804d31ec55b4d62dfda26a1de38328fcbf22138fc9ee27f8a147376c862a66323d509fa746e46ea28c21ea7a32d4b5ea58df253472196704018f6b9a6602e278f123e06096a5e6b22b6b9c7f0d2c90ff9ff07e8bcb25947a5840bbb757d9dd835a93eb65bc50adc35af18c6941573b059f92b5cdbfd57982bda855a63c754ae36bf55838e7cf220b77e834f3afc2b0cedb84fbb4cad59bb4b101f93c7e2d9c916906481de8960525565b3160cd1c424693242e96e5ff23225dd96a597735622095c7de355b7dff151677a633af3fcad64036be9ed358dd074994e1982210f47d2bea65da193c7082c22c416142ab06c5cf74d9b9d4ab1c3620dc332d87088aa643421f186781402306636f6d348c7cd7e8b49537e4650a4cd1f956b38fac8e6b57f37b8deb62e4d34f901d0a489970ca5fd8de2b9f69697c4b24ea9e089e937ef56d6245821ddef5203a64cb4b808890e02acde67524f0fa4b6680d744c9a33cbb67ae6cf8cde4dc47ac1bbf5805115fc225f0c5a25c3fdbfc46ea67d403a8625f1dee3de615a324a1b9d3b0da853d5fb673b690bd7f246b02d3f638932cd2cd5c6aaac9dd00fffe22cee7a64877fcc5302d5a3196c9bd1f6955a97c4f2e3db6edd7ce40607a85beaa0bc5cbfe00a3b6d9cebdb47b2e0784715cf5b045f351d8d7ade2df4c6650003bb769555cafefbbe5f94c4fb7cecde599d2f3fb30de73bb4f76aa80fde2b0d58500d6de2925ff2c5ee01e0694a497dbc0894c27e82019e56327bdb88aa508fae1892f5afb57f0405948d8d3650db67f999b8da980ae2708e9687d570dbc34d7f8b87a3cf35799e3897b6762ac83f7da5e0b5534e2c11809dd1116239b4c52ee9cb583645a6dc5625fcff7785a1fc685247f18a2eabf374eb061cd37aa10fecbfce6c11c3c89ed0042855160574e19a5b40c543ab3bcfd2f8296d44c36a3314fd69e530465242b72bddaf675ee717a573fde863f8026fb56581b921781448d1811f5bfebd38a33dc48a2a58d16dafd426700b1014049e40eab3106a5849d397e6da64fa573f6c12c5dd361acb4e71b010135f3e783f94159c12d1634e6bcf32341cb32c018722507df7d0c8f7f21040daef0594d148c4594f43d15798494baad5367bdfb67b3f65a1c21c6911068ad528ec322526befd51c2abf23f210d68f78acdbfccf548673f77dc321510229f255b32ce601447efedd25a893cee4eda7fd3dcd7989c15f9900bd7249fb89a59924e7f2681310e8d81d56da5ce3db3ff215164289603b5a8997268e8d6ca0138d4af0e785c9bacf08e26ea5cad37d35443ae019d79fbb3c4cde59507c4a70269d7db5577597ce0860e7da6c46ee43d24ec2035a9ede449185be7c49e13473c11f895ffb5c93ee7bed93fa36e08ca3baff9efc3bb08c877ea99a8261c2c325a8093b5263dee3d145c31d96079c3fadb4e53ecfe9db3c5f7fbe71861c5fadfea4dc5c79eb4782ef552913deaebe6d0a04e0af1874bb584eb7421f63b2f191a88b192b09491803efb88bce07fe0012f86169e809f8187e015aabba15770edac1ddbc294b9fd72daec841c36d27431f33b2ff7855890b102744ab5cbd43ae28737cc8688789f562aadb44fc287b2bd4a092a07bad164d646a002932652eaec2f091be8bb1a3eb0a0f636273ffa3e59a29d4ea85036b23782054b2925ed6087757750fa245354dba61d3452af070741796c314393339bbd004936bbfb7d1e5a10d0a5873411cfc889d7ce0361f49808b45728d1b702018981ddc7c2f184b9738dabc5fb4ab5076634984ad2c3057aef86757f8e0daa5684307fdb781f88c7d8bb1280c251d55285b625bd6168d1934e0f18cbded5138d61a0c233271b5843bd447084747b0ca75fca132c6ee516958752fe10a86d159ee8bf9b1e4e8a269abb5fa13626b1efce09c7842b46de82cacf597b401fdf47e60ef9fd3cf21407ab7c34138c0ae68afd71f9d6cd9a09ad3bd32bd2d291bcf45855c15a135611eee0c3c3c4ee42e3ed068b8543f1c54f18921be99800a6b67ae724091835adf3620f4e8c31b299eb1e96c68f61f31d73af2a5ec64ff724d6fbfbf0f19fbd4039d3a6bfdbd30e7fc2c9c4ccbb9ddb1c19a14b4c0e0ff206fb5cb7d38e3271306c5acb6219fd2bd7d02f5e9d26826bfebd4e31f146d1ff73fcd82f0319f9663067dada11f1f04d5ad374f3d364c68e592ee3f7ac05effeb0f7fbb346cece819525f6e4da8a211151ce8aeccc496f9b62ca89610df8e47a743"}, 0x4000) fcntl$setlease(r0, 0x400, 0x0) 03:42:45 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='mLdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:45 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) recvmsg(0xffffffffffffffff, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)=[{&(0x7f00000028c0)=""/83, 0x53}], 0x1}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:45 executing program 2: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x800, 0x0) write$P9_RLOCK(r0, &(0x7f00000000c0)={0x8, 0x35, 0x2, 0x3}, 0x8) sendto$inet6(r0, &(0x7f0000000040)="9d09d7984a4bb6f861d4a8b2b03d227ab1e7c0f4afde0cae3a5403423dce9f85f0e2e86b0ad68842dd77dc6fbec34de4cf21d4306ec63912abcd5b28", 0x3c, 0x80, &(0x7f0000000080)={0xa, 0x4e24, 0x3, @empty, 0xff}, 0x1c) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:45 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) [ 156.908941][T10458] FAULT_INJECTION: forcing a failure. [ 156.908941][T10458] name failslab, interval 1, probability 0, space 0, times 0 [ 156.922160][T10458] CPU: 1 PID: 10458 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 156.930111][T10458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.940169][T10458] Call Trace: [ 156.943474][T10458] dump_stack+0x1d8/0x2f8 [ 156.947830][T10458] should_fail+0x608/0x860 [ 156.952274][T10458] ? setup_fault_attr+0x2b0/0x2b0 [ 156.957320][T10458] __should_failslab+0x11a/0x160 [ 156.962272][T10458] ? radix_tree_node_alloc+0x1a1/0x370 [ 156.967731][T10458] should_failslab+0x9/0x20 [ 156.972244][T10458] kmem_cache_alloc+0x56/0x2b0 [ 156.977021][T10458] ? radix_tree_node_alloc+0x1a1/0x370 [ 156.982474][T10458] radix_tree_node_alloc+0x1a1/0x370 [ 156.987741][T10458] ? __lock_acquire+0xcf7/0x1a40 [ 156.992667][T10458] ? loop_set_fd+0xc7c/0x1130 [ 156.997332][T10458] idr_get_free+0x2a8/0x850 [ 157.002004][T10458] idr_alloc_cyclic+0x1ff/0x600 [ 157.006861][T10458] ? idr_alloc+0x300/0x300 [ 157.011261][T10458] ? __rwlock_init+0x130/0x130 [ 157.016028][T10458] __kernfs_new_node+0x159/0x6e0 [ 157.020971][T10458] ? kernfs_new_node+0x170/0x170 [ 157.025921][T10458] ? trace_lock_acquire+0x190/0x190 [ 157.031111][T10458] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 157.037694][T10458] kernfs_create_dir_ns+0x9b/0x230 [ 157.042797][T10458] internal_create_group+0x234/0xde0 [ 157.048160][T10458] ? bd_set_size+0x97/0xb0 [ 157.052564][T10458] ? sysfs_create_group+0x30/0x30 [ 157.057577][T10458] ? up_write+0xb0/0x1b0 [ 157.061809][T10458] sysfs_create_group+0x1f/0x30 [ 157.066652][T10458] loop_set_fd+0xc7c/0x1130 [ 157.071152][T10458] lo_ioctl+0x17a/0x2400 [ 157.075384][T10458] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 157.081958][T10458] ? match_held_lock+0x280/0x280 [ 157.086907][T10458] ? kobj_lookup+0xc2/0x450 [ 157.091411][T10458] ? lo_release+0x1f0/0x1f0 [ 157.095904][T10458] ? match_held_lock+0x280/0x280 [ 157.100828][T10458] ? __bfs+0x550/0x550 [ 157.104882][T10458] ? __bfs+0x550/0x550 [ 157.108944][T10458] ? __bfs+0x550/0x550 [ 157.113006][T10458] ? match_held_lock+0x280/0x280 [ 157.117936][T10458] ? __lock_acquire+0xcf7/0x1a40 [ 157.122876][T10458] ? __bfs+0x550/0x550 [ 157.126943][T10458] ? __lock_acquire+0xcf7/0x1a40 [ 157.131874][T10458] ? __lock_acquire+0xcf7/0x1a40 [ 157.136802][T10458] ? check_preemption_disabled+0x47/0x280 [ 157.142518][T10458] ? trace_lock_acquire+0x190/0x190 [ 157.147707][T10458] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 157.154290][T10458] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 157.161132][T10458] ? rcu_lock_release+0x9/0x30 [ 157.166326][T10458] ? stack_trace_save+0x1e0/0x1e0 [ 157.171596][T10458] ? rcu_lock_release+0x26/0x30 [ 157.176439][T10458] ? is_bpf_text_address+0x398/0x3b0 [ 157.181713][T10458] ? stack_trace_save+0x1e0/0x1e0 [ 157.186729][T10458] ? __kernel_text_address+0x9a/0x110 [ 157.192092][T10458] ? unwind_get_return_address+0x4c/0x90 [ 157.197707][T10458] ? arch_stack_walk+0x98/0xe0 [ 157.202492][T10458] ? stack_trace_save+0x111/0x1e0 [ 157.207515][T10458] ? lo_release+0x1f0/0x1f0 [ 157.212003][T10458] blkdev_ioctl+0x917/0x2c10 [ 157.216587][T10458] ? tomoyo_path_number_perm+0x587/0x740 [ 157.222205][T10458] ? trace_hardirqs_off+0x74/0x80 [ 157.227217][T10458] ? quarantine_put+0xb7/0x1f0 [ 157.231964][T10458] ? tomoyo_path_number_perm+0x587/0x740 [ 157.237581][T10458] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 157.242850][T10458] ? __kasan_slab_free+0x19d/0x1e0 [ 157.247943][T10458] ? __kasan_slab_free+0x12a/0x1e0 [ 157.253036][T10458] ? kasan_slab_free+0xe/0x10 [ 157.257696][T10458] ? kfree+0xae/0x120 [ 157.261667][T10458] ? tomoyo_path_number_perm+0x587/0x740 [ 157.267282][T10458] ? tomoyo_file_ioctl+0x23/0x30 [ 157.273247][T10458] ? security_file_ioctl+0x6d/0xd0 [ 157.278357][T10458] ? __x64_sys_ioctl+0xa3/0x120 [ 157.283193][T10458] ? do_syscall_64+0xfe/0x140 [ 157.287857][T10458] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 157.293919][T10458] ? kasan_check_write+0x14/0x20 [ 157.298851][T10458] ? do_raw_spin_lock+0x143/0x3a0 [ 157.303884][T10458] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 157.309705][T10458] ? rcu_lock_release+0x9/0x30 [ 157.314464][T10458] ? tomoyo_path_number_perm+0x5f0/0x740 [ 157.320088][T10458] ? trace_lock_acquire+0x190/0x190 [ 157.325277][T10458] ? tomoyo_check_path_acl+0x180/0x180 [ 157.330731][T10458] block_ioctl+0xbd/0x100 [ 157.335049][T10458] ? blkdev_iopoll+0x100/0x100 [ 157.339806][T10458] do_vfs_ioctl+0x7d4/0x1890 [ 157.344391][T10458] ? ioctl_preallocate+0x240/0x240 [ 157.349508][T10458] ? fget_many+0x30/0x30 [ 157.353737][T10458] ? debug_smp_processor_id+0x1c/0x20 [ 157.359092][T10458] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 157.365153][T10458] ? tomoyo_file_ioctl+0x23/0x30 [ 157.370078][T10458] ? security_file_ioctl+0xa1/0xd0 [ 157.375184][T10458] __x64_sys_ioctl+0xe3/0x120 [ 157.379864][T10458] do_syscall_64+0xfe/0x140 [ 157.384360][T10458] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 157.390243][T10458] RIP: 0033:0x459637 [ 157.394218][T10458] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 157.416327][T10458] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 157.424738][T10458] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 157.432722][T10458] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 157.440683][T10458] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 157.448645][T10458] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 157.456604][T10458] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:46 executing program 4: msync(&(0x7f0000956000/0x3000)=nil, 0x3000, 0x80000000) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000020c0)='/dev/cachefiles\x00', 0x20001, 0x0) recvfrom$rose(r0, &(0x7f0000002100)=""/105, 0x69, 0x100, &(0x7f0000002180)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, 0x1, @null}, 0x1c) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x7, 0x0) ioctl$KVM_GET_NESTED_STATE(r1, 0xc080aebe, &(0x7f0000000040)={0x0, 0x0, 0x2080}) accept4$nfc_llcp(r0, &(0x7f00000021c0), &(0x7f0000002240)=0x60, 0x80000) 03:42:46 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x228000) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2711, @hyper}, 0x10) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:46 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x04', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:46 executing program 3 (fault-call:0 fault-nth:23): syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:46 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x8000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000040)={0x1ff, 0x0, 0x0, 0x800}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x40, r1, 0x3, 0x8}) 03:42:46 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x8, 0x209e20, 0x1}, 0x3c) recvmsg(0xffffffffffffffff, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)=[{&(0x7f00000028c0)=""/83, 0x53}], 0x1}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11036, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x200000000000000, 0x77fffb, 0x0, 0x820000, 0x0, 0x0, [0x0, 0x7f00, 0x0, 0x0, 0x2000]}, 0x2c) 03:42:46 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x2, 0x80000) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f0000000040)=""/139) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='mXdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:46 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:46 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xb, 0x400, 0x7ff}) openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) 03:42:46 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x8) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000001080)=0x1, 0x4) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x4c2280, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f00000010c0)={0x10000, 0x0, 0xb, 0x5, 0x1, @discrete={0x1, 0x3}}) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000001040)) setsockopt$inet_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000040)="b10700140b6854117222dbde681a651ebf0fbfb332bfce9051dc6ae1c8fbe64bb205da878d13120c48f7a856214ac2bc39b3436bcce5e32bb0e3bcdc903f079dc2986c482e2b15e5beb8a069eeb835573e5d4314258f59e4b7fe2dd7335a4209e0c58628234768ff0845996e8b3bdd5f19713ea836cb581c4552fb461660d7a8b9743bae5e34eca63b3ecaa81199381c8e113104359aa9ac77c0a96e10ca3c0421e98330370b675ed087a80af699ae1f8f446102521b744a7b87a400304789a31743691866ac358e721dc5f3cb393d1c6cf6f1712c788ddcc3ec1a56a036a3d429caaed6a44d01dd16766673906756a4bae344d45df60d3aa38acf1f28a9dd431c50ae7a854c4f61bcc1d8b5e82085ac07c3cf6e966e6bc21f7937d6c8f416cc582e297d2159136fdf2ec2b08e1b611583014d04d464c96ce0c374ccd7e4dcbcdb68e2de5116dd05e491e31a0db4e5b836fcf92ea371c996127ccc7d892f5ffe12137d991e21595be1bd3ca2e677a4cdc62e8cc5ff21ec8691f26b2862812f64484131eaca81b1e56cff2745a86a9e8edea458366b29872542487a934b6c2ca574da4dcf0d0d33f4f72eb90b43b97cec4243643518f700173cdd36e25ef9dbecee2ec952e43b877e2103c981780cb648676427393a3adca455ac2f71c02661a2c754ca83342cf3a94ea0b8273a53d1190bf274780a7af73245717c59530bbcee17d3f8694bf985377a08d8a6a4c6a95e04cfcdef36709ced122349ed2531ce54ef250813f34589839703cab506785d745f181f3e4d0b2e4f12b83fec59baa7ee4823c82c9d6df8eedf6e098a9fe0406b2fed6687a37b88994126079d0aec8f96c036100496f7833cb8ee5a3598ef4d1e0dd2c7af59edb2ab374c9e049eccc356d3a0b619d8112e347e3a488c72243d69188cadfdd0aead62c928dbb785b00761264aed8762810f45dde2b2694c81c46a02b8ef735f67f2eaf22405ec6585c25db2c86c877c80f7085cd64bc11d3b58f45d2cd7001d3d57ccd11c49e0e24fb570bca213866d27e117e22054410bf943f0b3f959001dddd86a6af70fc8f27657f2038f23ab8472d9c7b9ee7b73f2012a4b3279d54b85bf4401be1e0909ee2e69c0a26de8349b6bff0f0ad7161526624d3b4be097348c80214c6fb15a6becaa4d873e0eefc38c4ee945c6782bd054af5f61d28cf82523aba89b79ae8d32337c235cbbde67ebd4f3dc445a19dbefbe8f98965a8fa5a67302baa2b5efc42329aebca64d374fe8096c5c91dafafc2d20ffe2465720a48b7ea27e0ef7f20620714ee118d2fa6bfe14adb391f3ac43e96c6a693d5d1f7990f92c1721c2aa603c98ab7fd77d7f520e94b9c3d3a72fc7eb640953888c3e8d6ba8690788fac8fead424da0a1358e17a281cf23c3ccf862f24a81de941415d97eb0f44c24605db39fae379fb8cb00c9670d50d1cf99230353816f62993667c43ba2848915a4f0d1d96dceee197afccbba860c3d6604889f8216a476d024caa6226f770f54bb3a49d73c8805158f1663cc617f2a6fed27d994bebdc35879b387fa3e83802fb642d27edb109d7635caf6431fa9e322a4525532f8dddb282b89cd9d5c71e0ef67a40700208de488bc62a398ebfc8551a680a5cb9b86221bbf6c769cf438bc6e4a19e656e8c8ee2b6a1f4d42f877905d7c017ca500b1ba110639810e7a9c47f4b7fb4a4dd6fc0129746d240f887c68d00f1ddff92be6ca8da9442facfb4764fa20463465b8276026294258667dd69d85c2435571d280b7b82de28ce7502f31edeca8b0e7a252e204de019d3bffbf3a2a0713c6002072a1a171ba7329ceff3bc4f49e1069d844cc1561a2ef41bb9a8de6ecf0b1ef14c6c24b4651fce8f8ddd90e824e6982d1cc15337337501449508ff2740f7b54d17f79b80fe91681aa39ea9467fdefcb0a15b0c7e79c5e0b6c174a3a1d31b5c580065bd0ef0b157c0263aaa240ae5b4360629e7e9514bd69095b80eac77eba2e636ec83069549730180d49f40200eb9175e90d612aae3002ebdd7d82e775ea3b06472ac0b8624571eea1120a0b0a34b022240d75f06d25550256e1a20e93eb08dd6e935bb919149712421e1ec0d44009a8e78c18c4f92c381957d83ef41c7354659b6eb747cecdd608fbe59577c963c6c0b49889b298e1a09403c025992f911c520b8f3f245892966717e1fcd468505faca04a1f21c3c808e391d3e3f4bc8a74722ccd5854ef0e97aac22288aeea9ef43db567f8da5df47eb81ca1a607e540b403af602a494cb601099675f05028af298b703844b9d95023d27c0984b86a50713a6daee72eacd70190f52def2aef0b23936e1fd6ccbac69b8940c9ae2be03071e8d732c2483c362ce119b03b241055f6b668835846cd21f9b0427d361bdc94a94f39418614b1a96f856b0c34c5b9f3c54ba4be5f8aafa5651ad1c3b75c613d2c8efe4c39febe0b81c7e246494615940b96c1f74fbe5db200949793c49e659fdc90cb034b843a952170d5c62358db735b1d53c6d8d79411c64e99586297f46f64777ac69ec234a75b3ddcf87820e47d6718533504ad48671a12cfe7f119b4617b45762df3635070c44f488cf3292822439cd352f79bac558b6e4748e5cb035c7174f46d95db664544ade9098d4eb7cde306e5b43e2be687b5c043c07c031729d09c2d11a9ff2d031e230d41fe22c8d428b5078210891ded929b1edb19dfdcde1fe956ba6527c8a3be78624f4cfd9462023dfd0ba6fa99507f7d700c254ba06427762f2193415c4ecc329bd7e4330ba79ebf0000292373bd1586d0a62a667b7e74cba774ad6ba02ba8c9c4740466b8a49e8e2c7ce24dbb2714dd47cd0dc70043f77a5ef260a4568dcb0ddd8c96c489f715c59d2c2dfab53c81feee57ad9842177aa347137e3b1d05ff6760a3646dcba5928885efb60ce88aa9b21e7e060b0ced5ad6abafee1ec1e0795d30eda7c65abe0962d18ef1ec9089891c2886810f9d7d87de0a8a99c569835e8654ddc0af2fc91c250d7e202ebc06da486e0fa3bddfd31fee9625d896be7cefcca24095e45376d570e64c336dc836e6b0f6f035baad3d46558360d6ff97b59755bea68a047ed11cd4504e94c21c465bda1a0956323e4866b19d2754f2b09a5916f2605c4efbc9f097ae74da6c918021483c1f904f847ce20b6de72fd5fa754e0bb4c0d11a719e12e2eb7d4168313cb4e993739fe597298c75c1eec41e83e8082e8e83f21d1df7fa60feb6382dc64f3e0e8b14a7725832474f072441dfa324c2ed0b231c678c07621e61a79e2de1821fd12b18ffc5aaf83390d5beee741769518cf867c51ba017831bcdfb6e4cd0c27511f1f58c0d65374ed4661d132c82b1fa5ee24bdf5d83f99adaa5e3622dd730d1f7dfb775b51e934196ecac4155d61843b640e630873a47ec73239ad221fed98fbeb4945a4a46cfbb4c9ddab084dd8c862e3de91a5edcf0d919a77afb83552323df9da4728d60ef451042e629fa0861f345e3a7570dff214e4c65dc533b7a665b9dd66e647377cb651da958730770b0a32e8a3a425923ad32ea8d7e714cc38d106ce7cda0aef89187689d50a5090cf0b51738e071334799678a8168e95e6f0365793ab3cf9282446d2a8191f8957c9282d9e66f47b31af7f2484f3147b49cb8ab9293368997e500d30a930f123f59894be4452f7eb76a48875f0cb80caa9c2c47995a062fc55f9792e20d2ea0c4da9cd0529d87ba15047bfdeb019317c96904b0e9b690e42174fd9de1ee241e7f33d698329b4424405ab01cc786a2b829e080cb623447f23c74941d982212b894027836c0ac5b5ab50850328ddb8fc7410e66a8aeb5bff9b8db64cfe4a441406507b3a978bd5e53a1577c14538f6314e601e2a96255876537e11f0fe5713e7311b86932fedd6c53b8ea4c3c4b6adcc53b3d56619a1fbff4ef966a02b54a647e09015ae3cf1271d11e7f1466d8b63113c15068cacf208e12af7cae4b05b1d55a9af8c91958d99601ca5b73dc1b9e5bfe89169ddabef876bfcb2ffd025f2f7e074229eac45f526550fb36f8e3be88d478437b0e73de58e41416e1f7be494ed1d79092a45ad51c4d234dbc59f79098465c661318aa5b6645f913484cca05104273bbee2bf1bb0cd2f77029d71cfe888d52ff0253a8c34b9b0acf398e41f2867517d093310cc3caf9639354f8b0eb94905e8956778a27b53868c0ec562498aaefbb4af208c58afa941c7cb1753e75c7066f1795d8ab892f3213723499130000d0b8ebff4598ea49850ea07ece92337f446072eb4728e69237b69987a699d9261a60a3c7c3859e83391ed1e07084a93046e8d32c2539817384ff310dc525a8bee02c1b2244aeae77789c11d0cbfab0e20411d4005466f0c63e0a7995c191857411636e39bacc65f83ad0e37862e790dea1cbcacf3a57ab2df213498cbd60800f2dde85333025abbec9185caf49813fb1382f4694f81e9488ebdfa6922a83792290dcd9f895f190caaef8140a3a941a3658f70f7399be84f2966add71fde1b00e9accac894d38edf3ca537417c0ee4daa921fb3fcdacb67c9f9bfc22ae6dabe1a3455392526ca27ae6f4e6d3bea42262cc2b8244ea3f27b1adfb6907a4e562d9ae686a2ee2d0b46ce53736e2351609aa3b8fa986bcaa7cc323cc283359c66b44538d962ea2107d542ecedbfe9b9337469ed5b6e0a70723b5e7df2f935b05529ea70abef87d69ef6dfc72657ae2119b50cd3c72dfdcca60335dcaf7d30e0b06cef5516c93e3252445c1af6f5c6d20dfb61394da1c59b54ec25ec2a664d7b1732f55cabcd24b209691dfe10935ef29517b222ef2fedfeff463ad179940bfa4f32150bd22810ae50f82b8ab63b196e4522d4201af276d353e9078a7a28110d9ac4993e9a21fa38f910ea4291a1d554bb6a8486de47bafd2c90d208e0346bd5093d1f8222b25856afe7b4ed477c1c22777305769b6951d081306ca88296b906ef53699f7da7503f5eff4e124fe068964ddfbaece688f596f056e1d822acfc6443e60fba888dca788e71c595cf167ce588fb45a4c22fd97449bc0eaaacd9150e52de6424374e77cffa6dd07afaa36f73251c30598741c83260cd28f2395af0c2221986c5bec67395b7ef89447d2d4cc3132fb04fc801106619e47c13b47d9b5fab3316c2dd15654a3ad82543bd0ad7d2244779dd2fd7f25e347dee1d301d58839b54f8de3e12739cad77bed7e3496005ab313726e0d27c769e173636044cfcaaf3b934388f54ac43384c24d76df38af99e786664086a5b51e32603fd8b1e5e35d5ca97630c1277e0a8eb5aea658f7eed15ba754ec9b7aa76eb38d39493d9a6a09b9904e15093fe42614cdf64bd8dd14e2025ab61aff1400ec45095b8efc1dd4a465b7a87986fd62d84e420344d3a6debb2ee792e6e856795df576b8457f9fd56a4a22f9adde856a49cf82c5c18e8c358357ea11c4986f1694a154d870b74f2c6a1c003b6fc766ed3782e219c605cab515cc6d1805d2a901b62e92b4bc7b2cab378586889b1b323173b5bd169d29d37ced414207231e785d8869855183df2bb2cfb0fb825ccb6ae905413441474df3f7139a727bf0c3bde1a9fe2536e54142910719a874ef01f05cebbfb312c2bca1e0aa555f381d954ef002f5d384e3ebb6ea22c93d411312d1d65bb01251490e911f44c88ed8792f9107726e3bcd47f7089cd202ac64877d965fb6e16c38acfad48ecc270ba1ed3c767522c68d7598dcf9a6b13b9634682a9293a1fae932759c41599b4cbe258ce", 0x1000) [ 157.821030][T10498] FAULT_INJECTION: forcing a failure. [ 157.821030][T10498] name failslab, interval 1, probability 0, space 0, times 0 [ 157.855079][T10498] CPU: 1 PID: 10498 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #12 [ 157.863024][T10498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.873084][T10498] Call Trace: [ 157.876375][T10498] dump_stack+0x1d8/0x2f8 [ 157.880707][T10498] should_fail+0x608/0x860 [ 157.885118][T10498] ? setup_fault_attr+0x2b0/0x2b0 [ 157.890146][T10498] __should_failslab+0x11a/0x160 [ 157.895082][T10498] ? __kernfs_new_node+0xd9/0x6e0 [ 157.900105][T10498] should_failslab+0x9/0x20 [ 157.904613][T10498] kmem_cache_alloc+0x56/0x2b0 [ 157.909399][T10498] __kernfs_new_node+0xd9/0x6e0 [ 157.914245][T10498] ? kasan_check_write+0x14/0x20 [ 157.919174][T10498] ? __mutex_unlock_slowpath+0x18c/0x630 [ 157.924799][T10498] ? mutex_unlock+0x10/0x10 [ 157.929296][T10498] ? kernfs_new_node+0x170/0x170 [ 157.934227][T10498] ? mutex_unlock+0xd/0x10 [ 157.938635][T10498] ? kernfs_activate+0x4c7/0x4e0 [ 157.943567][T10498] kernfs_new_node+0x97/0x170 [ 157.948236][T10498] __kernfs_create_file+0x4a/0x2f0 [ 157.953340][T10498] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 157.958710][T10498] internal_create_group+0x511/0xde0 [ 157.963991][T10498] ? sysfs_create_group+0x30/0x30 [ 157.969016][T10498] ? up_write+0xb0/0x1b0 [ 157.973253][T10498] sysfs_create_group+0x1f/0x30 [ 157.978098][T10498] loop_set_fd+0xc7c/0x1130 [ 157.982608][T10498] lo_ioctl+0x17a/0x2400 [ 157.986845][T10498] ? kasan_check_write+0x14/0x20 [ 157.991872][T10498] ? match_held_lock+0x280/0x280 [ 157.996802][T10498] ? lo_release+0x1f0/0x1f0 [ 158.001295][T10498] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 158.006567][T10498] ? _raw_spin_unlock_irqrestore+0x77/0xe0 [ 158.012534][T10498] ? match_held_lock+0x280/0x280 [ 158.017473][T10498] ? __bfs+0x550/0x550 [ 158.021528][T10498] ? __bfs+0x550/0x550 [ 158.025694][T10498] ? __bfs+0x550/0x550 [ 158.029754][T10498] ? refcount_sub_and_test_checked+0x1c2/0x290 [ 158.035898][T10498] ? match_held_lock+0x280/0x280 [ 158.040835][T10498] ? refcount_inc_checked+0x50/0x50 [ 158.046025][T10498] ? __lock_acquire+0xcf7/0x1a40 [ 158.050946][T10498] ? __bfs+0x550/0x550 [ 158.055013][T10498] ? __lock_acquire+0xcf7/0x1a40 [ 158.059951][T10498] ? __lock_acquire+0xcf7/0x1a40 [ 158.064884][T10498] ? check_preemption_disabled+0x47/0x280 [ 158.070620][T10498] ? trace_lock_acquire+0x190/0x190 [ 158.075809][T10498] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 158.082391][T10498] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 158.089090][T10498] ? rcu_lock_release+0x9/0x30 [ 158.093960][T10498] ? stack_trace_save+0x1e0/0x1e0 [ 158.098975][T10498] ? rcu_lock_release+0x26/0x30 [ 158.103813][T10498] ? is_bpf_text_address+0x398/0x3b0 [ 158.109085][T10498] ? stack_trace_save+0x1e0/0x1e0 [ 158.114118][T10498] ? __kernel_text_address+0x9a/0x110 [ 158.119480][T10498] ? unwind_get_return_address+0x4c/0x90 [ 158.125104][T10498] ? arch_stack_walk+0x98/0xe0 [ 158.129871][T10498] ? stack_trace_save+0x111/0x1e0 [ 158.134888][T10498] ? lo_release+0x1f0/0x1f0 [ 158.139380][T10498] blkdev_ioctl+0x917/0x2c10 [ 158.143964][T10498] ? tomoyo_path_number_perm+0x587/0x740 [ 158.149586][T10498] ? trace_hardirqs_off+0x74/0x80 [ 158.154595][T10498] ? quarantine_put+0xb7/0x1f0 [ 158.159344][T10498] ? tomoyo_path_number_perm+0x587/0x740 [ 158.164969][T10498] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 158.170328][T10498] ? __kasan_slab_free+0x19d/0x1e0 [ 158.175428][T10498] ? __kasan_slab_free+0x12a/0x1e0 [ 158.180527][T10498] ? kasan_slab_free+0xe/0x10 [ 158.185190][T10498] ? kfree+0xae/0x120 [ 158.189159][T10498] ? tomoyo_path_number_perm+0x587/0x740 [ 158.194776][T10498] ? tomoyo_file_ioctl+0x23/0x30 [ 158.199700][T10498] ? security_file_ioctl+0x6d/0xd0 [ 158.204805][T10498] ? __x64_sys_ioctl+0xa3/0x120 [ 158.209644][T10498] ? do_syscall_64+0xfe/0x140 [ 158.214310][T10498] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 158.220456][T10498] ? kasan_check_write+0x14/0x20 [ 158.225385][T10498] ? do_raw_spin_lock+0x143/0x3a0 [ 158.231951][T10498] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 158.237760][T10498] ? rcu_lock_release+0x9/0x30 [ 158.242610][T10498] ? tomoyo_path_number_perm+0x5f0/0x740 [ 158.248233][T10498] ? trace_lock_acquire+0x190/0x190 [ 158.253427][T10498] ? tomoyo_check_path_acl+0x180/0x180 [ 158.258879][T10498] block_ioctl+0xbd/0x100 [ 158.263201][T10498] ? blkdev_iopoll+0x100/0x100 [ 158.267959][T10498] do_vfs_ioctl+0x7d4/0x1890 [ 158.272542][T10498] ? ioctl_preallocate+0x240/0x240 [ 158.277655][T10498] ? fget_many+0x30/0x30 [ 158.281975][T10498] ? file_open_root+0x440/0x440 [ 158.286821][T10498] ? tomoyo_file_ioctl+0x23/0x30 [ 158.291750][T10498] ? security_file_ioctl+0xa1/0xd0 [ 158.296865][T10498] __x64_sys_ioctl+0xe3/0x120 [ 158.301536][T10498] do_syscall_64+0xfe/0x140 [ 158.306035][T10498] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 158.311918][T10498] RIP: 0033:0x459637 [ 158.315805][T10498] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 158.335410][T10498] RSP: 002b:00007f3795fd0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 158.343817][T10498] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459637 [ 158.351782][T10498] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 158.359770][T10498] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 158.367735][T10498] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 158.375875][T10498] R13: 00000000004c87f5 R14: 00000000004df3f8 R15: 0000000000000003 03:42:47 executing program 1: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x4, 0x2e200000000, 0x81, 0x7e8, 0x8e91, 0x7}) 03:42:47 executing program 2: r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x20) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:47 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:47 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="559b9bf24c4153be28cb36576063b2be560d72763a9c320bd22fca0f6998a29821a9599dcedda5ab009347c95d2a8d53724125f98a11a60bd4fb17ff1155ea07f3c7acc76ce15e77f5fa979e539ed56b2d7bf3d8f48742bf3d81605b71fd2effdc9700864216c2d81cd9469249373f5dc1360a20bf16ea8b054b5a74", 0x7c, 0xfffffffffffffffc) keyctl$set_timeout(0xf, r0, 0x3) 03:42:47 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:47 executing program 2: msync(&(0x7f0000953000/0x4000)=nil, 0x4000, 0x4) 03:42:47 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='m\\dos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:47 executing program 1: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x4, 0x2e200000000, 0x81, 0x7e8, 0x8e91, 0x7}) 03:42:47 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:47 executing program 4: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffd000/0x3000)=nil) 03:42:47 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @initdev}, &(0x7f0000000080)=0x10) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) socket$caif_seqpacket(0x25, 0x5, 0x5) 03:42:47 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:47 executing program 1: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x4, 0x2e200000000, 0x81, 0x7e8, 0x8e91, 0x7}) 03:42:47 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x800, 0x0) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000040)={[{0x2, 0x0, 0x7, 0x613, 0x7, 0xfffffffffffffff8, 0x6, 0x2, 0x7, 0x80000000, 0x9, 0xfff, 0x4}, {0x954, 0x2, 0x1, 0xff, 0x7, 0x0, 0x9, 0x7, 0x80, 0x9, 0x4, 0x2514, 0x3}, {0x4, 0x754cf3b8, 0xff, 0xffffffffffff45a6, 0x1, 0x6, 0x7fff, 0x6, 0x7, 0x8, 0x5b, 0x400, 0x6}], 0xd4}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:47 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='%sdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:48 executing program 2: time(&(0x7f00000003c0)) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x200000) bind$nfc_llcp(r0, &(0x7f0000000040)={0x27, 0x0, 0x2, 0x1, 0xdd4f, 0x0, "0d6122ac1e46b8faeb644c2fee6b463315ee19415190e8a625329f203a538b3cc74f5128d98da714b80ece8b695e02711925b46d5e3cc4200ed857ffcd1004", 0x10}, 0x60) bind$nfc_llcp(r0, &(0x7f00000000c0)={0x27, 0x0, 0x0, 0x0, 0x4, 0x2, "de58da12102fc46401a61e650641e1074e5582deb212019592dd1ec3ae7208a14ce265b6d568623d7f1965db1bb6fe295c3fca10169b347f3574ee8366544f", 0x17}, 0x60) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000140)={0x0, 0x1a, 0x9, 0x1, 0x7, 0x8001, 0x8, 0x20, {0x0, @in={{0x2, 0x4e24, @loopback}}, 0x2, 0x4, 0x3, 0x8, 0x7ec0}}, &(0x7f0000000200)=0xb0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000240)={0x0, 0x9, 0x3}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000002c0)={r1, 0x8000, 0x80000001, 0xffffffff, 0xffffffff, 0x0, 0xf4b, 0x1, {r2, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1f}}}, 0x1, 0x1130, 0x80, 0xfffffffffffffffe, 0x4}}, &(0x7f0000000380)=0xb0) ioctl$SIOCAX25GETINFO(r0, 0x89ed, &(0x7f0000000400)) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000480)=0x0) write$cgroup_pid(r0, &(0x7f00000004c0)=r3, 0x12) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:48 executing program 1: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) 03:42:48 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x4000000000000000, 0x400) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000000)={0x0, 0xfa45}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={r1}, 0x8) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x68, r2, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x54, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4008040}, 0x800) 03:42:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='mcdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:48 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:48 executing program 1: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 03:42:48 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x3) r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x200140, 0x0) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000951000/0x2000)=nil, 0x2000}) 03:42:48 executing program 2: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x10000, 0x0) write$P9_RFSYNC(r0, &(0x7f0000000040)={0x7, 0x33, 0x2}, 0x7) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:48 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:48 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='\\sdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:48 executing program 2: syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') r0 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x3, 0x10000) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x10, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x1c}}, 0x800) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:48 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:48 executing program 1: prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 03:42:48 executing program 4: r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000080)=0xffffffffffffffff, 0x240) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x541, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f0000000200)="76b8cf585a4c150ce1d62c43de7f51456a6940a2b985a30dc8540191c8f8cf628b042a0be8a7a002e64dbb357b930dc1d2797af6fe8c42186e88815ed699c22edf01ed88f52889408dce51a43aeac349bb09e5f805c5c5341536ff5854a736755cc0f12ce848f26bffc4bf17fae172f322327b12f7e4426c053cbdac364755c789d4f1e3c98f4357", &(0x7f00000000c0)=""/100}, 0x18) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:48 executing program 2: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x2cc) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0x1, 0x0) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000100), 0x4) r3 = socket(0x400000000010, 0x3, 0x0) write(r3, &(0x7f0000000040)="3c00000020002551075c0165ff0ffc020a00000000100f0007e1000c0400110016001600b15000655706e0513ce8142ab4c64be41d124170028dc212", 0x3c) r4 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0x81, 0x30800) setgid(r1) syz_open_dev$vcsn(&(0x7f0000000240)='/dev/vcs#\x00', 0x8, 0x400) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f00000001c0)=@get={0x1, &(0x7f0000000140)=""/95, 0x9}) tgkill(r0, r0, 0x13) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) ioctl$BLKTRACESTART(r4, 0x1274, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x872a, 0x80000) 03:42:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='mddos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:48 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1 ', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:48 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='m#dos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:48 executing program 1: prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) 03:42:48 executing program 4: execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=[&(0x7f0000000040)='\x00', &(0x7f0000000080)='cgroup\xa7em0)\\@\x00', &(0x7f00000000c0)=']\x00', &(0x7f0000000100)='(}]self\x00'], &(0x7f0000000400)=[&(0x7f0000000180)='\x00', &(0x7f00000001c0)='proc\x00', &(0x7f0000000200)='systemem0\x00', &(0x7f0000000240)='em0$\x00', &(0x7f0000000280)='#wlan0&(\x00', &(0x7f00000002c0)='ppp0\xa3:^securitylo%mime_type\x00', &(0x7f0000000300)=':em0/md5sumselinux\x00', &(0x7f0000000340)='\xaf$\x00', &(0x7f0000000380)='nodev\x00', &(0x7f00000003c0)='\x00']) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:48 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x7) 03:42:48 executing program 1: prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) 03:42:48 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:48 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mknod(&(0x7f0000000000)='./file0\x00', 0xc000, 0x5) 03:42:48 executing program 4: r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f00000000c0)={0x0, 0x0, [], @raw_data=[0x2, 0x777a, 0x9, 0x6, 0x20, 0x100, 0x8ae, 0x6, 0x7ff, 0x2, 0xdb, 0x7, 0x400, 0x4, 0x400000000, 0x5, 0x9, 0x4, 0x0, 0x4, 0x3, 0x6, 0xc2, 0x90, 0x1f, 0x6, 0x400, 0x57, 0xf6, 0x4, 0x6, 0x401]}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x1e, r1, 0x1, 0x7f, 0x6, @local}, 0x284) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:49 executing program 1: prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) 03:42:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x1f) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040)='nbd\x00') r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x2, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x20000, 0x0) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40040200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, r1, 0x702, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0xff}, @NBD_ATTR_SOCKETS={0xc, 0x7, [{0x8, 0x1, r2}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x6d5}, @NBD_ATTR_SOCKETS={0x14, 0x7, [{0x8, 0x1, r3}, {0x8, 0x1, r4}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='mhdos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:49 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) getpid() r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80000000191004, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0xe1fa, 0x8, 0x3, 0x1}, 'syz1\x00', 0x3f}) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f00000000c0)={0x10201, 0x0, &(0x7f0000fff000/0x1000)=nil}) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000100)={0x5, "ee6a361b0ee935f3ac22d1a9cdb519660ac63592c48d452bcfe30269b85e8c66", 0x2, 0x1}) 03:42:49 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='m%dos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:49 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:49 executing program 1: r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000080)=0xffffffffffffffff, 0x240) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x541, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f0000000200)="76b8cf585a4c150ce1d62c43de7f51456a6940a2b985a30dc8540191c8f8cf628b042a0be8a7a002e64dbb357b930dc1d2797af6fe8c42186e88815ed699c22edf01ed88f52889408dce51a43aeac349bb09e5f805c5c5341536ff5854a736755cc0f12ce848f26bffc4bf17fae172f322327b12f7e4426c053cbdac364755c789d4f1e3c98f4357", &(0x7f00000000c0)=""/100}, 0x18) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:49 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000240)='/dev/bus/usb/00#/00#\x00', 0xc1d, 0x40) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e24, 0x9, @mcast2, 0x5}}}, &(0x7f0000000440)=0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000380)={r1, 0x7, "f722371545fd06"}, &(0x7f00000003c0)=0xf) getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000480)=""/155, &(0x7f0000000340)=0x9b) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x42000, 0x0) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockname$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14) getpeername$packet(0xffffffffffffff9c, &(0x7f0000001480)={0x11, 0x0, 0x0}, &(0x7f00000014c0)=0x14) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000015c0)={@mcast2, 0x0}, &(0x7f0000001600)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001640)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001740)=0xe8) request_key(&(0x7f0000000140)='cifs.idmap\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='\x00', 0xffffffffffffffff) write$P9_RCREATE(r2, &(0x7f0000000200)={0x18, 0x73, 0x2, {{0x22, 0x2, 0x5}, 0x8000}}, 0x18) accept4$packet(0xffffffffffffffff, &(0x7f0000001900)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001940)=0x14, 0x800) sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000001b40)={&(0x7f0000000040), 0xc, &(0x7f0000001b00)={&(0x7f0000001980)={0x15c, r3, 0xf08, 0x70bd2c, 0x25dfdbfe, {}, [{{0x8, 0x1, r4}, {0xbc, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8}}}]}}, {{0x8, 0x1, r6}, {0x7c, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r8}}}]}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x1}, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:49 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:49 executing program 4: msync(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x2) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000040)=0x8, 0x8) 03:42:49 executing program 1: r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000080)=0xffffffffffffffff, 0x240) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x541, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f0000000200)="76b8cf585a4c150ce1d62c43de7f51456a6940a2b985a30dc8540191c8f8cf628b042a0be8a7a002e64dbb357b930dc1d2797af6fe8c42186e88815ed699c22edf01ed88f52889408dce51a43aeac349bb09e5f805c5c5341536ff5854a736755cc0f12ce848f26bffc4bf17fae172f322327b12f7e4426c053cbdac364755c789d4f1e3c98f4357", &(0x7f00000000c0)=""/100}, 0x18) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:49 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x10', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:49 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xfffffffffffff2db, 0x1) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1, 0x2}) getsockname$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000100)=0x1c) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) 03:42:49 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x200000) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x2}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0xfffffffffffffff9, 0x4}, 0x8) msync(&(0x7f0000955000/0x1000)=nil, 0x1000, 0x2) socket$caif_stream(0x25, 0x1, 0x80) 03:42:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='midos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:49 executing program 1: r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000080)=0xffffffffffffffff, 0x240) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x541, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f0000000200)="76b8cf585a4c150ce1d62c43de7f51456a6940a2b985a30dc8540191c8f8cf628b042a0be8a7a002e64dbb357b930dc1d2797af6fe8c42186e88815ed699c22edf01ed88f52889408dce51a43aeac349bb09e5f805c5c5341536ff5854a736755cc0f12ce848f26bffc4bf17fae172f322327b12f7e4426c053cbdac364755c789d4f1e3c98f4357", &(0x7f00000000c0)=""/100}, 0x18) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 03:42:49 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='m*dos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)={[{@fat=@dmask={'dmask', 0x3d, 0x8cffffff}}]}) 03:42:49 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:49 executing program 4: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c) munlock(&(0x7f0000953000/0x2000)=nil, 0x2000) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') ioctl$VT_DISALLOCATE(r0, 0x5608) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00*', @ANYRES16=r1, @ANYBLOB="000128bd7000fddbdf25130000002c00020008000100060000000800010001000000040004000400040008000200030000000400040004000400"], 0x40}, 0x1, 0x0, 0x0, 0x4800}, 0x0) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000200)=0x0) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x10001, &(0x7f0000000180)=""/86) 03:42:49 executing program 2: msync(&(0x7f0000953000/0x1000)=nil, 0x1000, 0x40000008) r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000000)={0x7, 0x6, 0x0, [{0x100000001, 0x3, 0x4, 0x80000001, 0x4, 0x3ff}, {0xcea, 0x1, 0x387, 0x7fffffff, 0x1f, 0x7, 0x1}, {0x8000, 0x8001, 0x8, 0x4, 0x9, 0xec3b, 0x9}, {0x8000, 0x34, 0x9, 0x273, 0xfffffffffffff800}, {0xa5, 0x8000, 0x100, 0x6, 0x7fffffff, 0x8, 0x5}, {0x4, 0x8001, 0x9, 0xc3e8, 0x0, 0x8}]}) 03:42:49 executing program 1: r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000080)=0xffffffffffffffff, 0x240) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x541, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f0000000200)="76b8cf585a4c150ce1d62c43de7f51456a6940a2b985a30dc8540191c8f8cf628b042a0be8a7a002e64dbb357b930dc1d2797af6fe8c42186e88815ed699c22edf01ed88f52889408dce51a43aeac349bb09e5f805c5c5341536ff5854a736755cc0f12ce848f26bffc4bf17fae172f322327b12f7e4426c053cbdac364755c789d4f1e3c98f4357", &(0x7f00000000c0)=""/100}, 0x18) 03:42:49 executing program 4: r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x6, 0x0) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000080)={r1, 0x0, 0x4, 0x81, 0x1ff}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x111, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xff, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x80000001}, {0xa, 0x4e20, 0x4, @mcast2, 0x8}, r2}}, 0x48) munlock(&(0x7f0000951000/0x2000)=nil, 0x2000) 03:42:49 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=rdma,', {'port'}}) 03:42:49 executing program 2: r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@ipx, &(0x7f0000000100)=0x80, 0x80000) r1 = socket$inet6(0xa, 0x4, 0x7fffffff) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000140)={r1}) msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0x4) r2 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$VIDIOC_G_TUNER(r2, 0xc054561d, &(0x7f0000000080)={0x40, "a58864c011408bfd966328eb876167670ea7eefe7185116922feec107cca9707", 0x3, 0x4, 0x2, 0x1, 0x6, 0x800000000000000, 0xa83, 0x1ff}) 03:42:50 executing program 2: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x7fffffff, 0x45ac8a625681b319) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e4) 03:42:50 executing program 5: syz_mount_image$msdos(&(0x7f0000000000)='mldos\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@usefree='usefree'}]}) 03:42:50 executing program 1: r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000080)=0xffffffffffffffff, 0x240) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x541, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) 03:42:50 executing program 4: msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x40200) setsockopt$inet6_udp_int(r0, 0x11, 0x4000000, &(0x7f0000000040)=0x7, 0x4) [ 161.190786][T10806] ------------[ cut here ]------------ [ 161.197490][T10806] ODEBUG: free active (active state 0) object type: work_struct hint: smc_tx_work+0x0/0x260 [ 161.199305][ T3879] kobject: 'loop3' (00000000b15bbb3a): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 161.207778][T10806] WARNING: CPU: 0 PID: 10806 at lib/debugobjects.c:328 debug_check_no_obj_freed+0x5c0/0x740 [ 161.227940][T10806] Kernel panic - not syncing: panic_on_warn set ... [ 161.234635][T10806] CPU: 0 PID: 10806 Comm: syz-executor.1 Not tainted 5.2.0-rc7 #12 [ 161.242532][T10806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.252601][T10806] Call Trace: [ 161.255899][T10806] dump_stack+0x1d8/0x2f8 [ 161.260247][T10806] panic+0x28a/0x7c9 [ 161.264149][T10806] ? trace_lock_acquire+0x11c/0x190 [ 161.269356][T10806] ? __warn+0x126/0x220 [ 161.273543][T10806] ? nmi_panic+0x97/0x97 [ 161.277779][T10806] ? debug_check_no_obj_freed+0x5c0/0x740 [ 161.283491][T10806] ? is_valid_bugaddr+0x81/0x100 [ 161.288420][T10806] __warn+0x216/0x220 [ 161.292480][T10806] ? debug_check_no_obj_freed+0x5c0/0x740 [ 161.298201][T10806] report_bug+0x190/0x290 [ 161.302652][T10806] ? debug_check_no_obj_freed+0x5c0/0x740 [ 161.308366][T10806] do_error_trap+0xd7/0x450 [ 161.312864][T10806] do_invalid_op+0x36/0x40 [ 161.317273][T10806] ? debug_check_no_obj_freed+0x5c0/0x740 [ 161.322982][T10806] invalid_op+0x14/0x20 [ 161.330486][T10806] RIP: 0010:debug_check_no_obj_freed+0x5c0/0x740 [ 161.336796][T10806] Code: 76 e7 4d fe 4c 89 fa 48 8b 4d b8 4c 8b 01 48 c7 c7 cc 57 66 88 48 c7 c6 9c 66 7e 88 44 89 e1 4c 8b 4d b0 31 c0 e8 10 90 e6 fd <0f> 0b 48 8b 4d d0 48 8b 55 c8 ff 05 d8 3e 7c 05 48 b8 00 00 00 00 [ 161.356389][T10806] RSP: 0018:ffff888062567b60 EFLAGS: 00010046 [ 161.362442][T10806] RAX: 01cc3dfdec115400 RBX: 1ffff110129ba2cd RCX: ffff888063d6c1c0 [ 161.370405][T10806] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 161.378358][T10806] RBP: ffff888062567c00 R08: ffffffff815e87d4 R09: ffffed1015d440c2 [ 161.386310][T10806] R10: ffffed1015d440c2 R11: 1ffff11015d440c1 R12: 0000000000000000 [ 161.394272][T10806] R13: 1ffff110129ba2cf R14: ffff88808578f7d8 R15: dffffc0000000000 [ 161.404215][T10806] ? vprintk_emit+0x2d4/0x3a0 [ 161.408898][T10806] ? smcd_tx_ism_write+0x2c0/0x2c0 [ 161.413996][T10806] kmem_cache_free+0xb9/0x170 [ 161.418656][T10806] __sk_destruct+0x558/0x660 [ 161.423230][T10806] ? __sk_free+0x2ff/0x3d0 [ 161.427661][T10806] __sk_free+0x307/0x3d0 [ 161.431982][T10806] sk_free+0x2a/0x40 [ 161.436039][T10806] smc_release+0x4b3/0x620 [ 161.440434][T10806] sock_close+0xdb/0x280 [ 161.444661][T10806] ? sock_mmap+0xa0/0xa0 [ 161.448900][T10806] __fput+0x2e4/0x740 [ 161.452876][T10806] ____fput+0x15/0x20 [ 161.456872][T10806] task_work_run+0x17e/0x1b0 [ 161.461452][T10806] prepare_exit_to_usermode+0x402/0x4f0 [ 161.466986][T10806] syscall_return_slowpath+0x110/0x440 [ 161.472432][T10806] do_syscall_64+0x126/0x140 [ 161.477041][T10806] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 161.482928][T10806] RIP: 0033:0x4134b1 [ 161.486810][T10806] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 161.506408][T10806] RSP: 002b:00007ffc3869c5e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 161.514806][T10806] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004134b1 [ 161.522766][T10806] RDX: 0000001b2d720000 RSI: 0000000000000000 RDI: 0000000000000003 [ 161.530729][T10806] RBP: 0000000000000001 R08: 00000000db93fedb R09: 00000000db93fedf [ 161.538715][T10806] R10: 00007ffc3869c6c0 R11: 0000000000000293 R12: 000000000075bf20 [ 161.546674][T10806] R13: 000000000002759b R14: 0000000000760418 R15: ffffffffffffffff [ 161.554747][T10806] [ 161.554750][T10806] ====================================================== [ 161.554752][T10806] WARNING: possible circular locking dependency detected [ 161.554753][T10806] 5.2.0-rc7 #12 Not tainted [ 161.554755][T10806] ------------------------------------------------------ [ 161.554757][T10806] syz-executor.1/10806 is trying to acquire lock: [ 161.554759][T10806] 0000000095281959 ((console_sem).lock){-.-.}, at: down_trylock+0x1f/0xa0 [ 161.554765][T10806] [ 161.554767][T10806] but task is already holding lock: [ 161.554768][T10806] 00000000f64d3806 (&obj_hash[i].lock){-.-.}, at: debug_check_no_obj_freed+0xa1/0x740 [ 161.554774][T10806] [ 161.554776][T10806] which lock already depends on the new lock. [ 161.554777][T10806] [ 161.554778][T10806] [ 161.554780][T10806] the existing dependency chain (in reverse order) is: [ 161.554781][T10806] [ 161.554782][T10806] -> #3 (&obj_hash[i].lock){-.-.}: [ 161.554787][T10806] _raw_spin_lock_irqsave+0xa1/0xc0 [ 161.554789][T10806] __debug_object_init+0xc4/0x1060 [ 161.554791][T10806] debug_object_init+0x14/0x20 [ 161.554792][T10806] hrtimer_init+0x37/0x1d0 [ 161.554794][T10806] init_dl_task_timer+0x1b/0x50 [ 161.554795][T10806] init_idle+0x19c/0x8f0 [ 161.554796][T10806] sched_init+0xa68/0xc02 [ 161.554798][T10806] start_kernel+0x267/0x860 [ 161.554800][T10806] x86_64_start_reservations+0x18/0x2e [ 161.554801][T10806] x86_64_start_kernel+0x7a/0x7d [ 161.554803][T10806] secondary_startup_64+0xa4/0xb0 [ 161.554804][T10806] [ 161.554805][T10806] -> #2 (&rq->lock){-.-.}: [ 161.554810][T10806] _raw_spin_lock+0x2d/0x40 [ 161.554811][T10806] task_fork_fair+0x55/0x440 [ 161.554813][T10806] sched_fork+0x556/0xcf0 [ 161.554814][T10806] copy_process+0x17b0/0x5c80 [ 161.554815][T10806] _do_fork+0x180/0x5f0 [ 161.554817][T10806] kernel_thread+0x34/0x40 [ 161.554818][T10806] rest_init+0x24/0x2b0 [ 161.554820][T10806] arch_call_rest_init+0xe/0x10 [ 161.554821][T10806] start_kernel+0x740/0x860 [ 161.554823][T10806] x86_64_start_reservations+0x18/0x2e [ 161.554824][T10806] x86_64_start_kernel+0x7a/0x7d [ 161.554826][T10806] secondary_startup_64+0xa4/0xb0 [ 161.554827][T10806] [ 161.554828][T10806] -> #1 (&p->pi_lock){-.-.}: [ 161.554833][T10806] _raw_spin_lock_irqsave+0xa1/0xc0 [ 161.554835][T10806] try_to_wake_up+0x91/0xed0 [ 161.554836][T10806] wake_up_process+0x10/0x20 [ 161.554837][T10806] __up+0x12f/0x150 [ 161.554839][T10806] up+0x70/0x90 [ 161.554840][T10806] __up_console_sem+0xac/0x170 [ 161.554842][T10806] console_unlock+0xc84/0xf20 [ 161.554843][T10806] vprintk_emit+0x239/0x3a0 [ 161.554845][T10806] vprintk_default+0x28/0x30 [ 161.554846][T10806] vprintk_func+0x158/0x170 [ 161.554847][T10806] printk+0xc4/0x11d [ 161.554850][T10806] do_exit+0x1935/0x2300 [ 161.554852][T10806] do_group_exit+0x15c/0x2a0 [ 161.554853][T10806] __do_sys_exit_group+0x17/0x20 [ 161.554855][T10806] __se_sys_exit_group+0x14/0x20 [ 161.554856][T10806] __x64_sys_exit_group+0x3b/0x40 [ 161.554858][T10806] do_syscall_64+0xfe/0x140 [ 161.554860][T10806] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 161.554861][T10806] [ 161.554863][T10806] -> #0 ((console_sem).lock){-.-.}: [ 161.554872][T10806] lock_acquire+0x158/0x250 [ 161.554874][T10806] _raw_spin_lock_irqsave+0xa1/0xc0 [ 161.554877][T10806] down_trylock+0x1f/0xa0 [ 161.554880][T10806] __down_trylock_console_sem+0x9c/0x1b0 [ 161.554883][T10806] console_trylock_spinning+0x1c/0x390 [ 161.554885][T10806] vprintk_emit+0x21c/0x3a0 [ 161.554888][T10806] vprintk_default+0x28/0x30 [ 161.554891][T10806] vprintk_func+0x158/0x170 [ 161.554893][T10806] printk+0xc4/0x11d [ 161.554896][T10806] __warn_printk+0xab/0x120 [ 161.554899][T10806] debug_check_no_obj_freed+0x5c0/0x740 [ 161.554902][T10806] kmem_cache_free+0xb9/0x170 [ 161.554905][T10806] __sk_destruct+0x558/0x660 [ 161.554907][T10806] __sk_free+0x307/0x3d0 [ 161.554909][T10806] sk_free+0x2a/0x40 [ 161.554912][T10806] smc_release+0x4b3/0x620 [ 161.554915][T10806] sock_close+0xdb/0x280 [ 161.554918][T10806] __fput+0x2e4/0x740 [ 161.554920][T10806] ____fput+0x15/0x20 [ 161.554923][T10806] task_work_run+0x17e/0x1b0 [ 161.554926][T10806] prepare_exit_to_usermode+0x402/0x4f0 [ 161.554929][T10806] syscall_return_slowpath+0x110/0x440 [ 161.554931][T10806] do_syscall_64+0x126/0x140 [ 161.554934][T10806] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 161.554936][T10806] [ 161.554938][T10806] other info that might help us debug this: [ 161.554939][T10806] [ 161.554940][T10806] Chain exists of: [ 161.554941][T10806] (console_sem).lock --> &rq->lock --> &obj_hash[i].lock [ 161.554948][T10806] [ 161.554950][T10806] Possible unsafe locking scenario: [ 161.554951][T10806] [ 161.554952][T10806] CPU0 CPU1 [ 161.554954][T10806] ---- ---- [ 161.554955][T10806] lock(&obj_hash[i].lock); [ 161.554958][T10806] lock(&rq->lock); [ 161.554962][T10806] lock(&obj_hash[i].lock); [ 161.554965][T10806] lock((console_sem).lock); [ 161.554973][T10806] [ 161.554974][T10806] *** DEADLOCK *** [ 161.554975][T10806] [ 161.554976][T10806] 2 locks held by syz-executor.1/10806: [ 161.554977][T10806] #0: 000000006b514e75 (&sb->s_type->i_mutex_key#10){+.+.}, at: sock_close+0x98/0x280 [ 161.554985][T10806] #1: 00000000f64d3806 (&obj_hash[i].lock){-.-.}, at: debug_check_no_obj_freed+0xa1/0x740 [ 161.554991][T10806] [ 161.554992][T10806] stack backtrace: [ 161.554995][T10806] CPU: 0 PID: 10806 Comm: syz-executor.1 Not tainted 5.2.0-rc7 #12 [ 161.554998][T10806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.554999][T10806] Call Trace: [ 161.555000][T10806] dump_stack+0x1d8/0x2f8 [ 161.555002][T10806] print_circular_bug+0xd34/0xf20 [ 161.555003][T10806] ? check_noncircular+0x4d0/0x4d0 [ 161.555005][T10806] ? stack_trace_save+0x111/0x1e0 [ 161.555006][T10806] ? stack_trace_snprint+0x150/0x150 [ 161.555008][T10806] ? graph_lock+0x9a/0x280 [ 161.555009][T10806] ? find_first_zero_bit+0xd8/0x100 [ 161.555010][T10806] validate_chain+0x59d0/0x84f0 [ 161.555012][T10806] ? stack_trace_snprint+0x150/0x150 [ 161.555013][T10806] ? match_held_lock+0x280/0x280 [ 161.555015][T10806] ? match_held_lock+0x280/0x280 [ 161.555016][T10806] ? __bfs+0x550/0x550 [ 161.555018][T10806] ? match_held_lock+0x280/0x280 [ 161.555019][T10806] ? match_held_lock+0x280/0x280 [ 161.555021][T10806] ? match_held_lock+0x280/0x280 [ 161.555022][T10806] ? match_held_lock+0x280/0x280 [ 161.555023][T10806] ? match_held_lock+0x280/0x280 [ 161.555025][T10806] ? match_held_lock+0x280/0x280 [ 161.555026][T10806] ? match_held_lock+0x280/0x280 [ 161.555028][T10806] ? match_held_lock+0x280/0x280 [ 161.555029][T10806] ? match_held_lock+0x280/0x280 [ 161.555031][T10806] ? match_held_lock+0x280/0x280 [ 161.555032][T10806] ? match_held_lock+0x280/0x280 [ 161.555033][T10806] ? match_held_lock+0x280/0x280 [ 161.555035][T10806] ? match_held_lock+0x280/0x280 [ 161.555036][T10806] ? __bfs+0x550/0x550 [ 161.555038][T10806] ? match_held_lock+0x280/0x280 [ 161.555039][T10806] ? __bfs+0x550/0x550 [ 161.555040][T10806] ? __lock_acquire+0xcf7/0x1a40 [ 161.555042][T10806] ? match_held_lock+0x280/0x280 [ 161.555043][T10806] ? __lock_acquire+0xcf7/0x1a40 [ 161.555045][T10806] ? match_held_lock+0x280/0x280 [ 161.555046][T10806] ? check_preemption_disabled+0x47/0x280 [ 161.555048][T10806] ? __lock_acquire+0xcf7/0x1a40 [ 161.555049][T10806] ? __bfs+0x550/0x550 [ 161.555050][T10806] ? __bfs+0x550/0x550 [ 161.555052][T10806] __lock_acquire+0xcf7/0x1a40 [ 161.555053][T10806] ? check_preemption_disabled+0x47/0x280 [ 161.555055][T10806] ? trace_lock_acquire+0x190/0x190 [ 161.555057][T10806] ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0 [ 161.555058][T10806] ? vsnprintf+0x1f3/0x1c50 [ 161.555060][T10806] ? trace_lock_acquire+0x11c/0x190 [ 161.555061][T10806] lock_acquire+0x158/0x250 [ 161.555062][T10806] ? down_trylock+0x1f/0xa0 [ 161.555064][T10806] _raw_spin_lock_irqsave+0xa1/0xc0 [ 161.555065][T10806] ? down_trylock+0x1f/0xa0 [ 161.555066][T10806] ? vprintk_emit+0x21c/0x3a0 [ 161.555068][T10806] down_trylock+0x1f/0xa0 [ 161.555069][T10806] ? vprintk_emit+0x21c/0x3a0 [ 161.555071][T10806] __down_trylock_console_sem+0x9c/0x1b0 [ 161.555072][T10806] ? vprintk_emit+0x21c/0x3a0 [ 161.555074][T10806] console_trylock_spinning+0x1c/0x390 [ 161.555075][T10806] vprintk_emit+0x21c/0x3a0 [ 161.555076][T10806] vprintk_default+0x28/0x30 [ 161.555078][T10806] vprintk_func+0x158/0x170 [ 161.555079][T10806] printk+0xc4/0x11d [ 161.555081][T10806] ? trace_lock_acquire+0x190/0x190 [ 161.555082][T10806] ? smcd_tx_ism_write+0x2c0/0x2c0 [ 161.555084][T10806] ? log_buf_vmcoreinfo_setup+0x153/0x153 [ 161.555085][T10806] ? sk_free+0x2a/0x40 [ 161.555087][T10806] ? ____fput+0x15/0x20 [ 161.555088][T10806] ? task_work_run+0x17e/0x1b0 [ 161.555089][T10806] ? do_raw_spin_lock+0x143/0x3a0 [ 161.555091][T10806] __warn_printk+0xab/0x120 [ 161.555092][T10806] ? smcd_tx_ism_write+0x2c0/0x2c0 [ 161.555094][T10806] ? __warn+0x220/0x220 [ 161.555095][T10806] debug_check_no_obj_freed+0x5c0/0x740 [ 161.555097][T10806] ? smcd_tx_ism_write+0x2c0/0x2c0 [ 161.555098][T10806] kmem_cache_free+0xb9/0x170 [ 161.555100][T10806] __sk_destruct+0x558/0x660 [ 161.555101][T10806] ? __sk_free+0x2ff/0x3d0 [ 161.555102][T10806] __sk_free+0x307/0x3d0 [ 161.555104][T10806] sk_free+0x2a/0x40 [ 161.555105][T10806] smc_release+0x4b3/0x620 [ 161.555106][T10806] sock_close+0xdb/0x280 [ 161.555108][T10806] ? sock_mmap+0xa0/0xa0 [ 161.555109][T10806] __fput+0x2e4/0x740 [ 161.555111][T10806] ____fput+0x15/0x20 [ 161.555113][T10806] task_work_run+0x17e/0x1b0 [ 161.555115][T10806] prepare_exit_to_usermode+0x402/0x4f0 [ 161.555120][T10806] syscall_return_slowpath+0x110/0x440 [ 161.555121][T10806] do_syscall_64+0x126/0x140 [ 161.555123][T10806] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 161.555124][T10806] RIP: 0033:0x4134b1 [ 161.555129][T10806] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 161.555130][T10806] RSP: 002b:00007ffc3869c5e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 161.555134][T10806] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004134b1 [ 161.555136][T10806] RDX: 0000001b2d720000 RSI: 0000000000000000 RDI: 0000000000000003 [ 161.555138][T10806] RBP: 0000000000000001 R08: 00000000db93fedb R09: 00000000db93fedf [ 161.555140][T10806] R10: 00007ffc3869c6c0 R11: 0000000000000293 R12: 000000000075bf20 [ 161.555142][T10806] R13: 000000000002759b R14: 0000000000760418 R15: ffffffffffffffff [ 161.556410][T10806] Kernel Offset: disabled [ 162.602325][T10806] Rebooting in 86400 seconds..