43ee31539dee86c7b3640779811d4b76ea965c7d94f5839bbbbcbff85b2398a99548aef50267d715f935a5ffb5d38ddc710418cc4def3a0ddc0e0df067f5fe2d1af033cb65fc17e9f9ee1de2cc0393aab4f1339a0db2b8af12889295193505af9d20", 0x6e}], 0x1, &(0x7f0000001540)=[{0xa8, 0x112, 0x1f7b, "ceabe74d30f030976f00892764cba881a91c71eb9f4b7cc0bca21e6dc31967aebdd9104e771e1d44fc548cecc6a569bdd2cc90bb55dca7dbc193039354719cdd8e3f2e1c7f8ba9a59cad226fc155159bf3ed8bdb1b77345b5bc970d234242b31072f153a9779bce04caf51db0a0e2c3ee72a3b3f191dab49c03d8534df3f034a1c5514a76e3a8d517b143f2f53c7084125392392dbfb"}, {0xf8, 0x3b, 0x3, "a395b97d78c2916e05fd269621eefca76b377904be73e7303edb9f5f051f5b37529631947a520f74f9bfdebe38516a89d9f8cdbbaee461f90890b6108cc2cd5b82f0170277aa261cb61912763e06e09faedbe7b73488bc9ca953df87e6a566ca6468c093ef240545c88fe337c0e94ecdc6b66af323ffc8050c207e81ae165d69a1686b6519258f671ef56c95dd8e99d44f1ccd935f06e4bc1a22162e1f996d85d06178ed2e63b6e7c618134c665fb0f1ac4dd4301db028fc560cb4be096ffb7c5ce230353033681e2f0793f745ed0ac92910b8b856da431ffbd36bd51dc82015aae5dc0049"}, {0x48, 0x2938f5f65bd8e0cc, 0x1, "748a7a250fdfcc1bfb132cf66a4b7951491c92b7b42d5f435c4c5ffc496395ceae0321ada43c9cc6419361b0b732e23924"}, {0xd0, 0x0, 0x10001, "9ce0daa60641b649563fd894888144e75dae3c7ff7ea63536ee69b3aaefab0ea06d0b0ffaf20de9eca2a0e2e9637365dec289d3c1d43d06a52f0447b94047677317cee15bf67d097a8e85aab457d62711332ed679a14a6a401000dd6f574167daec80690340665824e1214ac4aebf8ff409180cc6e5dcf8642728e775134571bdebdba794545a8a094f61def60338e6434fc2e5cd9f97ec461b51f28867d7080668a1817ee47827cb2f0ef0b3d9ccaad5ff3abe3da7888d7d69bd798ace8"}, {0x50, 0x117, 0x7ff, "c2480df27a5f910906cfb57b7a3d6ad4820b053f67dc25380aec108828b42e8183277a6bc4e3e89b9a6a85884b171d9d70ddf61a0d756481ea"}, {0xd8, 0x107, 0x3, "e6fd30baaeb0f1d7a7bbecd4b8d50cf09fd376a28ac65f210543fbffb58794ddd8b65495689d57605b99142cbcce584ce9cf097496478ede3921835733637b978cb341abf1fb4aeab75d536b243c9bc37ebcc66067cf558962f91567ac85a33f7c2488804c09dc2c752fcac55c61360620312fa75514040fff0e38ca31bc3ec145881fe106d897c59a3ce57e446a4f4d83caf41243eca1c329ba2b4905ff1f96c4f4b98059ad9ba241580e01aa32a83bf8c8fa00a80ce7ddbb58f2bac317b9a9ad"}, {0x68, 0x11, 0x1ff, "3dd5a022f9ff9ec834c227b6f7b1d187f229def106829b4a0c5b683d542eb8304826c670314494d59ca1f175ada5841f82f3bb38fe0bc5f25264cb73770a396288cd8685fd1771ba35d4c0d0a4c3b6ff00"}, {0xa0, 0x10d, 0x7, "8149a0485eb2d0f872a76457b6164193fd22daa78e6d858a2f23f47141bde2101dec0df938f2ff5c7233b983623a528ac24ce6d4af0b9a4afffdb3b1c4ba3e3b259da81018968b73ef7cd3a95fead4073ba3c502fcba4e5fa45c4e7377c066f4547aa33c41a9edbaaf5b4786b29d81801f468163e1b57e823beb6409b9e8eea2d1ffb09f5f82aee89d5429bfe6"}, {0xd8, 0x1, 0x82a8, "3757cf2e4e5a6c32aa2612def5766426a6b1f6bee85f394d6c43dfa20a9d5055d99846f823ddd520374ff87290690a1e70e3cc890d592d606c54faf586ba1b151e0d5d73788c4c46516cb8933296d4ebb02b2d0a0cefbdaf34c29b4b159377787703c43ba3754c1e0021d483ba4596d2cd43ca402d8a16aafecec9e1d94b63378a4df25180c71c4839f744fe4b7ba43c9858f32c8fc6539a232e4f59b4e65aa2ee67335312f945af209eaabbfc391e75a03d7823dc447f209c5e97ac74632943113c46b64b"}, {0xf8, 0x11b, 0x1000, "bb069ea015d7d1d7a0bd407a6df0073982fc8839dd72b1a59f7d78fc3e014bccd90e72509ce7675c2402c12a0d26d575c9c20872dd81b3005b30b0936beb6c8d6bd43e4d68a4fcdbe350a03bfe8308ad8a8e84839b1eccb1ae2ff08e6745671d84e8bc4c9701693d4e1709545ec49fc991682b4fb23c611687a3317f821616c619455033e53e001483713ce0f73f39ce7e95266afbcd0072983c6d0e931641acc5ecf19b261ea5f34bb375c0c7321cda9f337e82b9ceda46f58f520b8ff80c26efe4c62d6ca067bceaff3749876a2feabdbea006d18cfcacfbd5dfb1fdcc5c233cf324b6bd"}], 0x6b8, 0x20000891}, 0x80) writev(r7, &(0x7f0000001cc0)=[{&(0x7f0000001c40)="884a48527af75def56df355a231e12a29d17bc8c23d00ac99f1ab2ad27746973d4864b85c34761b13ac778faf2b30f86174997ee44f87ff3b076b0a7e0cf34609dc94315a284b0baa98f54f0ba5ee44dd2c8", 0x52}], 0x1) getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000001d00), &(0x7f0000001d40)=0x4) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000001d80)=r2, 0x4) ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000001dc0)=""/4096) accept$alg(r1, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000002dc0)=[@in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e23, @loopback=0x7f000001}, @in={0x2, 0x4e24, @multicast2=0xe0000002}], 0x40) 02:29:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(0xffffffffffffffff) dup3(r1, r2, 0x0) 02:29:22 executing program 7: r0 = socket(0x10, 0x80002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@getlink={0x28, 0x12, 0x11, 0x0, 0x0, {}, [@IFLA_IF_NETNSID={0x8, 0x2e}]}, 0x28}, 0x1}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x200101, 0x3) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x64, r3, 0x300, 0x70bd2a, 0x25dfdbfd, {0x8}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x560c2fa8ea8fb181}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xfc26}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x880}, 0x8800) 02:29:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:22 executing program 1 (fault-call:6 fault-nth:5): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040), 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 192.001127] FAT-fs (loop3): bogus number of reserved sectors [ 192.007123] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:22 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000200"}, 0x58) [ 192.176385] FAT-fs (loop3): bogus number of reserved sectors [ 192.182529] FAT-fs (loop3): Can't find a valid FAT filesystem [ 192.278694] FAULT_INJECTION: forcing a failure. [ 192.278694] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 192.290821] CPU: 0 PID: 10298 Comm: syz-executor1 Not tainted 4.18.0-rc5+ #149 [ 192.298207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 192.307577] Call Trace: [ 192.310184] dump_stack+0x1c9/0x2b4 [ 192.313829] ? dump_stack_print_info.cold.2+0x52/0x52 [ 192.319132] ? zap_class+0x740/0x740 [ 192.322857] should_fail.cold.4+0xa/0x1a [ 192.326914] ? perf_tp_event+0x91b/0xc40 [ 192.330975] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 192.336201] ? graph_lock+0x170/0x170 [ 192.340095] ? find_held_lock+0x36/0x1c0 [ 192.344170] ? __lock_is_held+0xb5/0x140 [ 192.348863] ? check_same_owner+0x340/0x340 [ 192.353202] ? rcu_note_context_switch+0x730/0x730 [ 192.358175] ? memset+0x31/0x40 [ 192.361461] __alloc_pages_nodemask+0x36e/0xdb0 [ 192.366181] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 192.371195] ? __lock_acquire+0x7fc/0x5020 [ 192.375429] ? graph_lock+0x170/0x170 [ 192.379243] ? __radix_tree_lookup+0x3dd/0x6e0 [ 192.383925] ? tracing_generic_entry_update+0x18e/0x200 [ 192.390329] ? find_held_lock+0x36/0x1c0 [ 192.394405] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 192.399967] alloc_pages_current+0x10c/0x210 [ 192.404384] ? lock_downgrade+0x8f0/0x8f0 [ 192.408532] __page_cache_alloc+0x398/0x5e0 [ 192.412864] ? rcu_is_watching+0x8c/0x150 [ 192.417010] ? pagecache_get_page+0x2dd/0xe40 [ 192.421506] ? __filemap_set_wb_err+0x3b0/0x3b0 [ 192.426190] __do_page_cache_readahead+0x254/0x800 [ 192.431128] ? read_pages+0x680/0x680 [ 192.434937] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 192.440471] ? graph_lock+0x170/0x170 [ 192.444271] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 192.449817] ? __lock_is_held+0xb5/0x140 [ 192.453880] ondemand_readahead+0x550/0xc40 [ 192.458220] page_cache_sync_readahead+0xd1/0x110 [ 192.463066] generic_file_read_iter+0x1a89/0x2f20 [ 192.467927] ? filemap_range_has_page+0x3e0/0x3e0 [ 192.472763] ? perf_tp_event+0xc40/0xc40 [ 192.476822] ? print_usage_bug+0xc0/0xc0 [ 192.480885] ? memset+0x31/0x40 [ 192.485357] ? perf_trace_lock+0x49d/0x920 [ 192.489620] ? zap_class+0x740/0x740 [ 192.493325] ? __lock_acquire+0x7fc/0x5020 [ 192.497575] ? graph_lock+0x170/0x170 [ 192.501379] ? __lock_acquire+0x7fc/0x5020 [ 192.505622] ? find_held_lock+0x36/0x1c0 [ 192.509691] ? lock_downgrade+0x8f0/0x8f0 [ 192.513849] ? rcu_is_watching+0x8c/0x150 [ 192.517994] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 192.522400] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 192.526811] ? is_bpf_text_address+0xd7/0x170 [ 192.531301] ? kernel_text_address+0x79/0xf0 [ 192.535714] ? __kernel_text_address+0xd/0x40 [ 192.540213] ? unwind_get_return_address+0x61/0xa0 [ 192.545153] ? __save_stack_trace+0x8d/0xf0 [ 192.549496] ? save_stack+0xa9/0xd0 [ 192.553120] ? save_stack+0x43/0xd0 [ 192.556751] ? kasan_kmalloc+0xc4/0xe0 [ 192.560633] ? __kmalloc+0x14e/0x760 [ 192.564342] ? alloc_pipe_info+0x2a8/0x5a0 [ 192.568568] ? splice_direct_to_actor+0x6fc/0x8f0 [ 192.573402] ? do_splice_direct+0x2d4/0x420 [ 192.577727] ? do_sendfile+0x623/0xe20 [ 192.581610] ? __x64_sys_sendfile64+0x15d/0x250 [ 192.586275] ? do_syscall_64+0x1b9/0x820 [ 192.590337] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 192.595704] ? lock_downgrade+0x8f0/0x8f0 [ 192.599854] ? graph_lock+0x170/0x170 [ 192.603665] ? __lock_is_held+0xb5/0x140 [ 192.607729] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 192.612133] ? __lockdep_init_map+0x105/0x590 [ 192.616633] ? lockdep_init_map+0x9/0x10 [ 192.620688] ? debug_mutex_init+0x2d/0x60 [ 192.624833] ? __mutex_init+0x1f7/0x290 [ 192.628799] ? __lock_is_held+0xb5/0x140 [ 192.632859] ? __ia32_sys_membarrier+0x150/0x150 [ 192.637617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 192.643145] ? fsnotify+0xbb4/0x14e0 [ 192.646860] ext4_file_read_iter+0x18b/0x3c0 [ 192.651269] generic_file_splice_read+0x5cd/0x9d0 [ 192.656113] ? add_to_pipe+0x360/0x360 [ 192.660020] ? rw_verify_area+0x118/0x360 [ 192.664168] ? add_to_pipe+0x360/0x360 [ 192.668055] do_splice_to+0x12e/0x190 [ 192.671857] splice_direct_to_actor+0x270/0x8f0 [ 192.676523] ? pipe_to_sendpage+0x400/0x400 [ 192.680845] ? do_splice_to+0x190/0x190 [ 192.684823] ? rw_verify_area+0x118/0x360 [ 192.688980] do_splice_direct+0x2d4/0x420 [ 192.693130] ? splice_direct_to_actor+0x8f0/0x8f0 [ 192.697984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 192.703528] ? __sb_start_write+0x17f/0x300 [ 192.707849] do_sendfile+0x623/0xe20 [ 192.711573] ? do_compat_pwritev64+0x1c0/0x1c0 [ 192.716180] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 192.721715] ? _copy_from_user+0xdf/0x150 [ 192.725863] __x64_sys_sendfile64+0x15d/0x250 [ 192.730354] ? __ia32_sys_sendfile+0x2a0/0x2a0 [ 192.734933] ? do_syscall_64+0x9a/0x820 [ 192.738922] do_syscall_64+0x1b9/0x820 [ 192.742806] ? finish_task_switch+0x1d3/0x870 [ 192.747315] ? syscall_return_slowpath+0x5e0/0x5e0 [ 192.752254] ? syscall_return_slowpath+0x31d/0x5e0 [ 192.757200] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 192.762569] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 192.767418] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 192.772605] RIP: 0033:0x455ab9 [ 192.775800] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 192.795255] RSP: 002b:00007f8527766c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 192.802986] RAX: ffffffffffffffda RBX: 00007f85277676d4 RCX: 0000000000455ab9 [ 192.810363] RDX: 0000000020000040 RSI: 0000000000000015 RDI: 0000000000000014 [ 192.817632] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 192.824914] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000016 [ 192.832181] R13: 00000000004c0d79 R14: 00000000004d1380 R15: 0000000000000005 02:29:23 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:23 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x0) write$evdev(r0, &(0x7f0000000040)=[{{}, 0x1, 0x63, 0x1}, {}], 0x101) 02:29:23 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) sync() 02:29:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:23 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000200"}, 0x58) 02:29:23 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socketpair$inet6(0xa, 0x0, 0x8fff, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB='}\x00\x00\x00@\x00'], &(0x7f00000000c0)=0xa) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000100)={r3, 0x4, 0x101, 0x5, 0xfffffffffffffffa, 0x81}, 0x14) setsockopt$inet6_MRT6_ADD_MIF(r2, 0x29, 0xcb, &(0x7f0000000280)={0x0, 0x0, 0x9}, 0xc) r4 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x4, 0x40) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000c40)={0x0, 0x0}) utimes(&(0x7f0000000200)='./file0\x00', &(0x7f0000000c80)={{r5, r6/1000+10000}, {r7, r8/1000+30000}}) r9 = add_key(&(0x7f0000000cc0)='.request_key_auth\x00', &(0x7f0000000d00)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$get_security(0x11, r9, &(0x7f0000000d40), 0x0) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f00000001c0)) write$binfmt_elf32(r0, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x7fff, 0x0, 0xfffffffffffffff8, 0x3, 0xe3cd, 0x3, 0x0, 0x4, 0x111, 0x38, 0x1eb, 0xffffffffffffff85, 0x5, 0x20, 0x2, 0xa58, 0x140000000000, 0x1}, [{0x0, 0x9, 0x3f, 0x6, 0x9e9, 0x1, 0x1, 0x94}, {0x0, 0xff, 0x997, 0x800, 0x2, 0x4, 0x101, 0x3ff}], "57654fa1c08483e79fb21094ea338399034780b43a8ce4bbdd5b6c27cbad2b0d4d7f63370a64a36f9fe31885dc9236d3f67798ee85ba92e10871d04bffe7ec1410daf68b3d01befc73fb4c885db0747327ef3c32d6fee50a769a94", [[], [], [], [], [], [], []]}, 0x7d3) socketpair$inet6(0xa, 0x3, 0xa21e, &(0x7f0000000140)) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000ac0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0xe}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r4, &(0x7f0000000b00)={0x6, 0x118, 0xfa00, {{0x6f, 0x5, "18abb35014747117dd8336c4b35b3bc0ad203e2cd986940fe0231905baeed105239fd61b3f6312b4bc2acb279c923f8c7602d077ab6e8624dc366a2ae505bb793e85b96e84866407ac0c2625df89df37ff749c158b900c9e1a2a2c0522d612dfdc3e671662cb2925729dae8baeba5af88f48da9f2b955331ad333a1a4b0f10d8b55a5bd7b91816719d78a0c1d28dcd42ed2d54f8403c9496936780c8b381b2716959736ebb3f801a2cf67a30d47abd1c48290b29d02aa716f5a33888ee7214a604475c462a409f2a9edb82e3e04ea0e03a467f567c6a327f1ffeeb84bbeeb88cf105be26170224f2393c5a6c18bf297e611915a39c945ff13375d3c8e50af051", 0x93, 0x7, 0x4, 0x8001, 0x3, 0x1d, 0xffff}, r10}}, 0x120) 02:29:23 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x100000f, 0x11, r0, 0x0) [ 192.932674] FAT-fs (loop3): bogus number of reserved sectors [ 192.938635] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:23 executing program 5: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) listen(r0, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) connect(r1, &(0x7f0000931ff4)=@un=@file={0x1, "e91f7189591e9233614b00"}, 0xc) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000000)={r0, 0x0, 0x10000, 0x51, 0x3}) r2 = socket$netlink(0x10, 0x3, 0x1080000000005) write(r2, &(0x7f000058bfe4)="29000000140005b7ff000000040860eb0100100006a40e07fff00fd57f25ffffff0100002a00f3ff09", 0x29) 02:29:23 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000200"}, 0x58) [ 193.054110] FAT-fs (loop3): bogus number of reserved sectors [ 193.060223] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:23 executing program 7: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-vsock\x00', 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x6) write$P9_RMKDIR(r1, &(0x7f0000000040)={0x14, 0x49, 0x2, {0x20, 0x4, 0x1}}, 0x14) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af03, &(0x7f0000000440)={0x0, 0xffffffffffffff9c}) 02:29:23 executing program 1 (fault-call:6 fault-nth:6): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040), 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 193.269745] FAULT_INJECTION: forcing a failure. [ 193.269745] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 193.281819] CPU: 1 PID: 10345 Comm: syz-executor1 Not tainted 4.18.0-rc5+ #149 [ 193.289195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.298580] Call Trace: [ 193.301196] dump_stack+0x1c9/0x2b4 [ 193.304845] ? dump_stack_print_info.cold.2+0x52/0x52 [ 193.310111] ? zap_class+0x740/0x740 [ 193.313859] should_fail.cold.4+0xa/0x1a [ 193.319074] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 193.324206] ? graph_lock+0x170/0x170 [ 193.328047] ? find_held_lock+0x36/0x1c0 [ 193.332141] ? __lock_is_held+0xb5/0x140 [ 193.336237] ? check_same_owner+0x340/0x340 [ 193.340586] ? rcu_note_context_switch+0x730/0x730 [ 193.345541] __alloc_pages_nodemask+0x36e/0xdb0 [ 193.350223] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 193.355242] ? __lock_acquire+0x7fc/0x5020 [ 193.359483] ? graph_lock+0x170/0x170 [ 193.363299] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 193.370216] ? __radix_tree_lookup+0x3dd/0x6e0 [ 193.374796] ? find_held_lock+0x36/0x1c0 [ 193.378852] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 193.384485] alloc_pages_current+0x10c/0x210 [ 193.388882] ? lock_downgrade+0x8f0/0x8f0 [ 193.393027] __page_cache_alloc+0x398/0x5e0 [ 193.397353] ? rcu_is_watching+0x8c/0x150 [ 193.401587] ? pagecache_get_page+0x2dd/0xe40 [ 193.406191] ? __filemap_set_wb_err+0x3b0/0x3b0 [ 193.410856] __do_page_cache_readahead+0x254/0x800 [ 193.415882] ? read_pages+0x680/0x680 [ 193.419672] ? graph_lock+0x170/0x170 [ 193.423462] ? __lock_acquire+0x7fc/0x5020 [ 193.427687] ? zap_class+0x740/0x740 [ 193.431394] ? __lock_is_held+0xb5/0x140 [ 193.435458] ondemand_readahead+0x550/0xc40 [ 193.439777] page_cache_sync_readahead+0xd1/0x110 [ 193.444627] generic_file_read_iter+0x1a89/0x2f20 [ 193.449461] ? __lock_acquire+0x7fc/0x5020 [ 193.453692] ? filemap_range_has_page+0x3e0/0x3e0 [ 193.458524] ? print_usage_bug+0xc0/0xc0 [ 193.462576] ? __lock_acquire+0x7fc/0x5020 [ 193.466797] ? page_add_new_anon_rmap+0x870/0x870 [ 193.471629] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 193.476633] ? print_usage_bug+0xc0/0xc0 [ 193.480682] ? print_usage_bug+0xc0/0xc0 [ 193.484731] ? print_usage_bug+0xc0/0xc0 [ 193.488779] ? print_usage_bug+0xc0/0xc0 [ 193.492842] ? perf_trace_lock+0xde/0x920 [ 193.496989] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 193.501833] ? print_usage_bug+0xc0/0xc0 [ 193.505891] ? zap_class+0x740/0x740 [ 193.509596] ? perf_trace_lock+0x920/0x920 [ 193.513821] ? zap_class+0x740/0x740 [ 193.517537] ? graph_lock+0x170/0x170 [ 193.521330] ? __lock_acquire+0x7fc/0x5020 [ 193.525570] ? find_held_lock+0x36/0x1c0 [ 193.529627] ? lock_downgrade+0x8f0/0x8f0 [ 193.533769] ? rcu_is_watching+0x8c/0x150 [ 193.537905] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 193.542300] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 193.546703] ? is_bpf_text_address+0xd7/0x170 [ 193.551189] ? kernel_text_address+0x79/0xf0 [ 193.555587] ? __kernel_text_address+0xd/0x40 [ 193.560082] ? unwind_get_return_address+0x61/0xa0 [ 193.565006] ? __save_stack_trace+0x8d/0xf0 [ 193.569335] ? save_stack+0xa9/0xd0 [ 193.572952] ? save_stack+0x43/0xd0 [ 193.576567] ? kasan_kmalloc+0xc4/0xe0 [ 193.580442] ? __kmalloc+0x14e/0x760 [ 193.584144] ? alloc_pipe_info+0x2a8/0x5a0 [ 193.588379] ? splice_direct_to_actor+0x6fc/0x8f0 [ 193.593210] ? do_splice_direct+0x2d4/0x420 [ 193.597521] ? do_sendfile+0x623/0xe20 [ 193.601394] ? __x64_sys_sendfile64+0x15d/0x250 [ 193.606051] ? do_syscall_64+0x1b9/0x820 [ 193.610103] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 193.615474] ? lock_downgrade+0x8f0/0x8f0 [ 193.619621] ? graph_lock+0x170/0x170 [ 193.623409] ? __lock_is_held+0xb5/0x140 [ 193.627457] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 193.631853] ? __lockdep_init_map+0x105/0x590 [ 193.636426] ? lockdep_init_map+0x9/0x10 [ 193.640474] ? debug_mutex_init+0x2d/0x60 [ 193.644609] ? __mutex_init+0x1f7/0x290 [ 193.648572] ? __lock_is_held+0xb5/0x140 [ 193.652622] ? __ia32_sys_membarrier+0x150/0x150 [ 193.657368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 193.662892] ? fsnotify+0xbb4/0x14e0 [ 193.666596] ext4_file_read_iter+0x18b/0x3c0 [ 193.670998] generic_file_splice_read+0x5cd/0x9d0 [ 193.675839] ? add_to_pipe+0x360/0x360 [ 193.679724] ? rw_verify_area+0x118/0x360 [ 193.683859] ? add_to_pipe+0x360/0x360 [ 193.687746] do_splice_to+0x12e/0x190 [ 193.691537] splice_direct_to_actor+0x270/0x8f0 [ 193.696195] ? pipe_to_sendpage+0x400/0x400 [ 193.700511] ? do_splice_to+0x190/0x190 [ 193.704488] ? rw_verify_area+0x118/0x360 [ 193.708627] do_splice_direct+0x2d4/0x420 [ 193.712776] ? splice_direct_to_actor+0x8f0/0x8f0 [ 193.717611] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 193.723134] ? __sb_start_write+0x17f/0x300 [ 193.727445] do_sendfile+0x623/0xe20 [ 193.731164] ? do_compat_pwritev64+0x1c0/0x1c0 [ 193.735748] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 193.741290] ? _copy_from_user+0xdf/0x150 [ 193.745427] __x64_sys_sendfile64+0x15d/0x250 [ 193.749920] ? __ia32_sys_sendfile+0x2a0/0x2a0 [ 193.754493] ? do_syscall_64+0x9a/0x820 [ 193.758471] do_syscall_64+0x1b9/0x820 [ 193.762354] ? finish_task_switch+0x1d3/0x870 [ 193.766855] ? syscall_return_slowpath+0x5e0/0x5e0 [ 193.771783] ? syscall_return_slowpath+0x31d/0x5e0 [ 193.776716] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 193.782092] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 193.786947] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 193.792128] RIP: 0033:0x455ab9 [ 193.795312] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 193.814582] RSP: 002b:00007f8527766c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 02:29:23 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000003, 0x11, r0, 0x0) 02:29:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000200"}, 0x58) [ 193.822303] RAX: ffffffffffffffda RBX: 00007f85277676d4 RCX: 0000000000455ab9 [ 193.829656] RDX: 0000000020000040 RSI: 0000000000000015 RDI: 0000000000000014 [ 193.836913] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 193.844264] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000016 [ 193.851539] R13: 00000000004c0d79 R14: 00000000004d1380 R15: 0000000000000006 [ 193.928483] FAT-fs (loop3): bogus number of reserved sectors [ 193.934458] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:24 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) pselect6(0x40, &(0x7f0000000000)={0x7, 0x7f, 0xdff, 0x4, 0x6, 0x100000000, 0xfff, 0x7fffffff}, &(0x7f0000000040)={0x3ff, 0x2, 0x5, 0xc13, 0xff, 0x8, 0x2, 0x8000}, &(0x7f0000000080)={0xa60, 0xfffffffffffffffc, 0x3, 0x3, 0xfffffffffffffffb, 0x9, 0x3ff, 0x4}, &(0x7f00000000c0), &(0x7f0000000140)={&(0x7f0000000100)={0x8}, 0x8}) socket$pppoe(0x18, 0x1, 0x0) pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8}) 02:29:24 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000002640)=@ipv6_newroute={0x2c, 0x18, 0x9, 0x0, 0x0, {0xa}, [@RTA_ENCAP_TYPE={0x8, 0x15, 0x7}, @RTA_ENCAP={0x8, 0x16, @typed={0x4, 0x3, @binary}}]}, 0x2c}, 0x1}, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc0\x00', 0x100, 0x0) sendmsg$kcm(r1, &(0x7f0000001ac0)={&(0x7f0000000200)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x4, 0x2, 0x0, 0x2}}, 0x80, &(0x7f0000001740)=[{&(0x7f0000000280)="39806dc990a58ad7ecd0f8863fcd6634340b5db117349969a3aa06c256ba4256b54ca8680e12db55680ee69e07f2e34c10c847a422e45fcebf68d55310e5ed2cb1b3cfcb", 0x44}, {&(0x7f0000000300)="2ea3c581b0b112738ba9e6387bc7a028b74c7209071c07cf39a0145dcfea3dcac217ff171ea60dfbfffbf41070100005f75e7fd9ea814972f72cbd3cc1dd88312947a02c3bd7a177ea7b3e22a78e3331353a22259c984c28f9c501c85784396203c341bcc2f5b35084a38954b13c780eb6a06fc746cfa5179dc1a3212f6365d6ba13ae25c549cde48e9fb138e21350629f5a846c9a0bea3decfc34e35a01efb1e455f94eccb285a12f1e37b7f88dca16c20d8e60d3e6c1a49414406a30", 0xbd}, {&(0x7f00000003c0)="f540971a9a389ada66e59dc390fcd7fb10", 0x11}, {&(0x7f0000000400)="c2718ce73ecbbe6bf35b2260d60a6dd5c30fc3c5ecd41c5c6b58e93dc7ff46512931f4f18f59df15870afafcda0008d511871e34ab6c325989a14dea18f1eb02285074f4ba963323dfa9137c890ae658db9acb12658d14a9ec8fc43916917b86a3bc215bf70f7b17bf48101179b72418c29424fb57cb705ae814e6672fa8bfe543f603eeb52a1ff51d", 0x89}, {&(0x7f00000004c0)="c0655c893887505c65ad4e673b5587f46e8a2695f345558a327dac731d682bce9356a02365a5eb563f884c1a6bfdfa4559e0a04fc170fce60533d4879bbaae5f752d6058c0d347a6e42871d79ef1eef397921444156a33a624a7df50e4a4dedcd597374b6f084ef512ce28eddf8a8cb9948eac03a58ad59ada3b4bc3253f994cc9e3ee1468704ca9576ae18c330bb5c9ba1735898acdfcd747abe100a984cf7be90931551d369ddef3815c3d031ab87cc59e9698bf2d5dc0a4e002b06cd9f76ade8fa3c8d8d220d7b3c220cb672f3d5a2bb022738903e15d22cca7e4caf695f7d34bf1e6e4958a5b284dda5c8ce007ed33f5d985e38097e734e144f7210eb8e002245d4b8567f3a7156141d4052e9947cfe81ca8fc418e6c6435e6ef7b99257232394d3d950b63fc982e7ca7672ed93cce994efea23e906da0b28079d8a7bed8cd8a0ae7f0eeabd3887c1e4fc6bd613c92a7629b7ae66fdff30c2136d86748722df995d785d12d2859752c82da39561b55e44dd7ba374f1e9b2a6ce99001baef1f6a48c0b1ca501e67becaea745e22ad9c2b824899d50a57939556dec01666b6b86cfb8b82d89aae5ce9daff37607c5d46ffcb3ee37e0a839f9716717d6e4b2a8dbadf2eb25a66f79a0bc59f73fcd6ce66ee542c8a495e07167f808cbec3529d31351df83798c6a74af6e8044f23dfd2bed291420f168a7bea812defe397db03c834fdae966b9ecc92a1139e81c25ba2f9f4105f73d5dbe861ac9465b4ae4216d1dacf7584960da1d2f24a90db0b5d5e88c3b4d4e1522cbff3a8a99467b03feab685bd66c036638bc46b23da61ed8d2507764aef2be7f19988b29c136d46eb21a1ee319b22ca42d58d41745d8c605bb7fd538f891ddb5c5fa605e849eb0507e972f507b27da68e8fa7e844d7e68b4614d0c0ba0a30adb155523c4665a422bd98dbfc84421ce07bee80056cf5cfae0afd49cdb111f5b67ebf563b39bfa4163c52f47d4b3b4732741d52c785f6fc0927dfb83abd84b988f54033e6ceebde0d489fb15502bd9dd7f2b672f70bb497748c0db467bea8c5336f0e522bf792881f9ec9dcef28af79acf47dfd47bf310a9c13a0a25eccbddcf32b43ac95528078782d3a329cbde83294ad8eaa8277fc94f1096dc6f44d587866f42f6e7ad61487710230aa7aaa98696cad550ccd0436746f9d73df8f0aa1e6581d986d096345e81acd904a64c2cf571f8e07fbc987a142068dbb0abe962ddcb137a60a7430f0f6b2d28df04b91259580d7f48d23ad5078c442d682c0f3a9f00d142e4227611d7ea563149edaa7aaf8dc8139d2708b0c22065f4f3f3d97fe298bbf6efba23c455c182137f7dfa537e223ded73482be14f8fa3292364155057396510f47beb016f7b7f9474901fa6f4e09a75dfffdd0424900bbe5cb349e9b93a82f864cc9d5cbcafd2b4579b0f241805fe2ccf72d2b2ff2057ce5c9a82e0b2d8430941514b83c9f55c6a15b818d7f1842ebc64e7234c67c4e47942886c94831919cc30d2b0e36bfe68e3ba3e4ec85f03e0d3e26577e26376644c1033bbcbaaff4e897d73abde7cd507365a7dd3da10c8425b03980a7e40744bcc7845ac436a53207f0b38f2e3b50841c5e95d9341bc4ea53099855040cfb54105b51a41f7377c23fcb9c37b71400b7aff85b4026b4df5499d99a6502c30a0cca6b8ae9cad391e97609ec6e84f9530e28013d70d8bac96b604cb06fffc8a5b8cf1f8a8769c2123e8385dd1ccca91a00e4a4873ef4d3ac0126f8f88c9697a13ecbca07040b2b1d005ffa9945637565069896e14f77ba7b0f96af8cb8bea57ad5fb74132bc2e8f7ff1e380831eccf462f57716314e3753ea1a1835b9a0ab546c7357fdb190646080e821ead1c5d13d3c5eef8e92b44661f24480fba19dfa6aa4cf443a2628cb2b8604c606a1de90645d63020b12beb3667a371e5df966bc783e0f115c4749b1a9438c7d2458b00205d357fee634142f7ca52c0b2732a8cc32c5af1e353e332ac81b819c1836e6a8b7dfd85bad5fb3d89df24184c98a16e2c839e2b8e8766e10d0cfdec06e3fdaaebded89d15d04db921f220f071d37310c700e0c932c0d49db56b00126bc0e05ff57a7846bf6a1cacff43e93311a88a6d446d5cd666657ae7e4e0c02f681f5aa9143c05526aa4afae03079e39316b2552867bc555d8d4794ea0453b7e9251c8fd1bbd9c0cf354b962a40cd5d753bbc645e5c978c18eb3b819560c8fb1e9420cb0016c3f0e7e80d6895550af6b821c7d5fa7148eaaba2d87c7d70e4eab94d890e5aaa3d5926df494a30d119b2c448e954ddc0cc2bcf9c8df3718ba973887f997d30a1c4a824c9752f3b45c7ffe16447a517d6ea4c9a8752d8974886715cede82614baabb9595c83f6823eb8ff740190195a2f2c1be88f692b5ec7ec8bcf08655883b7cf703d26cc507ed9132ad25878be2b2309b9f216f94835e54fa11a40101ae614b1c3f5f0cf4f062a0be0aaac0c5ec5b498bd397648a8f23c282b5d049609f6dfc1c5431a78c2ec7397999cacd221eb4210770dd536f8240ed7da826a0ef1ea594a3c69349ac33180ca5882e025191a3d38cbb977abd7c74e38f5bb470876f5fe5ad1c49cca78bc5573287a975d8a4523f370916838c01a755afa904c780f2c5aead258c0aa54143e6a5fe374c97365f809f4aa699b67d9a0c30d334757b64930c63331f0dac5576b95c1b9421044c19d151c95d669d98fcc2df9eac33a28d25425d9db3d3ba94a999d076d0e7be280b989efe37f755f1218337f0615d0308da7922e26fb4e1c81c90efad9b86f21d0c1c6d0cc84607df9c255904f3b187ab3fe8af8a0363b28c4db114ad84cf8dc4dbbb3d0092423ea0711ab9808d192b516958ce46a893a1146f48dacf4d71b78c230b27abdc9888993bc4257f7cc7780dfc8cbe1c412a0c917561deef7b9ab1b71e865ed68668e7629f191e11490e62470c1b194c26b326bcbf5e17a0033fddccddbcbb1482c3b48c6c86879ba7031fede05892a1aec5329009468fe1142a1a066e8a0485f9065945877e653850004ab2f3fb8c929e5ffb5b8970e3848ffbbb602e0bcef2e6d7270361066a455da0d205b959e0d04a34eff2e9ab2d61ba29924aa1b4ed18ca3b9b91a3f744654e61cc69cce12a0bf3cc9a6203bcb07c7ef6abdf149d351bab4fecf982b4c876a7335afd3a579ebaa41b3abc3c1c246f486d03051ae3b257ff31ed2614b4c6e38b0630d96e9651d2c8d2aa628b0111f9998faecd432b17573c3a498e923705ca55a3faf3091a0ffa18a1a0762a6d714b0607a92a3d972ce08cd5ad6be56f7282f07d4912023bc6bde37a5849025e23c8d10efabd9097efb1b0b1434a7e4213e7e963de4bc8fa10edbc0ef27bc5e5205169c921d30ee8c970f41e48727d87eeb5810449c09b115197cea63a71512c06933aa192ee8680b7230c5cdc6f3f18cb98f4176a1a45dc2817bf8d63ed5a948e14bb35452545f062f654d6369748985532293a1c58f84ed97a226f7dde7849f57cb2e5972ce96b2bd0a4aa49346f3490e5f2f95b3eec78d0542957a462b3dfcf5d98ab8073cf8c20fc2041b3367e1cbad0a2ebfa29487780652bb9c597c0e52b97ca4a2e3b710d9588c91ec3cce5c3f173579d988946660e870c1e03661f82e5a15148c0070f7727d84120813c9c847164fc8eb3e912ed212f443e61fb1cfa1cf6517e4224ce3f3c59ff211bca63bcdeb1e2fd6064155fde974452c6b39359116159a1f00156f0a5ed8544a72e3fea659d19e1d71d60cd040a9a01afbdd35c766a5033bb6746fae7d7ffb508d98a703d50a29ce89e099fcdddd733199bce57b9ced7d1e347d601f1aadb731acf74e22f3517db22257dd89111bc86663fddd77a6a5d44418ae2fcd3d3817bb5045cde81457dfc988b2775feca30a006d3a552b81fe0ad598a4aba6ab72c515a05691e252dfd6bb139ccaf5c6a3010349ce2ac7e75fa35359bde368f4ba1c64b698e054a79f997b3fb1d9b1989556381c78896406f6a037cad267c81b9d6f818861ae8f98dd4ab45fa5eae32cbf37bdcbd59c0f3bad10094cdcdc5452160326576b0e3dda8fd8157b1bb1f11042baa83a7cb75b6784191caa3902db71ad28de158ea992467045394fa1c66eabe8e25bad29bb1356ca5c30c15b58cad90e0486c942d46de67e79945bea30db7ca5257fe0b38ad390f5f9d597936f8517d8e1a7e97dee13ea232b51cac42e7eeadb8cdeedfb5943498ff39af310d4648862f05f8e4c6cb8dfc6fa604dc9c3393a279bbed07316371bce70fea1e0bde990a260c1045eb70eaac374bc89f6672d22945903eb59af732e0624390f7292fa6b04066a77d3538dea7af168d2deab8b0b2bb1ea4c4b28482fc5f90c39d66486cbd339e98f0fb197c3269c5426925f7d0ab117a5bcb65ea459239551f14867eaa530da7b25ada139196a5cc2adc444d2a70da26c9255bdb7ba8f22bbdc8be51a8da23ef76696abce80e15d91b11099eb4c339d5f400dbd03a75afc45aa371433f2bde106256560d1632fb58ac1f02d6bbf2cf4144888e493c30e629bd14fddf66b7ec6d2262c8175f1b0cbf016fd9149095d054cd12f1f043984323b7739ce8d573f260fb2dc91b314e7ad6570fff1250e288dec3cc413d36dd2f2b0d4ad6840b9358829577776fb31358d0aef4bed8bc703e3fa8de9ca43fc27e1a939fa0571dad9d5f5fb298c92d4abc85680dcfbb416337a7a68554afa23bebf0a17029be8b312e702201a234cafff9f81beb1364129d5e39713d43b3385ddfc34f8c2490affdfc6c80c4ea8a1743fdeb8eecc3e3e9db634244950658888cccda680812d499cb37268f582aa655743fa527da64d7dafd3da4b6ff00aa2c52129286418d8b588bbb515b0ee8d55d0f21f5bfb851a30f32a7bacebb174ac7e8338f2579e447f71c2434b8f46c6cf13ab23dda79330ee492627014edd77f8fa0add763929d902f6323b1adb8ab155747ebd81dd3d987a66499ac3297dfff88d61186eb0c9bada3302bf473f0121fa51d7675e9b1578e4f5eeb568ecd25b07e13b0b249e4ed0f564a8bbdd786c0db4772779ac7d5868e05d57b8b3e1547cd622c846bb77654174270682f8c6d51e2ab12e1f0cd3da4bd6005ed1b78536514f0b20fe41627caac6f38a96e7f5dae2e606fa8a762b6fff6baf58d3b221abb1d6b7a868de2b81c6a942a420bbf7acde5ff38a2590752c0c38754eadcea42dcaca2b40403428e23d1950e9cd694b2187cdc951854fcac395e376a05161dc1f92e67966440094537fcf61dda5a15a8cfa9e06db45d6b6ac70fb8d243ed5914d0e714e3666f0699cadce90781d9da7faac08da579c8e86c315153683917b18988e68b070c467b8e1718b28474fc0388a5f531832fbea5eee3579f72726f7d02394f508b473489e691be463bcc0db956e484cc8bd2b22222f87da5269f58cfc87603738b952f0d64bd5b02f73676b90830781bdc03db7ab689a5faca4f2bfccdab87c0db3def3ba4c1b051b8878292efc219274982bdd8d5ff861dae77524c1c02eef0de8a3c46030e1ca35754edeebbe4e8672700ef9bb1745dcdcbd2e89014297021eb2944ca31114bf4b5c50cdd8d76a7ac9cac20ee55f2366ef3480d14d86651dabc5968e0203de95b33d786da084b11716582f32dcd2920d85a5f1fef1c005835ad481d657d3f61dbeff9d24684ba255b54898d4a6b70a5d927ac38d9db2ad6139f38000a75f88add0fba94269a5fe6f5acfdcbffcd32274b5a3f", 0x1000}, {&(0x7f00000014c0)="1bd36ddd641354378a36db74c4a62b64e96e2b8902c922adbdf57550a8ace0fb91d6742479623545bfb328e1c8d74d117bdece4b5f63b203e7eb63bf9ca4680e9807b84f2c63efe816632cd626bfc21c0fed50a4375027a19332100e3c0f164fb8a0412cd8fbcba1c6e456d1a86b4fd90df8496168795112cd9213f21ee3930235884614eb93b866f0c9b7cd36fb5e56e1f7d58203dcf7826eee7150e2d03d6042a16759bb80c348b802626f1861c76bc206c7c18363bb1e", 0xb8}, {&(0x7f0000001580)="f8dee86ff9a09625b68cf8f364ac4937bd4b1a661f99", 0x16}, {&(0x7f00000015c0)="0091", 0x2}, {&(0x7f0000001600)="506f2540c6b6", 0x6}, {&(0x7f0000001640)="e41522315dd96057cc1b6e3d05b375fd40ebf158076c2cf434ad44d32ff4e225d85620c9c77d5aed061136ca294426b455ea88c4b4da92c17ebeff99eeaeb7b2003f34d0830eef72cfbb7799de7dd2828760a551641a9e424ba2761106901ae089d6996169d657a5df411a009ee83499a8f1b38e393c7eea08ddcc6e039e48953dc5565e3ddcec6bda0e3251794cda4ac86d343d6ccdfe8b1eee9a438a7c70003a174f106bd4f69787b5cf29950a28959c9c33aea32218c70e6fef95c3821c61f72c0168b7b0c0f3179b441e", 0xcc}], 0xa, &(0x7f0000001800)=ANY=[@ANYBLOB="c000000000000000bf010000ca000000bf2cfbba4f32d65eb5847e8dde8de78f1621a705891d03f634c32e24ecbb1cd1818171357b7bd1a9718ccadef9868046220ea5abf9fb831118514332c3c594d454eb2d2f63cb6800e0a1313b2cff4d1ad43b57a284a445a371ebe0fa6122af27fcfd6074dea78af885f9592cd8987dbd3b2c1c7305290a5b628b7c6504529f4cc19b00ee164baf062435805615d323a4ac74424cf8277651c3c4216c9d4fd3229314a7e2c74574fa2734000000000000b800000000000000ff00000007000000a222f9bb455943a862e53034d1dea1c2245254bd12b5f51e5ccb38a99a6ea133e931ae90a435a3ecfed08607b024d31b6bea42df7e061a520dee00e794aace552c7c3aeeb41ccd6587a2aca71a1f7d9e10c87b3644bbdcb6125e1e9ed2775140edd832c6d9933dcb937972454d7fe0d8753b847b59d82b98b127c8b29f3f70f3c1184cb932ec13f323997a4ac9fe247014c45bc3eed41f1805b52781b3b46be30b18d2c509960500f00000000000000017010000fdffffff6174eb72d268721f4d3dc41639ab8b9f1bb656338c3064982b7832d0e8036af54dbb92e892f8874d9095caf5d13c230527eefcfdb002da35db769e8672ac7d61d98878fbfe5fce91222c0355997945b32ef7b790d8b275ca9031e22574a4811beaaba7c201277cd747f0a8533f33de94ab165ef5b37017ebb56f3f1c1dca578158c4dd287dbb8fe57c93d6bab47f7fa4d465582efa59daf5c7fb47a207c7025be9593932862e1996b563071a80c9b64d94cc488b09f6a554a2a1e64a166ecf620c42e1eeab4080b43d15a45b919d7ba85b41e249711bdf4ee35eb01d9a7d00005800000000000000110100000100010081fb2f09a75c8515be5175d240e0af25333eee307a8e1593374b1baf7a1b0b1182bfc0e1f8a18f98d72def39f4a0be733f920b54fd2ce59450ba0f7686a6d0242bcb6b1400002000"], 0x2c0, 0x1}, 0x800) r2 = accept(r0, &(0x7f0000000080)=@sco, &(0x7f0000000000)=0x80) ioctl$sock_bt_hci(r2, 0x0, &(0x7f0000000180)="64f3bbffa1a1715c3fa2d6bccc") accept(r0, &(0x7f0000001b00)=@alg, &(0x7f0000001b80)=0x80) [ 194.044868] FAT-fs (loop3): bogus number of reserved sectors [ 194.050854] FAT-fs (loop3): Can't find a valid FAT filesystem [ 194.215654] netlink: 'syz-executor7': attribute type 21 has an invalid length. [ 194.250237] netlink: 'syz-executor7': attribute type 3 has an invalid length. 02:29:24 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) sync() 02:29:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000200"}, 0x58) 02:29:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000008, 0x11, r0, 0x0) 02:29:24 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:24 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000000000)="c6", 0x1, 0x0, &(0x7f0000033ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r1, 0x1) unshare(0x2000400) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0xd, &(0x7f00000000c0)={0x0, 0x0, 0x500}, &(0x7f0000000100)=0x18) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000140)={0x6, {{0x2, 0x4e24, @rand_addr=0x9}}}, 0x88) 02:29:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 194.272735] netlink: 'syz-executor7': attribute type 21 has an invalid length. [ 194.295513] netlink: 'syz-executor7': attribute type 3 has an invalid length. 02:29:24 executing program 7: r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000040)={0x1}, 0x8, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f000079df88)) msgsnd(r0, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) msgsnd(r0, &(0x7f0000be2f0a)={0x2}, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") msgrcv(r0, &(0x7f0000745000)={0x0, ""/4096}, 0x1008, 0x0, 0x0) acct(&(0x7f0000000000)='./file0\x00') [ 194.345428] FAT-fs (loop3): bogus number of reserved sectors [ 194.351380] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000200"}, 0x58) [ 194.532311] FAT-fs (loop3): bogus number of reserved sectors [ 194.538359] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:25 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040), 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:25 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000200"}, 0x58) 02:29:25 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:25 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000002, 0x11, r0, 0x0) [ 194.729223] FAT-fs (loop3): bogus number of reserved sectors [ 194.735208] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:25 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000200"}, 0x58) [ 194.878621] FAT-fs (loop3): bogus number of reserved sectors [ 194.884751] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:25 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:25 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) sync() 02:29:25 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000200"}, 0x58) 02:29:25 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000004, 0x11, r0, 0x0) 02:29:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r1, 0xffffffffffffffff, 0x0) 02:29:25 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:25 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0xbcc9, 0x101000) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f00000000c0)={0x20, 0x1001}) ftruncate(r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x14000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000180)) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r3, 0x4008ae89, &(0x7f0000000000)={0x2, 0x49, 0x0, 0xc0000084}) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0x100, 0x9, 0x8000, 0x1ff, 0x5, 0x9, 0x200, 0x1, 0x0}, &(0x7f0000000240)=0x20) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000280)={r4, 0x5}, 0x8) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) [ 195.553808] FAT-fs (loop3): bogus number of reserved sectors [ 195.559835] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:26 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") pipe(&(0x7f00000000c0)={0xffffffffffffffff}) ioctl$RTC_EPOCH_SET(r1, 0x4008700e, 0x200) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000700)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="b22cb8e67efbbdf367ab0b350fab43761854e97d348b64e2db6edd52450c30b96a08000000f998824c5a570b49b8a4667d9fd6fb2aebd4072f9e58eb4e763c7c406e20452027a9db02146c194b7b59c26aaed7ccf2d215b34812b8d669383114f2fe45c9ccbe345487be311eb0108a911bbe2dbc7208f41897d673be3862151a02", 0x81) 02:29:26 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) readv(r1, &(0x7f0000000540)=[{&(0x7f00000001c0)}, {&(0x7f0000000200)=""/62, 0x3e}], 0x2) socket$inet6(0xa, 0x80000, 0x8000) [ 195.630249] FAT-fs (loop3): bogus number of reserved sectors [ 195.636322] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r1, 0xffffffffffffffff, 0x0) 02:29:26 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000200"}, 0x58) 02:29:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000005, 0x11, r0, 0x0) 02:29:26 executing program 5: r0 = socket$inet(0x15, 0x0, 0x0) io_setup(0xfffffffffffffff8, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) io_pgetevents(r1, 0x3f, 0x7, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000140)={r2, r3+10000000}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000a32000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f0000000880)={0x20, 0x18, 0x0, 0x0, 0x0, {0x1}, [@typed={0xc, 0x6, @uid}]}, 0x20}, 0x1}, 0x0) bind$inet(r0, &(0x7f000001bff0)={0x2, 0x4e22, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f00000024c0), 0x0, 0x0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) semctl$GETPID(0x0, 0x1, 0xb, &(0x7f00000009c0)=""/93) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) futex(&(0x7f000000cffc)=0x1, 0x800000000086, 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000048000), 0x0) r4 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) rt_sigsuspend(&(0x7f0000000080), 0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x100000000000031, 0xffffffffffffffff, 0x0) semtimedop(0x0, &(0x7f0000000180)=[{}], 0x1, &(0x7f0000000340)={0x77359400}) tkill(r4, 0x1000000000016) 02:29:26 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:26 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf4ffffff00000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:26 executing program 7: sched_setattr(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x0) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa}) write$P9_RSTAT(r1, &(0x7f0000000180)={0x92, 0x7d, 0x0, {0x0, 0x8b, 0x0, 0x7, {0x69, 0x4}, 0x1810000, 0x10000, 0xa11, 0x0, 0xd, 'cgroup.ppp0\\#', 0x40, "2b045b316367726f7570707070316b657972696e676370757365746d643573756d70726f6327766d6e657431776c616e3140776c616e302d73656c696e757829", 0x6, '@eth0H', 0x5, ',em16'}}, 0x92) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time={0x77359400}}], 0x30) vmsplice(r1, &(0x7f00000004c0)=[{&(0x7f0000000480)="06", 0x1}], 0x1, 0x0) dup2(r0, r2) userfaultfd(0x80800) [ 195.967509] FAT-fs (loop3): bogus number of reserved sectors [ 195.973474] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:26 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x2000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 196.044511] FAT-fs (loop3): bogus number of reserved sectors [ 196.050658] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r1, 0xffffffffffffffff, 0x0) 02:29:27 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000200"}, 0x58) 02:29:27 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1001400, 0x11, r0, 0x0) 02:29:27 executing program 0 (fault-call:8 fault-nth:0): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 196.687788] FAT-fs (loop3): bogus number of reserved sectors [ 196.693865] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:27 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000200"}, 0x58) [ 196.784696] FAT-fs (loop3): bogus number of reserved sectors [ 196.790819] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:27 executing program 5: r0 = socket(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1a, &(0x7f0000000040)=0x2, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x8, 0x2, 0x9, 0x0}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r1, 0xcc3b}, 0x8) 02:29:27 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000000000701000000"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:27 executing program 7: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x40000000007, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x4, 0x4, 0xfffffffe, 0x0, r0}, 0x2c) socketpair$inet(0x2, 0x5, 0x8, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e22, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0x7fff}}, 0x0, 0x7}, &(0x7f0000000140)=0x90) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cuse\x00', 0x80, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000480)={r0, &(0x7f0000000340)="804c063b1aba233a40bf9fdf8e786593808c8c4c3d40101f092eca04d675ab17e5e8868f5ae8a26095a37e30da80461bc9dc008644d309ff175c4961f881ba69d5d60def96b162372d554191ced409539adb8d89c48d8104bbb0c08dee9b29297d8debb8744d9f3a4fa3a39cee05d23c3eb0fac1f361f1c72a1d77a20cf03afe7e2ee3c1f5f6a3be752fda46e2014efc790f1745dca99e90e5274a49d303a3dc94120e1ddef7074654bc47df924799e0cbc78d4ed38783a2a8dc84da9e468434f2a8e350286bc9e422be6d03996d385e13350e1c16efe81bdb492b244e778564db92f45ae31b26eeed56ad1a3de35768caced5b3", &(0x7f0000000440)=""/8}, 0x18) setns(r3, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={r2, @in={{0x2, 0x4e20, @broadcast=0xffffffff}}, 0x9, 0x100000001, 0x0, 0x2c09, 0x1}, &(0x7f00000002c0)=0x98) 02:29:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x10) 02:29:27 executing program 5: r0 = memfd_create(&(0x7f0000000080)='^]\x00', 0x2) write$9p(r0, &(0x7f0000000200)="2d3b9d94", 0xfffffffffffffeb6) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r2, &(0x7f0000000140)=""/187, 0xbb, 0x0, &(0x7f0000000280)=@ax25={0x3, {"65e40a94e65d9a"}}, 0x709000) sendmsg$nl_generic(r2, &(0x7f0000000000)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, 0x1d, 0xfffffffffffffffd, 0x0, 0x0, {0x1f}}, 0x14}, 0x1}, 0x0) 02:29:27 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000200"}, 0x58) 02:29:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfffffffffffffdef, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 197.164246] FAT-fs (loop3): bogus number of reserved sectors [ 197.170233] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:27 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000200"}, 0x58) 02:29:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x3, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 197.271512] FAT-fs (loop3): bogus number of reserved sectors [ 197.277577] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(0xffffffffffffffff, r1, 0x0) 02:29:27 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000000000701000000"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 197.670912] FAULT_INJECTION: forcing a failure. [ 197.670912] name failslab, interval 1, probability 0, space 0, times 0 [ 197.682474] CPU: 1 PID: 10569 Comm: syz-executor0 Not tainted 4.18.0-rc5+ #149 [ 197.689848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 197.699210] Call Trace: [ 197.701804] dump_stack+0x1c9/0x2b4 [ 197.705426] ? dump_stack_print_info.cold.2+0x52/0x52 [ 197.710616] should_fail.cold.4+0xa/0x1a [ 197.714673] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 197.719775] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 197.724644] ? print_usage_bug+0xc0/0xc0 [ 197.728703] ? _raw_spin_unlock+0x22/0x30 [ 197.732841] ? __queue_work+0x68d/0x1410 [ 197.736906] ? stub_timer+0x10/0x10 [ 197.740523] ? graph_lock+0x170/0x170 [ 197.744327] ? flush_rcu_work+0x90/0x90 [ 197.748289] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 197.753391] ? lock_acquire+0x1e4/0x540 [ 197.757366] ? bdi_split_work_to_wbs+0x128/0x1360 [ 197.762208] __should_failslab+0x124/0x180 [ 197.766439] should_failslab+0x9/0x14 [ 197.770232] kmem_cache_alloc_trace+0x4b/0x780 [ 197.774802] ? wb_wait_for_completion+0x2e0/0x2e0 [ 197.779639] bdi_split_work_to_wbs+0x5a7/0x1360 [ 197.784300] ? trace_hardirqs_on+0x10/0x10 [ 197.788629] ? locked_inode_to_wb_and_lock_list+0xac0/0xac0 [ 197.794344] ? graph_lock+0x170/0x170 [ 197.798135] ? kasan_check_read+0x11/0x20 [ 197.802282] ? do_raw_spin_unlock+0xa7/0x2f0 [ 197.806703] ? __local_bh_enable_ip+0x161/0x230 [ 197.811363] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 197.816367] ? wb_wakeup+0x65/0xd0 [ 197.819905] ? find_held_lock+0x36/0x1c0 [ 197.823957] ? graph_lock+0x170/0x170 [ 197.827764] ? lock_acquire+0x1e4/0x540 [ 197.831742] ? iterate_supers+0xe2/0x290 [ 197.835801] sync_inodes_sb+0x333/0x480 [ 197.839978] ? rcu_note_context_switch+0x730/0x730 [ 197.844906] ? try_to_writeback_inodes_sb+0x70/0x70 [ 197.849930] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 197.854519] ? kasan_check_write+0x14/0x20 [ 197.858749] sync_inodes_one_sb+0x59/0x70 [ 197.862890] iterate_supers+0x149/0x290 [ 197.867057] ? __ia32_sys_tee+0x2b0/0x2b0 [ 197.871212] ksys_sync+0xec/0x1e0 [ 197.874681] ? sync_filesystem+0x330/0x330 [ 197.878909] ? __ia32_sys_read+0xb0/0xb0 [ 197.883072] ? syscall_slow_exit_work+0x500/0x500 [ 197.887904] ? do_syscall_64+0x9a/0x820 [ 197.891881] __ia32_sys_sync+0xe/0x20 [ 197.895682] do_syscall_64+0x1b9/0x820 [ 197.899570] ? finish_task_switch+0x1d3/0x870 [ 197.904057] ? syscall_return_slowpath+0x5e0/0x5e0 [ 197.908975] ? syscall_return_slowpath+0x31d/0x5e0 [ 197.913988] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 197.919346] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 197.924195] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 197.929373] RIP: 0033:0x455ab9 [ 197.932545] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 197.951863] RSP: 002b:00007f8ee7b7ec68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 197.959561] RAX: ffffffffffffffda RBX: 00007f8ee7b7f6d4 RCX: 0000000000455ab9 [ 197.966827] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 197.974084] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 197.981353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 197.988694] R13: 00000000004c0763 R14: 00000000004d3a20 R15: 0000000000000000 02:29:28 executing program 0 (fault-call:8 fault-nth:1): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6_udp(0xa, 0x2, 0x0) fgetxattr(r1, &(0x7f0000000040)=@known='security.capability\x00', &(0x7f0000000080)=""/53, 0x35) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0xb}, 0x1c) connect$inet6(r1, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}}, 0x1c) setsockopt$sock_int(r1, 0x1, 0xb, &(0x7f0000000140)=0x4, 0x4) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2=0xe0000002}, 0x4}}, 0x2e) sendmsg$nl_crypto(r2, &(0x7f0000000200)={&(0x7f00009dd000)={0x10}, 0xc, &(0x7f00002ceff0)={&(0x7f000097b000)=@delrng={0x10, 0x14}, 0x10}, 0x1}, 0x0) 02:29:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xffffff7f) 02:29:28 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x800000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:28 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000200"}, 0x58) 02:29:28 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000000000701000000"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:28 executing program 5: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x2, 0x0) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000040)={0xe2, 0xffffffff, 0x81}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f000050bff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$TCXONC(r1, 0x540a, 0x3) [ 198.123948] FAT-fs (loop3): bogus number of reserved sectors [ 198.129887] FAT-fs (loop3): Can't find a valid FAT filesystem [ 198.172660] FAT-fs (loop3): bogus number of reserved sectors [ 198.178699] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:28 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f00000001c0), 0xfffffef3) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000000c0), 0xffffff9b) tee(r4, r3, 0x1, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140)='tls\x00', 0x4) r6 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r6, 0x1000000000013) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) r7 = socket$inet6(0xa, 0x3, 0x40000000000fbf) ioctl(r7, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x3, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) listen(r0, 0x43) setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000180)={0xffff, 0x7fff, 0x9, 0x8001, 0x6, 0x9, 0x200}, 0xc) r8 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) inotify_init1(0x80800) sendto$inet6(r8, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r8, 0x84, 0xa, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20) sendmmsg(r8, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f00007ed000)=[{&(0x7f0000000000)='u', 0x1}], 0x1, &(0x7f0000275000)}}], 0x1, 0x48084) shutdown(r8, 0x1) 02:29:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x800000) 02:29:28 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x100000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:28 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000200"}, 0x58) 02:29:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(0xffffffffffffffff, r1, 0x0) [ 198.373465] FAT-fs (loop3): bogus number of reserved sectors [ 198.379423] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:28 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feff"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:28 executing program 7: ioperm(0x0, 0x4, 0x0) ioperm(0x0, 0x400, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x5, 0x4600) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x7, 0xf, 0x5, 0x2}, 0x8) 02:29:28 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:28 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000200"}, 0x58) [ 198.539546] FAT-fs (loop3): bogus number of reserved sectors [ 198.545504] FAT-fs (loop3): Can't find a valid FAT filesystem [ 198.929981] FAULT_INJECTION: forcing a failure. [ 198.929981] name failslab, interval 1, probability 0, space 0, times 0 [ 198.941554] CPU: 0 PID: 10663 Comm: syz-executor0 Not tainted 4.18.0-rc5+ #149 [ 198.948933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 198.958285] Call Trace: [ 198.960891] dump_stack+0x1c9/0x2b4 [ 198.964527] ? dump_stack_print_info.cold.2+0x52/0x52 [ 198.969717] should_fail.cold.4+0xa/0x1a [ 198.973774] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 198.978871] ? kasan_kmalloc+0xc4/0xe0 [ 198.982750] ? kasan_slab_alloc+0x12/0x20 [ 198.986904] ? lock_acquire+0x1e4/0x540 [ 198.990896] ? find_held_lock+0x36/0x1c0 [ 198.994972] ? graph_lock+0x170/0x170 [ 198.998786] ? lock_downgrade+0x8f0/0x8f0 [ 199.002939] ? __lock_is_held+0xb5/0x140 [ 199.007008] __should_failslab+0x124/0x180 [ 199.011237] should_failslab+0x9/0x14 [ 199.015031] kmem_cache_alloc+0x47/0x760 [ 199.019105] ? rcu_note_context_switch+0x730/0x730 [ 199.024044] ? mempool_free+0x370/0x370 [ 199.028028] mempool_alloc_slab+0x44/0x60 [ 199.032340] mempool_alloc+0x193/0x4b0 [ 199.036222] ? mempool_destroy+0x30/0x30 [ 199.040280] ? find_held_lock+0x36/0x1c0 [ 199.044353] bio_alloc_bioset+0x39c/0x6f0 [ 199.048490] ? bvec_alloc+0x2d0/0x2d0 [ 199.052281] ? check_same_owner+0x340/0x340 [ 199.056594] ? rcu_is_watching+0x8c/0x150 [ 199.060734] submit_bh_wbc+0x14b/0x790 [ 199.064627] __block_write_full_page+0x836/0xf10 [ 199.069375] ? check_disk_change+0x140/0x140 [ 199.073783] ? __getblk_gfp+0xb10/0xb10 [ 199.077768] ? submit_bh_wbc+0x790/0x790 [ 199.081822] ? __lock_is_held+0xb5/0x140 [ 199.085885] block_write_full_page+0x1ff/0x250 [ 199.090465] ? check_disk_change+0x140/0x140 [ 199.094869] blkdev_writepage+0x24/0x30 [ 199.098837] __writepage+0x69/0xe0 [ 199.102380] write_cache_pages+0x92f/0x16b0 [ 199.106698] ? trace_hardirqs_on+0x10/0x10 [ 199.110925] ? tag_pages_for_writeback+0x4a0/0x4a0 [ 199.115877] ? clear_page_dirty_for_io+0x1240/0x1240 [ 199.120973] ? trace_hardirqs_on+0x10/0x10 [ 199.125202] ? lock_acquire+0x1e4/0x540 [ 199.129182] ? iterate_bdevs+0xce/0x291 [ 199.133154] ? lock_release+0xa30/0xa30 [ 199.137125] ? check_same_owner+0x340/0x340 [ 199.141441] ? kasan_check_read+0x11/0x20 [ 199.145582] ? rcu_note_context_switch+0x730/0x730 [ 199.150513] ? graph_lock+0x170/0x170 [ 199.154308] ? kasan_check_write+0x14/0x20 [ 199.158563] ? __mutex_lock+0x7e8/0x1820 [ 199.162630] ? _raw_spin_unlock_irq+0x27/0x70 [ 199.167204] ? iterate_bdevs+0xce/0x291 [ 199.171358] ? blk_start_plug+0xcc/0x370 [ 199.175410] ? find_held_lock+0x36/0x1c0 [ 199.179460] ? blk_lld_busy+0x70/0x70 [ 199.183273] ? kasan_check_read+0x11/0x20 [ 199.187414] generic_writepages+0xda/0x150 [ 199.191653] ? write_cache_pages+0x16b0/0x16b0 [ 199.196231] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 199.201762] blkdev_writepages+0x1d/0x30 [ 199.205822] ? blkdev_readpages+0x40/0x40 [ 199.209982] do_writepages+0x9a/0x1a0 [ 199.213884] __filemap_fdatawrite_range+0x364/0x4a0 [ 199.218894] ? delete_from_page_cache_batch+0xf90/0xf90 [ 199.224254] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 199.228830] filemap_fdatawrite+0x26/0x30 [ 199.232972] fdatawrite_one_bdev+0x50/0x70 [ 199.237282] iterate_bdevs+0x11e/0x291 [ 199.241173] ? fdatawait_one_bdev+0x70/0x70 [ 199.245487] ksys_sync+0x11a/0x1e0 [ 199.249155] ? sync_filesystem+0x330/0x330 [ 199.253385] ? __ia32_sys_read+0xb0/0xb0 [ 199.257443] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 199.262977] ? do_syscall_64+0x9a/0x820 [ 199.266958] __ia32_sys_sync+0xe/0x20 [ 199.270851] do_syscall_64+0x1b9/0x820 [ 199.274743] ? finish_task_switch+0x1d3/0x870 [ 199.279233] ? syscall_return_slowpath+0x5e0/0x5e0 [ 199.284158] ? syscall_return_slowpath+0x31d/0x5e0 [ 199.289087] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 199.294447] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 199.299300] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 199.304480] RIP: 0033:0x455ab9 [ 199.307831] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 199.327095] RSP: 002b:00007f8ee7b7ec68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 199.334800] RAX: ffffffffffffffda RBX: 00007f8ee7b7f6d4 RCX: 0000000000455ab9 [ 199.342067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 199.349330] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 199.356590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 199.363944] R13: 00000000004c0763 R14: 00000000004d3a20 R15: 0000000000000001 02:29:29 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xc00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:29 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x2) 02:29:29 executing program 7: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [{[{0x9100, 0x7ff, 0x6}], {0x8100, 0x80000000, 0x100, 0x2}}], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x28, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}, @tcp={{0x0, 0x8100, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000040)={0x0, 0xfffffffffffffffe, [0xfffffffffffffffc]}) 02:29:29 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feff"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:29 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000200"}, 0x58) [ 199.490008] FAT-fs (loop3): bogus number of reserved sectors [ 199.496069] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8600, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 199.611969] FAT-fs (loop3): bogus number of reserved sectors [ 199.617973] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:30 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r1) sendmsg$netlink(r2, &(0x7f0000001b40)={0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000001a80)}, 0x0) recvmmsg(r0, &(0x7f0000004100)=[{{&(0x7f0000001600)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x80, &(0x7f0000001580)=[{&(0x7f00000002c0)=""/4096}, {&(0x7f0000001340)=""/203}, {&(0x7f0000000140)=""/119}, {&(0x7f0000001440)=""/133}, {&(0x7f0000000000)=""/47}, {&(0x7f0000001500)=""/79}]}}], 0x2a37, 0x2, 0x0) setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)={@multicast2=0xe0000002, @rand_addr=0xfffffffffffffffc, 0x0, 0x3, [@loopback=0x7f000001, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}]}, 0x1c) 02:29:30 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000200"}, 0x58) 02:29:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(0xffffffffffffffff, r1, 0x0) 02:29:30 executing program 7: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f0000000040)="1fffffffff00000000ed0000fc04ff1b0704043903000000cf7b6962010039", 0x1f) 02:29:30 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xfbffffffffff0700) 02:29:30 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feff"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xeffd, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 199.884161] FAT-fs (loop3): bogus number of reserved sectors [ 199.890232] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xff01, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:30 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = gettid() getpid() timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/150, 0x96}], 0x1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x31, 0xffffffffffffffff, 0x0) timer_create(0x6, &(0x7f00000002c0)={0x0, 0x6, 0x0, @thr={&(0x7f0000000100)="c2ef4536b3b0529d9748e623cf775401b782ace20e5112acc3745bdfc3390db11fc2bbbbdf6255fb9738bf7691645a7f3b6fce484cbb083ecfcd00c48cec840505a7234ad7cd0b8a094bab62430aa33b0ae84d586c13af7092499601fd95128c56bbca072bfbd6609a03dace69b40d93f6ba2b92a8e0f4e12836080e18f1d0b1a90a7282baaf3ad3", &(0x7f00000001c0)="0312082079242296107b451f7a95acbfab5137dbd953e9dd1c742f0f2ea5f1bf438d736b862f0bcf99d1783a8814160be6f82a2e987be5137ade7cd825ac361bc51fcb6c00f817918ded73e19b6b5525f32ed5b09a065ca0c0aebc95064cc0ef42ce28992ba9284364dd0e8e13c08ad9fdbc6d4ff832f60f2c592a39e1f14d748f0abd14583a3160802a5efefa25a13b247a35dd9433f8bfc8019f5530a5f45d5526a75188e038a2656398643df4411b6db11e74b582ea0553f007babfa1ab072c14f99a089af4edc2ff9302f25a018eaf86f53765865631d73baf192eec53e9b160cfd3489194e88768"}}, &(0x7f0000000300)) fcntl$getown(r0, 0x9) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x40000, 0x0) write$tun(r2, &(0x7f0000000380)={@void, @val={0x2, 0x0, 0xa6f, 0x3, 0x4, 0x7}, @llc={@snap={0x1, 0xab, "53aa", "584cb1", 0x806, "e2633218b000c1734878ceb1d5c23a2d51ac87067e738485adce14d1f143e25e55052a22643dad2d1d665383a875a736c3ed089bf463d2646f82f19d69c36323a139dbb8f5f05283e95cc6ec96b857d8ba6bfd114daa84d5f4905d18da7eeb937cd34cfddcf3805bd8e85a7421f1ceffb28b1706e4343cb528275723cb8a3a2476afe5a089a2e8b17efd4a391c090314e58cc2c6f261afc9759add8468544fa467cbfe91155209fc"}}}, 0xbb) tkill(r1, 0x1000000000016) mq_timedsend(r2, &(0x7f0000000440)="c143a508795b4aeee8c23f2037b3f12d43bfd04d68950404f0e733f74fab1360add943dcc1ccd45fc03631a9faa33af194", 0x31, 0x5, 0x0) [ 199.992921] FAT-fs (loop3): bogus number of reserved sectors [ 199.998936] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:30 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x8000000000000000) 02:29:30 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000200"}, 0x58) 02:29:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x284d3, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:30 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:30 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = socket(0x10, 0x802, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x5, 0x8000) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000080)) r2 = dup(r0) write(r0, &(0x7f0000000000)="240000001a0025d50485bc04fef7001c0a0b49ff00000000000000000000000000000000", 0x24) mq_getsetattr(r1, &(0x7f0000000140)={0x34b4, 0x8, 0x2, 0x0, 0x80, 0xffff, 0x6, 0x6}, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000100)=0x4) ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f00000000c0)) 02:29:30 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000001900)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@rand_addr}}, &(0x7f0000001a00)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000001b40)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001b80)={{{@in6, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000001c80)=0xe8) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f00000000c0)) getpeername$packet(r2, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000001e80)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000001ec0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000002300)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000022c0)={&(0x7f0000001f00)={0x3a0, 0x0, 0x101, 0x70bd2a, 0x25dfdbfd, {0x1}, [{{0x8, 0x1, r3}, {0x2c4, 0x2, [{0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xffff}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0xc, 0x4, [{0x3, 0x7ff, 0x9, 0x401}]}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x48737010}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x54, 0x4, [{0x1ff, 0x20, 0x9, 0x4}, {0x9, 0x1b0, 0x800, 0x401}, {0x3, 0x6d27, 0x5, 0x30280000000}, {0x100, 0x5, 0x80000001, 0x7fff}, {0x2, 0x4, 0x9, 0xce34}, {0xfffffffffffffff7, 0x4, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x8001}, {0x200a, 0xfffffffffffff800, 0x6, 0x9}, {0x6, 0x8001, 0x9, 0x101}, {0x8c11, 0x79f5, 0xffffffffffffffec, 0x4}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r6}, {0xb8, 0x2, [{0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r7}}, {0x8, 0x7}}}]}}]}, 0x3a0}, 0x1, 0x0, 0x0, 0x44}, 0x811) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() [ 200.449199] FAT-fs (loop3): bogus number of reserved sectors [ 200.455324] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:30 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000200"}, 0x58) [ 200.500544] FAT-fs (loop3): bogus number of reserved sectors [ 200.506572] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf2ffffffffffffff, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:30 executing program 5: syslog(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f00000001c0)={0x2, 0x1}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f00000003c0)={0x6093, 0x0, 0xa, 0x0, 0x0, [{r1, 0x0, 0x1}, {r1, 0x0, 0x8}, {r2, 0x0, 0x4}, {r1, 0x0, 0x4}, {r2, 0x0, 0x3ff}, {r2, 0x0, 0x6}, {r1, 0x0, 0x80000000}, {r1, 0x0, 0x4}, {r2, 0x0, 0x9}, {r2, 0x0, 0x81}]}) r3 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x2a8200, 0x0) ioctl$BLKBSZSET(r3, 0x40081271, &(0x7f0000000040)=0xfffffffffffffff7) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in=@rand_addr, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@rand_addr}}, &(0x7f0000000080)=0xe8) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bpq0\x00', r4}) getsockname$packet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000180)=0x14) r5 = syz_open_dev$usbmon(&(0x7f0000000240)='/dev/usbmon#\x00', 0xb, 0x40000) getsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000540)={0x0, 0xa98, 0x800, 0xffffffffffffffff}, &(0x7f0000000580)=0x10) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r5, 0x84, 0xf, &(0x7f00000005c0)={r6, @in={{0x2, 0x4e21, @loopback=0x7f000001}}, 0x72, 0x7, 0x7, 0x100000000, 0x8}, &(0x7f0000000680)=0x98) 02:29:31 executing program 2: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x80000000000000) 02:29:31 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:31 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000200"}, 0x58) 02:29:31 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:31 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xff01000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 200.952408] FAT-fs (loop3): bogus number of reserved sectors [ 200.958357] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:31 executing program 7: r0 = socket$inet6(0x10, 0x3, 0x1) r1 = socket$inet_dccp(0x2, 0x6, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x300000e, 0x40010, r1, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60000000a8430291000000390009002300fbff010000000d0005000be9ffffffffc68b65082314e9030b9d566885b16732009b84e7b1df136ef75af90000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f00000000c0)={0x34, 0x0, &(0x7f0000000080)}) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000240)=""/104) 02:29:31 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x284ca, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:31 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000200"}, 0x58) [ 201.149614] FAT-fs (loop3): bogus number of reserved sectors [ 201.155581] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:31 executing program 7: rmdir(&(0x7f0000000140)='./file0\x00') r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40002, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000080)={0x1ff, 0x0, &(0x7f0000ffe000/0x2000)=nil}) times(&(0x7f0000000040)) 02:29:31 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:31 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 201.418820] print_req_error: 6 callbacks suppressed [ 201.418829] print_req_error: I/O error, dev loop0, sector 0 [ 201.430177] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 201.432643] print_req_error: I/O error, dev loop0, sector 30720 [ 201.444190] print_req_error: I/O error, dev loop0, sector 31744 [ 201.450396] print_req_error: I/O error, dev loop0, sector 32768 [ 201.492447] print_req_error: I/O error, dev loop0, sector 8 [ 201.498339] Buffer I/O error on dev loop0, logical block 1, lost async page write 02:29:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xfeffffff) 02:29:32 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000200"}, 0x58) 02:29:32 executing program 7: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x0, 0x0) unshare(0x400) prctl$setmm(0x23, 0x0, &(0x7f0000ffd000/0x1000)=nil) listen(r0, 0xd) inotify_rm_watch(r0, 0x0) 02:29:32 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xa000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 201.719185] FAT-fs (loop3): bogus number of reserved sectors [ 201.725129] FAT-fs (loop3): Can't find a valid FAT filesystem [ 201.781140] FAT-fs (loop3): bogus number of reserved sectors [ 201.787270] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:32 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1800, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:32 executing program 0: exit(0x2) r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x9, 0x2040) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x800, 0x200) r2 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) r3 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r2, r2, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r2, 0x4c01) sync() ioctl$KIOCSOUND(r3, 0x4b2f, 0xffffffffffffff81) 02:29:32 executing program 2: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:32 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff080000"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:32 executing program 7: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0xc) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) write$FUSE_BMAP(r1, &(0x7f0000000080)={0x18, 0xfffffffffffffffe, 0x2, {0x8}}, 0x18) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="240000000a061f001cfffd946fa2830020200a000900010006e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f00000000c0)}, 0x10) 02:29:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x2000000) 02:29:32 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000200"}, 0x58) 02:29:32 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 201.962571] FAT-fs (loop3): bogus number of reserved sectors [ 201.968595] FAT-fs (loop3): Can't find a valid FAT filesystem [ 202.032914] netlink: 'syz-executor7': attribute type 1 has an invalid length. [ 202.040552] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'. 02:29:32 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000000000200"}, 0x58) [ 202.084858] FAT-fs (loop3): bogus number of reserved sectors [ 202.090797] FAT-fs (loop3): Can't find a valid FAT filesystem [ 202.127516] netlink: 'syz-executor7': attribute type 1 has an invalid length. [ 202.135242] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'. 02:29:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xa00000000000000) 02:29:32 executing program 7: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa}) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000e4cfe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$sndtimer(&(0x7f0000f85ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000013000)) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0505405, &(0x7f0000000000)={0x1}) clone(0x0, &(0x7f0000000140), &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)) dup3(r1, r0, 0x0) 02:29:32 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff080000"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:32 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000200"}, 0x58) [ 202.321818] FAT-fs (loop3): bogus number of reserved sectors [ 202.327808] FAT-fs (loop3): Can't find a valid FAT filesystem [ 202.404319] FAT-fs (loop3): bogus number of reserved sectors [ 202.410349] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x4000000000000000) 02:29:32 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000200"}, 0x58) 02:29:32 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff080000"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 202.563297] FAT-fs (loop3): bogus number of reserved sectors [ 202.569284] FAT-fs (loop3): Can't find a valid FAT filesystem [ 202.653050] FAT-fs (loop3): bogus number of reserved sectors [ 202.659154] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:33 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd00, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 202.841300] print_req_error: I/O error, dev loop0, sector 1280 [ 202.859369] print_req_error: I/O error, dev loop0, sector 2304 [ 202.865575] print_req_error: I/O error, dev loop0, sector 3328 [ 202.871682] print_req_error: I/O error, dev loop0, sector 4352 02:29:33 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x800, 0x0) sync() 02:29:33 executing program 7: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x80, 0x0) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000040)=0x7) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000080)) r1 = add_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$setperm(0x5, r1, 0xffffffff) r2 = accept$packet(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000200)=0x14) rmdir(&(0x7f0000000240)='./file0\x00') getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={0x0}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000300)={r3, 0x11, "68e1153287616c26be34c964dae955b84f"}, &(0x7f0000000340)=0x19) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x0) ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000380)='veth1_to_bond\x00') keyctl$setperm(0x5, r1, 0x10000011) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000003c0)={0x2, 0x6, 0x8000, 0x1ff, 0x8, 0xfffffffffffffffc, 0x6, 0x21, r3}, &(0x7f0000000400)=0x20) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000440)=0x0) ptrace$getregs(0xc, r4, 0x6, &(0x7f0000000480)=""/111) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000500)) r5 = socket$vsock_dgram(0x28, 0x2, 0x0) ioctl$VT_RELDISP(r0, 0x5605) ioctl$LOOP_CLR_FD(r0, 0x4c01) ioctl(r0, 0x2, &(0x7f0000000540)="502e005109503b4fbb1ec60cfd8f4b094a207258415f0f99208e998f38b8918c3009a83893b1330b3653ef7548fa04b79b25cb43913492905ff5f2e2384f4a49e6806e33c22a8d494f2e7368bbb276553c6e27d753c85c0b66bc6edc3a5aa1eb1445f1971b7d28e759709418ee0f4b4d8fe4a608e62e73a43cb9de13a24bb77a935faf8f49dce1fb1d48ff91223923d5201a1f703f3f6e95519ad69055c0840260b16e3554d61f6eb42c8b6408994414d444d59c0d0aa271cc03046d5e3f07e9e71c32ab638c8add8c5838d0739831cbc096e3748a88") pivot_root(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='./file0\x00') ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000006c0)) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000700)={0x9, 0x9, 0x6, 0x6, 0xffff}) syz_mount_image$nfs4(&(0x7f0000000780)='nfs4\x00', &(0x7f00000007c0)='./file0\x00', 0x3ff, 0x4, &(0x7f0000000a00)=[{&(0x7f0000000800)="8067c16442dcb613c64c1a71f4e95e22632bf0a4279ba4c415f21811e748e9c37efad17745b8c799cc06f3d4d48316e22632ddad75d8c9883d68eb09d56a96bc0ff369539a", 0x45, 0x317}, {&(0x7f0000000880)="04641054c4206ea30f6a57916ee5b8f3171656d0395420cd87d9bdb0c9f9ea0c470a0dc997840917c479416533d2b8730b99b33498d11f4497573f0b6cbae0877de433", 0x43, 0x6}, {&(0x7f0000000900)="4f4b875e80dadbeabf2e6c732e6a8c94813a6b38416c5f4cb6", 0x19}, {&(0x7f0000000940)="1b14d895efcb7de33741772e08683419fa1351f7e00f88f55b0ca708010bad22488df190b73c0bfb45a76e31842fa2212641fad1f4acdcd7bbcd0af7904a89c89f4c6dd45eb2491ddac352778709483f476148cf243fb96d6ed1261963b2b5ede2258bafdbd8e2f0efdc25a1120cf528a23271b7a2b587c35657fa1180d7da594d897301c12c08e4acae092ddc762ad2d878b8a7289b76944c5afcb3730c65dc34ceb3addd0ed33c1da2e1f52917dca21c8b9ca538a8695f105a88d47aec11", 0xbf, 0x2}], 0x21a0000, &(0x7f0000000a80)='\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r5) r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r6) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x1f, 0x6, &(0x7f0000000ac0)=@raw=[@map={0x18, 0x4, 0x1, 0x0, r0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x80}, @call={0x85, 0x0, 0x0, 0x37}], &(0x7f0000000b00)='GPL\x00', 0x100, 0x0, 0x0, 0x41100, 0x1, [], 0x0, 0xb}, 0x48) setsockopt$IP_VS_SO_SET_DEL(r2, 0x0, 0x484, &(0x7f0000000bc0)={0xbf, @rand_addr=0x2, 0x4e21, 0x3, 'sh\x00', 0x20, 0x7, 0xe}, 0x2c) r7 = syz_open_dev$amidi(&(0x7f0000000c00)='/dev/amidi#\x00', 0x82b3, 0x80000) ioctl$TIOCOUTQ(r7, 0x5411, &(0x7f0000000c40)) 02:29:33 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:33 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000000000200"}, 0x58) 02:29:33 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x40000000) 02:29:33 executing program 2: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:33 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:33 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcf840200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 203.096855] FAT-fs (loop3): bogus number of reserved sectors [ 203.102939] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:33 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xca84020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:33 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:33 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000200"}, 0x58) [ 203.271906] FAT-fs (loop3): bogus number of reserved sectors [ 203.278165] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:33 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xa) 02:29:33 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8984020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:33 executing program 7: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x2, 0x40) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x8}, &(0x7f0000000280)=0xc) getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000100)={r1, 0xffff, 0xfffffffffffffffe, 0x1ff}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000200)={r2}, 0xc) modify_ldt$write(0x1, &(0x7f0000000000), 0x10) modify_ldt$read(0x0, &(0x7f0000000080)=""/75, 0x4b) 02:29:33 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:33 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000200"}, 0x58) [ 203.494144] FAT-fs (loop3): bogus number of reserved sectors [ 203.500148] FAT-fs (loop3): Can't find a valid FAT filesystem [ 203.581397] FAT-fs (loop3): bogus number of reserved sectors [ 203.587570] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:34 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0xc, &(0x7f0000000100)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:34 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xff0f000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:34 executing program 7: connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0xc) r0 = syz_open_dev$audion(&(0x7f0000000500)='/dev/audio#\x00', 0x3, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000540)=0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, &(0x7f0000000280), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) r2 = fcntl$dupfd(r1, 0x0, r1) getsockopt$sock_buf(r2, 0x1, 0x1c, &(0x7f0000000380)=""/237, &(0x7f0000000000)=0xed) sendto$inet(r1, &(0x7f0000000080)="8b167bb4740d03f5cb24626161c63b5927ab09864aa808cedad09aea522b79a7fa82415680b89a688f345448417fcfcfc969e98710d4b52d36dbe07e1780c5238a2b109ad35021ee147ad4c08d8957e9d781a703ce8008b826cf0adb051b650a1f2622af4747a0f2d763e38210012cbf19c5a97abbff2e3b977b428378e619513b155476535dc5ff842f49bc916a6f31cde62f759eaf4c391a4d5bc061119207dec0f76eb5b5240519e875bf48fc63ecc5df9229d2808410935a709efce67bac233a9ed44fc7212722f245170252b3fe1b80792b20138dae581486f67d2506ec3e3874e5c34055f352a467", 0xeb, 0x4004011, &(0x7f0000000180)={0x2, 0x4e20, @multicast2=0xe0000002}, 0x10) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) prlimit64(r3, 0xc, &(0x7f0000000480)={0x6, 0x8}, &(0x7f00000004c0)) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@dev}}, {{@in6=@local}, 0x0, @in=@remote}}, &(0x7f00000002c0)=0xe8) shutdown(r1, 0x1) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 02:29:34 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000200"}, 0x58) 02:29:34 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:34 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:34 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xfeffffff00000000) 02:29:34 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 02:29:34 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x6000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:34 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f00000002c0)={0x16, 0x98, 0xfa00, {&(0x7f00000001c0)={0xffffffffffffffff}, 0x3, 0xffffffffffffffff, 0x1c, 0x0, @in6={0xa, 0x4e24, 0xfffffffffffff000, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffff8}}}, 0xa0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000240)={0x11, 0x10, 0xfa00, {&(0x7f0000000080), r2}}, 0x18) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000200)={0x12, 0x10, 0xfa00, {&(0x7f0000000000), r3, r0}}, 0x18) 02:29:34 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000200"}, 0x58) [ 204.113520] FAT-fs (loop3): bogus number of reserved sectors [ 204.119592] FAT-fs (loop3): Can't find a valid FAT filesystem [ 204.193833] FAT-fs (loop3): bogus number of reserved sectors [ 204.199791] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:34 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 02:29:34 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xe0000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:34 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x100000000000000) 02:29:34 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000200"}, 0x58) 02:29:34 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) writev(r1, &(0x7f0000003440)=[{&(0x7f0000000200)="681604810bf9fcffe352b28ef7e9f7d4363ee17901a6850e4ae33c2194e48d61da7263f1c233feafbc9f424f80f34c3e59763a766f63f65a8c5ef063370f487fbe302b7a68ad55c34c3afd8e5c0dfee3c3fe720232ffb27b75d8795446b648feb6903c1eeacdd8fd4c4002f2911dc7fb4e408ccdaeba7b87024901d7e6a2aac4ee3611ec9188215005e06f4cdb31c958ae5e13", 0x93}], 0x1) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000080)={0xe7e}) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)) userfaultfd(0x800) sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbbf4}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002200010000000000810000000000000008001100e2000000"], 0x1c}, 0x1}, 0x0) [ 204.395706] FAT-fs (loop3): bogus number of reserved sectors [ 204.401806] FAT-fs (loop3): Can't find a valid FAT filesystem [ 204.532925] FAT-fs (loop3): bogus number of reserved sectors [ 204.538883] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:35 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 02:29:35 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:35 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000000000000000200"}, 0x58) 02:29:35 executing program 7: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x802, 0x0) getsockopt$inet_int(r0, 0x0, 0x22, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x130, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000300], 0x0, &(0x7f0000000000), &(0x7f0000000300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x13, 0x0, 0x0, 'ip6gre0\x00', 'vlan0\x00', 'veth1\x00', 'ip6tnl0\x00', @random="c201c9a511d3", [], @random="8d89a2f47b85", [], 0x70, 0x70, 0xa0}}, @common=@redirect={'redirect\x00', 0x1d}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}]}, 0x1a8) 02:29:35 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) 02:29:35 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xffffffff00000000) 02:29:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x1fffc00000000) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000088) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000140)={0x4, 0x8, 0xfa00, {r3, 0x2}}, 0x10) sync() setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000040)={0xf0ee, 0x1f, 0x4, 0x9, 0x3}, 0x14) 02:29:35 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:35 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x2000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0xc, &(0x7f0000000100)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:35 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000200"}, 0x58) [ 205.114967] FAT-fs (loop3): bogus number of reserved sectors [ 205.120988] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:35 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x89840200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:35 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000200"}, 0x58) 02:29:35 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = geteuid() ioprio_set$uid(0x3, r4, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x402000, 0x0) ioctl$SIOCGIFHWADDR(r5, 0x8927, &(0x7f0000000140)) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4010ae42, &(0x7f0000bf7000)={0x0, 0x1, 0x707000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) [ 205.185482] FAT-fs (loop3): bogus number of reserved sectors [ 205.191656] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000380)='/dev/uinput\x00', 0x2000, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x80, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000100)={0x0, 0x75, "fb315d41408782b27acdd280ea44171e1c5f5dcd9f2a03e8f670dabdbe6b2cf25bc16eae422e4058d2e4ebf5d6f351cf7abef3a61103cebbe2902c123daa5e80ee9e582e908f8fcbbf1c443d01be37a77a786b9018611efc1a91ee671a010de956c901acd8bda29951350ca461dda70bbf4f146ba0"}, &(0x7f0000000180)=0x7d) setsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000240)={r3, 0x1ff, 0x6, 0x3f, 0x1, 0x81}, 0x14) openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x800, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r5 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r5, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f00000003c0)=0x8) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r1) sendfile(r4, r4, &(0x7f0000000000), 0x2000005) setsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000300)=@assoc_value={r3}, 0x8) socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000040)) ioctl$LOOP_CLR_FD(r4, 0x4c01) sync() 02:29:35 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x10000000) 02:29:35 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1300, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:35 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000000000000000200"}, 0x58) [ 205.358087] QAT: Invalid ioctl [ 205.400383] FAT-fs (loop3): bogus number of reserved sectors [ 205.406362] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:35 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 205.500182] FAT-fs (loop3): bogus number of reserved sectors [ 205.506134] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:35 executing program 7: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) get_thread_area(&(0x7f0000000000)={0x3f, 0x20101000, 0xffffffffffffffff, 0x8, 0x3, 0x5, 0x2, 0x9, 0x9, 0x1}) r0 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x9, 0x10080) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x200000000003e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='numa_maps\x00') r2 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000040)={'ipvs\x00'}, &(0x7f0000000300)=0x1e) sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1, &(0x7f0000e68000)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0xfffffffffffffcaa) sendfile(r2, r1, &(0x7f0000000000)=0x48000000, 0x80000003) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x10001, 0x0) getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000140), &(0x7f0000000180)=0x4) epoll_wait(r3, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000200)={0x0, 0x5}, &(0x7f0000000240)=0xc) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000280)={r4, 0x80}, 0x8) seccomp(0x400000000000002, 0x0, &(0x7f00000002c0)) [ 205.910164] QAT: Invalid ioctl 02:29:36 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) 02:29:36 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x4) 02:29:36 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000000000200"}, 0x58) 02:29:36 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:36 executing program 7: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x5, 0x3) preadv(r0, &(0x7f0000001b80)=[{&(0x7f0000001680)=""/2, 0x2}], 0x1, 0x2) 02:29:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4106(gcm(aes)))\x00'}, 0x58) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$ALG_SET_KEY(r1, 0x117, 0x5, &(0x7f0000000040), 0x10) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r4 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r4, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r3) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) sendfile(r3, r3, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r3, 0x4c01) sync() ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r4, 0xc0505405, &(0x7f0000000140)={{0x0, 0x2, 0x4, 0x3, 0x10000}, 0x2, 0x8, 0x4}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f00000000c0)={0x3ff, 0x6, 0xbba, {}, 0x9, 0x3}) [ 206.043692] FAT-fs (loop3): bogus number of reserved sectors [ 206.049727] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:36 executing program 7: r0 = socket$inet6(0xa, 0x802, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-pclmul\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0) r3 = creat(&(0x7f0000000000)='.\x00', 0x10) ioctl$EVIOCGABS3F(r3, 0x8018457f, &(0x7f0000000500)=""/4096) [ 206.115595] FAT-fs (loop3): bogus number of reserved sectors [ 206.121642] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:36 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000200"}, 0x58) 02:29:36 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x1000000) 02:29:36 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000001380)='./file0\x00', 0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x2) ioctl$fiemap(r0, 0x40086602, &(0x7f00000000c0)=ANY=[]) truncate(&(0x7f0000000000)='./file0\x00', 0x1e296c7) ioctl$fiemap(r0, 0xc020660b, &(0x7f00000001c0)={0x0, 0x100000000}) [ 206.335297] FAT-fs (loop3): bogus number of reserved sectors [ 206.341445] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:36 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000000000200"}, 0x58) [ 206.415264] FAT-fs (loop3): bogus number of reserved sectors [ 206.421255] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:36 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x4000000) 02:29:36 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000000000200"}, 0x58) 02:29:36 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x900, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 206.610316] FAT-fs (loop3): bogus number of reserved sectors [ 206.616312] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:37 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000200"}, 0x58) [ 206.673840] FAT-fs (loop3): bogus number of reserved sectors [ 206.679939] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:37 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:37 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r5, 0x800455d1, &(0x7f0000000340)) 02:29:37 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x5000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:37 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x7fffffffffffb) 02:29:37 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000000000002"}, 0x58) 02:29:37 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 207.108666] FAT-fs (loop3): bogus number of reserved sectors [ 207.114693] FAT-fs (loop3): Can't find a valid FAT filesystem [ 207.220258] FAT-fs (loop3): bogus number of reserved sectors [ 207.226306] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:37 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfffffffb, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:37 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000200"}, 0x58) 02:29:37 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x400000000000000) 02:29:37 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000140)) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) getsockopt$IPT_SO_GET_INFO(r2, 0x0, 0x40, &(0x7f00000000c0)={'mangle\x00'}, &(0x7f0000000040)=0x54) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x3) 02:29:37 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xffffffffffffffff, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 207.414116] FAT-fs (loop3): bogus number of reserved sectors [ 207.420085] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:37 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000000000200"}, 0x58) [ 207.471937] FAT-fs (loop3): bogus number of reserved sectors [ 207.478009] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:37 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x4000) 02:29:38 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 207.701320] FAT-fs (loop3): bogus number of reserved sectors [ 207.707301] FAT-fs (loop3): Can't find a valid FAT filesystem [ 207.762828] FAT-fs (loop3): bogus number of reserved sectors [ 207.768932] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:38 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000000000000000200"}, 0x58) 02:29:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfeffffff00000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:38 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000585a8a5300000000000000000802000000000000000000040000000000000000000000000000000000"], 0x2c) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:38 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xa00) 02:29:38 executing program 7: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r2) dup3(r0, r1, 0x0) 02:29:38 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:38 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000000000200"}, 0x58) 02:29:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8084020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 208.213082] FAT-fs (loop3): bogus number of reserved sectors [ 208.219152] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:38 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:38 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000005280)='/dev/audio\x00', 0x200200, 0x0) accept$inet(0xffffffffffffff9c, &(0x7f00000052c0)={0x0, 0x0, @multicast1}, &(0x7f0000005300)=0x10) syz_open_dev$sg(&(0x7f0000005340)='/dev/sg#\x00', 0x9, 0x202000) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000005380)='/dev/loop-control\x00', 0x100, 0x0) r2 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000005200)={0x3, 0x0, &(0x7f0000ffd000/0x2000)=nil}) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$loop(&(0x7f0000005240)='/dev/loop#\x00', 0x959f, 0x107000) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r5 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) r6 = getpgrp(0xffffffffffffffff) sendmsg$nl_generic(r0, &(0x7f00000066c0)={&(0x7f0000005400)={0x10, 0x0, 0x0, 0x401}, 0xc, &(0x7f0000006680)={&(0x7f0000005440)={0x1234, 0x3a, 0x300, 0x70bd2d, 0x25dfdbff, {0x7}, [@nested={0x130, 0x35, [@generic="b06a3626690e0ec10a429f72d73f811a64e8a6c75208a5a81d766c1c88b6a2380e9f235d07cec4b3f427e3dc140729d4657e5d8f6a82f8e6b13e76faf422b0a0a6d2025dad485a26669d87020b565828661ca76710c76ef5acbfa27f14e12404d2e19010157d9629321429efbc3feca581854392780d462ab844ee651105bf6c7716eb8caf0f2f70773f632d43d7de66f33b0e8619eaf0ad316352ead31442e890b02cbbe0cd1b22894d6e1d209f34d705f4a619908cc93a8b609beed772f98c9eb36932291cb3bf46268f5ab89394ba45cd898bbb14cf000c385dcf120575", @generic="569e15d6d7ee588a53bd7b53acd811b22d40fd18323cf433700f0273a144d8d1a54d69a7b989d9807982e7f7b438306d8dca4e699eb969d0b9022a25f0be1d42740c9d580912aef7b6c2"]}, @generic="fef34ee86d1b3b8f7ed941fb1252c87029ede7ad6814c6d502be449c5aaaea475052052d70f5ca55a4893c1014a0a05fb05cf0b5242d0f6fbb6cf4c8a3dd9c72f2184459f41fc82f8cc9e3d547", @typed={0xc, 0x7e, @u64=0x200}, @typed={0x8, 0x8a, @str='^\x00'}, @generic="3be5ee55776dc43f107edded3543b2b1d8e9a42232c20b0b7c81b58eec267ef1e06233b62b3adf09e7783359c8cef44d7bdc7fbc5f68934a850658f95e2e8a0b20c5c8cf01d671ec032d34af17f2825d2103901b9f9e578c51f77fd2981cf0e9032c59140c8d9c97a80f90d36dcd766b6d67a351eb5a7d4c1d37a615232a", @typed={0x8, 0x31, @fd=r0}, @typed={0x8, 0x6e, @pid=r6}, @generic="9f253b519544e8772d760f84d9221c5bda4c47530659c9f8bb892b977f048c5fe628aee85322bbc49802b8072cd3b88d31d91051597fd480923ca161c2e37b24b3acc0ea4e8aeab9c73d9534a31d534f181eb76affb971bc700b04311f93f378dde3cac16889a6a20196bc88343235bc3d7f6d4925d6b5abca3433483fa135af95df7da8666b9761e87649a4472534a0bd22bedad3b4baf2f26a490f78c3bafd46bb26a10568711301d6551ac1619a3490869aea07c546b1b3bcd7806b72afda45eeefb9bb25c10821ff2e9c1a65d2336f2bc2443f6ff70b1b0d841576310c645d356fdbbed8cee7bb5691435599e79f4c2491ac66971625a88d320e07bbe6aaa1df5d99ada9ba4423fcc587469ad997f210353dc53689c148d2c3792b93abf5db53ce2f4abb91fa6548537a011dbdf6309f2ad90d44e0d8060d0f556035e56784e89bb01ea77dc7cf7aaabc9c52625565aebe13b3bfb3d8a174a6aafb79201194b57961544609c4c19e7cf9fc74377cb4eef76a62c73a0392b6bae997a3eea1b106224ae697c9ceef242852106f2dfe926b27ddbeb9b57767b3986f11e600dc5d33ffc7aae852c29a764182dc8a0216c5fccd5720414d5f687843195ad1df7721c6ca4d9be0afead4e57fe28ce7f3656931146eab9c88f5be4c3a0da502de058c38f9b792ba4c76c77b76175ffc38645ebb63fae7df9e97b6bc2d033059c71c4f6317140a879aa640482b899a58b2667c39fb4e82b0d513582f89611feea96a6b60ddaba9329e2c13342d40c549ca510bff7e1243eca85e00ed8a1d62933184b8ca014c5353a2186cff3ef24cb24c7107a243989250174c4c59a8115a3f11027ba10053589c36e04eb0f980cc18d4fa5edc0980bb1e3ec54ded35fbfe89d41ea563d64a8c1d8cd2054abde6bc4f30207bc1587cc9ba185b0b9085eb368c93e1aa53557567a9737db4fde83c8d643619fb149dfe801ca5c2ce9ea76015cf03dff98fbd35e1c7e34ff52501784c8f8e1df78f10ef24518b7a1f072ebf83c1968945e6da7ada42fe716c08f18232d9a39b274b12cc6b4cad3ee1108aeeda1af97e1f845d696258f29f6d0cd7ee64cb8d58a2e94e1eda50394d6317c897fb4933f7546cf3b77344b9f71286cba4c6f12118952da41d1ba03dba399749a471d2ad27867adb3ceb12d463b59131dfb74a327da84a7667e469784ba69e0e45ad325ced50653cf1414c943b4811e1eeab34d70412b0dfc58ae15d7fb3112a2413780daf4d2d0b543b4d18a40da0683618bb7f05becf3ce48e6df593e0159f1d1ca2b6b509167276244781e8d5b54d223e99e2f98f696709351a8114f25aa7e3b5ad76cacf7476f2458ae067614b98a4d54d4cb8cdf0f920fd1bca7505b00f981b3b31402419d9f687ed207a9e475a3f2eb1bf29f46cc498348fb965240477026833b600cf2712bdb5bd0f47b422926679dd30bf7aeddc7eaab0b85b18b12531c04442af1e6d37eafe893b0d33e2f9547eeeaf9c2968db9e53fc3977444c9471a7a5f7ae508fe537d868170535b0afa9a0a9360be3ea74c21b89a98b1fe29462387e6681e1bf5f81ef7f0fb993d127a89e6098d9274cb3bfa2175fed6ad27201dc549e4264ef5c88f7290e70b4e051ef6dddc918afcb404f40e3ac189197becaca4a3f37cfbf1c8f37308562931f08ebd06913be584caf04c63c93ce427dc7a761509b5d9b90bdbfa56cfbd0c5ebdb74fb89a7d4a6d8f53111844f2d549646962da96cf11ba43a863d89eed0bfc397cbe84c5bac017c96a3b0a0492c0b233391ccc2926a7d4ae12b42a70d6e630c4104679e4cb1146d2593d95b80dde65c82a8367cbd2a4e3822bd458e00ae81192972c04f623a3e2e5d5b3b8a035a1462a27d161577f48303e3b5e1526da58035cec64b4a411ff9625c508386a6f815c09e8ac49a2756904154d71b0e291797f6d1f92dc6d7086b2fdd39d228cd73d05b6922f2d258ec461a0427035b0e7273367639f2fe6d3470090d782935e34808fd84c3c21b0550938a082b61154661aac3777514fdc7e882462700f8b07c2b00a165b61e2d566423943df0505a77dce0236b73db3954ae0d7b5648a103ebafe1ef10eeec0939f401b12c307f2a285dcebdcd5f52acae2bc15789c9f4331ccee55fe1b36e9f0264c374f2baeb32881fe25845712aaebc21d3e4531646c4bcffc90bf0f6b1de691b268a5f6a1db9c2e1287e0058f682358b1a485820d90f03055e90b245adf18f86531824e4485c04a2a26fa1d12ed63e6c60479c17459bb892aaf73737fa014a10460c1f110e92cd5b1aa8271868f459a2436dbffe88d46a42c8bd28923e7075f575a219dcc30d350156cab0e711a16f825521b958233dd352bf07a71ddeeaacbdc35540e5e0403a19f8b8a7256cf827e83b074c23b50ba066443f25b0f47a7ea8a7e1c7168008690ffd27490316b7077eb1d753df08b048e1ae522548c87a7bb99d6a044e71b074a09033df7ecbb622e8c041016d142c43baf48d8897a992e47eeadde6c0fa7995afeded4ab11c825d5ab17279b9f77f00cb9ca900a7c2c60b58b290a4f882419481eba47fec8059b30ff41bbc71ef6de717786f152d016274502f55cf96a9c7dfc3c9f65c9a92099d9103eabbd48592880fc5d5006d94c040bcb64173dfbf52091b9eebfc9fd646b25f7d6b9ff86c8e6fb4b79d515e95251fa8db662b048d8882eb5cf22fe8e2a0aab423d2fd5566c7674a63f847c7fd8995f28638d79baa90e253878ecef3682009a51f1fa5c46b863850da97426bc0944fb7298fdf6732df22375d15395377cb83ead8851a993f4d7b396b664a3cd66fa34d99b5fe573b1622bb18258c184635aeecc3abe22d8355f87c9e15f6a199d006b573c86d62825a8ded7d6c039d94717a66c512dedf7076a5965053a369de73e780efef63c9146e5be0ef081cdce0167419d308d946fb6ef17671fb926cf5ba4eb5c1204b3c9b17cab5d445ce67dab08d35a8b91ec3cac695c422aaa9ca39946e6005f5a5a7070eb16a680b472a1c50e214a10a58b9a47b52d3268fe2ad7d3f62d8eaddd6bcb22e709832b7f547e0cab039f034870414908ee17b0e38ddda7127fecc48b746b16b690ab905c9769d3bf5f53922501d3662228d4bbfc6c8f4b2304fb13f31b45639e153f801b0aa601a379325e98e673c9d21ebf485a877c3ecc0f98df161dea7754ed2041b4e5bde45f1f96e520d22940e68e2c3bf436b02f2f271410491c26ebd6ff134453a639ac1b941bdbfec236e23c1d22da31df718131a21478c295ee7da85a2be9a56ba20e6f1985743cf6b7a5c5009331451e4565cd01283d7564af66f0e81a950795e2217a30ef6c38e5f68ded1be425cdc78fabe2f78138e79193c607583b26d5cc64d97ef1fd37faf9c2607d94d1469b20af127a894a54503dbfb38fd3d77a67b6207304f56f4a64ec5299946e80848e5f7a9551be08fbfca30cbf35457d7d8a9cae678032ae8881d3dd83a7b2fe0b9735d36ddf7ac37ac020f6f407ec178475f9c0fa712aebb50389e42c6ed99f04a6045d07fc212f950ed1befbf897dde246e8a186da1e4cc8a46c8a50fc0b2ca4ce24be57337773246eeb8b37761f07092b3ab8b0b981291e7c8fd49a60d498877b0faf7e979e3d09c271f02905b1ee766f694c39bfdf2a6622668ac6313f00908d62c29c4338a4d569a0a819d18682ec02c9719044993be6505d9a0efecac96a0f2122f29cd16d7642511baf6cc4e2b46f970ea7424f48bf16dea8fe1f6c6d655d63b393417de0f3648c30b81e8c9563145932066407c9c7e8cff4aecaf6e380a12711d55e511763fe3eaddf44e1a2dd7b0bfa8378ac399ae8295f761b8760281a2e35e54d9091f8e2f244c89a5e33a28e48fae18f199b69066a68ac213a4515bf5dcdc7180fc8b920deacdb35f2051e691401080b9b247815402ac7ea0058c160149fb3f6c6d2d84d1f8330f197ab794c27f87db69719a8263251ad604acb0365ba75ebc5b4a52c29b1e372bfa064b382211152f7c9ecc5f0363bc247c4fa390deba8183958ae40840cddefa36180c5764b4721abda2dd5b782e18ea7fdc28712b2e8a0c768b984f2873960fe021f2d0038cd3e86a8ad6c38794347bc8faf2483d118404966c81b45055c41584b4602d0ff6212bcc6f21dea1c31f5c8a1cdda7159bf0f178c453f2c8836f596d59bfb2683589c063dcd4059f4bc9aeb291770a4faa7dd7b09d5113c7bff56ce56be35e47ef7a4e74ac88cf2a552b25d7b94cec32d6b757ad96dfb96c61df88008a4bccbdfc0d2bc774a3da583783139c676936dd3b962b61487212b11ff600d578dd35e0e7c1ff6954f54ac2aa32ae3ef9342bf2f85d7f87a11e9d91d36599987df30fd36a4f706a169b8a60dee525c4eb50ab7ef291d74276eeba7af32245a15a73121af627226862152ad0e6dc9eac0164efa34a28a992efe8cc132ba57adaf06edb1cb73a231f0772604c7119a4586999a3cbfb754dcb3b27fde38a248f99b060e8dc00ad81f73dcfa71dfdb9d8068ebd375a38bb54b61ac6bce8226038c5b9dc093f2fa03985362a59cc68725b0603f9b1c5985e56d73b41fa16594196fdded7707b3a1fa2cb3b8fbffe57a1ec33bcc0ba998124922c83e2d19236d714ee2eea9280533cf8d449146bb8b64e8ef638955d3ddb51f33d3eb486c5352bd22dca3e19f5867220eefaf6f5a7a881af76d7fa7f183f3c9a0889e2256e0e34d792782118baa1114e183d3285431c95783de9d8e9ecafdccf6df5a9a9742d92444515d1e2ec8e734a8a89f743bc2672c34a2e70745b1635948f95e6e62204f5f6186495266f2a25921b2d714bf12e02aa268b27c9837b73956d71ca0e7f839c14aaa4a2bbb4e12bf2eb979b2b61a0aea1df3d403fa25d84420cdc461075fbf8eff113e522eccc5378f694763fea010ce014ed2b0838ca3c17c41d8552cc6377527df8d4fd3d9980c9e1adffc98e4bd50990ef261582ff3fb50f4defe015c36c26a194e9d0b1baadf0014e618394b2926231ccd6002e7044b4bc283cddee270fbce8b5ebfe93c69bb5d0114353d28fe3de64a4d48ec4735d22be400ebeb59d15661a5a36426f928db04790580d7b9a340b91de6553ef72f9bee5f7f79ee622a4950388b596e5f9dba34411d001e1f7402eabaf4caf1d82bad493fc9ba963b227473c2864515c1d159fe885dfa89155b233ef4c8f881fcca9ac343aca031e56c79a271a9afa34d3ecddac09fb2bed64a861fffb5020ae45b86d69da51151f84e550fb53505a35ca80eda5220617f65299a5f05502896c1576e668df60896b907be7d082c947bf72ee5b1f377ed2c4e507d0bc169ba0f9b3e64c0509abe253b3db6fbaf1d70316308137f2def50cddcf9c72b45fcb44096c0f630bc80a4aa6f5ea571b0dd61630ceaac9ebe6810846618315c0e267b096f11d73f0110b5aad1425e0bc3c154fc9e316295e4e000c1556894922da15cfc39425ba342961eb4452ae233a7b71e5a62b6acd08fa62b05435b19bce99e6f37136ed18e1f89795360cca6ef8eac8423590a3a9cf89f24252e4619e1f36a87d9198b81e28cbab4eb7c52d45ab10654a2a301bc2ea66bf0d20b4cf0583ff0387aa10a359d355b26f597fa8ee77d0dd3caf219042f6611d0e3c9148307e6cc8ac716b5e10838b09291beb48b209867c72b392a79213da2a51b86d3ba272f84c4dc332085ccce946fd5661fab2755ed2508224a6d1e3a0340d820154baacfa307a619a738d1339"]}, 0x1234}, 0x1, 0x0, 0x0, 0x4}, 0x40010) setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f00000053c0)={0x2, 0x7, 0x4, 0x2, 0x4, 0x4, 0xce4}, 0xc) recvmmsg(r3, &(0x7f0000005100)=[{{&(0x7f00000002c0)=@nfc, 0x80, &(0x7f00000036c0)=[{&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/94, 0x5e}, {&(0x7f0000000040)}, {&(0x7f0000001400)=""/95, 0x5f}, {&(0x7f0000001480)=""/218, 0xda}, {&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f0000002580)=""/4096, 0x1000}, {&(0x7f0000003580)=""/172, 0xac}, {&(0x7f0000003640)=""/93, 0x5d}], 0x9, &(0x7f0000003780)=""/210, 0xd2, 0x8001}, 0x6}, {{&(0x7f0000003880)=@ax25, 0x80, &(0x7f0000004c80)=[{&(0x7f0000003900)=""/4096, 0x1000}, {&(0x7f0000004900)=""/250, 0xfa}, {&(0x7f0000004a00)=""/244, 0xf4}, {&(0x7f0000000240)=""/64, 0x40}, {&(0x7f0000004b00)=""/136, 0x88}, {&(0x7f0000004bc0)=""/188, 0xbc}], 0x6, &(0x7f0000004d00)=""/40, 0x28, 0x5}, 0x81}, {{&(0x7f0000004d40)=@xdp, 0x80, &(0x7f0000005000)=[{&(0x7f0000004dc0)=""/102, 0x66}, {&(0x7f0000004e40)=""/6, 0x6}, {&(0x7f0000004e80)=""/109, 0x6d}, {&(0x7f0000004f00)=""/217, 0xd9}], 0x4, &(0x7f0000005040)=""/131, 0x83, 0x6}, 0x5}], 0x3, 0x40000000, &(0x7f00000051c0)) getdents64(r5, &(0x7f00000000c0)=""/244, 0xf4) pwritev(r5, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$KVM_HYPERV_EVENTFD(r5, 0x4018aebd, &(0x7f0000000040)={0x0, r5, 0x10000001}) ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5) sendfile(r4, r4, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r4, 0x4c01) sync() 02:29:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x7f51010000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 208.299801] FAT-fs (loop3): bogus number of reserved sectors [ 208.305892] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:38 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x40000) 02:29:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xff0f0000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:38 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000000000000000200"}, 0x58) [ 208.448331] FAT-fs (loop3): bogus number of reserved sectors [ 208.454422] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x500, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:38 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xfffffffe) 02:29:38 executing program 6 (fault-call:6 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:38 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000200"}, 0x58) [ 208.638704] FAULT_INJECTION: forcing a failure. [ 208.638704] name failslab, interval 1, probability 0, space 0, times 0 [ 208.650151] CPU: 0 PID: 11591 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 208.657527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.666902] Call Trace: [ 208.669513] dump_stack+0x1c9/0x2b4 [ 208.673169] ? dump_stack_print_info.cold.2+0x52/0x52 [ 208.678400] should_fail.cold.4+0xa/0x1a [ 208.682501] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 208.687628] ? print_usage_bug+0xc0/0xc0 [ 208.691733] ? page_add_new_anon_rmap+0x870/0x870 [ 208.696596] ? graph_lock+0x170/0x170 [ 208.700414] ? print_usage_bug+0xc0/0xc0 [ 208.704489] ? print_usage_bug+0xc0/0xc0 [ 208.708584] ? find_held_lock+0x36/0x1c0 [ 208.712658] ? __lock_is_held+0xb5/0x140 [ 208.716762] ? check_same_owner+0x340/0x340 [ 208.721093] ? rcu_note_context_switch+0x730/0x730 [ 208.726028] __should_failslab+0x124/0x180 [ 208.730279] should_failslab+0x9/0x14 [ 208.734069] kmem_cache_alloc+0x2af/0x760 [ 208.738209] ? lock_acquire+0x1e4/0x540 [ 208.742622] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 208.746861] mmu_topup_memory_caches+0xf7/0x3a0 [ 208.751532] kvm_mmu_load+0x21/0x10e0 [ 208.755349] vcpu_enter_guest+0x3aa6/0x6090 [ 208.759665] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 208.763914] ? kvm_set_msr_common+0x26a0/0x26a0 [ 208.768590] ? zap_class+0x740/0x740 [ 208.772301] ? vmx_vcpu_load+0xadf/0xff0 [ 208.776357] ? __lock_acquire+0x7fc/0x5020 [ 208.780599] ? vmx_vcpu_reset+0x1040/0x1040 [ 208.784930] ? graph_lock+0x170/0x170 [ 208.788759] ? __lock_is_held+0xb5/0x140 [ 208.792833] ? lock_acquire+0x1e4/0x540 [ 208.796813] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 208.801826] ? lock_release+0xa30/0xa30 [ 208.805808] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 208.811098] ? kvm_arch_dev_ioctl+0x610/0x610 [ 208.815587] ? preempt_notifier_dec+0x20/0x20 [ 208.820101] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 208.824955] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 208.829974] kvm_vcpu_ioctl+0x7b8/0x1300 [ 208.834040] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 208.839757] ? find_held_lock+0x36/0x1c0 [ 208.843910] ? lock_downgrade+0x8f0/0x8f0 [ 208.848068] ? rcu_is_watching+0x8c/0x150 [ 208.852210] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 208.856642] ? __fget+0x414/0x670 [ 208.860090] ? match_held_lock+0x821/0x8d0 [ 208.864317] ? expand_files.part.8+0x9c0/0x9c0 [ 208.868897] ? kasan_check_write+0x14/0x20 [ 208.873141] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 208.878071] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 208.883775] do_vfs_ioctl+0x1de/0x1720 [ 208.887676] ? ioctl_preallocate+0x300/0x300 [ 208.892086] ? __fget_light+0x2f7/0x440 [ 208.896055] ? fget_raw+0x20/0x20 [ 208.899505] ? __sb_end_write+0xac/0xe0 [ 208.903475] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.909016] ? fput+0x130/0x1a0 [ 208.912295] ? ksys_write+0x1ae/0x260 [ 208.916099] ? security_file_ioctl+0x94/0xc0 [ 208.920498] ksys_ioctl+0xa9/0xd0 [ 208.923946] __x64_sys_ioctl+0x73/0xb0 [ 208.927826] do_syscall_64+0x1b9/0x820 [ 208.931703] ? finish_task_switch+0x1d3/0x870 [ 208.936206] ? syscall_return_slowpath+0x5e0/0x5e0 [ 208.941143] ? syscall_return_slowpath+0x31d/0x5e0 [ 208.946071] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 208.951442] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 208.956287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.961482] RIP: 0033:0x455ab9 [ 208.964670] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.984623] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 208.992326] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 208.999583] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 209.006843] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 209.014113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 209.021375] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000000 02:29:39 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x200000000000000) 02:29:39 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:39 executing program 6 (fault-call:6 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:39 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1500, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:39 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x803, &(0x7f0000000140)="025cc8bf3d6d345f8e76ee") r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xffffffff, 0x800) ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000001240)) r2 = socket$alg(0x26, 0x5, 0x0) getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000180)=""/4096, &(0x7f0000000100)=0x1000) bind$alg(r2, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(anubis))\x00'}, 0x58) dup2(r0, r2) 02:29:39 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 209.274407] FAULT_INJECTION: forcing a failure. [ 209.274407] name failslab, interval 1, probability 0, space 0, times 0 [ 209.285880] CPU: 0 PID: 11627 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 209.293254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.302616] Call Trace: [ 209.305260] dump_stack+0x1c9/0x2b4 [ 209.308908] ? dump_stack_print_info.cold.2+0x52/0x52 [ 209.314126] should_fail.cold.4+0xa/0x1a [ 209.318217] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 209.323335] ? kasan_kmalloc+0xc4/0xe0 [ 209.327238] ? kasan_slab_alloc+0x12/0x20 [ 209.331397] ? kmem_cache_alloc+0x12e/0x760 [ 209.335734] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 209.340635] ? kvm_mmu_load+0x21/0x10e0 [ 209.344627] ? vcpu_enter_guest+0x3aa6/0x6090 [ 209.349160] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 209.354342] ? graph_lock+0x170/0x170 [ 209.358157] ? do_syscall_64+0x1b9/0x820 [ 209.362246] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.367634] ? find_held_lock+0x36/0x1c0 [ 209.371751] ? __lock_is_held+0xb5/0x140 [ 209.375837] ? check_same_owner+0x340/0x340 [ 209.380176] ? rcu_note_context_switch+0x730/0x730 [ 209.385130] __should_failslab+0x124/0x180 [ 209.389383] should_failslab+0x9/0x14 [ 209.393206] kmem_cache_alloc+0x2af/0x760 [ 209.397370] ? lock_acquire+0x1e4/0x540 [ 209.401364] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 209.405626] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 209.410495] mmu_topup_memory_caches+0xf7/0x3a0 [ 209.415201] kvm_mmu_load+0x21/0x10e0 [ 209.419034] vcpu_enter_guest+0x3aa6/0x6090 [ 209.423383] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 209.427652] ? kvm_set_msr_common+0x26a0/0x26a0 [ 209.432357] ? vmx_vcpu_load+0xadf/0xff0 [ 209.436446] ? __lock_acquire+0x7fc/0x5020 [ 209.440705] ? vmx_vcpu_reset+0x1040/0x1040 [ 209.445048] ? graph_lock+0x170/0x170 [ 209.448876] ? __lock_acquire+0x7fc/0x5020 [ 209.453144] ? __lock_is_held+0xb5/0x140 [ 209.457252] ? lock_acquire+0x1e4/0x540 [ 209.461246] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 209.466305] ? lock_release+0xa30/0xa30 [ 209.470299] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 209.475602] ? kvm_arch_dev_ioctl+0x610/0x610 [ 209.480149] ? preempt_notifier_dec+0x20/0x20 [ 209.484710] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 209.489582] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 209.494635] kvm_vcpu_ioctl+0x7b8/0x1300 [ 209.498724] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 209.504455] ? find_held_lock+0x36/0x1c0 [ 209.508546] ? find_held_lock+0x36/0x1c0 [ 209.512631] ? lock_downgrade+0x8f0/0x8f0 [ 209.516777] ? kasan_check_read+0x11/0x20 [ 209.520915] ? rcu_is_watching+0x8c/0x150 [ 209.525073] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 209.529484] ? __fget+0x414/0x670 [ 209.532929] ? match_held_lock+0x821/0x8d0 [ 209.537157] ? expand_files.part.8+0x9c0/0x9c0 [ 209.541742] ? kasan_check_write+0x14/0x20 [ 209.545968] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 209.550893] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 209.556592] do_vfs_ioctl+0x1de/0x1720 [ 209.560466] ? __lock_is_held+0xb5/0x140 [ 209.564519] ? ioctl_preallocate+0x300/0x300 [ 209.568915] ? __fget_light+0x2f7/0x440 [ 209.572887] ? fget_raw+0x20/0x20 [ 209.576344] ? __sb_end_write+0xac/0xe0 [ 209.580312] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.585835] ? fput+0x130/0x1a0 [ 209.589116] ? ksys_write+0x1ae/0x260 [ 209.592919] ? security_file_ioctl+0x94/0xc0 [ 209.597315] ksys_ioctl+0xa9/0xd0 [ 209.600756] __x64_sys_ioctl+0x73/0xb0 [ 209.604632] do_syscall_64+0x1b9/0x820 [ 209.608694] ? finish_task_switch+0x1d3/0x870 [ 209.613269] ? syscall_return_slowpath+0x5e0/0x5e0 [ 209.618189] ? syscall_return_slowpath+0x31d/0x5e0 [ 209.623397] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 209.628754] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 209.633598] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.638776] RIP: 0033:0x455ab9 [ 209.641949] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 209.661204] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 209.668920] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 209.676179] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 209.683455] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 209.690808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 209.698068] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000001 [ 209.746859] print_req_error: I/O error, dev loop0, sector 20480 [ 209.753304] print_req_error: I/O error, dev loop0, sector 21504 [ 209.759673] print_req_error: I/O error, dev loop0, sector 22528 02:29:40 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) write$binfmt_elf32(r1, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x6, 0x40d, 0x3b3, 0x34a2, 0x2, 0x3e, 0x200, 0x2cd, 0x38, 0x4e, 0x2, 0x7ff, 0x20, 0x1, 0x50b, 0xffff, 0x9}, [{0x7, 0x100, 0x10001, 0x0, 0x2, 0x14d, 0x10, 0x1000}], "23ef01b9e204a630c44ad38e3995e98085b4e76aa35693679aae549dc380fbbf6af5233f910a80c063d98459e3be24c9870a479562349a7fce1f38fe990f9b3f5d3edcccdede49a8800762bd0df28120af0fb465c8153362fec2f9aec57f80963a910fab35b653916852500dfd556645e18718af1a50e5bda27bb0e38823eecd88434de5580b7286c69aa6820f8ed480cfc805a66544fd33738e7016aa36d9582f63c008cbd12e4e80f1d7a7a7e667c8cf3f8b046b5a0de66cf43189"}, 0x114) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:40 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000000000200"}, 0x58) 02:29:40 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x1000000000000000) 02:29:40 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1700, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:40 executing program 6 (fault-call:6 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:40 executing program 7: mlockall(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x6000, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x0, 0x0, 0x34, 0xff, 0x4}, &(0x7f00000001c0)=0x98) accept4$inet6(r1, 0x0, &(0x7f0000000240), 0x800) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000200)={0x7ff, 0x200, 0x8, 0x9, r2}, 0x10) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)) ioctl$TCFLSH(r0, 0x80047437, 0x706ffc) [ 209.924894] FAULT_INJECTION: forcing a failure. [ 209.924894] name failslab, interval 1, probability 0, space 0, times 0 [ 209.930007] FAT-fs (loop3): bogus number of reserved sectors [ 209.936388] CPU: 1 PID: 11674 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 209.942283] FAT-fs (loop3): Can't find a valid FAT filesystem [ 209.949699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.949706] Call Trace: [ 209.949734] dump_stack+0x1c9/0x2b4 [ 209.949755] ? dump_stack_print_info.cold.2+0x52/0x52 [ 209.949783] should_fail.cold.4+0xa/0x1a [ 209.980608] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 209.985770] ? kasan_kmalloc+0xc4/0xe0 [ 209.989681] ? kasan_slab_alloc+0x12/0x20 [ 209.993844] ? kmem_cache_alloc+0x12e/0x760 [ 209.998183] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 210.003209] ? kvm_mmu_load+0x21/0x10e0 [ 210.007181] ? vcpu_enter_guest+0x3aa6/0x6090 [ 210.011665] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 210.016688] ? graph_lock+0x170/0x170 [ 210.020484] ? do_syscall_64+0x1b9/0x820 [ 210.024538] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.029910] ? find_held_lock+0x36/0x1c0 [ 210.033969] ? __lock_is_held+0xb5/0x140 [ 210.038040] ? check_same_owner+0x340/0x340 [ 210.042370] ? rcu_note_context_switch+0x730/0x730 [ 210.047311] __should_failslab+0x124/0x180 [ 210.051543] should_failslab+0x9/0x14 [ 210.055334] kmem_cache_alloc+0x2af/0x760 [ 210.059474] ? lock_acquire+0x1e4/0x540 [ 210.063440] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 210.067690] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 210.072530] mmu_topup_memory_caches+0xf7/0x3a0 [ 210.077208] kvm_mmu_load+0x21/0x10e0 [ 210.081030] vcpu_enter_guest+0x3aa6/0x6090 [ 210.085358] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 210.089604] ? kvm_set_msr_common+0x26a0/0x26a0 [ 210.094277] ? zap_class+0x740/0x740 [ 210.097998] ? vmx_vcpu_load+0xadf/0xff0 [ 210.102065] ? __lock_acquire+0x7fc/0x5020 [ 210.106312] ? vmx_vcpu_reset+0x1040/0x1040 [ 210.110631] ? graph_lock+0x170/0x170 [ 210.114440] ? __lock_is_held+0xb5/0x140 [ 210.118507] ? lock_acquire+0x1e4/0x540 [ 210.122477] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 210.127502] ? lock_release+0xa30/0xa30 [ 210.131468] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 210.136747] ? kvm_arch_dev_ioctl+0x610/0x610 [ 210.141518] ? preempt_notifier_dec+0x20/0x20 [ 210.146021] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 210.150864] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 210.155884] kvm_vcpu_ioctl+0x7b8/0x1300 [ 210.159949] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 210.165663] ? find_held_lock+0x36/0x1c0 [ 210.169728] ? lock_downgrade+0x8f0/0x8f0 [ 210.173887] ? rcu_is_watching+0x8c/0x150 [ 210.178044] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 210.182451] ? __fget+0x414/0x670 [ 210.186081] ? match_held_lock+0x821/0x8d0 [ 210.190327] ? expand_files.part.8+0x9c0/0x9c0 [ 210.194992] ? kasan_check_write+0x14/0x20 [ 210.199222] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 210.204164] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 210.209955] do_vfs_ioctl+0x1de/0x1720 [ 210.213838] ? ioctl_preallocate+0x300/0x300 [ 210.218323] ? __fget_light+0x2f7/0x440 [ 210.222300] ? fget_raw+0x20/0x20 [ 210.225746] ? __sb_end_write+0xac/0xe0 [ 210.229728] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 210.235441] ? fput+0x130/0x1a0 [ 210.238716] ? ksys_write+0x1ae/0x260 [ 210.242517] ? security_file_ioctl+0x94/0xc0 [ 210.246920] ksys_ioctl+0xa9/0xd0 [ 210.250369] __x64_sys_ioctl+0x73/0xb0 [ 210.254265] do_syscall_64+0x1b9/0x820 [ 210.258162] ? finish_task_switch+0x1d3/0x870 [ 210.262652] ? syscall_return_slowpath+0x5e0/0x5e0 [ 210.267584] ? syscall_return_slowpath+0x31d/0x5e0 [ 210.274082] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 210.279444] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 210.284288] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.289510] RIP: 0033:0x455ab9 [ 210.292773] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 210.312114] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 210.319817] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 210.327079] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 210.334342] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 210.341612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 210.348880] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000002 02:29:40 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e65726963292929000000000000000000000000000000000000000000000200"}, 0x58) 02:29:40 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x501000, 0x0) write(r1, &(0x7f0000000000)="b63db85e1e8d020000feff00003ef0011dcc606aed5ed2bc7018cebc9bc2feffffffffffffffe22c9b160096aa1fae1a", 0x30) readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/62, 0x3e}], 0x1) fremovexattr(r1, &(0x7f0000000100)=@known='system.advise\x00') 02:29:40 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 210.516399] FAT-fs (loop3): bogus number of reserved sectors [ 210.522343] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:40 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:40 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x600, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x4000000000000) 02:29:41 executing program 7: r0 = socket$nl_crypto(0x10, 0x3, 0x15) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040)=0x7, 0x4) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101100, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000000)=r1) [ 210.717835] FAT-fs (loop3): bogus number of reserved sectors [ 210.723906] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:41 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000000000002"}, 0x58) 02:29:41 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 210.807992] FAT-fs (loop3): bogus number of reserved sectors [ 210.813976] FAT-fs (loop3): Can't find a valid FAT filesystem [ 210.879282] print_req_error: I/O error, dev loop0, sector 0 [ 210.885192] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 210.906251] print_req_error: I/O error, dev loop0, sector 17408 [ 210.949575] print_req_error: I/O error, dev loop0, sector 9320 [ 210.955740] Buffer I/O error on dev loop0, logical block 1165, lost async page write [ 210.964059] print_req_error: I/O error, dev loop0, sector 9328 [ 210.970188] Buffer I/O error on dev loop0, logical block 1166, lost async page write [ 210.978202] print_req_error: I/O error, dev loop0, sector 9336 [ 210.984288] Buffer I/O error on dev loop0, logical block 1167, lost async page write [ 210.992680] print_req_error: I/O error, dev loop0, sector 9344 [ 210.998793] Buffer I/O error on dev loop0, logical block 1168, lost async page write [ 211.011525] print_req_error: I/O error, dev loop0, sector 9360 [ 211.017722] Buffer I/O error on dev loop0, logical block 1170, lost async page write [ 211.020947] Buffer I/O error on dev loop0, logical block 1171, lost async page write [ 211.025745] Buffer I/O error on dev loop0, logical block 1172, lost async page write [ 211.033716] Buffer I/O error on dev loop0, logical block 1173, lost async page write [ 211.033750] Buffer I/O error on dev loop0, logical block 1174, lost async page write 02:29:41 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x10200) socketpair(0x11, 0xa, 0x7, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(r2, 0x2, &(0x7f0000000140)="01f8bb01604fbc81a5331340b0eb5fac13cb4963e439cc5a2029428becfefe77858a") ioctl$sock_inet_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000100)) r4 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r4, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x100) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r4) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() fcntl$getown(r3, 0x9) ioctl$VT_WAITACTIVE(r2, 0x5607) ioctl$SCSI_IOCTL_DOORLOCK(r5, 0x5380) 02:29:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xffffff7f00000000) 02:29:41 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e6572696329292900000000000000000000000000000000000000000000000200"}, 0x58) 02:29:41 executing program 7: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'irlan0\x00', 0x1}) ioctl$TUNSETGROUP(r0, 0x400454ce, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) r2 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x9, 0x400) setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f0000000340)={0x9, 0xe5b, 0x6}, 0xc) getsockopt$EBT_SO_GET_INIT_ENTRIES(r2, 0x0, 0x83, &(0x7f0000000280)={'filter\x00', 0x0, 0x4, 0xfb, [], 0x6, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000180)=""/251}, &(0x7f0000000300)=0x78) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'irlan0\x00', 0x1}) 02:29:41 executing program 6 (fault-call:6 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 211.297496] FAT-fs (loop3): bogus number of reserved sectors [ 211.303554] FAT-fs (loop3): Can't find a valid FAT filesystem [ 211.353284] FAULT_INJECTION: forcing a failure. [ 211.353284] name failslab, interval 1, probability 0, space 0, times 0 [ 211.364797] CPU: 0 PID: 11756 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 211.372175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 211.381543] Call Trace: [ 211.384159] dump_stack+0x1c9/0x2b4 [ 211.387817] ? dump_stack_print_info.cold.2+0x52/0x52 [ 211.394051] ? finish_task_switch+0x50d/0x870 [ 211.398582] should_fail.cold.4+0xa/0x1a 02:29:41 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 211.402684] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 211.407822] ? __schedule+0x884/0x1ed0 [ 211.411726] ? do_syscall_64+0x1b9/0x820 [ 211.415808] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.421448] ? __sched_text_start+0x8/0x8 [ 211.425695] ? find_held_lock+0x36/0x1c0 [ 211.429859] ? __lock_is_held+0xb5/0x140 [ 211.433959] ? check_same_owner+0x340/0x340 [ 211.438316] __should_failslab+0x124/0x180 [ 211.442579] should_failslab+0x9/0x14 [ 211.446402] kmem_cache_alloc+0x2af/0x760 [ 211.450578] ? lock_acquire+0x1e4/0x540 [ 211.454574] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 211.458844] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 211.463712] mmu_topup_memory_caches+0xf7/0x3a0 [ 211.468404] kvm_mmu_load+0x21/0x10e0 [ 211.472209] vcpu_enter_guest+0x3aa6/0x6090 [ 211.476547] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 211.480783] ? kvm_set_msr_common+0x26a0/0x26a0 [ 211.485463] ? zap_class+0x740/0x740 [ 211.489174] ? vmx_vcpu_load+0xadf/0xff0 [ 211.493238] ? __lock_acquire+0x7fc/0x5020 [ 211.497462] ? vmx_vcpu_reset+0x1040/0x1040 [ 211.501773] ? graph_lock+0x170/0x170 [ 211.505574] ? __lock_is_held+0xb5/0x140 [ 211.509627] ? lock_acquire+0x1e4/0x540 [ 211.513593] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 211.518617] ? lock_release+0xa30/0xa30 [ 211.522581] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 211.527861] ? kvm_arch_dev_ioctl+0x610/0x610 [ 211.532346] ? preempt_notifier_dec+0x20/0x20 [ 211.536839] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 211.541677] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 211.546693] kvm_vcpu_ioctl+0x7b8/0x1300 [ 211.550750] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 211.556458] ? find_held_lock+0x36/0x1c0 [ 211.560517] ? lock_downgrade+0x8f0/0x8f0 [ 211.564904] ? rcu_is_watching+0x8c/0x150 [ 211.569044] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 211.573445] ? __fget+0x414/0x670 [ 211.577932] ? match_held_lock+0x821/0x8d0 [ 211.582249] ? expand_files.part.8+0x9c0/0x9c0 [ 211.586832] ? kasan_check_write+0x14/0x20 [ 211.591056] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 211.596025] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 211.601729] do_vfs_ioctl+0x1de/0x1720 [ 211.605622] ? ioctl_preallocate+0x300/0x300 [ 211.610027] ? __fget_light+0x2f7/0x440 [ 211.614011] ? fget_raw+0x20/0x20 [ 211.617462] ? __sb_end_write+0xac/0xe0 [ 211.621440] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 211.626973] ? fput+0x130/0x1a0 [ 211.630259] ? ksys_write+0x1ae/0x260 [ 211.634057] ? security_file_ioctl+0x94/0xc0 [ 211.638456] ksys_ioctl+0xa9/0xd0 [ 211.641900] __x64_sys_ioctl+0x73/0xb0 [ 211.645779] do_syscall_64+0x1b9/0x820 [ 211.649656] ? finish_task_switch+0x1d3/0x870 [ 211.654314] ? syscall_return_slowpath+0x5e0/0x5e0 [ 211.659246] ? syscall_return_slowpath+0x31d/0x5e0 [ 211.664174] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 211.669533] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 211.674384] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.679576] RIP: 0033:0x455ab9 [ 211.682752] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 211.702029] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 211.709732] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 211.716994] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 211.724267] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 211.731525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 211.738784] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000003 02:29:42 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:42 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0xa000000) 02:29:42 executing program 7: 02:29:42 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000000000200"}, 0x58) 02:29:42 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xa000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 211.887430] FAT-fs (loop3): bogus number of reserved sectors [ 211.893404] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:42 executing program 7: 02:29:42 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 211.944782] FAT-fs (loop3): bogus number of reserved sectors [ 211.950747] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:42 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1000004) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000002140)={0x53, 0xffffffffffffffff, 0x0, 0x4, @buffer={0x0, 0x1000, &(0x7f0000000100)=""/4096}, &(0x7f0000000040), &(0x7f0000001100)=""/4096, 0x6, 0x4, 0x0, &(0x7f0000002100)}) faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x72, 0x800) 02:29:42 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:42 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x0) ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f0000000100)) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f00000000c0)=[{&(0x7f00000001c0)='\'', 0x34}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, r2) ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, &(0x7f0000000300)) sync() write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000180)={0xffffffffffffffff}, 0x2, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r2, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {&(0x7f0000000140), r3, r1}}, 0x18) 02:29:42 executing program 7: [ 212.082557] FAT-fs (loop3): bogus number of reserved sectors [ 212.088528] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:42 executing program 6 (fault-call:6 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:42 executing program 7: 02:29:42 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:42 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfffffff2, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 212.346259] FAULT_INJECTION: forcing a failure. [ 212.346259] name failslab, interval 1, probability 0, space 0, times 0 [ 212.357718] CPU: 0 PID: 11840 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 212.365093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 212.374459] Call Trace: [ 212.377070] dump_stack+0x1c9/0x2b4 [ 212.380716] ? dump_stack_print_info.cold.2+0x52/0x52 [ 212.385917] should_fail.cold.4+0xa/0x1a [ 212.389983] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 212.395094] ? kasan_kmalloc+0xc4/0xe0 [ 212.398993] ? kasan_slab_alloc+0x12/0x20 [ 212.403148] ? kmem_cache_alloc+0x12e/0x760 [ 212.407461] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 212.412294] ? kvm_mmu_load+0x21/0x10e0 [ 212.416285] ? vcpu_enter_guest+0x3aa6/0x6090 [ 212.420774] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 212.425783] ? graph_lock+0x170/0x170 [ 212.429587] ? do_syscall_64+0x1b9/0x820 [ 212.433645] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.439009] ? find_held_lock+0x36/0x1c0 [ 212.443075] ? __lock_is_held+0xb5/0x140 [ 212.447143] ? check_same_owner+0x340/0x340 [ 212.451459] ? rcu_note_context_switch+0x730/0x730 [ 212.456395] __should_failslab+0x124/0x180 [ 212.460723] should_failslab+0x9/0x14 [ 212.464516] kmem_cache_alloc+0x2af/0x760 [ 212.468664] ? lock_acquire+0x1e4/0x540 [ 212.472638] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 212.476896] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 212.482781] mmu_topup_memory_caches+0xf7/0x3a0 [ 212.487627] kvm_mmu_load+0x21/0x10e0 [ 212.491439] vcpu_enter_guest+0x3aa6/0x6090 [ 212.495754] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 212.500005] ? kvm_set_msr_common+0x26a0/0x26a0 [ 212.504692] ? zap_class+0x740/0x740 [ 212.508527] ? vmx_vcpu_load+0xadf/0xff0 [ 212.512581] ? __lock_acquire+0x7fc/0x5020 [ 212.516809] ? vmx_vcpu_reset+0x1040/0x1040 [ 212.521146] ? graph_lock+0x170/0x170 [ 212.524957] ? __lock_is_held+0xb5/0x140 [ 212.529030] ? lock_acquire+0x1e4/0x540 [ 212.532996] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 212.538018] ? lock_release+0xa30/0xa30 [ 212.541991] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 212.547264] ? kvm_arch_dev_ioctl+0x610/0x610 [ 212.551750] ? preempt_notifier_dec+0x20/0x20 [ 212.556262] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 212.561107] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 212.566140] kvm_vcpu_ioctl+0x7b8/0x1300 [ 212.570199] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 212.575917] ? find_held_lock+0x36/0x1c0 [ 212.579983] ? lock_downgrade+0x8f0/0x8f0 [ 212.584252] ? rcu_is_watching+0x8c/0x150 [ 212.588389] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 212.592811] ? __fget+0x414/0x670 [ 212.596270] ? match_held_lock+0x821/0x8d0 [ 212.600498] ? expand_files.part.8+0x9c0/0x9c0 [ 212.605074] ? kasan_check_write+0x14/0x20 [ 212.609312] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 212.614254] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 212.619957] do_vfs_ioctl+0x1de/0x1720 [ 212.623842] ? ioctl_preallocate+0x300/0x300 [ 212.628242] ? __fget_light+0x2f7/0x440 [ 212.632229] ? fget_raw+0x20/0x20 [ 212.635678] ? __sb_end_write+0xac/0xe0 [ 212.639841] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 212.645368] ? fput+0x130/0x1a0 [ 212.648642] ? ksys_write+0x1ae/0x260 [ 212.652437] ? security_file_ioctl+0x94/0xc0 [ 212.656839] ksys_ioctl+0xa9/0xd0 [ 212.660286] __x64_sys_ioctl+0x73/0xb0 [ 212.664186] do_syscall_64+0x1b9/0x820 [ 212.668064] ? syscall_slow_exit_work+0x500/0x500 [ 212.672920] ? syscall_return_slowpath+0x5e0/0x5e0 [ 212.677856] ? syscall_return_slowpath+0x31d/0x5e0 [ 212.682785] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 212.688160] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 212.693003] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.698201] RIP: 0033:0x455ab9 [ 212.701389] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 212.720735] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.728626] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 212.735885] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 212.743146] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 212.750402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 212.757658] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000004 02:29:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:43 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$setown(r2, 0x8, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(0x0, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)={0x303, 0x33}, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000040)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000003c0)={{{@in=@rand_addr, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f00000004c0)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x9d86604a4e00445f, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x134, 0x0, 0x0, 0x0, 0x4}, [@map={0x18, 0x2, 0x1, 0x0, r2}, @ldst={0x777c4cfe68bae9de, 0x1, 0x3, 0x4, 0x0, 0xc, 0x18}, @initr0={0x18, 0x0, 0x0, 0x0, 0x752a, 0x0, 0x0, 0x0, 0x1}, @ldst={0x1, 0x2, 0x2, 0xf, 0x3, 0x40, 0x1}, @alu={0x7, 0x7f, 0x7, 0x9, 0x7, 0x30, 0xfffffffffffffffc}], {0x95}}, &(0x7f0000000180)='GPL\x00', 0x31b7d8fc, 0x52, &(0x7f00000002c0)=""/82, 0xe1b3fd3f3efada3b, 0x1, [], r3, 0xf}, 0x48) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r1) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:43 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000000)=0x1) 02:29:43 executing program 7: 02:29:43 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, "65636861696e69762865636861696e69762863636d2863617374362d67656e657269632929290000000000000000000000000000000000000000000000000002"}, 0x58) 02:29:43 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xe000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:43 executing program 6 (fault-call:6 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 212.933548] FAT-fs (loop3): bogus number of reserved sectors [ 212.939630] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:43 executing program 7: [ 213.028893] FAULT_INJECTION: forcing a failure. [ 213.028893] name failslab, interval 1, probability 0, space 0, times 0 [ 213.040267] CPU: 1 PID: 11870 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 213.047647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 213.057015] Call Trace: [ 213.059623] dump_stack+0x1c9/0x2b4 [ 213.063265] ? dump_stack_print_info.cold.2+0x52/0x52 [ 213.068482] should_fail.cold.4+0xa/0x1a [ 213.072648] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 213.077782] ? kasan_kmalloc+0xc4/0xe0 [ 213.081684] ? kasan_slab_alloc+0x12/0x20 [ 213.086035] ? kmem_cache_alloc+0x12e/0x760 [ 213.090378] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 213.095406] ? kvm_mmu_load+0x21/0x10e0 [ 213.099410] ? vcpu_enter_guest+0x3aa6/0x6090 [ 213.103905] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 213.108931] ? graph_lock+0x170/0x170 [ 213.112718] ? do_syscall_64+0x1b9/0x820 [ 213.116791] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.122165] ? find_held_lock+0x36/0x1c0 [ 213.126243] ? __lock_is_held+0xb5/0x140 [ 213.130321] ? check_same_owner+0x340/0x340 [ 213.134666] ? rcu_note_context_switch+0x730/0x730 [ 213.139599] __should_failslab+0x124/0x180 [ 213.143825] should_failslab+0x9/0x14 [ 213.147635] kmem_cache_alloc+0x2af/0x760 [ 213.151788] ? kvm_clock_read+0x25/0x30 [ 213.155770] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 213.160807] ? ktime_get_with_offset+0x32e/0x4b0 [ 213.165569] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 213.170423] mmu_topup_memory_caches+0xf7/0x3a0 [ 213.175114] kvm_mmu_load+0x21/0x10e0 [ 213.178916] ? vcpu_enter_guest+0x298c/0x6090 [ 213.183406] vcpu_enter_guest+0x3aa6/0x6090 [ 213.187738] ? kvm_set_msr_common+0x26a0/0x26a0 [ 213.192470] ? vmx_vcpu_load+0xadf/0xff0 [ 213.196545] ? __lock_acquire+0x7fc/0x5020 [ 213.200787] ? vmx_vcpu_reset+0x1040/0x1040 [ 213.205119] ? graph_lock+0x170/0x170 [ 213.208911] ? __lock_acquire+0x7fc/0x5020 [ 213.213141] ? __lock_is_held+0xb5/0x140 [ 213.217203] ? lock_acquire+0x1e4/0x540 [ 213.221167] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 02:29:43 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000000000)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:29:43 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xb000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 213.226192] ? lock_release+0xa30/0xa30 [ 213.230177] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 213.235466] ? kvm_arch_dev_ioctl+0x610/0x610 [ 213.239972] ? preempt_notifier_dec+0x20/0x20 [ 213.244488] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 213.249343] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 213.254415] kvm_vcpu_ioctl+0x7b8/0x1300 [ 213.258497] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 213.264227] ? find_held_lock+0x36/0x1c0 [ 213.268297] ? find_held_lock+0x36/0x1c0 [ 213.272476] ? lock_downgrade+0x8f0/0x8f0 [ 213.276631] ? kasan_check_read+0x11/0x20 [ 213.280773] ? rcu_is_watching+0x8c/0x150 [ 213.284911] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 213.289331] ? __fget+0x414/0x670 [ 213.292800] ? match_held_lock+0x821/0x8d0 [ 213.297033] ? expand_files.part.8+0x9c0/0x9c0 [ 213.301606] ? kasan_check_write+0x14/0x20 [ 213.305843] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 213.310774] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 213.317408] do_vfs_ioctl+0x1de/0x1720 [ 213.321304] ? __lock_is_held+0xb5/0x140 [ 213.325363] ? ioctl_preallocate+0x300/0x300 [ 213.329762] ? __fget_light+0x2f7/0x440 [ 213.333727] ? fget_raw+0x20/0x20 [ 213.337696] ? __sb_end_write+0xac/0xe0 [ 213.341665] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 213.347205] ? fput+0x130/0x1a0 [ 213.350482] ? ksys_write+0x1ae/0x260 [ 213.354453] ? security_file_ioctl+0x94/0xc0 [ 213.358856] ksys_ioctl+0xa9/0xd0 [ 213.362317] __x64_sys_ioctl+0x73/0xb0 [ 213.366209] do_syscall_64+0x1b9/0x820 [ 213.370088] ? finish_task_switch+0x1d3/0x870 [ 213.374582] ? syscall_return_slowpath+0x5e0/0x5e0 [ 213.379507] ? syscall_return_slowpath+0x31d/0x5e0 [ 213.384448] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 213.389898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 213.394742] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.399923] RIP: 0033:0x455ab9 [ 213.403101] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 213.422444] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:29:43 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 213.430161] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 213.437423] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 213.444684] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 213.451948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 213.459210] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000005 02:29:43 executing program 7: 02:29:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@remote}}, &(0x7f0000000040)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in=@multicast2, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@dev}}, &(0x7f0000000240)=0xe8) fstat(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r3, r4, r5) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() [ 213.494121] FAT-fs (loop3): bogus number of reserved sectors [ 213.500105] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:43 executing program 6 (fault-call:6 fault-nth:6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:43 executing program 7: [ 213.593437] FAT-fs (loop3): bogus number of reserved sectors [ 213.599405] FAT-fs (loop3): Can't find a valid FAT filesystem [ 213.723319] FAULT_INJECTION: forcing a failure. [ 213.723319] name failslab, interval 1, probability 0, space 0, times 0 [ 213.735093] CPU: 0 PID: 11917 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 213.742469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 213.751837] Call Trace: [ 213.754444] dump_stack+0x1c9/0x2b4 [ 213.758092] ? dump_stack_print_info.cold.2+0x52/0x52 [ 213.763311] should_fail.cold.4+0xa/0x1a [ 213.767396] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 213.772546] ? kasan_kmalloc+0xc4/0xe0 [ 213.776449] ? kasan_slab_alloc+0x12/0x20 [ 213.780606] ? kmem_cache_alloc+0x12e/0x760 [ 213.784963] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 213.789826] ? kvm_mmu_load+0x21/0x10e0 [ 213.793901] ? vcpu_enter_guest+0x3aa6/0x6090 [ 213.798409] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 213.803446] ? graph_lock+0x170/0x170 [ 213.807260] ? do_syscall_64+0x1b9/0x820 [ 213.811336] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.816815] ? find_held_lock+0x36/0x1c0 [ 213.820896] ? __lock_is_held+0xb5/0x140 [ 213.824985] ? check_same_owner+0x340/0x340 [ 213.829322] ? rcu_note_context_switch+0x730/0x730 [ 213.834267] __should_failslab+0x124/0x180 [ 213.838521] should_failslab+0x9/0x14 [ 213.842337] kmem_cache_alloc+0x2af/0x760 [ 213.846499] ? lock_acquire+0x1e4/0x540 [ 213.850487] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 213.854774] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 213.859664] mmu_topup_memory_caches+0xf7/0x3a0 [ 213.864355] kvm_mmu_load+0x21/0x10e0 [ 213.868207] vcpu_enter_guest+0x3aa6/0x6090 [ 213.872566] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 213.876830] ? kvm_set_msr_common+0x26a0/0x26a0 [ 213.881523] ? vmx_vcpu_load+0xadf/0xff0 [ 213.885601] ? __lock_acquire+0x7fc/0x5020 [ 213.889850] ? vmx_vcpu_reset+0x1040/0x1040 [ 213.894184] ? graph_lock+0x170/0x170 [ 213.898003] ? __lock_acquire+0x7fc/0x5020 [ 213.902260] ? __lock_is_held+0xb5/0x140 [ 213.906334] ? lock_acquire+0x1e4/0x540 [ 213.910314] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 213.915344] ? lock_release+0xa30/0xa30 02:29:44 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 213.919325] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 213.924609] ? kvm_arch_dev_ioctl+0x610/0x610 [ 213.929114] ? preempt_notifier_dec+0x20/0x20 [ 213.933633] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 213.938484] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 213.943521] kvm_vcpu_ioctl+0x7b8/0x1300 [ 213.947596] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 213.953317] ? find_held_lock+0x36/0x1c0 [ 213.957397] ? find_held_lock+0x36/0x1c0 [ 213.961485] ? lock_downgrade+0x8f0/0x8f0 [ 213.965654] ? kasan_check_read+0x11/0x20 [ 213.969817] ? rcu_is_watching+0x8c/0x150 [ 213.973973] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 213.978397] ? __fget+0x414/0x670 [ 213.981866] ? match_held_lock+0x821/0x8d0 [ 213.986108] ? expand_files.part.8+0x9c0/0x9c0 [ 213.990705] ? kasan_check_write+0x14/0x20 [ 213.994954] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 213.999906] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 214.005651] do_vfs_ioctl+0x1de/0x1720 [ 214.009553] ? __lock_is_held+0xb5/0x140 [ 214.013632] ? ioctl_preallocate+0x300/0x300 [ 214.018076] ? __fget_light+0x2f7/0x440 [ 214.022063] ? fget_raw+0x20/0x20 [ 214.025533] ? __sb_end_write+0xac/0xe0 [ 214.029530] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 214.035080] ? fput+0x130/0x1a0 [ 214.038375] ? ksys_write+0x1ae/0x260 [ 214.042195] ? security_file_ioctl+0x94/0xc0 [ 214.046616] ksys_ioctl+0xa9/0xd0 [ 214.050070] __x64_sys_ioctl+0x73/0xb0 [ 214.053951] do_syscall_64+0x1b9/0x820 [ 214.057837] ? syscall_slow_exit_work+0x500/0x500 [ 214.062754] ? syscall_return_slowpath+0x5e0/0x5e0 [ 214.067687] ? syscall_return_slowpath+0x31d/0x5e0 [ 214.072612] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 214.077970] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 214.082818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 214.087996] RIP: 0033:0x455ab9 [ 214.091174] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 214.110401] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:29:44 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x6000, 0x6000, 0x8, 0xffffffffffffffff, 0x1, 0x2, 0xffffffffffffff7f, 0x0, 0x8000, 0x449, 0x2, 0x1}, {0x0, 0x1, 0xf, 0x24f, 0x101, 0xc00, 0x101, 0x3, 0x5, 0x800, 0x3, 0x9}, {0x4002, 0x0, 0x9, 0x401, 0x400, 0x100, 0x3e000000000000, 0x8, 0x4, 0x0, 0x4, 0x10001}, {0x0, 0xf001, 0x8, 0x4, 0x9, 0x0, 0x0, 0x100000001, 0x3, 0xff, 0x0, 0x7ff}, {0x6000, 0xf000, 0x0, 0x4, 0x324, 0x81, 0xff, 0x101, 0x7ff, 0x0, 0x2, 0x846a}, {0x0, 0xd000, 0xb, 0x0, 0x7fffffff, 0x1, 0x200, 0x101, 0x3, 0x9, 0x4, 0x80}, {0x10000, 0x700b511d62f8bf28, 0x0, 0x2, 0xfffffffffffffff9, 0x100000001, 0x7ee, 0x0, 0x0, 0x7, 0x4, 0x5}, {0x106000, 0x10000, 0x0, 0x4, 0x0, 0x562, 0x4, 0x5, 0xb0, 0x2, 0xcc, 0x8000}, {0x0, 0x10000}, {0x0, 0x102000}, 0x40000, 0x0, 0x2, 0x0, 0xd, 0x1, 0x10000, [0x69f, 0x0, 0x5, 0x3fd3]}) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:44 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x57) 02:29:44 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000003, 0x11, r0, 0x0) 02:29:44 executing program 7: 02:29:44 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x86000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 214.118102] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 214.125721] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 214.132980] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 214.140236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 214.147492] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000006 02:29:44 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x20000398) 02:29:44 executing program 7: [ 214.212052] FAT-fs (loop3): bogus number of reserved sectors [ 214.217957] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:44 executing program 7: 02:29:44 executing program 6 (fault-call:6 fault-nth:7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 214.349143] FAT-fs (loop3): bogus number of reserved sectors [ 214.355168] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:44 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:44 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x300, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:44 executing program 7: [ 214.494845] FAULT_INJECTION: forcing a failure. [ 214.494845] name failslab, interval 1, probability 0, space 0, times 0 [ 214.506198] CPU: 0 PID: 11962 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 214.513570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.523019] Call Trace: [ 214.525629] dump_stack+0x1c9/0x2b4 [ 214.529309] ? dump_stack_print_info.cold.2+0x52/0x52 [ 214.534531] should_fail.cold.4+0xa/0x1a [ 214.538642] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 214.543781] ? kasan_kmalloc+0xc4/0xe0 [ 214.547684] ? kasan_slab_alloc+0x12/0x20 [ 214.551848] ? kmem_cache_alloc+0x12e/0x760 [ 214.556179] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 214.561108] ? kvm_mmu_load+0x21/0x10e0 [ 214.565086] ? vcpu_enter_guest+0x3aa6/0x6090 [ 214.569585] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 214.574617] ? graph_lock+0x170/0x170 [ 214.578425] ? do_syscall_64+0x1b9/0x820 [ 214.582491] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 214.587855] ? find_held_lock+0x36/0x1c0 [ 214.591915] ? __lock_is_held+0xb5/0x140 [ 214.596001] ? check_same_owner+0x340/0x340 [ 214.600324] ? rcu_note_context_switch+0x730/0x730 [ 214.605253] __should_failslab+0x124/0x180 [ 214.609484] should_failslab+0x9/0x14 [ 214.613294] kmem_cache_alloc+0x2af/0x760 [ 214.617433] ? lock_acquire+0x1e4/0x540 [ 214.621398] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 214.625628] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 214.630472] mmu_topup_memory_caches+0xf7/0x3a0 [ 214.635140] kvm_mmu_load+0x21/0x10e0 [ 214.638942] vcpu_enter_guest+0x3aa6/0x6090 [ 214.643266] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 214.647499] ? kvm_set_msr_common+0x26a0/0x26a0 [ 214.652250] ? vmx_vcpu_load+0xadf/0xff0 [ 214.656308] ? __lock_acquire+0x7fc/0x5020 [ 214.660545] ? vmx_vcpu_reset+0x1040/0x1040 [ 214.664859] ? graph_lock+0x170/0x170 [ 214.668655] ? __lock_acquire+0x7fc/0x5020 [ 214.672889] ? __lock_is_held+0xb5/0x140 [ 214.676959] ? lock_acquire+0x1e4/0x540 [ 214.680933] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 214.685957] ? lock_release+0xa30/0xa30 [ 214.689929] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 214.695287] ? kvm_arch_dev_ioctl+0x610/0x610 [ 214.699780] ? preempt_notifier_dec+0x20/0x20 [ 214.704279] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 214.709140] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 214.714159] kvm_vcpu_ioctl+0x7b8/0x1300 [ 214.718214] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 214.723941] ? find_held_lock+0x36/0x1c0 [ 214.728016] ? find_held_lock+0x36/0x1c0 [ 214.732085] ? lock_downgrade+0x8f0/0x8f0 [ 214.736241] ? kasan_check_read+0x11/0x20 [ 214.740393] ? rcu_is_watching+0x8c/0x150 [ 214.744532] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 214.748940] ? __fget+0x414/0x670 [ 214.752397] ? match_held_lock+0x821/0x8d0 [ 214.756624] ? expand_files.part.8+0x9c0/0x9c0 [ 214.761213] ? kasan_check_write+0x14/0x20 [ 214.765452] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 214.770382] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 214.776097] do_vfs_ioctl+0x1de/0x1720 [ 214.780066] ? __lock_is_held+0xb5/0x140 [ 214.784130] ? ioctl_preallocate+0x300/0x300 [ 214.788554] ? __fget_light+0x2f7/0x440 [ 214.792523] ? fget_raw+0x20/0x20 [ 214.795973] ? __sb_end_write+0xac/0xe0 [ 214.799941] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 214.805474] ? fput+0x130/0x1a0 [ 214.808756] ? ksys_write+0x1ae/0x260 [ 214.812562] ? security_file_ioctl+0x94/0xc0 [ 214.816964] ksys_ioctl+0xa9/0xd0 [ 214.820412] __x64_sys_ioctl+0x73/0xb0 [ 214.824308] do_syscall_64+0x1b9/0x820 [ 214.828190] ? finish_task_switch+0x1d3/0x870 [ 214.832691] ? syscall_return_slowpath+0x5e0/0x5e0 [ 214.837624] ? syscall_return_slowpath+0x31d/0x5e0 [ 214.842550] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 214.847912] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 214.852752] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 214.857931] RIP: 0033:0x455ab9 [ 214.861118] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 214.880460] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 214.888259] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 214.895518] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 214.902793] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 214.910057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 214.917765] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000007 02:29:45 executing program 0: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x10080, 0x0) ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r3 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r2, r2, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r2, 0x4c01) sync() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@local={0xfe, 0x80, [], 0xaa}, 0x5, 0x2, 0x1, 0x3, 0x10001, 0x8, 0x100000001}, 0x20) 02:29:45 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2faf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) io_setup(0xfffffffffffff065, &(0x7f0000000040)) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000000001000001, 0x100010, r0, 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x4) 02:29:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:45 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0xff5a) 02:29:45 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f13000)={0xa, 0xe22}, 0x1c) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x24000) ioctl$SG_IO(r1, 0x2285, &(0x7f0000002440)={0x0, 0xffffffffffffffff, 0x1000, 0xfffffffffffffffe, @scatter={0x7, 0x0, &(0x7f0000001300)=[{&(0x7f0000000040)=""/88, 0x58}, {&(0x7f0000000100)=""/34, 0x22}, {&(0x7f0000000140)=""/42, 0x2a}, {&(0x7f0000000180)=""/46, 0x2e}, {&(0x7f00000001c0)=""/204, 0xcc}, {&(0x7f00000002c0)=""/47, 0x2f}, {&(0x7f0000000300)=""/4096, 0x1000}]}, &(0x7f0000001380)="fb984bd7abeecdc4b3ed1ea7185e3b7876b6c6207e0b05aa4b96e28d69c3b0aa64a5e293f7e8dd39043b5eefeececc653813a5331c9178a051b7660acd93aa1593a6e13cb1bda8eae9a01c86feace587c528ba0766411f809fd6ddb9e4fdf428f28b90231f02c3a2002af75bf3762b66cb049c76ec9acd2dc76e8b57d2e23e263bbb3d2e0f2a4aa3faf61148a65413ce60f61396a3a6a39140c41a497cef0b8b2e21a8c676c3dfcdb7fbfe52e689d125b28381e29859188b077bb2e7879eb64ae0a8edb631987b15efbc2c08d50d851f725b88812b74e9e2094477b43920aa8620be8f3ae7a9922d7d113480f3213cd3c69d406105b28340c99928b9e7fd5864b7c06e41c0564a2cf8070c62014527496016aa8424f3d1bbae90e89ba38dc10bbfbcc33456e3e0a410b3af40bd23ff3d19afa4294cb16ddefcec948db4e3e98fad04a9bcd3b9778bd862850ce5fa0e42da49d8aa9e31f698a9a256398f3700d777c757b6f1687954e1dc1622c111cbcef00035c0ba8b91f187248bc0532369ed0087f1d78bc8f3c3db21d4fd47f99be5c48f5bd700173796b6ebe0c9549b7b5c6d5c6ab49fc0df7c9149bbcadc8204dcdf011e621ff1dbca91bf26e1de48726b913c3c6f21101478332235f486e5ba2fed0e78fe930bf19f00173b191df7ab7aae05b202d8fd60bc2074baf40bda7d299bd1bf31270cabd72ae37c34aab1152687481bd5a5d55c3849c54c92c543ec2f05098dad037669473ee483fc412ebcb3ca704d88090598a58188135f067ddcb0639636efeed09657a8b4870140f2f524bf158326be27ed3a6e73d3c3c95c169ce7082702e653e7bb5860917905f40b0ada262083986cf5aa86c74a6e97cab0768e3de7d5c2f712c5ebc36a80e571bc3074d3932ca898c5962ce5137a8e1f89a201a5ba0e690469457b412ca291f10f2f8ba6cc0c94a8022036d271df76392340852863d0f5bf407f536f039fc7d1abf7686f243d64e394dcf4881b195809af3e702eb22809ef3edce7be7a07d7c40cf6eb2b3d8729ddafeb951260e26e31c60c71c19c56a97c8fa1813bbe36e31766ac4b439835f506d963d2293562bd7bd7c8a9092bb32ebe6063b3fbacd3317c8dccd8f3bfbf467e8c58036aec5909c64e2e0f53f278fcf3e8a2e9f83c4c80b103fd6ef2d11e9980fe1468dc347a227dc6bcc1007789d84167b7d3962cbac022c0cd5d564ae858317fe0c364c392bf2d3e6b2085ab44776927a43a6e63eefc59d5703351713db9a29b22799b0428a3e4aed6df18fde0dd1577c182c173c85e78ae36a6aa618ec7e18f42a8004e119c9f34ea7864506b3e8b40acc38c0c001676119a08dddf55396e13225c6991c5b193a09bf79d30dfc8f6d51b0180486e3cc1f6afc661063ef1fdb319fdbbbcc20172aad18546023d9e607466d676dbb47de98e3368db753c1689f920ea3c069bb9e8f445ad6aa6b727d1d16a22f90a14ab30e76904e6784dc343369486e8f033b8ebac7adb50f153ca371e8d6f3f840a50b541fc34c255cb765db00917a3ed4826fddb9fce2d24f92a445729f7e511de2c38a34e05dcd61c5e357ab17c1f29f2fdad52c5d7eb034d5ec179bec4476004c17be009dc6e0db54a0f0ea92c4dcd696bd80939076a40600e4ff943d7009c451b99086eeb623fbb07cb4fe53456843d247414963eceac48e1ae9ce8a33a7a5406a8aa0e1099e8e8d73335c6740efba4cbc7ec9fd8efb3a14c4b34ffe6c6ea76366ec3146f8bc9d8788d8c020115fad78ec563f755816f70425a422e5b2a5e4db410a23677525397e6a181aa38485551eea02a135bccac6afc57084c8feedccd6d64df5cb5d2a70a9bbbaec5f23d12621e5b6f5798b70e823d011f1d5300f0c7f8c4e197a519d71b307a23b39fd021f23c16c1b2bed118ff4706fe3144d5dad05f8da926e367631a0003a82a522d48cf5a03004d57309004dabf982dac29f25a6f8b792ab896aa4accea1a7d28b1a06acb10aaef5ccee60aa832b1f8a1689a4d1b6fd6782bd988d9e00c6362200b7bbfc2e156ca6f62ec17fd6f82237c6110455fe54272ec88b6057a618e604d66cc39814513cb93bcdd5f52ffd76f34d7fdf7fda13820f0492d6c43e76ead9aeaee8e5ae544a32d6d6ba7eeef4f0fc374dd584f3cfc0aa2b70f3651d29dea2faa3bfbede8fa1b9ac7bd9122264d453745496cc7ff3b32f13a21e5d9107964b621b38e610d00d7f9e5b2700171d6af463bab4f24150b35b99ff5ff7ff01b1dd90fc2f13aa29567dea857767ba4e0fa2a7b849fdcca4a2a8d330d2f884126e96e4a7193b954d25790891f8aebd16dca235d42f400426d0433d07e534810541e169c5dab451b05557aaae97581ea778abcadbcf11f0c0cdeb1b2995d67583bc89b8eb0c14af60fa5a550d2b21e38365b4832eaa7f7662f5ba7457f4a4c7720ff42a5540ef2b2aa195df0d614c7f32053a7ad6a8eb4624ef039a171286e61a803bd024169d006da3f8a31a93bbc3d2b45ad362f0928625330056c2973733dd5836548b202cc64d33ad94f00f1e5eebb4024a9fe42a397f60bb482b094c458edc15333e91434b49e1322a4db6e310d0f5f2aa097e9fc25226f63c3bd2afe8d73d8c540123a15880d61b6280f385ac21e7647375d7601dcd80db9313f3d18fd4f194280cc723f06dea5f73a9e0a86918db6d74a18def899b087293894ba469997600736c0604f709905bc4252bb55672ea71f0663557026b3ab6e52c51aefa49e175ade9ff907e1becab0cab2e163658a809e765f104ef41df30c096ad2b6c6638989910245abf7b4878c374a590ae5a5cd2935ffc3996cdc63b0083aa3ffe17049054818359e5f51abbf20ab1a5a2059496c574f5cd9a67e0618130b8a4820a04b5129f6f2ea7e2dc392f28426e3f66151e5768d11e70ed6c0c28f547a53744f08a6f1e27f87b7638ac792e103939cc82299512be6b66cd58f5d4f111e56a0bba94a192ff2ce41c950ddce6bab1a4d9d374ca29961761193af18c65f610af7ad4e2083324a5ffcf872d576c262646542875e8ced94727b39cfe0191f771a00f543d78ad87aecf870aa6ddba9952b1d49dd9bb386e5765ba652a4b142d2ab708407b7e2f89df7068d9153c5c941bfcf9ec992df7d7bc3520c4cfebef93a228a4ef8cb0f0a1964214bae7d2b9456a4249186e6cc85038718fce8580a8b936a5e04bc6a86e045df9fc1570d9a7dbc8e776b2df6c2393742ab3d035e597d127396e9f5d81d199a52e84b2456ebc62ac37e7be87e3cd0ed581ad9d409113cd19d04f6a3f73a8580c4922834b199a41c6e73c8f7b5108097e2d6a79c2b39ba50643ba08524dabafbed90ac60c1078bcd5c81e569e0792257542271cfbc0642dfe9efd1027ffea566c64a4c6cfe19b7454fc538d2f71ec6d5e25608acf4850a87ba512796ba48a12149118f5b74bb875185295f20e46f74d5a00f68d36e2a06a7239ff50e1eaded9c6d83bc5d7bb4e99c95cae6cc3e1459f97ad01347c29203e13e0fe8e1495f51bd82a2f703869cc880ccb0402643e4ed02b215a974e711e5daf03b8499bca72cd573211eb92aabc5e0fa980624c3cddb516c934a2faad3b46c602c8ec60b95bb41190076eecd103be078fd17876b382d678e70db582dc1bd7cf02607057980817ce50ca2660b546b47b643d11fd9f7fe1eeca0f5d83ceb3ca4fddebcce3fce461ff6348267bcd6531570bd850cdd733693a26c96c473cc91d3edfccd3792d66c0dd581e603c1402c26d54b41b7790d108d759c0a0ffc53930aba9fcddec4da9e4d8d45e0cf3ed6889e238273c0e7e52e578e1ea0ecab85dadef140d2a93914614316695f45a2dad620f5c0d642b1b70f64ad0032d523db15f4944318074f715fb8f67242e8bd85f467478196476d36f3c338bc72d71ca614e280c1f318b11c5edafa22c0165090a711f739191f4c428ca2301973c26b6c7e71507f9fbe06bb6bd357fa249df57315743cfff520a588117f93254c75acc74b5d6bc7f5e29675519288da1e5883c11762a181adeed1ff830994e2f4fa7096e7d6a6bbff3ba6ba3cddbeadf80372b9a8ca1b690bb290780688cb3437e0c13ae9c6ab59b25e2af60e897cee90edb03af6555269e44c7463c4c428af56ef15fd11ca2acbef39f1fe8dd41f9dd1bba8a06f027d829683ef4572812435e20c08f926edd9c407979ba2e11ce73a7e62f33652365fd7a9b3235c6bb66687381b4be5b9c010c6c35640571dd5affa6d31eeda2065bacc1510251547410efe1e376ec70cafb86f18508f0e583dd5c817e693a3f7990be0e2d88825f1ffe962f62e415638cbb0ec4837cd3adef926ed76ef765509133b364cded25fb5e5a36a41e730f954548324e13f7ff74594228b28d3117447170dabed38c6847703a8324f056a699c089d251a6995fed4f72ab29b1ea63677e26eaddfc209820ba87008dda2d7272609f7aa2f17484cba1f89412305f1fc1b61c3c3e11e96585d9dfa5746beaf6db7e77c596e5eccf5dfa9d1cb1662438145c80dfcebc830ef1d797515750da7e5446de03a50d552356469b5a79c9ee35c0e97ab5fd0e50bd13584887efff22e850a40332d0f3b89906a41384c8bf95c770b8e0b527d3c6351e49272b909698482e5da0488abdaebc463d487efce5d0ef76630312c2fff36be66e65b75b4c36b6e82e9dade891cece969086848a8980918772d8b872efaefdd9f8cfa58c29aca8c499d56543d9b503218ab58e653fe6d24609cd5196c4e7573ba7e50946344792657c7d901c49e54255e722668489f96127a9341b74567ac21a105119e75068b24a7c7610e6be67e745562a295a5d315ec9b6208eccbd59f5acc4d44d6b6cfcc3d598628b9a57793e7eae67718b0c980c7cf58692948405d50ff748cc5c587f82a57ec840c3891826ccddb266d19e8c74faf60d6ecede14e58be2f9eec885dd9cc22b9f15ebdfadb1a5bb172196caf2c25db5ca91879839e4d5492f08e3ca1f76e41355afa8b6f3bf02604304475b20af484635d9b0c9a1f5e45880969fcd75635e43ff439c4caa217da4e20d9d7a8f9bea5e2c08391ad7958a0cf8fa164f37dc2d888f44fdd6f510cb34e87688ab174ebf1046a6c6463b1977326aa761dc1c679d3190bed6afb5dcdb09046687af6e871bf62a7bbda4cc4462548d51c978af6cedd2b7f8aee13a28b1bc7f2888eec5b9437e3feaded3e45335af9cde37dd5cc6a401f87e92c4acce4eeeed96da9c8441354673216f26cfc0beb9318c61e1b321ccf6d7d8493dd3e32472a2728e46cbd6f0cc69963cf41138e153ee3040ff00fed58a60a0603352d08774871c1f17959f52ee67cd27c545339b75509b9d71b1de30c57b6187646797ef7265d07f07f223d364f3145c3bb5e586a9c1aa5521c974e61659dad715ed084c7fa2fa508df3364cd8f9fc51ecf9cd79c63cc1fcc062e03fed80fcfbf1a3de399d81c1b9bc06b8851e4da728c41c1369f260890d10f3359c6f68c15475028156bfb1678d42cb82caa05453beda0bac4b30c05fa2be6656a5a9a4031d8c7362d4e8e907db4a0a26efc69b2ae84ddf041181620b5225878a5328e373c493d705edeb2df21e1eafa2d061638f338a1be87623e823cb123ee9bdb2d69f7b547925b7d11fc6166b42dadb01124c3eb3fffdf3758c99c2f709065376ed504494db669f0b7d389d725ddab506193d5dba38ffa56bc1e2891beb6b37b57a0224a103b3e202f6eba8358e2ed3b7580fe58d49678f284ec238ee9", &(0x7f0000002380)=""/122, 0x8000, 0x4, 0x0, &(0x7f0000002400)}) syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x8, 0x11, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, {[], @udp={0x0, 0x4e22, 0x8}}}}}}, &(0x7f0000775000)) 02:29:45 executing program 6 (fault-call:6 fault-nth:8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:45 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) fcntl$dupfd(r2, 0x0, r2) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:45 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x86, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 215.238811] FAT-fs (loop3): bogus number of reserved sectors [ 215.244955] FAT-fs (loop3): Can't find a valid FAT filesystem [ 215.338323] FAULT_INJECTION: forcing a failure. [ 215.338323] name failslab, interval 1, probability 0, space 0, times 0 [ 215.339211] FAT-fs (loop3): bogus number of reserved sectors [ 215.349663] CPU: 1 PID: 12002 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 215.355513] FAT-fs (loop3): Can't find a valid FAT filesystem [ 215.362820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.362826] Call Trace: [ 215.362854] dump_stack+0x1c9/0x2b4 [ 215.362873] ? dump_stack_print_info.cold.2+0x52/0x52 [ 215.362900] should_fail.cold.4+0xa/0x1a [ 215.393695] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 215.398797] ? kasan_kmalloc+0xc4/0xe0 [ 215.402677] ? kasan_slab_alloc+0x12/0x20 [ 215.406820] ? kmem_cache_alloc+0x12e/0x760 [ 215.411134] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 215.415984] ? kvm_mmu_load+0x21/0x10e0 [ 215.419953] ? vcpu_enter_guest+0x3aa6/0x6090 [ 215.424443] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 215.429467] ? graph_lock+0x170/0x170 [ 215.433271] ? do_syscall_64+0x1b9/0x820 [ 215.437327] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 215.442689] ? find_held_lock+0x36/0x1c0 [ 215.446747] ? __lock_is_held+0xb5/0x140 [ 215.450824] ? check_same_owner+0x340/0x340 [ 215.455145] ? rcu_note_context_switch+0x730/0x730 [ 215.460189] __should_failslab+0x124/0x180 [ 215.464428] should_failslab+0x9/0x14 [ 215.468480] kmem_cache_alloc+0x2af/0x760 [ 215.472648] ? kvm_clock_read+0x25/0x30 [ 215.476630] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 215.481642] ? ktime_get_with_offset+0x32e/0x4b0 [ 215.486409] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 215.491255] mmu_topup_memory_caches+0xf7/0x3a0 [ 215.495934] kvm_mmu_load+0x21/0x10e0 [ 215.499737] ? vcpu_enter_guest+0x298c/0x6090 [ 215.504244] vcpu_enter_guest+0x3aa6/0x6090 [ 215.508567] ? kvm_set_msr_common+0x26a0/0x26a0 [ 215.513232] ? zap_class+0x740/0x740 [ 215.516940] ? vmx_vcpu_load+0xadf/0xff0 [ 215.521009] ? __lock_acquire+0x7fc/0x5020 [ 215.525245] ? vmx_vcpu_reset+0x1040/0x1040 [ 215.529570] ? graph_lock+0x170/0x170 [ 215.533379] ? __lock_is_held+0xb5/0x140 [ 215.537448] ? lock_acquire+0x1e4/0x540 [ 215.541423] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 215.546610] ? lock_release+0xa30/0xa30 [ 215.550575] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 215.555848] ? kvm_arch_dev_ioctl+0x610/0x610 [ 215.560332] ? preempt_notifier_dec+0x20/0x20 [ 215.564832] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 215.569752] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 215.574793] kvm_vcpu_ioctl+0x7b8/0x1300 [ 215.578865] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 215.584582] ? find_held_lock+0x36/0x1c0 [ 215.588662] ? lock_downgrade+0x8f0/0x8f0 [ 215.592823] ? rcu_is_watching+0x8c/0x150 [ 215.596983] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 215.601482] ? __fget+0x414/0x670 [ 215.604943] ? match_held_lock+0x821/0x8d0 [ 215.609189] ? expand_files.part.8+0x9c0/0x9c0 [ 215.613767] ? kasan_check_write+0x14/0x20 [ 215.618008] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 215.622957] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 215.628673] do_vfs_ioctl+0x1de/0x1720 [ 215.632556] ? ioctl_preallocate+0x300/0x300 [ 215.636971] ? __fget_light+0x2f7/0x440 [ 215.640952] ? fget_raw+0x20/0x20 [ 215.644403] ? __sb_end_write+0xac/0xe0 [ 215.648373] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 215.653902] ? fput+0x130/0x1a0 [ 215.657187] ? ksys_write+0x1ae/0x260 [ 215.661007] ? security_file_ioctl+0x94/0xc0 [ 215.665415] ksys_ioctl+0xa9/0xd0 [ 215.668863] __x64_sys_ioctl+0x73/0xb0 [ 215.672744] do_syscall_64+0x1b9/0x820 [ 215.676624] ? finish_task_switch+0x1d3/0x870 [ 215.681129] ? syscall_return_slowpath+0x5e0/0x5e0 [ 215.686073] ? syscall_return_slowpath+0x31d/0x5e0 [ 215.691003] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 215.696387] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 215.701235] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 215.706430] RIP: 0033:0x455ab9 [ 215.709631] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 215.728966] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:29:46 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = getpgrp(0xffffffffffffffff) socket$l2tp(0x18, 0x1, 0x1) syz_open_procfs(r1, &(0x7f0000000040)='net/igmp\x00') r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x800000000010000, 0x0) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x80010, r2, 0x180000000) write$FUSE_NOTIFY_INVAL_ENTRY(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="2600000003000000000000000000000005000000000000000500001900008000616561640000174940bc8a6a3c6122347dc05bce6f9074d2fbda10907dc181225587732ebb444ac85752c1c544a48813e783db9eb8d4270fd6a35d3b4719cb8966aae5b36d5c9a7581453739ae697f2c9b2fa46d2846a9cbbd584ef4d4b9684922dc281334ed0e671ea7120f68d6da46cbcb391c9833f840e082319a397608ca6313ec670985272bccebdc3725aaa479e913836acd42336b69e6eee2a7ae9224c1b00d5b3485afad8ae150e799e910e8eca98271d5d194ee8a9aacb0653982395650ec6be3cdd0f641944b9ddc816d5e1d1b0153b7ada2803ebc12eb3c44909f651870b3b6984875ce4fd65fdb4903a265918c6d81f864821212259647c1e5510b30ab2458d3cced5702bf082bffe6befdca"], 0x26) [ 215.736673] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 215.744022] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 215.751294] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 215.758565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 215.765825] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000008 02:29:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000140)=[@in={0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e20, 0x7f, @mcast1={0xff, 0x1, [], 0x1}, 0x7a92}, @in6={0xa, 0x4e20, 0xffffffffffffffc0, @loopback={0x0, 0x1}, 0x8000}], 0x3f) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x14, &(0x7f0000000040)={r2}, &(0x7f0000000100)=0x8) 02:29:46 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000100)=[{0x2, 0x7}, {0xb, 0x6}], 0x2) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0x4, @mcast1={0xff, 0x1, [], 0x1}, 0x1000}}, [0x5, 0x1ff, 0x2e, 0x6, 0x41, 0x100000001, 0x5, 0xb, 0x0, 0x1, 0x80000001, 0x3, 0x1f, 0x3, 0x7f]}, &(0x7f00000002c0)=0x100) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000300)={r2, 0xe6, "1feba7f0a5a0711b1fab99de19af70fcd36e6debbd2f039629bdf19859758a152e99001f40643e72d327712b312f56649c35fce6b53454cbaca4bbc17fb6880ae21ffa876f8e5ecdb3b475c2738d7445a4c7b972152165984efd62738e3afa04175ecf21ce2c1e989e5555db6dc01233e5403e53e0ded31edbe3466c64ed5d83174d24bffe11afc91a753bcd17aa63edeb742e5550c0c2bfa5b213696a9cad4de0ba40863e5ac59694d8f8c7a6233943058972fbe7c46e1b5bef8b11bcf5e3ca1ec511daa0e7f02e27f882b8da32dbdbc6955c0e43743ff14f053316c84a0e0caed853d92e17"}, &(0x7f0000000400)=0xee) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000440)={0xa, &(0x7f0000000140)=[{0x5, 0x1ff, 0x80000000, 0x8}, {0x9, 0x9, 0x6, 0x1}, {0x81, 0x5, 0x8, 0x8}, {0x3, 0x6952, 0x20, 0xffffffff}, {0xfffffffffffffffe, 0x8, 0x9}, {0x250a, 0x9, 0x4, 0x9}, {0x4, 0x900, 0x7, 0xffffffffffff8001}, {0xffffffff, 0x5, 0xffffffffffffffff, 0x1}, {0x3, 0x1ff, 0x1, 0x5}, {0x8a, 0xfffffffffffffffb, 0xffff000000000000, 0x1}]}, 0x10) r3 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r3, 0x0) 02:29:46 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80, 0x10) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000040)={0x0, 0x2f, "9b13d68ecb1ba62ae157888b04c848351cc3438f801162be9b515fa38f1dcad74bbf20a7877ee92f29c7f1d5d20b1b"}, &(0x7f0000000180)=0x37) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000200)={0x81, 0x1, 0x2, 0x8d, r2}, 0x10) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-vsock\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r6, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f00000000c0)="c4c2290c670866bad004b00feef2afc744240049e3aaf0c7442402910d1643c7442406000000000f011c24c4e1dc5c6f290f05c4e1fd593488d070a76666f2f20f20540f30", 0x45}], 0x1, 0x0, &(0x7f0000000180), 0x0) 02:29:46 executing program 6 (fault-call:6 fault-nth:9): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 215.974238] FAT-fs (loop3): bogus number of reserved sectors [ 215.980199] FAT-fs (loop3): Can't find a valid FAT filesystem [ 216.068274] FAT-fs (loop3): bogus number of reserved sectors [ 216.074282] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:46 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() set_robust_list(&(0x7f00000001c0)={&(0x7f0000000140)={&(0x7f00000000c0)}, 0x4, &(0x7f0000000180)}, 0x18) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 216.169825] print_req_error: 1024 callbacks suppressed [ 216.169834] print_req_error: I/O error, dev loop0, sector 21504 [ 216.184233] FAULT_INJECTION: forcing a failure. [ 216.184233] name failslab, interval 1, probability 0, space 0, times 0 [ 216.195522] CPU: 1 PID: 12049 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 216.202976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.212346] Call Trace: [ 216.214938] dump_stack+0x1c9/0x2b4 [ 216.218565] ? dump_stack_print_info.cold.2+0x52/0x52 [ 216.223762] should_fail.cold.4+0xa/0x1a [ 216.227816] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 216.232952] ? kasan_kmalloc+0xc4/0xe0 [ 216.236830] ? kasan_slab_alloc+0x12/0x20 [ 216.240966] ? kmem_cache_alloc+0x12e/0x760 [ 216.245307] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 216.250142] ? kvm_mmu_load+0x21/0x10e0 [ 216.254115] ? vcpu_enter_guest+0x3aa6/0x6090 [ 216.258623] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 216.263648] ? graph_lock+0x170/0x170 [ 216.267438] ? do_syscall_64+0x1b9/0x820 [ 216.271491] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 216.276849] ? find_held_lock+0x36/0x1c0 [ 216.280902] ? __lock_is_held+0xb5/0x140 [ 216.284958] ? check_same_owner+0x340/0x340 [ 216.289268] ? rcu_note_context_switch+0x730/0x730 [ 216.294207] __should_failslab+0x124/0x180 [ 216.298438] should_failslab+0x9/0x14 [ 216.302229] kmem_cache_alloc+0x2af/0x760 [ 216.306394] ? kvm_clock_read+0x25/0x30 [ 216.310359] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 216.315366] ? ktime_get_with_offset+0x32e/0x4b0 [ 216.320147] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 216.324979] mmu_topup_memory_caches+0xf7/0x3a0 [ 216.329641] kvm_mmu_load+0x21/0x10e0 [ 216.333430] ? vcpu_enter_guest+0x298c/0x6090 [ 216.337920] vcpu_enter_guest+0x3aa6/0x6090 [ 216.342237] ? kvm_set_msr_common+0x26a0/0x26a0 [ 216.346897] ? vmx_vcpu_load+0xadf/0xff0 [ 216.350947] ? vmx_vcpu_reset+0x1040/0x1040 [ 216.355270] ? graph_lock+0x170/0x170 [ 216.359058] ? __lock_acquire+0x7fc/0x5020 [ 216.363286] ? __lock_is_held+0xb5/0x140 [ 216.367343] ? lock_acquire+0x1e4/0x540 [ 216.371302] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 216.376308] ? lock_release+0xa30/0xa30 [ 216.380269] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 216.385634] ? kvm_arch_dev_ioctl+0x610/0x610 [ 216.390387] ? preempt_notifier_dec+0x20/0x20 [ 216.394876] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 216.399704] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 216.404715] kvm_vcpu_ioctl+0x7b8/0x1300 [ 216.408779] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 216.414476] ? find_held_lock+0x36/0x1c0 [ 216.418540] ? find_held_lock+0x36/0x1c0 [ 216.422596] ? lock_downgrade+0x8f0/0x8f0 [ 216.426735] ? kasan_check_read+0x11/0x20 [ 216.430954] ? rcu_is_watching+0x8c/0x150 [ 216.435092] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 216.439494] ? __fget+0x414/0x670 [ 216.442939] ? match_held_lock+0x821/0x8d0 [ 216.447259] ? expand_files.part.8+0x9c0/0x9c0 [ 216.451830] ? kasan_check_write+0x14/0x20 [ 216.456052] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 216.460973] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 216.466672] do_vfs_ioctl+0x1de/0x1720 [ 216.470561] ? __lock_is_held+0xb5/0x140 [ 216.474614] ? ioctl_preallocate+0x300/0x300 [ 216.479010] ? __fget_light+0x2f7/0x440 [ 216.482988] ? fget_raw+0x20/0x20 [ 216.486434] ? __sb_end_write+0xac/0xe0 [ 216.490398] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 216.495921] ? fput+0x130/0x1a0 [ 216.499193] ? ksys_write+0x1ae/0x260 [ 216.502995] ? security_file_ioctl+0x94/0xc0 [ 216.507410] ksys_ioctl+0xa9/0xd0 [ 216.510855] __x64_sys_ioctl+0x73/0xb0 [ 216.514730] do_syscall_64+0x1b9/0x820 [ 216.518631] ? finish_task_switch+0x1d3/0x870 [ 216.523117] ? syscall_return_slowpath+0x5e0/0x5e0 [ 216.528051] ? syscall_return_slowpath+0x31d/0x5e0 [ 216.532980] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 216.538334] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 216.543166] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 216.548353] RIP: 0033:0x455ab9 [ 216.551541] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 216.570851] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 216.578547] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 216.585899] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 216.593154] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 216.600419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 216.607692] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000009 02:29:47 executing program 0: socket$inet6(0xa, 0x1000000000042, 0x14000000001) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040)=0x1, 0x4) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r1) sendfile(r0, r0, &(0x7f0000000000), 0x2000003) ioctl$LOOP_CLR_FD(r0, 0x4c01) sync() write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '/dev/loop#\x00'}, {0x20}, {0x20, '.[&(wlan0ppp0vboxnet0'}, {0x20}, {0x20, '/dev/loop#\x00'}, {0x20, "74086e750000000000000000008c00"}, {0x20, '/dev/loop#\x00'}], 0xa, "80c795"}, 0x5c) 02:29:47 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x9, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x10000, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:29:47 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='tunl0\x00', 0x10) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:47 executing program 6 (fault-call:6 fault-nth:10): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 216.853167] FAT-fs (loop3): bogus number of reserved sectors [ 216.859266] FAT-fs (loop3): Can't find a valid FAT filesystem [ 216.895269] FAULT_INJECTION: forcing a failure. [ 216.895269] name failslab, interval 1, probability 0, space 0, times 0 [ 216.906734] CPU: 0 PID: 12085 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 216.914111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.923475] Call Trace: [ 216.926085] dump_stack+0x1c9/0x2b4 [ 216.929746] ? dump_stack_print_info.cold.2+0x52/0x52 [ 216.935075] should_fail.cold.4+0xa/0x1a [ 216.939159] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 216.944283] ? kasan_kmalloc+0xc4/0xe0 [ 216.948189] ? kasan_slab_alloc+0x12/0x20 [ 216.952353] ? kmem_cache_alloc+0x12e/0x760 [ 216.956689] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 216.961562] ? kvm_mmu_load+0x21/0x10e0 [ 216.965596] ? vcpu_enter_guest+0x3aa6/0x6090 [ 216.970118] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 216.975158] ? graph_lock+0x170/0x170 [ 216.979091] ? do_syscall_64+0x1b9/0x820 [ 216.983195] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 216.988590] ? find_held_lock+0x36/0x1c0 [ 216.992684] ? __lock_is_held+0xb5/0x140 [ 216.996773] ? check_same_owner+0x340/0x340 [ 217.001114] ? rcu_note_context_switch+0x730/0x730 [ 217.006066] __should_failslab+0x124/0x180 [ 217.010406] should_failslab+0x9/0x14 [ 217.014229] kmem_cache_alloc+0x2af/0x760 [ 217.018414] ? lock_acquire+0x1e4/0x540 [ 217.022490] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 217.026743] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 217.031610] mmu_topup_memory_caches+0xf7/0x3a0 [ 217.036300] kvm_mmu_load+0x21/0x10e0 [ 217.040128] vcpu_enter_guest+0x3aa6/0x6090 [ 217.044557] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 217.048818] ? kvm_set_msr_common+0x26a0/0x26a0 [ 217.053570] ? zap_class+0x740/0x740 [ 217.057394] ? vmx_vcpu_load+0xadf/0xff0 [ 217.061482] ? __lock_acquire+0x7fc/0x5020 [ 217.065740] ? vmx_vcpu_reset+0x1040/0x1040 [ 217.070086] ? graph_lock+0x170/0x170 [ 217.073920] ? __lock_is_held+0xb5/0x140 [ 217.078007] ? lock_acquire+0x1e4/0x540 [ 217.081999] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 217.087040] ? lock_release+0xa30/0xa30 [ 217.091028] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 217.096404] ? kvm_arch_dev_ioctl+0x610/0x610 [ 217.100910] ? preempt_notifier_dec+0x20/0x20 [ 217.105435] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 217.110316] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 217.115355] kvm_vcpu_ioctl+0x7b8/0x1300 [ 217.119432] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 217.125166] ? find_held_lock+0x36/0x1c0 [ 217.129251] ? lock_downgrade+0x8f0/0x8f0 [ 217.133420] ? rcu_is_watching+0x8c/0x150 [ 217.137580] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 217.142009] ? __fget+0x414/0x670 [ 217.145480] ? match_held_lock+0x821/0x8d0 [ 217.149729] ? expand_files.part.8+0x9c0/0x9c0 [ 217.154325] ? kasan_check_write+0x14/0x20 [ 217.158575] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 217.163535] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 217.169274] do_vfs_ioctl+0x1de/0x1720 [ 217.173182] ? ioctl_preallocate+0x300/0x300 [ 217.177616] ? __fget_light+0x2f7/0x440 [ 217.181608] ? fget_raw+0x20/0x20 [ 217.185082] ? __sb_end_write+0xac/0xe0 [ 217.189081] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 217.194637] ? fput+0x130/0x1a0 [ 217.197939] ? ksys_write+0x1ae/0x260 [ 217.201756] ? security_file_ioctl+0x94/0xc0 [ 217.206183] ksys_ioctl+0xa9/0xd0 [ 217.209750] __x64_sys_ioctl+0x73/0xb0 [ 217.213654] do_syscall_64+0x1b9/0x820 [ 217.217563] ? finish_task_switch+0x1d3/0x870 [ 217.222093] ? syscall_return_slowpath+0x5e0/0x5e0 [ 217.227068] ? syscall_return_slowpath+0x31d/0x5e0 [ 217.232033] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 217.237419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 217.242290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 217.247498] RIP: 0033:0x455ab9 [ 217.250695] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 217.270124] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.277854] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 217.285137] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:29:47 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) getpid() fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80, 0x10) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000040)={0x0, 0x2f, "9b13d68ecb1ba62ae157888b04c848351cc3438f801162be9b515fa38f1dcad74bbf20a7877ee92f29c7f1d5d20b1b"}, &(0x7f0000000180)=0x37) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000200)={0x81, 0x1, 0x2, 0x8d, r2}, 0x10) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-vsock\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r6, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f00000000c0)="c4c2290c670866bad004b00feef2afc744240049e3aaf0c7442402910d1643c7442406000000000f011c24c4e1dc5c6f290f05c4e1fd593488d070a76666f2f20f20540f30", 0x45}], 0x1, 0x0, &(0x7f0000000180), 0x0) [ 217.292445] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 217.299902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 217.307221] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000000a 02:29:47 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000000)=0x8) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x40000, 0x0) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080), 0x10) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) [ 217.376613] FAT-fs (loop3): bogus number of reserved sectors [ 217.382579] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:47 executing program 6 (fault-call:6 fault-nth:11): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x101, 0x1) sync_file_range(r0, 0x100, 0x8001, 0x0) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:29:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:47 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-camellia-aesni-avx2\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 217.613661] FAULT_INJECTION: forcing a failure. [ 217.613661] name failslab, interval 1, probability 0, space 0, times 0 [ 217.625123] CPU: 1 PID: 12118 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 217.632509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 217.641958] Call Trace: [ 217.644577] dump_stack+0x1c9/0x2b4 [ 217.648246] ? dump_stack_print_info.cold.2+0x52/0x52 [ 217.653468] should_fail.cold.4+0xa/0x1a [ 217.657575] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 217.662698] ? kasan_kmalloc+0xc4/0xe0 [ 217.666604] ? kasan_slab_alloc+0x12/0x20 [ 217.670793] ? kmem_cache_alloc+0x12e/0x760 [ 217.675140] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 217.680006] ? kvm_mmu_load+0x21/0x10e0 [ 217.684000] ? vcpu_enter_guest+0x3aa6/0x6090 [ 217.688594] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 217.693647] ? graph_lock+0x170/0x170 [ 217.697464] ? do_syscall_64+0x1b9/0x820 [ 217.701539] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 217.706939] ? find_held_lock+0x36/0x1c0 02:29:48 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) sendto$unix(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x800, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 217.711308] ? __lock_is_held+0xb5/0x140 [ 217.715393] ? check_same_owner+0x340/0x340 [ 217.719727] ? rcu_note_context_switch+0x730/0x730 [ 217.724677] __should_failslab+0x124/0x180 [ 217.728932] should_failslab+0x9/0x14 [ 217.732750] kmem_cache_alloc+0x2af/0x760 [ 217.736919] ? kvm_clock_read+0x25/0x30 [ 217.740909] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 217.745939] ? ktime_get_with_offset+0x32e/0x4b0 [ 217.750714] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 217.755576] mmu_topup_memory_caches+0xf7/0x3a0 [ 217.760270] kvm_mmu_load+0x21/0x10e0 02:29:48 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$nfs4(&(0x7f0000000040)='nfs4\x00', &(0x7f00000000c0)='./file0\x00', 0x6, 0x5, &(0x7f0000000480)=[{&(0x7f0000000380)="b180ab9b59e38d3cffc77ba406ab8f94cee049515baf06d8e0f9dede04764804651ba123546ea75b2d3432b3e2ef491b45f007c1e00d468094b926c698dc59eb751cd28d214f7928992dc51fe94fd342ff202fb219961867984b7cf5bf4769a01f45cc8820c2c451c6ef76829534b2a4cf5fa387a96cbf8706fb436b7c38af58ea473253b00697f4dc241ef6012a96806928ff0fa7e4575c0021af981533f12b640760da79d435ba78d713d4af8998b9e21d95d7302d7c54e3c04a51eaaaffecc8a29e5fc4", 0xc5, 0x9}, {&(0x7f0000000100), 0x0, 0x2}, {&(0x7f0000000140)="b79ce2db8498366fa4dd84f12ff4dca53ec7a114de347f91c55029ed7d7ea754347b373010593be78c17a3012c32fa", 0x2f}, {&(0x7f00000002c0)="072b19b83dedf8a103d11874ba9cdaac02d33739fc3af6ede095ef2024307681ca97295efaf41b96d34c252bb4c24a2937f5c4bf27c2c18e6c61abb0ad8ab528a96ebefce2b01a", 0x47, 0x7}, {&(0x7f0000000180)="31e2fe536822c81818866d74f0ac8f13d1192319bf3fed235e4ed749ebe315733760", 0x22, 0x400}], 0x1000028, &(0x7f0000000240)='/dev/loop#\x00') r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() [ 217.764092] ? vcpu_enter_guest+0x298c/0x6090 [ 217.768610] vcpu_enter_guest+0x3aa6/0x6090 [ 217.772957] ? kvm_set_msr_common+0x26a0/0x26a0 [ 217.777652] ? vmx_vcpu_load+0xadf/0xff0 [ 217.781738] ? __lock_acquire+0x7fc/0x5020 [ 217.785998] ? vmx_vcpu_reset+0x1040/0x1040 [ 217.790338] ? graph_lock+0x170/0x170 [ 217.794163] ? __lock_acquire+0x7fc/0x5020 [ 217.798422] ? __lock_is_held+0xb5/0x140 [ 217.802504] ? lock_acquire+0x1e4/0x540 [ 217.806501] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 02:29:48 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1800000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 217.811541] ? lock_release+0xa30/0xa30 [ 217.815527] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 217.820816] ? kvm_arch_dev_ioctl+0x610/0x610 [ 217.825410] ? preempt_notifier_dec+0x20/0x20 [ 217.829932] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 217.834792] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 217.839834] kvm_vcpu_ioctl+0x7b8/0x1300 [ 217.843917] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 217.849642] ? find_held_lock+0x36/0x1c0 [ 217.853726] ? find_held_lock+0x36/0x1c0 [ 217.857916] ? lock_downgrade+0x8f0/0x8f0 [ 217.862346] ? kasan_check_read+0x11/0x20 [ 217.866515] ? rcu_is_watching+0x8c/0x150 [ 217.870676] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 217.875106] ? __fget+0x414/0x670 [ 217.878581] ? match_held_lock+0x821/0x8d0 [ 217.882832] ? expand_files.part.8+0x9c0/0x9c0 [ 217.887432] ? kasan_check_write+0x14/0x20 [ 217.891710] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 217.896662] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 217.902379] do_vfs_ioctl+0x1de/0x1720 [ 217.906268] ? __lock_is_held+0xb5/0x140 [ 217.910347] ? ioctl_preallocate+0x300/0x300 [ 217.914749] ? __fget_light+0x2f7/0x440 [ 217.918715] ? fget_raw+0x20/0x20 [ 217.922163] ? __sb_end_write+0xac/0xe0 [ 217.926134] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 217.931658] ? fput+0x130/0x1a0 [ 217.934949] ? ksys_write+0x1ae/0x260 [ 217.938750] ? security_file_ioctl+0x94/0xc0 [ 217.943149] ksys_ioctl+0xa9/0xd0 [ 217.946595] __x64_sys_ioctl+0x73/0xb0 [ 217.950477] do_syscall_64+0x1b9/0x820 [ 217.954372] ? finish_task_switch+0x1d3/0x870 [ 217.958874] ? syscall_return_slowpath+0x5e0/0x5e0 [ 217.963973] ? syscall_return_slowpath+0x31d/0x5e0 [ 217.968901] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 217.974271] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 217.979125] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 217.984303] RIP: 0033:0x455ab9 [ 217.987476] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 218.006893] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 218.014616] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 218.021890] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 218.029146] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 218.036408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 218.043666] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000000b 02:29:48 executing program 4: r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x14) finit_module(r0, &(0x7f0000000080)='rng\x00', 0x2) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x8000, 0x0) timerfd_settime(r2, 0x1, &(0x7f0000000100)={{}, {0x0, 0x989680}}, &(0x7f0000000140)) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 218.092497] FAT-fs (loop3): bogus number of reserved sectors [ 218.098429] FAT-fs (loop3): Can't find a valid FAT filesystem [ 218.149573] FAT-fs (loop3): bogus number of reserved sectors [ 218.155595] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:48 executing program 6 (fault-call:6 fault-nth:12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:48 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcb000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:48 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) sendto$unix(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x800, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:48 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x37) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000140)={r3, 0x80000000}, &(0x7f0000000280)=0xfffffee3) ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, &(0x7f00000000c0)) 02:29:48 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) dup2(r2, r2) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 218.373481] FAULT_INJECTION: forcing a failure. [ 218.373481] name failslab, interval 1, probability 0, space 0, times 0 [ 218.384862] CPU: 0 PID: 12169 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 218.392237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.401614] Call Trace: [ 218.404226] dump_stack+0x1c9/0x2b4 [ 218.407880] ? dump_stack_print_info.cold.2+0x52/0x52 [ 218.413138] should_fail.cold.4+0xa/0x1a [ 218.417225] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 218.422349] ? kasan_kmalloc+0xc4/0xe0 [ 218.426261] ? kasan_slab_alloc+0x12/0x20 [ 218.430437] ? kmem_cache_alloc+0x12e/0x760 [ 218.434785] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 218.439651] ? kvm_mmu_load+0x21/0x10e0 [ 218.443652] ? vcpu_enter_guest+0x3aa6/0x6090 [ 218.448167] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 218.453209] ? graph_lock+0x170/0x170 [ 218.457033] ? do_syscall_64+0x1b9/0x820 [ 218.461112] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 218.466487] ? find_held_lock+0x36/0x1c0 [ 218.470559] ? __lock_is_held+0xb5/0x140 [ 218.474726] ? check_same_owner+0x340/0x340 [ 218.479052] ? rcu_note_context_switch+0x730/0x730 [ 218.485406] __should_failslab+0x124/0x180 [ 218.489658] should_failslab+0x9/0x14 [ 218.493454] kmem_cache_alloc+0x2af/0x760 [ 218.497596] ? lock_acquire+0x1e4/0x540 [ 218.501581] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 218.505813] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 218.510648] mmu_topup_memory_caches+0xf7/0x3a0 [ 218.515318] kvm_mmu_load+0x21/0x10e0 [ 218.519115] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 218.524126] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 218.528881] vcpu_enter_guest+0x3aa6/0x6090 [ 218.533212] ? retint_kernel+0x10/0x10 [ 218.537100] ? kvm_set_msr_common+0x26a0/0x26a0 [ 218.541767] ? native_read_msr+0x1/0x30 [ 218.545913] ? vmx_vcpu_load+0xadf/0xff0 [ 218.549979] ? __lock_acquire+0x7fc/0x5020 [ 218.554302] ? vmx_vcpu_reset+0x1040/0x1040 [ 218.558616] ? graph_lock+0x170/0x170 [ 218.562497] ? __lock_acquire+0x7fc/0x5020 [ 218.566754] ? __lock_is_held+0xb5/0x140 [ 218.570825] ? lock_acquire+0x1e4/0x540 [ 218.574789] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 218.579800] ? lock_release+0xa30/0xa30 [ 218.583768] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 218.589040] ? kvm_arch_dev_ioctl+0x610/0x610 [ 218.593525] ? preempt_notifier_dec+0x20/0x20 [ 218.598043] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 218.602888] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 218.607909] kvm_vcpu_ioctl+0x7b8/0x1300 [ 218.611963] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 218.617675] ? find_held_lock+0x36/0x1c0 [ 218.621745] ? find_held_lock+0x36/0x1c0 [ 218.625820] ? lock_downgrade+0x8f0/0x8f0 [ 218.629980] ? kasan_check_read+0x11/0x20 [ 218.634118] ? rcu_is_watching+0x8c/0x150 [ 218.638265] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 218.642672] ? __fget+0x414/0x670 [ 218.646119] ? match_held_lock+0x821/0x8d0 [ 218.650360] ? expand_files.part.8+0x9c0/0x9c0 [ 218.654932] ? kasan_check_write+0x14/0x20 [ 218.659166] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 218.664105] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 218.669811] do_vfs_ioctl+0x1de/0x1720 [ 218.673689] ? __lock_is_held+0xb5/0x140 [ 218.677740] ? ioctl_preallocate+0x300/0x300 [ 218.682147] ? __fget_light+0x2f7/0x440 [ 218.686127] ? fget_raw+0x20/0x20 [ 218.689576] ? __sb_end_write+0xac/0xe0 [ 218.693557] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 218.699096] ? fput+0x130/0x1a0 [ 218.702378] ? ksys_write+0x1ae/0x260 [ 218.706178] ? security_file_ioctl+0x94/0xc0 [ 218.710583] ksys_ioctl+0xa9/0xd0 [ 218.714033] __x64_sys_ioctl+0x73/0xb0 [ 218.717918] do_syscall_64+0x1b9/0x820 [ 218.721794] ? finish_task_switch+0x1d3/0x870 [ 218.726281] ? syscall_return_slowpath+0x5e0/0x5e0 [ 218.731215] ? syscall_return_slowpath+0x31d/0x5e0 [ 218.736144] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 218.741504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 218.746345] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 218.751527] RIP: 0033:0x455ab9 [ 218.754701] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:29:49 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000)={0x303, 0x33}, 0x4) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4) connect$pptp(r0, &(0x7f0000000040)={0x18, 0x2, {0x2}}, 0x1e) [ 218.774042] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 218.781742] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 218.789019] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 218.796300] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 218.803581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 218.810863] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000000c 02:29:49 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = fcntl$getown(r0, 0x9) sched_setparam(r1, &(0x7f0000000000)=0x4) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 218.874562] FAT-fs (loop3): bogus number of reserved sectors [ 218.880538] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 218.961960] FAT-fs (loop3): bogus number of reserved sectors [ 218.967934] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:49 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x38240, 0x0) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000040)) 02:29:49 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000400)={0x0, 0x0}) fcntl$setown(r0, 0x8, r1) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) pwritev(r2, &(0x7f00000002c0)=[{&(0x7f0000000300)="9cddff214be4e9ecabeec3729fb65ca01e6b8cdac7536197cc8524a253a07b25cb55406d8841e65c0924d2b1f72ef54289c518f0e64ca4bfca11d7463f50bd8b45eaad9775dd8a9cbada64aa3d680a1e853d3a0ba53841584848be37e6c3b43493560a0f27e78d2642fda94211fe82f7c8e6f44bb38e6b19526fe5fc726774ff53b7e489fe3940774effc29ffd0b1600100d58086a0a55d30c41f958b4408ebb716dd9be544bd6b01781eaef2fda8696555dc993118dd51e838e40cd2a238a2c567de34ba733b0edcf69233f5626f92f0777290e3f4871441246811da32d88d285c5a282a714c7619ca672f1d8d9e680b66c066a9d4a419535", 0xf9}, {&(0x7f0000000280)="be9021f232562f67418e03", 0xb}], 0x2, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x6}, &(0x7f0000000040)=0x8) r4 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r4, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f760070") mkdir(&(0x7f000002b000)='./file0\x00', 0x0) mount(&(0x7f0000000100)='./file0\x00', &(0x7f00000004c0)='./file0/bus\x00', &(0x7f0000000140)='ramfs\x00', 0x4041, &(0x7f0000000440)) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000180)) setxattr(&(0x7f00000001c0)='./file0/bus\x00', &(0x7f0000000200)=@random={'trusted.', '\\cpuset]keyringtrustedeth1(&nodev%cpuset\x00'}, &(0x7f0000000240)='em0\\\x00', 0xffffff05, 0x6) bind$bt_l2cap(r0, &(0x7f0000000440)={0x1f, 0x5, {0x7ed24c3e, 0x6, 0x7, 0x7, 0x5, 0x7}, 0x100, 0x7}, 0xe) creat(&(0x7f0000002500)='./file0/bus\x00', 0xcebb6074bb566d03) r5 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r5, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={r3, 0x2, 0x1, [0xf9]}, &(0x7f0000000140)=0xa) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) 02:29:49 executing program 6 (fault-call:6 fault-nth:13): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:49 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfffffffffffffff2, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$EVIOCGUNIQ(r2, 0x80404508, &(0x7f00000000c0)=""/71) ioctl$LOOP_CLR_FD(r1, 0x4c01) setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f0000000040)=0x1, 0x4) sync() socket$inet6(0xa, 0xa, 0x1) 02:29:49 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) sendto$unix(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x800, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 219.201134] FAT-fs (loop3): bogus number of reserved sectors [ 219.207140] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:49 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x800000000000, 0x4080) setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000040)=0xffffffffffffffff, 0x4) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f00000002c0)=0x44ca, 0x1) sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000800}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x118, r2, 0x101, 0x70bd26, 0x25dfdbfb, {0xa}, [@IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@local={0xac, 0x14, 0x14, 0xaa}}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x179}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0xa}}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffffffffffe}]}, 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x10) 02:29:49 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) sendto$unix(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x800, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 219.304161] FAT-fs (loop3): bogus number of reserved sectors [ 219.310183] FAT-fs (loop3): Can't find a valid FAT filesystem [ 219.404269] FAULT_INJECTION: forcing a failure. [ 219.404269] name failslab, interval 1, probability 0, space 0, times 0 [ 219.415858] CPU: 0 PID: 12230 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 219.423236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 219.432605] Call Trace: [ 219.435213] dump_stack+0x1c9/0x2b4 [ 219.438864] ? dump_stack_print_info.cold.2+0x52/0x52 [ 219.444086] should_fail.cold.4+0xa/0x1a [ 219.448173] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 219.453298] ? kasan_kmalloc+0xc4/0xe0 [ 219.457209] ? kasan_slab_alloc+0x12/0x20 [ 219.461373] ? kmem_cache_alloc+0x12e/0x760 [ 219.465734] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 219.470599] ? kvm_mmu_load+0x21/0x10e0 [ 219.474593] ? vcpu_enter_guest+0x3aa6/0x6090 [ 219.479109] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 219.484151] ? graph_lock+0x170/0x170 [ 219.487972] ? do_syscall_64+0x1b9/0x820 [ 219.492077] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 219.497470] ? find_held_lock+0x36/0x1c0 [ 219.501557] ? __lock_is_held+0xb5/0x140 [ 219.505650] ? check_same_owner+0x340/0x340 [ 219.510005] ? rcu_note_context_switch+0x730/0x730 [ 219.514962] __should_failslab+0x124/0x180 [ 219.519224] should_failslab+0x9/0x14 [ 219.523044] kmem_cache_alloc+0x2af/0x760 [ 219.527212] ? lock_acquire+0x1e4/0x540 [ 219.531203] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 219.535443] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 219.540291] mmu_topup_memory_caches+0xf7/0x3a0 [ 219.544962] kvm_mmu_load+0x21/0x10e0 [ 219.548939] vcpu_enter_guest+0x3aa6/0x6090 [ 219.553264] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 219.557497] ? kvm_set_msr_common+0x26a0/0x26a0 [ 219.562162] ? vmx_vcpu_load+0xadf/0xff0 [ 219.566217] ? __lock_acquire+0x7fc/0x5020 [ 219.570442] ? vmx_vcpu_reset+0x1040/0x1040 [ 219.574769] ? graph_lock+0x170/0x170 [ 219.578564] ? __lock_acquire+0x7fc/0x5020 [ 219.583062] ? __lock_is_held+0xb5/0x140 [ 219.587119] ? lock_acquire+0x1e4/0x540 [ 219.591094] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 219.596104] ? lock_release+0xa30/0xa30 [ 219.600067] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 219.605346] ? kvm_arch_dev_ioctl+0x610/0x610 [ 219.609834] ? preempt_notifier_dec+0x20/0x20 [ 219.614333] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 219.619167] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 219.624196] kvm_vcpu_ioctl+0x7b8/0x1300 [ 219.628252] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 219.633960] ? find_held_lock+0x36/0x1c0 [ 219.638031] ? find_held_lock+0x36/0x1c0 [ 219.642095] ? lock_downgrade+0x8f0/0x8f0 [ 219.646251] ? kasan_check_read+0x11/0x20 [ 219.650394] ? rcu_is_watching+0x8c/0x150 [ 219.654531] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 219.658938] ? __fget+0x414/0x670 [ 219.662387] ? match_held_lock+0x821/0x8d0 [ 219.666613] ? expand_files.part.8+0x9c0/0x9c0 [ 219.671184] ? kasan_check_write+0x14/0x20 [ 219.675410] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 219.680341] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 219.686044] do_vfs_ioctl+0x1de/0x1720 [ 219.689922] ? __lock_is_held+0xb5/0x140 [ 219.693975] ? ioctl_preallocate+0x300/0x300 [ 219.698560] ? __fget_light+0x2f7/0x440 [ 219.702528] ? fget_raw+0x20/0x20 [ 219.705973] ? __sb_end_write+0xac/0xe0 [ 219.709944] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 219.715482] ? fput+0x130/0x1a0 [ 219.718755] ? ksys_write+0x1ae/0x260 [ 219.722549] ? security_file_ioctl+0x94/0xc0 [ 219.726950] ksys_ioctl+0xa9/0xd0 [ 219.730397] __x64_sys_ioctl+0x73/0xb0 [ 219.734279] do_syscall_64+0x1b9/0x820 [ 219.738163] ? finish_task_switch+0x1d3/0x870 [ 219.742652] ? syscall_return_slowpath+0x5e0/0x5e0 [ 219.747579] ? syscall_return_slowpath+0x31d/0x5e0 [ 219.752519] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 219.757889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 219.762727] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 219.767922] RIP: 0033:0x455ab9 [ 219.771109] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 219.790536] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 219.798240] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 219.805849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 219.813125] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 219.820394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 219.827650] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000000d 02:29:50 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=0x0) ptrace$pokeuser(0x6, r0, 0x1fe00000, 0x1) personality(0x1bb2baf3005ac137) r1 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) recvfrom$llc(r1, &(0x7f0000000100)=""/208, 0xd0, 0x2, &(0x7f0000000040)={0x1a, 0x308, 0x3, 0x9, 0x3, 0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) 02:29:50 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:50 executing program 6 (fault-call:6 fault-nth:14): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:50 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:50 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x28484, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:50 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) getpeername(r0, &(0x7f0000000000)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0xfffffffffffffe52) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x1e, 0x1, 0x0) sendmsg(r1, &(0x7f00003bbfc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x2ef, &(0x7f0000d1b000), 0x0, &(0x7f000012e000)}, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f0000000040)={0x5, 0x10, 0xfa00, {&(0x7f0000000480)}}, 0xfffffdef) pipe(&(0x7f0000000080)) syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x4, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 219.989150] FAT-fs (loop3): bogus number of reserved sectors [ 219.995126] FAT-fs (loop3): Can't find a valid FAT filesystem [ 220.064626] FAT-fs (loop3): bogus number of reserved sectors [ 220.070596] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:50 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xb00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:50 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x2200000) open$dir(&(0x7f0000000380)='./file0\x00', 0x240000, 0x800000000120) r0 = creat(&(0x7f0000000280)='./file0/bus\x00', 0x2) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000240)={0xd000, &(0x7f0000000200), 0xc, r0, 0xc}) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=""/249) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) accept4$unix(r0, &(0x7f00000002c0)=@abs, &(0x7f0000000340)=0x6e, 0x800) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) [ 220.397918] FAT-fs (loop3): bogus number of reserved sectors [ 220.403916] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:50 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x200000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) recvmmsg(r2, &(0x7f0000007800)=[{{&(0x7f00000000c0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000040)=""/11, 0xb}], 0x1, &(0x7f0000000180)=""/12, 0xc, 0x1f}, 0x7}, {{&(0x7f00000002c0)=@sco, 0x80, &(0x7f00000016c0)=[{&(0x7f0000000380)=""/88, 0x58}, {&(0x7f0000000400)=""/190, 0xbe}, {&(0x7f0000000240)=""/41, 0x29}, {&(0x7f00000004c0)=""/64, 0x40}, {&(0x7f0000000500)=""/171, 0xab}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/232, 0xe8}], 0x7, &(0x7f0000001740)=""/128, 0x80, 0x2d6}, 0x80000001}, {{&(0x7f00000017c0)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @dev}}}, 0x80, &(0x7f0000003880)=[{&(0x7f0000001840)=""/4096, 0x1000}, {&(0x7f0000002840)=""/16, 0x10}, {&(0x7f0000002880)=""/4096, 0x1000}], 0x3, 0x0, 0x0, 0x2}, 0x2362}, {{&(0x7f00000038c0)=@nfc_llcp, 0x80, &(0x7f0000003a40)=[{&(0x7f0000003940)=""/236, 0xec}], 0x1, &(0x7f0000003a80)=""/187, 0xbb, 0x7ff}, 0x4}, {{&(0x7f0000003b40)=@nfc_llcp, 0x80, &(0x7f0000004d00)=[{&(0x7f0000003bc0)=""/5, 0x5}, {&(0x7f0000003c00)=""/255, 0xff}, {&(0x7f0000003d00)=""/4096, 0x1000}], 0x3, &(0x7f0000004d40)=""/4096, 0x1000, 0x6}, 0x9}, {{&(0x7f0000005d40)=@can, 0x80, &(0x7f0000006fc0)=[{&(0x7f0000005dc0)=""/4, 0x4}, {&(0x7f0000005e00)=""/98, 0x62}, {&(0x7f0000005e80)=""/4096, 0x1000}, {&(0x7f0000006e80)=""/250, 0xfa}, {&(0x7f0000006f80)=""/58, 0x3a}], 0x5, &(0x7f0000007040)=""/138, 0x8a, 0x6}, 0x5}, {{&(0x7f0000007100)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000007740)=[{&(0x7f0000007180)=""/101, 0x65}, {&(0x7f0000007200)=""/238, 0xee}, {&(0x7f0000007300)=""/207, 0xcf}, {&(0x7f0000007400)=""/252, 0xfc}, {&(0x7f0000007500)=""/19, 0x13}, {&(0x7f0000007540)=""/250, 0xfa}, {&(0x7f0000007640)=""/112, 0x70}, {&(0x7f00000076c0)=""/123, 0x7b}], 0x8, &(0x7f00000077c0)=""/58, 0x3a, 0x800}, 0x5}], 0x7, 0x40, 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:50 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 220.574567] FAT-fs (loop3): bogus number of reserved sectors [ 220.580543] FAT-fs (loop3): Can't find a valid FAT filesystem [ 220.629284] FAULT_INJECTION: forcing a failure. [ 220.629284] name failslab, interval 1, probability 0, space 0, times 0 [ 220.640626] CPU: 1 PID: 12280 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 220.648001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.657368] Call Trace: [ 220.659982] dump_stack+0x1c9/0x2b4 [ 220.663636] ? dump_stack_print_info.cold.2+0x52/0x52 [ 220.668863] should_fail.cold.4+0xa/0x1a [ 220.672950] ? fault_create_debugfs_attr+0x1f0/0x1f0 02:29:51 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0xfffffffffffffdb1) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) r1 = syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0xe0000000000, 0x0) write$FUSE_NOTIFY_STORE(r1, &(0x7f00000001c0)={0x2a, 0x4, 0x0, {0x0, 0x80, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) socket$inet_udp(0x2, 0x2, 0x0) inotify_add_watch(r1, &(0x7f0000000200)='./file0\x00', 0x40) r2 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x800, 0x101f80) ioctl$sock_bt_hci(r2, 0xc00448ff, &(0x7f0000000140)="005db5a0dcbb391cb32e894d71422ffb7d20d16c2ed6ac0b72") [ 220.678063] ? kasan_kmalloc+0xc4/0xe0 [ 220.681968] ? kasan_slab_alloc+0x12/0x20 [ 220.686131] ? kmem_cache_alloc+0x12e/0x760 [ 220.690467] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 220.695328] ? kvm_mmu_load+0x21/0x10e0 [ 220.699348] ? vcpu_enter_guest+0x3aa6/0x6090 [ 220.703861] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 220.708980] ? graph_lock+0x170/0x170 [ 220.712795] ? do_syscall_64+0x1b9/0x820 [ 220.716875] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 220.722266] ? find_held_lock+0x36/0x1c0 [ 220.726371] ? __lock_is_held+0xb5/0x140 [ 220.730465] ? check_same_owner+0x340/0x340 [ 220.734801] ? rcu_note_context_switch+0x730/0x730 [ 220.739756] __should_failslab+0x124/0x180 [ 220.744009] should_failslab+0x9/0x14 [ 220.747825] kmem_cache_alloc+0x2af/0x760 [ 220.751987] ? lock_acquire+0x1e4/0x540 [ 220.755975] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 220.760230] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 220.765093] mmu_topup_memory_caches+0xf7/0x3a0 [ 220.769787] kvm_mmu_load+0x21/0x10e0 [ 220.773618] vcpu_enter_guest+0x3aa6/0x6090 [ 220.777961] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 220.782751] ? kvm_set_msr_common+0x26a0/0x26a0 [ 220.782771] ? zap_class+0x740/0x740 [ 220.782791] ? vmx_vcpu_load+0xadf/0xff0 [ 220.782810] ? __lock_acquire+0x7fc/0x5020 [ 220.782825] ? vmx_vcpu_reset+0x1040/0x1040 [ 220.782840] ? graph_lock+0x170/0x170 [ 220.782864] ? __lock_is_held+0xb5/0x140 [ 220.782878] ? lock_acquire+0x1e4/0x540 [ 220.782889] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 220.782910] ? lock_release+0xa30/0xa30 [ 220.782923] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 220.782940] ? kvm_arch_dev_ioctl+0x610/0x610 [ 220.782952] ? preempt_notifier_dec+0x20/0x20 [ 220.782978] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 220.782993] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 220.783020] kvm_vcpu_ioctl+0x7b8/0x1300 [ 220.783041] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 220.783068] ? find_held_lock+0x36/0x1c0 [ 220.783096] ? lock_downgrade+0x8f0/0x8f0 [ 220.783117] ? rcu_is_watching+0x8c/0x150 [ 220.783132] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 220.783154] ? __fget+0x414/0x670 [ 220.878903] ? match_held_lock+0x821/0x8d0 [ 220.883137] ? expand_files.part.8+0x9c0/0x9c0 [ 220.887741] ? kasan_check_write+0x14/0x20 [ 220.891967] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 220.896897] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 220.902599] do_vfs_ioctl+0x1de/0x1720 [ 220.906495] ? ioctl_preallocate+0x300/0x300 [ 220.910897] ? __fget_light+0x2f7/0x440 [ 220.914861] ? fget_raw+0x20/0x20 [ 220.918321] ? __sb_end_write+0xac/0xe0 [ 220.922291] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 220.927819] ? fput+0x130/0x1a0 [ 220.931091] ? ksys_write+0x1ae/0x260 [ 220.934886] ? security_file_ioctl+0x94/0xc0 [ 220.939289] ksys_ioctl+0xa9/0xd0 [ 220.942738] __x64_sys_ioctl+0x73/0xb0 [ 220.946630] do_syscall_64+0x1b9/0x820 [ 220.950505] ? finish_task_switch+0x1d3/0x870 [ 220.954992] ? syscall_return_slowpath+0x5e0/0x5e0 [ 220.959939] ? syscall_return_slowpath+0x31d/0x5e0 [ 220.964876] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 220.970239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 220.975080] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 220.980259] RIP: 0033:0x455ab9 [ 220.983436] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 221.002882] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 221.010606] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 221.017879] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 221.025139] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 221.032399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 221.039659] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000000e 02:29:51 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f00000001c0)='./file1\x00', 0x202, 0x4) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000000)) 02:29:51 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf2, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:51 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x400800, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000100)={0x8000, 0xffffffff, 0x3, 0x2}, 0x8) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000040)={r0}) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x8040a00, 0x0) accept4$alg(r3, 0x0, 0x0, 0x80800) setsockopt$inet_mreqsrc(r3, 0x0, 0x2f, &(0x7f0000000000)={@multicast2=0xe0000002, @multicast2=0xe0000002, @multicast1=0xe0000001}, 0xc) 02:29:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af543") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 221.193953] FAT-fs (loop3): bogus number of reserved sectors [ 221.199903] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:51 executing program 6 (fault-call:6 fault-nth:15): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 221.295163] FAT-fs (loop3): bogus number of reserved sectors [ 221.301125] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:51 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000480)={'nat\x00'}, &(0x7f0000000500)=0x54) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:51 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x404000, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000080)=0x2b77) syz_init_net_socket$llc(0x1a, 0x2, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000180)={0x9, 0x13, 0x8, 0xcd, "10b49d8f8823c71f0000fb1bd686000000e40700"}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) ioctl$SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f00000001c0)=ANY=[@ANYBLOB="ae0000000000000077e0a3b1f6f387d41c87dcfda302b8c36f89dd0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002fcc62b362b143b76a3b826412df0000000000000000000000000000"]) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:51 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x400000, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x3, 0x2004, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0xfffffffffffffffd, 0x0) [ 221.537796] FAULT_INJECTION: forcing a failure. [ 221.537796] name failslab, interval 1, probability 0, space 0, times 0 [ 221.549155] CPU: 0 PID: 12352 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 221.556530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.565982] Call Trace: [ 221.568588] dump_stack+0x1c9/0x2b4 [ 221.572231] ? dump_stack_print_info.cold.2+0x52/0x52 [ 221.577440] should_fail.cold.4+0xa/0x1a [ 221.581517] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 221.586633] ? kasan_kmalloc+0xc4/0xe0 [ 221.590532] ? kasan_slab_alloc+0x12/0x20 [ 221.594682] ? kmem_cache_alloc+0x12e/0x760 [ 221.599008] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 221.603856] ? kvm_mmu_load+0x21/0x10e0 [ 221.607835] ? vcpu_enter_guest+0x3aa6/0x6090 [ 221.612340] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 221.617556] ? graph_lock+0x170/0x170 [ 221.621397] ? do_syscall_64+0x1b9/0x820 [ 221.625462] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 221.630836] ? find_held_lock+0x36/0x1c0 [ 221.634914] ? __lock_is_held+0xb5/0x140 [ 221.638992] ? check_same_owner+0x340/0x340 [ 221.643332] ? rcu_note_context_switch+0x730/0x730 [ 221.648279] __should_failslab+0x124/0x180 [ 221.652528] should_failslab+0x9/0x14 [ 221.656352] kmem_cache_alloc+0x2af/0x760 [ 221.660508] ? lock_acquire+0x1e4/0x540 [ 221.664495] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 221.668743] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 221.673604] mmu_topup_memory_caches+0xf7/0x3a0 [ 221.678292] kvm_mmu_load+0x21/0x10e0 [ 221.682115] vcpu_enter_guest+0x3aa6/0x6090 [ 221.686452] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 221.690696] ? kvm_set_msr_common+0x26a0/0x26a0 [ 221.695368] ? vmx_vcpu_load+0xadf/0xff0 [ 221.699437] ? __lock_acquire+0x7fc/0x5020 [ 221.703668] ? vmx_vcpu_reset+0x1040/0x1040 [ 221.707985] ? graph_lock+0x170/0x170 [ 221.711796] ? __lock_acquire+0x7fc/0x5020 [ 221.716124] ? __lock_is_held+0xb5/0x140 [ 221.720188] ? lock_acquire+0x1e4/0x540 [ 221.724159] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 221.729194] ? lock_release+0xa30/0xa30 [ 221.733164] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 221.738433] ? kvm_arch_dev_ioctl+0x610/0x610 [ 221.742937] ? preempt_notifier_dec+0x20/0x20 [ 221.747434] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 221.752268] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 221.757300] kvm_vcpu_ioctl+0x7b8/0x1300 [ 221.761374] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 221.767080] ? find_held_lock+0x36/0x1c0 [ 221.771148] ? find_held_lock+0x36/0x1c0 [ 221.775231] ? lock_downgrade+0x8f0/0x8f0 [ 221.779378] ? kasan_check_read+0x11/0x20 [ 221.783518] ? rcu_is_watching+0x8c/0x150 [ 221.787656] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 221.792066] ? __fget+0x414/0x670 [ 221.795513] ? match_held_lock+0x821/0x8d0 [ 221.799738] ? expand_files.part.8+0x9c0/0x9c0 [ 221.804321] ? kasan_check_write+0x14/0x20 [ 221.808550] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 221.813484] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 221.819190] do_vfs_ioctl+0x1de/0x1720 [ 221.823089] ? __lock_is_held+0xb5/0x140 [ 221.827148] ? ioctl_preallocate+0x300/0x300 [ 221.831721] ? __fget_light+0x2f7/0x440 [ 221.835689] ? fget_raw+0x20/0x20 [ 221.839141] ? __sb_end_write+0xac/0xe0 [ 221.843131] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 221.848670] ? fput+0x130/0x1a0 [ 221.851944] ? ksys_write+0x1ae/0x260 [ 221.855739] ? security_file_ioctl+0x94/0xc0 [ 221.860146] ksys_ioctl+0xa9/0xd0 [ 221.863608] __x64_sys_ioctl+0x73/0xb0 [ 221.867500] do_syscall_64+0x1b9/0x820 [ 221.871377] ? finish_task_switch+0x1d3/0x870 [ 221.875875] ? syscall_return_slowpath+0x5e0/0x5e0 [ 221.880807] ? syscall_return_slowpath+0x31d/0x5e0 [ 221.885736] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 221.891096] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 221.895941] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 221.901123] RIP: 0033:0x455ab9 [ 221.904297] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 221.923630] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 221.931330] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 02:29:52 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x284d4, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:52 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) 02:29:52 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x400000, 0x0) [ 221.938594] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 221.946140] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 221.953412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 221.960686] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000000f [ 222.037098] FAT-fs (loop3): bogus number of reserved sectors [ 222.043044] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:52 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r1, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 02:29:52 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x15c) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) recvmsg(r0, &(0x7f0000000140)={&(0x7f0000000000)=@sco, 0x80, &(0x7f0000000580)=[{&(0x7f0000000080)=""/159, 0x9f}, {&(0x7f0000000200)=""/92, 0x5c}, {&(0x7f0000000280)=""/80, 0x50}, {&(0x7f00000003c0)=""/213, 0xd5}, {&(0x7f00000004c0)=""/189, 0xbd}], 0x5, &(0x7f0000000600)=""/143, 0x8f}, 0x2020) r1 = syz_open_dev$admmidi(&(0x7f0000000300)='/dev/admmidi#\x00', 0xffffffffffffff60, 0x80000) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000006c0)=0x2, 0x4) [ 222.126291] FAT-fs (loop3): bogus number of reserved sectors [ 222.132255] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af543") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:52 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:29:52 executing program 6 (fault-call:6 fault-nth:16): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:52 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 222.364211] FAT-fs (loop3): bogus number of reserved sectors [ 222.370219] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:52 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x193) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 222.412645] FAT-fs (loop3): bogus number of reserved sectors [ 222.418605] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:52 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xc000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 222.497207] FAULT_INJECTION: forcing a failure. [ 222.497207] name failslab, interval 1, probability 0, space 0, times 0 [ 222.508705] CPU: 1 PID: 12404 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 222.516187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 222.525548] Call Trace: [ 222.528170] dump_stack+0x1c9/0x2b4 [ 222.531819] ? dump_stack_print_info.cold.2+0x52/0x52 [ 222.537036] should_fail.cold.4+0xa/0x1a [ 222.541098] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 222.546202] ? kasan_kmalloc+0xc4/0xe0 [ 222.550099] ? kasan_slab_alloc+0x12/0x20 [ 222.554236] ? kmem_cache_alloc+0x12e/0x760 [ 222.558554] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 222.563385] ? kvm_mmu_load+0x21/0x10e0 [ 222.567356] ? vcpu_enter_guest+0x3aa6/0x6090 [ 222.571840] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 222.576846] ? graph_lock+0x170/0x170 [ 222.580637] ? do_syscall_64+0x1b9/0x820 [ 222.584692] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 222.590053] ? find_held_lock+0x36/0x1c0 [ 222.594107] ? __lock_is_held+0xb5/0x140 [ 222.598167] ? check_same_owner+0x340/0x340 [ 222.602479] ? rcu_note_context_switch+0x730/0x730 [ 222.607397] __should_failslab+0x124/0x180 [ 222.611624] should_failslab+0x9/0x14 [ 222.615421] kmem_cache_alloc+0x2af/0x760 [ 222.619587] ? lock_acquire+0x1e4/0x540 [ 222.623552] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 222.627781] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 222.632621] mmu_topup_memory_caches+0xf7/0x3a0 [ 222.637375] kvm_mmu_load+0x21/0x10e0 [ 222.641181] vcpu_enter_guest+0x3aa6/0x6090 [ 222.645491] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 222.649730] ? kvm_set_msr_common+0x26a0/0x26a0 [ 222.654389] ? vmx_vcpu_load+0xadf/0xff0 [ 222.658444] ? __lock_acquire+0x7fc/0x5020 [ 222.662670] ? vmx_vcpu_reset+0x1040/0x1040 [ 222.666986] ? graph_lock+0x170/0x170 [ 222.670791] ? __lock_acquire+0x7fc/0x5020 [ 222.675030] ? __lock_is_held+0xb5/0x140 [ 222.679085] ? lock_acquire+0x1e4/0x540 [ 222.683056] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 222.688077] ? lock_release+0xa30/0xa30 [ 222.692047] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 222.697315] ? kvm_arch_dev_ioctl+0x610/0x610 [ 222.701812] ? preempt_notifier_dec+0x20/0x20 [ 222.706299] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 222.711133] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 222.716158] kvm_vcpu_ioctl+0x7b8/0x1300 [ 222.720212] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 222.725912] ? find_held_lock+0x36/0x1c0 [ 222.729965] ? find_held_lock+0x36/0x1c0 [ 222.734031] ? lock_downgrade+0x8f0/0x8f0 [ 222.738171] ? kasan_check_read+0x11/0x20 [ 222.742304] ? rcu_is_watching+0x8c/0x150 [ 222.746437] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 222.750838] ? __fget+0x414/0x670 [ 222.754294] ? match_held_lock+0x821/0x8d0 [ 222.758528] ? expand_files.part.8+0x9c0/0x9c0 [ 222.763105] ? kasan_check_write+0x14/0x20 [ 222.767341] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 222.772263] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 222.777963] do_vfs_ioctl+0x1de/0x1720 [ 222.781844] ? __lock_is_held+0xb5/0x140 [ 222.785907] ? ioctl_preallocate+0x300/0x300 [ 222.790301] ? __fget_light+0x2f7/0x440 [ 222.794261] ? fget_raw+0x20/0x20 [ 222.797703] ? __sb_end_write+0xac/0xe0 [ 222.801679] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 222.807203] ? fput+0x130/0x1a0 [ 222.810486] ? ksys_write+0x1ae/0x260 [ 222.814274] ? security_file_ioctl+0x94/0xc0 [ 222.818682] ksys_ioctl+0xa9/0xd0 [ 222.822124] __x64_sys_ioctl+0x73/0xb0 [ 222.826003] do_syscall_64+0x1b9/0x820 [ 222.829892] ? finish_task_switch+0x1d3/0x870 [ 222.834393] ? syscall_return_slowpath+0x5e0/0x5e0 [ 222.839315] ? syscall_return_slowpath+0x31d/0x5e0 [ 222.844234] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 222.849603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 222.854436] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 222.859611] RIP: 0033:0x455ab9 [ 222.862782] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 222.882036] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 222.889741] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 222.897089] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 222.904346] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 222.911611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 222.918881] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000010 02:29:53 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000440)=0x1c) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:53 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7, 0x101000) setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000040)=0x8, 0x4) fdatasync(r0) 02:29:53 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r1, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 02:29:53 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xc00, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:53 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0xbb2baf3001ac13b) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000100)={0x0, 0x670, 0x30, 0x100, 0x8}, &(0x7f0000000140)=0x18) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r1, 0x1}, 0x8) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000001c0)=0x1) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'dummy0\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000040)={@ipv4={[], [0xff, 0xff], @rand_addr=0x7f}, r3}, 0x14) 02:29:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af543") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:53 executing program 6 (fault-call:6 fault-nth:17): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:53 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300)='/dev/net/tun\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000002c0)=r3) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'dummy0\x00', 0x2}) r4 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r4, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r7 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_SET_FD(r7, 0x4c00, r4) splice(r7, &(0x7f0000000040), r5, &(0x7f00000000c0), 0x3, 0x9) pwritev(r7, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$sock_bt_bnep_BNEPCONNADD(r7, 0x400442c8, &(0x7f0000000380)={r5, 0x3e92, 0x4, "c2f3cb55964ae59160a79abd009d49e4846fa90c7f281743728b2cd8640da5abf163f62658f04ab82557b312e7bea9e301dabb4783f1dcfdb2e2"}) ioctl$LOOP_CHANGE_FD(r6, 0x4c00, r7) sendfile(r6, r6, &(0x7f0000000000), 0x2000005) seccomp(0x1, 0x0, &(0x7f0000000140)={0x2, &(0x7f0000000100)=[{0x8, 0x6, 0x7e4, 0xffffffff}, {0x8000, 0x7f, 0x5, 0x4}]}) ioctl$LOOP_CLR_FD(r6, 0x4c01) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000180)={0x1000, 0x7, 0x2000}, 0x4) sync() ioctl$sock_inet_SIOCGARP(r7, 0x8954, &(0x7f00000002c0)={{0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, {0x306, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x20, {0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 'ip6_vti0\x00'}) 02:29:53 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x800001, 0x100) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000140)={r2, 0x54, "3c52e4dd70ffd849c3aceb73bb9aa872d6866103950d93d854aeaf2b97095758e2324b8259a2e27c08bbd07b23000f2e3276baf9b70595ffa30b9d5470fda0f671b9a86e1ab15a9972e38a814c109357c1cef773"}, &(0x7f00000001c0)=0x5c) 02:29:53 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r1, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) [ 223.338889] FAT-fs (loop3): bogus number of reserved sectors [ 223.344816] FAT-fs (loop3): Can't find a valid FAT filesystem [ 223.433257] FAULT_INJECTION: forcing a failure. [ 223.433257] name failslab, interval 1, probability 0, space 0, times 0 [ 223.444646] CPU: 0 PID: 12451 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 223.452054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.461592] Call Trace: [ 223.464203] dump_stack+0x1c9/0x2b4 [ 223.467852] ? dump_stack_print_info.cold.2+0x52/0x52 [ 223.473087] should_fail.cold.4+0xa/0x1a [ 223.477187] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 223.482504] ? kasan_kmalloc+0xc4/0xe0 [ 223.486419] ? kasan_slab_alloc+0x12/0x20 [ 223.490610] ? kmem_cache_alloc+0x12e/0x760 [ 223.494970] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 223.499924] ? kvm_mmu_load+0x21/0x10e0 [ 223.503926] ? vcpu_enter_guest+0x3aa6/0x6090 [ 223.508531] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 223.513565] ? graph_lock+0x170/0x170 [ 223.517378] ? do_syscall_64+0x1b9/0x820 [ 223.521454] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 223.526841] ? find_held_lock+0x36/0x1c0 [ 223.530926] ? __lock_is_held+0xb5/0x140 [ 223.535022] ? check_same_owner+0x340/0x340 [ 223.539379] ? rcu_note_context_switch+0x730/0x730 [ 223.544325] __should_failslab+0x124/0x180 [ 223.548574] should_failslab+0x9/0x14 [ 223.552388] kmem_cache_alloc+0x2af/0x760 [ 223.556576] ? lock_acquire+0x1e4/0x540 [ 223.560565] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 223.564821] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 223.569681] mmu_topup_memory_caches+0xf7/0x3a0 [ 223.574394] kvm_mmu_load+0x21/0x10e0 [ 223.578218] vcpu_enter_guest+0x3aa6/0x6090 [ 223.582553] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 223.586810] ? kvm_set_msr_common+0x26a0/0x26a0 [ 223.591493] ? zap_class+0x740/0x740 [ 223.595226] ? vmx_vcpu_load+0xadf/0xff0 [ 223.599303] ? __lock_acquire+0x7fc/0x5020 [ 223.603557] ? vmx_vcpu_reset+0x1040/0x1040 [ 223.607890] ? graph_lock+0x170/0x170 [ 223.611729] ? __lock_is_held+0xb5/0x140 [ 223.615806] ? lock_acquire+0x1e4/0x540 [ 223.619790] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 223.624826] ? lock_release+0xa30/0xa30 [ 223.628808] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 223.634098] ? kvm_arch_dev_ioctl+0x610/0x610 [ 223.638604] ? preempt_notifier_dec+0x20/0x20 [ 223.643121] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 223.647979] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 223.653020] kvm_vcpu_ioctl+0x7b8/0x1300 [ 223.657099] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 223.662831] ? find_held_lock+0x36/0x1c0 [ 223.666915] ? lock_downgrade+0x8f0/0x8f0 [ 223.671077] ? rcu_is_watching+0x8c/0x150 [ 223.675230] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 223.679659] ? __fget+0x414/0x670 02:29:53 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x90000, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000080)={0x2, 0x5}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000100)=ANY=[@ANYBLOB="01000007", @ANYRES32=0x0], &(0x7f0000000140)=0x3) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={r2, 0x2}, 0x8) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:53 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r0, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r1, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r1, 0x4c00, 0xffffffffffffffff) 02:29:54 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'morus640\x00'}, 0xe277c0a2) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000240)={0xe82a2f397edc0fc, 0x0, &(0x7f0000ffc000/0x3000)=nil}) listen(r0, 0x30000) r1 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x6, 0x8) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f00000001c0)={{0x7fffffff, 0x9}, 0x1, 0x0, 0x0, {0x3, 0x4}, 0xffffffff, 0x3}) syz_open_pts(r1, 0x38041) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x125000, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="30000000370200016ea6571b3c7100000000000000000000", @ANYRES32, @ANYBLOB="1200707070319bcd37dd9f87d24fb2d0bc68961f000000000000d814bd990e100ea0c047479428ec3592b8652aab765594903217634746c3175cc61bc876d86e3dff6641b0297ac6bfe0158e7b09e9309b20d018df912ebd1ee722b23a5ad9094d63908cf3e1cfa685b1d8e93bf30e225975a09b7f5c0c9aa21746e26662661e773eb48f240ae746b7b7578f2b4038d2fe54f841a4171861c7d669bf137454377630ec0fe2b70472cfbc7d42dca92f898babff61f10a889556bdc5d26e0e13e809530f2add3e4aa473f9c81c89e383fcb33842edc143607b834822b215693deb5861943f690fd7e9d6d0dd35fceb2c061f37ebfa86e2232e55a3a17f9f8a655e500b4a4c683d2aa877abfc743f9fa83b46a3431ad3d10f50dcbf5463284f17b2c2945889d8f20fa2f2d03469cb6eacedf44062bfb62b17d19fa9c63a52d45db34720484784ad460f0f8de7"], 0x30) ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000280)=0xfffffffffffffff8) socket$alg(0x26, 0x5, 0x0) write$P9_RCREATE(r2, &(0x7f0000000080)={0x18, 0x73, 0x2, {{0x14, 0x1, 0x6}, 0x2}}, 0x18) 02:29:54 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 223.683127] ? match_held_lock+0x821/0x8d0 [ 223.687367] ? expand_files.part.8+0x9c0/0x9c0 [ 223.691959] ? kasan_check_write+0x14/0x20 [ 223.696213] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 223.701164] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 223.706901] do_vfs_ioctl+0x1de/0x1720 [ 223.706922] ? ioctl_preallocate+0x300/0x300 02:29:54 executing program 6 (fault-call:6 fault-nth:18): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 223.706937] ? __fget_light+0x2f7/0x440 [ 223.706953] ? fget_raw+0x20/0x20 [ 223.706977] ? __sb_end_write+0xac/0xe0 [ 223.706997] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 02:29:54 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = socket$key(0xf, 0x3, 0x2) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000100)={0xbb, @local={0xac, 0x14, 0x14, 0xaa}, 0x4e23, 0x0, 'lc\x00', 0x0, 0x1, 0x5}, 0x2c) pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$EVIOCSKEYCODE(r1, 0x40084504, &(0x7f0000000400)=[0xe32, 0xed3c]) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x100, 0x0) ioctl$EVIOCGBITSND(r2, 0x80404532, &(0x7f00000002c0)=""/246) setsockopt$sock_void(r0, 0x1, 0x100000000024, 0x0, 0x0) personality(0x1bb2baf3005ac137) r3 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000280)={0x0, @broadcast, @broadcast}, &(0x7f0000000240)=0xffffffffffffffee) r4 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000180)={r2, 0x0, 0x6, "70e6275f94549e6492e86ad06d98e95aca2aef8e1f55f0842311f36455ac92304a81723a6876db05ecad7df0405df693c66dac352b72067898a1bd29c191596451e8dc4512ceb86c14432094ff8c0ac3e6c20391ead7b0e8ae943f057efd76caec12176ef77bc6ac65f9cd0f60204cf8334f9034f828f095822ca05b234117302be0eabd7e9b216e3778b27de384e7d3dad8"}) setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, &(0x7f0000000140)=0x2, 0x2) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r4, 0x0) readahead(r4, 0x0, 0x3) [ 223.707010] ? fput+0x130/0x1a0 [ 223.707027] ? ksys_write+0x1ae/0x260 [ 223.707044] ? security_file_ioctl+0x94/0xc0 [ 223.707059] ksys_ioctl+0xa9/0xd0 [ 223.707074] __x64_sys_ioctl+0x73/0xb0 [ 223.707089] do_syscall_64+0x1b9/0x820 [ 223.707104] ? finish_task_switch+0x1d3/0x870 [ 223.707122] ? syscall_return_slowpath+0x5e0/0x5e0 [ 223.707139] ? syscall_return_slowpath+0x31d/0x5e0 [ 223.707163] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 223.707185] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 223.707209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 223.707223] RIP: 0033:0x455ab9 [ 223.707227] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.707532] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.707549] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 223.707559] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 223.707567] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 223.707576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 223.707586] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000011 [ 223.756529] FAT-fs (loop3): bogus number of reserved sectors [ 223.756542] FAT-fs (loop3): Can't find a valid FAT filesystem [ 223.937418] FAULT_INJECTION: forcing a failure. [ 223.937418] name failslab, interval 1, probability 0, space 0, times 0 [ 223.957151] FAT-fs (loop3): bogus number of reserved sectors [ 223.957570] CPU: 1 PID: 12491 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 223.962446] FAT-fs (loop3): Can't find a valid FAT filesystem [ 223.967577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.967584] Call Trace: [ 223.967612] dump_stack+0x1c9/0x2b4 [ 223.967632] ? dump_stack_print_info.cold.2+0x52/0x52 [ 223.967660] should_fail.cold.4+0xa/0x1a [ 223.967680] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.106134] ? kasan_kmalloc+0xc4/0xe0 [ 224.106151] ? kasan_slab_alloc+0x12/0x20 [ 224.106166] ? kmem_cache_alloc+0x12e/0x760 [ 224.106183] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 224.106198] ? kvm_mmu_load+0x21/0x10e0 [ 224.106214] ? vcpu_enter_guest+0x3aa6/0x6090 [ 224.106228] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.106247] ? graph_lock+0x170/0x170 [ 224.106263] ? do_syscall_64+0x1b9/0x820 [ 224.106281] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.106305] ? find_held_lock+0x36/0x1c0 [ 224.106328] ? __lock_is_held+0xb5/0x140 [ 224.106358] ? check_same_owner+0x340/0x340 [ 224.106377] ? rcu_note_context_switch+0x730/0x730 [ 224.106398] __should_failslab+0x124/0x180 [ 224.106418] should_failslab+0x9/0x14 [ 224.106438] kmem_cache_alloc+0x2af/0x760 02:29:54 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:54 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa276") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:54 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000000180)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:29:54 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8a84020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 224.106454] ? kvm_clock_read+0x25/0x30 [ 224.106471] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 224.106489] ? ktime_get_with_offset+0x32e/0x4b0 02:29:54 executing program 6 (fault-call:6 fault-nth:19): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 224.106506] ? mmu_topup_memory_caches+0xf7/0x3a0 02:29:54 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 224.106526] mmu_topup_memory_caches+0xf7/0x3a0 [ 224.106548] kvm_mmu_load+0x21/0x10e0 [ 224.106565] ? vcpu_enter_guest+0x298c/0x6090 [ 224.106589] vcpu_enter_guest+0x3aa6/0x6090 [ 224.106616] ? kvm_set_msr_common+0x26a0/0x26a0 [ 224.106634] ? zap_class+0x740/0x740 02:29:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f0000000040)={0x101, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x16}}) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:29:55 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xc0000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:55 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = memfd_create(&(0x7f0000000000)='[lo\x00', 0x2) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040)=0x80000001, 0x4) personality(0x4100001) r1 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) r3 = msgget(0x2, 0x80) ioctl$RTC_AIE_OFF(r1, 0x7002) msgctl$IPC_RMID(r3, 0x0) iopl(0xffff) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x4010, r1, 0x180000000) 02:29:55 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:55 executing program 6 (fault-call:6 fault-nth:20): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 224.106652] ? vmx_vcpu_load+0xadf/0xff0 [ 224.106671] ? __lock_acquire+0x7fc/0x5020 [ 224.106687] ? vmx_vcpu_reset+0x1040/0x1040 [ 224.106703] ? graph_lock+0x170/0x170 [ 224.106736] ? __lock_is_held+0xb5/0x140 [ 224.106758] ? lock_acquire+0x1e4/0x540 [ 224.106772] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 224.106795] ? lock_release+0xa30/0xa30 [ 224.106809] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 224.106826] ? kvm_arch_dev_ioctl+0x610/0x610 [ 224.106840] ? preempt_notifier_dec+0x20/0x20 [ 224.106868] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.106882] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.106909] kvm_vcpu_ioctl+0x7b8/0x1300 [ 224.106929] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 224.106954] ? find_held_lock+0x36/0x1c0 [ 224.106983] ? lock_downgrade+0x8f0/0x8f0 [ 224.107004] ? rcu_is_watching+0x8c/0x150 [ 224.107018] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 224.107043] ? __fget+0x414/0x670 [ 224.107063] ? match_held_lock+0x821/0x8d0 [ 224.107079] ? expand_files.part.8+0x9c0/0x9c0 [ 224.107096] ? kasan_check_write+0x14/0x20 [ 224.107112] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 224.107136] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 224.107152] do_vfs_ioctl+0x1de/0x1720 [ 224.107172] ? ioctl_preallocate+0x300/0x300 [ 224.107186] ? __fget_light+0x2f7/0x440 [ 224.107202] ? fget_raw+0x20/0x20 [ 224.107222] ? __sb_end_write+0xac/0xe0 [ 224.107243] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 224.107257] ? fput+0x130/0x1a0 [ 224.107273] ? ksys_write+0x1ae/0x260 [ 224.107292] ? security_file_ioctl+0x94/0xc0 [ 224.107310] ksys_ioctl+0xa9/0xd0 [ 224.107329] __x64_sys_ioctl+0x73/0xb0 [ 224.107347] do_syscall_64+0x1b9/0x820 [ 224.107360] ? finish_task_switch+0x1d3/0x870 [ 224.107379] ? syscall_return_slowpath+0x5e0/0x5e0 [ 224.107396] ? syscall_return_slowpath+0x31d/0x5e0 [ 224.107419] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 224.107446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.107471] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.107484] RIP: 0033:0x455ab9 [ 224.107488] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 224.107801] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 224.107818] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 224.107827] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 224.107836] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 224.107846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 224.107855] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000012 [ 224.176126] FAT-fs (loop3): bogus number of reserved sectors [ 224.176139] FAT-fs (loop3): Can't find a valid FAT filesystem [ 224.404699] FAT-fs (loop3): bogus number of reserved sectors [ 224.404712] FAT-fs (loop3): Can't find a valid FAT filesystem [ 224.491873] FAT-fs (loop3): bogus number of reserved sectors [ 224.491885] FAT-fs (loop3): Can't find a valid FAT filesystem [ 224.643787] FAULT_INJECTION: forcing a failure. [ 224.643787] name failslab, interval 1, probability 0, space 0, times 0 [ 224.643808] CPU: 1 PID: 12543 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 224.643818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.643824] Call Trace: [ 224.643846] dump_stack+0x1c9/0x2b4 [ 224.643867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 224.643895] should_fail.cold.4+0xa/0x1a [ 224.643917] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.643937] ? kasan_kmalloc+0xc4/0xe0 [ 224.643953] ? kasan_slab_alloc+0x12/0x20 [ 224.643967] ? kmem_cache_alloc+0x12e/0x760 [ 224.643983] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 224.643999] ? kvm_mmu_load+0x21/0x10e0 [ 224.644020] ? vcpu_enter_guest+0x3aa6/0x6090 [ 224.644035] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.644051] ? graph_lock+0x170/0x170 [ 224.644066] ? do_syscall_64+0x1b9/0x820 [ 224.644083] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.644103] ? find_held_lock+0x36/0x1c0 [ 224.644124] ? __lock_is_held+0xb5/0x140 [ 224.644150] ? check_same_owner+0x340/0x340 [ 224.644168] ? rcu_note_context_switch+0x730/0x730 [ 224.644188] __should_failslab+0x124/0x180 [ 224.644207] should_failslab+0x9/0x14 [ 224.644222] kmem_cache_alloc+0x2af/0x760 [ 224.644235] ? kvm_clock_read+0x25/0x30 [ 224.644251] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 224.644267] ? ktime_get_with_offset+0x32e/0x4b0 [ 224.644284] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 224.644302] mmu_topup_memory_caches+0xf7/0x3a0 [ 224.644324] kvm_mmu_load+0x21/0x10e0 [ 224.644340] ? vcpu_enter_guest+0x298c/0x6090 [ 224.644362] vcpu_enter_guest+0x3aa6/0x6090 [ 224.644393] ? kvm_set_msr_common+0x26a0/0x26a0 [ 224.644415] ? vmx_vcpu_load+0xadf/0xff0 [ 224.644435] ? print_usage_bug+0xc0/0xc0 [ 224.644451] ? __lock_acquire+0x7fc/0x5020 [ 224.644467] ? vmx_vcpu_reset+0x1040/0x1040 [ 224.644483] ? graph_lock+0x170/0x170 [ 224.644501] ? __lock_acquire+0x7fc/0x5020 [ 224.644523] ? mark_held_locks+0xc9/0x160 [ 224.644535] ? __lock_is_held+0xb5/0x140 [ 224.644550] ? lock_acquire+0x1e4/0x540 [ 224.644560] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 224.644573] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 224.644589] ? lock_release+0xa30/0xa30 [ 224.644607] ? retint_kernel+0x10/0x10 [ 224.644632] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.644646] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.644672] kvm_vcpu_ioctl+0x7b8/0x1300 [ 224.644692] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 224.644708] ? find_held_lock+0x36/0x1c0 [ 224.644731] ? find_held_lock+0x36/0x1c0 [ 224.644756] ? lock_downgrade+0x8f0/0x8f0 [ 224.644778] ? kasan_check_read+0x11/0x20 [ 224.644791] ? rcu_is_watching+0x8c/0x150 [ 224.644805] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 224.644828] ? __fget+0x414/0x670 [ 224.644846] ? match_held_lock+0x821/0x8d0 [ 224.644862] ? expand_files.part.8+0x9c0/0x9c0 [ 224.644878] ? kasan_check_write+0x14/0x20 [ 224.644892] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 224.644914] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 224.644928] do_vfs_ioctl+0x1de/0x1720 [ 224.644944] ? __lock_is_held+0xb5/0x140 [ 224.644961] ? ioctl_preallocate+0x300/0x300 [ 224.644974] ? __fget_light+0x2f7/0x440 [ 224.644989] ? fget_raw+0x20/0x20 [ 224.645006] ? __sb_end_write+0xac/0xe0 [ 224.645025] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 224.645038] ? fput+0x130/0x1a0 [ 224.645053] ? ksys_write+0x1ae/0x260 [ 224.645071] ? security_file_ioctl+0x94/0xc0 [ 224.645087] ksys_ioctl+0xa9/0xd0 [ 224.645104] __x64_sys_ioctl+0x73/0xb0 [ 224.645121] do_syscall_64+0x1b9/0x820 [ 224.645135] ? finish_task_switch+0x1d3/0x870 [ 224.645152] ? syscall_return_slowpath+0x5e0/0x5e0 [ 224.645169] ? syscall_return_slowpath+0x31d/0x5e0 [ 224.645189] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 224.645208] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.645228] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.645241] RIP: 0033:0x455ab9 [ 224.645244] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 224.645534] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 224.645550] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 224.645559] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 224.645566] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 224.645574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 224.645583] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000013 [ 224.780165] FAT-fs (loop3): bogus number of reserved sectors [ 224.780178] FAT-fs (loop3): Can't find a valid FAT filesystem [ 224.829779] FAT-fs (loop3): bogus number of reserved sectors [ 224.829793] FAT-fs (loop3): Can't find a valid FAT filesystem [ 224.859280] FAULT_INJECTION: forcing a failure. [ 224.859280] name failslab, interval 1, probability 0, space 0, times 0 [ 224.859300] CPU: 0 PID: 12566 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 224.859311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.859316] Call Trace: [ 224.859337] dump_stack+0x1c9/0x2b4 [ 224.859357] ? dump_stack_print_info.cold.2+0x52/0x52 [ 224.859385] should_fail.cold.4+0xa/0x1a [ 224.859405] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.859423] ? kasan_kmalloc+0xc4/0xe0 [ 224.859439] ? kasan_slab_alloc+0x12/0x20 [ 224.859452] ? kmem_cache_alloc+0x12e/0x760 [ 224.859466] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 224.859479] ? kvm_mmu_load+0x21/0x10e0 [ 224.859493] ? vcpu_enter_guest+0x3aa6/0x6090 [ 224.859506] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.859522] ? graph_lock+0x170/0x170 [ 224.859535] ? do_syscall_64+0x1b9/0x820 [ 224.859551] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.859572] ? find_held_lock+0x36/0x1c0 [ 224.859592] ? __lock_is_held+0xb5/0x140 [ 224.859617] ? check_same_owner+0x340/0x340 [ 224.859634] ? rcu_note_context_switch+0x730/0x730 [ 224.859653] __should_failslab+0x124/0x180 [ 224.859669] should_failslab+0x9/0x14 [ 224.859683] kmem_cache_alloc+0x2af/0x760 [ 224.859697] ? lock_acquire+0x1e4/0x540 [ 224.859711] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 224.859728] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 224.859744] mmu_topup_memory_caches+0xf7/0x3a0 [ 224.859763] kvm_mmu_load+0x21/0x10e0 [ 224.859787] vcpu_enter_guest+0x3aa6/0x6090 [ 224.859802] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 224.859824] ? kvm_set_msr_common+0x26a0/0x26a0 [ 224.859841] ? vmx_vcpu_load+0xadf/0xff0 [ 224.859858] ? __lock_acquire+0x7fc/0x5020 [ 224.859881] ? vmx_vcpu_reset+0x1040/0x1040 [ 224.859897] ? graph_lock+0x170/0x170 [ 224.859917] ? __lock_acquire+0x7fc/0x5020 [ 224.859941] ? __lock_is_held+0xb5/0x140 [ 224.859960] ? lock_acquire+0x1e4/0x540 [ 224.859973] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 224.859994] ? lock_release+0xa30/0xa30 [ 224.860006] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 224.860021] ? kvm_arch_dev_ioctl+0x610/0x610 [ 224.860035] ? preempt_notifier_dec+0x20/0x20 [ 224.860059] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.860072] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 224.860097] kvm_vcpu_ioctl+0x7b8/0x1300 [ 224.860116] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 224.860130] ? find_held_lock+0x36/0x1c0 [ 224.860153] ? find_held_lock+0x36/0x1c0 [ 224.860179] ? lock_downgrade+0x8f0/0x8f0 [ 224.860200] ? kasan_check_read+0x11/0x20 [ 224.860213] ? rcu_is_watching+0x8c/0x150 [ 224.860227] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 224.860249] ? __fget+0x414/0x670 [ 224.860268] ? match_held_lock+0x821/0x8d0 [ 224.860282] ? expand_files.part.8+0x9c0/0x9c0 [ 224.860298] ? kasan_check_write+0x14/0x20 [ 224.860314] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 224.860336] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 224.860350] do_vfs_ioctl+0x1de/0x1720 [ 224.860365] ? __lock_is_held+0xb5/0x140 [ 224.860381] ? ioctl_preallocate+0x300/0x300 [ 224.860394] ? __fget_light+0x2f7/0x440 [ 224.860408] ? fget_raw+0x20/0x20 [ 224.860424] ? __sb_end_write+0xac/0xe0 [ 224.860441] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 224.860454] ? fput+0x130/0x1a0 [ 224.860468] ? ksys_write+0x1ae/0x260 [ 224.860485] ? security_file_ioctl+0x94/0xc0 [ 224.860501] ksys_ioctl+0xa9/0xd0 [ 224.860517] __x64_sys_ioctl+0x73/0xb0 [ 224.860533] do_syscall_64+0x1b9/0x820 [ 224.860545] ? finish_task_switch+0x1d3/0x870 [ 224.860562] ? syscall_return_slowpath+0x5e0/0x5e0 [ 224.860579] ? syscall_return_slowpath+0x31d/0x5e0 [ 224.860600] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 224.860620] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.860643] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.860655] RIP: 0033:0x455ab9 [ 224.860659] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 224.860953] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 224.860970] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 224.860980] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:29:56 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x2) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) accept$unix(r0, &(0x7f0000000000), &(0x7f0000000100)=0x6e) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:29:56 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd3840200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:56 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:56 executing program 4: seccomp(0x1, 0x1, &(0x7f0000000180)={0x3, &(0x7f0000000140)=[{0x9f4d, 0x8, 0xffffffffffffffff, 0x8}, {0x1, 0x7, 0x1e, 0xa2}, {0x8001, 0x797eeee8, 0x2, 0x6}]}) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400, 0x50) bind$alg(r0, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha1\x00'}, 0x58) r1 = socket$alg(0x26, 0x5, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000100)) ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f00000000c0)) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa276") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:56 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:56 executing program 6 (fault-call:6 fault-nth:21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:56 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) getresuid(&(0x7f0000000040)=0x0, &(0x7f00000000c0), &(0x7f0000000100)) fstat(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x8001, 0x0) write$P9_RGETATTR(r2, &(0x7f0000000380)={0xa0, 0x19, 0x2, {0x2, {0x31, 0x2, 0x5}, 0x10, r3, r4, 0x6, 0x9, 0xfff, 0x7, 0xc7, 0x9f, 0x9, 0x8, 0xcf, 0x7, 0x3, 0x6, 0xf0, 0x3a5f, 0x400000004000000}}, 0xa0) sync() [ 224.860989] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 224.860999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 224.861008] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000014 [ 226.321188] FAT-fs (loop3): bogus number of reserved sectors [ 226.327097] FAT-fs (loop3): Can't find a valid FAT filesystem [ 226.353303] FAULT_INJECTION: forcing a failure. [ 226.353303] name failslab, interval 1, probability 0, space 0, times 0 02:29:56 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xb00, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 226.364675] CPU: 1 PID: 12588 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 226.372049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.381412] Call Trace: [ 226.384013] dump_stack+0x1c9/0x2b4 [ 226.387746] ? dump_stack_print_info.cold.2+0x52/0x52 [ 226.392961] should_fail.cold.4+0xa/0x1a [ 226.397039] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.402158] ? kasan_kmalloc+0xc4/0xe0 [ 226.406055] ? kasan_slab_alloc+0x12/0x20 [ 226.410213] ? kmem_cache_alloc+0x12e/0x760 [ 226.414571] ? mmu_topup_memory_caches+0xf7/0x3a0 02:29:56 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 226.419427] ? kvm_mmu_load+0x21/0x10e0 [ 226.423415] ? vcpu_enter_guest+0x3aa6/0x6090 [ 226.427922] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 226.432962] ? graph_lock+0x170/0x170 [ 226.436789] ? do_syscall_64+0x1b9/0x820 [ 226.440863] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.446260] ? find_held_lock+0x36/0x1c0 [ 226.450429] ? __lock_is_held+0xb5/0x140 [ 226.454512] ? check_same_owner+0x340/0x340 [ 226.458845] ? rcu_note_context_switch+0x730/0x730 [ 226.463791] __should_failslab+0x124/0x180 [ 226.468043] should_failslab+0x9/0x14 [ 226.471855] kmem_cache_alloc+0x2af/0x760 [ 226.476012] ? kvm_clock_read+0x25/0x30 [ 226.480003] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 226.485035] ? ktime_get_with_offset+0x32e/0x4b0 [ 226.489795] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 226.494639] mmu_topup_memory_caches+0xf7/0x3a0 [ 226.499311] kvm_mmu_load+0x21/0x10e0 [ 226.503108] ? vcpu_enter_guest+0x298c/0x6090 [ 226.507599] vcpu_enter_guest+0x3aa6/0x6090 [ 226.511922] ? kvm_set_msr_common+0x26a0/0x26a0 [ 226.516600] ? vmx_vcpu_load+0xadf/0xff0 [ 226.520668] ? __lock_acquire+0x7fc/0x5020 [ 226.524894] ? vmx_vcpu_reset+0x1040/0x1040 [ 226.529204] ? graph_lock+0x170/0x170 [ 226.533012] ? __lock_acquire+0x7fc/0x5020 [ 226.537264] ? __lock_is_held+0xb5/0x140 [ 226.541317] ? lock_acquire+0x1e4/0x540 [ 226.545281] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 226.550295] ? lock_release+0xa30/0xa30 [ 226.554258] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 226.559534] ? kvm_arch_dev_ioctl+0x610/0x610 [ 226.564021] ? preempt_notifier_dec+0x20/0x20 [ 226.568519] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 226.573359] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 226.578659] kvm_vcpu_ioctl+0x7b8/0x1300 [ 226.582725] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 226.588424] ? find_held_lock+0x36/0x1c0 [ 226.592481] ? find_held_lock+0x36/0x1c0 [ 226.596546] ? lock_downgrade+0x8f0/0x8f0 [ 226.600690] ? kasan_check_read+0x11/0x20 [ 226.604825] ? rcu_is_watching+0x8c/0x150 [ 226.608981] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 226.613398] ? __fget+0x414/0x670 [ 226.616930] ? match_held_lock+0x821/0x8d0 [ 226.621161] ? expand_files.part.8+0x9c0/0x9c0 [ 226.625737] ? kasan_check_write+0x14/0x20 [ 226.629983] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 226.634912] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 226.640625] do_vfs_ioctl+0x1de/0x1720 [ 226.644591] ? __lock_is_held+0xb5/0x140 [ 226.648647] ? ioctl_preallocate+0x300/0x300 [ 226.653130] ? __fget_light+0x2f7/0x440 [ 226.657094] ? fget_raw+0x20/0x20 [ 226.660542] ? __sb_end_write+0xac/0xe0 [ 226.664509] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 226.670039] ? fput+0x130/0x1a0 [ 226.673310] ? ksys_write+0x1ae/0x260 [ 226.677113] ? security_file_ioctl+0x94/0xc0 [ 226.681524] ksys_ioctl+0xa9/0xd0 [ 226.684972] __x64_sys_ioctl+0x73/0xb0 [ 226.688863] do_syscall_64+0x1b9/0x820 [ 226.692742] ? finish_task_switch+0x1d3/0x870 [ 226.697233] ? syscall_return_slowpath+0x5e0/0x5e0 [ 226.702154] ? syscall_return_slowpath+0x31d/0x5e0 [ 226.707092] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 226.712449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.717388] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.722583] RIP: 0033:0x455ab9 [ 226.725758] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 226.745096] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 226.752795] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 226.760054] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:29:57 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000080)='echainiv(echainiv(ccm(cast6-generic)))\x00', 0xfffffffffffffffe) keyctl$restrict_keyring(0x1d, r1, 0x0, &(0x7f00000000c0)='\x00') bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 226.768014] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 226.775383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 226.782651] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000015 02:29:57 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:57 executing program 6 (fault-call:6 fault-nth:22): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 226.909140] FAT-fs (loop3): bogus number of reserved sectors [ 226.915204] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:57 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:57 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 227.032797] FAULT_INJECTION: forcing a failure. [ 227.032797] name failslab, interval 1, probability 0, space 0, times 0 [ 227.044112] CPU: 1 PID: 12637 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 227.051485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.060850] Call Trace: [ 227.063466] dump_stack+0x1c9/0x2b4 [ 227.067121] ? dump_stack_print_info.cold.2+0x52/0x52 [ 227.072338] should_fail.cold.4+0xa/0x1a [ 227.076420] ? fault_create_debugfs_attr+0x1f0/0x1f0 02:29:57 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) syz_mount_image$vfat(&(0x7f0000000180)='vfat\x00', &(0x7f00000001c0)='./file0\x00', 0x1, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000200)="45a73623bded4231aa429003312c11f5e717f339d58141e48dc12b2f9ebd9784db", 0x21, 0x20e6}, {&(0x7f0000000240)="c194b2fd207247670e35c64ce55138f0071283f14acb34c5e4cfa6a7b30330464d480f46f2f6a22f3af3f9565e88b25ee5fc11e1e7314701fa4bf859050be5178f22", 0x42, 0x10001}], 0x800000, &(0x7f0000000300)={[{@uni_xlate='uni_xlate=1', 0x2c}, {@iocharset={'iocharset', 0x3d, 'cp949'}, 0x2c}, {@utf8no='utf8=0', 0x2c}]}) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) ppoll(&(0x7f0000000000)=[{r1, 0x5002}, {r1, 0x128}], 0x2, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000100)={0x7f}, 0x8) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000140)) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000001, 0x11, r1, 0x0) 02:29:57 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$read(0xb, r1, &(0x7f0000000080)=""/170, 0xaa) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:57 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfffffff4, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 227.081539] ? kasan_kmalloc+0xc4/0xe0 [ 227.085441] ? kasan_slab_alloc+0x12/0x20 [ 227.089607] ? kmem_cache_alloc+0x12e/0x760 [ 227.093948] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 227.098807] ? kvm_mmu_load+0x21/0x10e0 [ 227.102796] ? vcpu_enter_guest+0x3aa6/0x6090 [ 227.107307] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 227.112349] ? graph_lock+0x170/0x170 [ 227.116162] ? do_syscall_64+0x1b9/0x820 [ 227.120244] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.125635] ? find_held_lock+0x36/0x1c0 [ 227.129716] ? __lock_is_held+0xb5/0x140 [ 227.133817] ? check_same_owner+0x340/0x340 [ 227.138158] ? rcu_note_context_switch+0x730/0x730 [ 227.143114] __should_failslab+0x124/0x180 [ 227.147383] should_failslab+0x9/0x14 [ 227.151214] kmem_cache_alloc+0x2af/0x760 [ 227.155379] ? kvm_clock_read+0x25/0x30 [ 227.159388] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 227.164607] ? ktime_get_with_offset+0x32e/0x4b0 [ 227.169388] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 227.174353] mmu_topup_memory_caches+0xf7/0x3a0 [ 227.179051] kvm_mmu_load+0x21/0x10e0 [ 227.183073] ? vcpu_enter_guest+0x298c/0x6090 [ 227.187601] vcpu_enter_guest+0x3aa6/0x6090 [ 227.191955] ? kvm_set_msr_common+0x26a0/0x26a0 [ 227.196662] ? vmx_vcpu_load+0xadf/0xff0 [ 227.200763] ? __lock_acquire+0x7fc/0x5020 [ 227.205021] ? vmx_vcpu_reset+0x1040/0x1040 [ 227.209366] ? graph_lock+0x170/0x170 [ 227.213207] ? __lock_acquire+0x7fc/0x5020 [ 227.217567] ? __lock_is_held+0xb5/0x140 [ 227.221650] ? lock_acquire+0x1e4/0x540 [ 227.225637] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 227.230677] ? lock_release+0xa30/0xa30 [ 227.234673] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 227.239974] ? kvm_arch_dev_ioctl+0x610/0x610 [ 227.244582] ? preempt_notifier_dec+0x20/0x20 [ 227.249113] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 227.253983] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 227.259159] kvm_vcpu_ioctl+0x7b8/0x1300 [ 227.263274] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 227.269006] ? find_held_lock+0x36/0x1c0 [ 227.273123] ? find_held_lock+0x36/0x1c0 [ 227.277218] ? lock_downgrade+0x8f0/0x8f0 [ 227.281404] ? kasan_check_read+0x11/0x20 [ 227.285573] ? rcu_is_watching+0x8c/0x150 [ 227.289713] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 227.294117] ? __fget+0x414/0x670 [ 227.297562] ? match_held_lock+0x821/0x8d0 [ 227.301832] ? expand_files.part.8+0x9c0/0x9c0 [ 227.306408] ? kasan_check_write+0x14/0x20 [ 227.310646] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 227.316563] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 227.322267] do_vfs_ioctl+0x1de/0x1720 [ 227.326157] ? __lock_is_held+0xb5/0x140 [ 227.330215] ? ioctl_preallocate+0x300/0x300 [ 227.334610] ? __fget_light+0x2f7/0x440 [ 227.338569] ? fget_raw+0x20/0x20 [ 227.342010] ? __sb_end_write+0xac/0xe0 [ 227.345980] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 227.351503] ? fput+0x130/0x1a0 [ 227.354770] ? ksys_write+0x1ae/0x260 [ 227.358558] ? security_file_ioctl+0x94/0xc0 [ 227.362956] ksys_ioctl+0xa9/0xd0 [ 227.366397] __x64_sys_ioctl+0x73/0xb0 [ 227.370273] do_syscall_64+0x1b9/0x820 [ 227.374236] ? finish_task_switch+0x1d3/0x870 [ 227.378718] ? syscall_return_slowpath+0x5e0/0x5e0 [ 227.383637] ? syscall_return_slowpath+0x31d/0x5e0 [ 227.388658] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 227.394038] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.398984] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.404183] RIP: 0033:0x455ab9 [ 227.407354] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 227.426577] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 227.434287] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 227.441544] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 227.448886] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 227.456333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 227.463591] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000016 02:29:57 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:29:57 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa276") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 227.550115] FAT-fs (loop3): bogus number of reserved sectors [ 227.556066] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:58 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x6, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 227.632926] FAT-fs (loop3): bogus number of reserved sectors [ 227.638851] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:58 executing program 4: r0 = syz_open_dev$adsp(&(0x7f00000002c0)='/dev/adsp#\x00', 0xed, 0x400000) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000300)={0x7, [0x6, 0x7f, 0xffffffff, 0x6, 0x1ff, 0x5, 0x4]}, 0x12) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x40000, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000001c0)={0x0, 0x3}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000240)={r2, 0x6}, &(0x7f0000000280)=0x8) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0xffffffffffffff64) ioctl$sock_proto_private(r3, 0x89ea, &(0x7f00000003c0)="a9fd2d5be81e41d924fd2d18d210ab905e6a490c708b63bff6e5a248333c11de3ea9c6efc3a53b24dce84d767f53c3bf118e2db9136e104bfcb8a9bc5ab2a1adfe0277d7ecfe407f71ff45c2b65b980b23c1c170fecff68b1adf280e2d44d57f02f868a1b84acd110e32be52be92665a4567e916d0377d65f8c4d547c5da889e6b5f3d607c1508f2e5b592dfa183e61ae47feb79d557611832363f5151773dd6c64d863afecf67539bff0572e67c7967c5fcf5826a0107c0e133c99a237a842c1241d25fe891ad01f5c65720f162862babea0c04d9f3a96d3e2fb867581d552a9f5b6a401f2d75906d3ffb7b0a9447035cbc6954a942b450e7fa986d7f001eeacf58f3237318a126b7ab28ab17da3191dff433a6611ff50467bb74d88935c27767132183694f4d4b01ac0a687181c03dbd52220ae4b3268c5f42b649288c22e7b30795d74bfb7bc291bce387bccb87422712ca4dd14075f79d3840bc8100340938bb753d26d5e9c1b59d556ce60f3dac89aea476c695d009bc4845de72e7bc877fd180d8b8ba82b8346943a5a539fa7d26ab7be1573225d3c54f764fbd87595e373433b3e595c8b26066a2957ca26c66348d7a324c2025fcf90b83a423f3e35fd4b17219ea98ee862ca182c6d5187527a6c50a9bca1f54843c58e921052dace174c1e83ace604a0381a6670d7b2515b8a7dd5146daa4c1b10aa36e47853459ddb82efef0acbae0dcf9f157a0d9db60f7e6cc925851f670192100742ae14d80494d598f756ab4bd0af29ec9977f6fd814ec7a0e7c01e002e042943fee83fdf794814e2a30a5637c9aed3e9a5579436560b894f1dde49b99b48da81db92bf790303f546db36b13199af4cb5013cc2d90937481c7e5c98995dfa757e689a9f7ee7b55509d681c02b9adf10abfc53236a7ce15ac8b9346c8067e70de269d5747e7f97f9d8367e097b196d30b122cab55927d20f8a43282dc20e3918874d0da51226e5e9d2f337d1a31342eb75d41378a4d28c6bec8425168fde64a02e847a15eb7e086e42687b1d2113a39ce378aa4ec489160603abd9230797d3ac0f8b984b8fcdc052d18501642f85cb0101655c3ff9b1fdaadb069f2b37ac110c28b7a1a5e077339b92b7beafff865e07820668c68792b33595e68681422fc3aab0521b5d59a777056ba2da977716f203d0f4a83ca005451eaa3d3725ab4639485ab1956982e35b9acb864f686c25160b55334945d88702473fbced26117815569a4da498fa4f8a69505313516d4968bb1c0570b6a35abce785a811c438e19efa853e851541d5ad5ab84d68fc18a973b5466e369de890e0b4aea55a8568e4fcf14c7942de05fcb389536ca076b9dd680e7f55bdf17fdab1c0313f6c84d24ee7d7496cf29f412ccf9469680fdd32032508ea78d819cdbdd8c01c67dbad6a6d789b01ef411fe4a7fc5941320525ae2d9e3dc56745cf01e306a806064713b3ef16833b53a48a65e70d04cc79b01e03aa663928961938f85ae394354f69a3e8334bdc99926943949eded1b942cc9b318a4a2a2b88047ca8d4255c29c95d16b287c128f85957edda8b88250db508d5337ad55ec2585f5b68f15014b040a5b669fe352d4e0358214a6d6c9b3e86583906b0a1f1f00244a21a39072b512071237f7172bcaa0435403feb6faf8a8ffe598dd7b588afdcd2cb7b5d6efc68969712875173f590d91dafa0ec96378fe5668c1f0831b1f2894c1be74d34c007bff549c4a442e67719f52cd9353fbba6b30f882fa16f83d39c805d0c2287984dadc4803529110772cfed568955b7b1068a6156c6d7ae39bddca49a47c6a7869c695fd733d736258ad30c57f5f7dcd99b4de7fa2706da8c675edc496ce252f988f1803ffc785a84bda2abf4a700b935fcb05c9ac78bd03f5543e12dccaaa4e28d9265c423052649a5b3d3943a793706d13b2d7c9c8d98c29e449941afc826633b9ce040815476fe06740e3fc29c8ce2dc6ee0953cb7f5b723b6c9efc40da30281c517aa68ca5b52541b5f9e49914e72de2bc7e84a617553b15240e555750a19ecc1a5a99fc720103a353655aed6e82a72a80ef337ad5cd938ea1ef636a323c5e47d0b8804246edbff9712365b61b695232b0162933d6f6eebe7c09877961cb553c8873869beabe4c258b1d232b97d4fe5a699ed29b8ee6765a96dc5e76a0a6666611fca3bc3c8fab2f0aaaa970b5ffae34ce019b49be5a58b38c48c32a7c80e18f7c2ca391ede13f959fe1d763c86bc5188cec2431171450d95bc69b28fd0c59dc85dc7083016d21e9653d5c5c8f3f61492b813e1c132fba0fb72e57731114d0d284ee16ba300d41632df0f38bcdce2ecebbae3eaf78daf842facf68ab620c2323612d8d878949f599cfa5e8ea2df6c454e504924a2e476ea588808727eed683c2b327a700b9a7dad09401b60edaa07cee5a6d9147515e27899809f570eeba87b186e68f16ccaaadc910b6963934e625c4cb61248a6266ede34493c7f629d07b5945e70d405fa19632137f083d745a735521205002f474bb195143d2f91a5e5d67cb9213eadae8f4083491eb27da19a4bcced2ed27d75bb73ff0c91e7cbdb67bae896b4bdf7725cbf80559db162636ec1187fe27b98a2b1b079b6fa3ffdc4c45a260903fb5428f404eaec35bf7a40d7500f1f249eb669c4aec330abac6d4f906f7469fbeb27f6bdcebd4368ed541aac8af51265e8463f6832f28c4bf18ba665d46d1ba76c358c3b423024540743ec1d828ed0da54a8b7e9d34abab6f923856cfebb02834e4afc9a3acdfcc281b975ce9369a7def818de38b2465aefe39750d5a4bf26383d9b632c5676d9532be3e1b8075bbd9b20f723fe51a670df6706a5c02773e72edca4087a7a3dd282ddbdd57b237d7c98e25969ab6ba4069d759df12278eafbb1dc304f7180e7fac30407cc288dd57ff0ce9b86d7695f798fb1e64386175754f15341497552963567f39e60fe92bc4b29f21d666e448018dd33ce27c7274840d9a1178d650a724bf9a3bd3dba7af41332bcd9cb8e9d72b0d3afc9d0a7387fc95ae857a11cc5596dc7b6fc6832ed4f8e1e97d0cd81f683398610a55223a45dbf5b84c66a28c2310ff278784807eea33f5eb8ed7a89d0fea9d6e3d81979e5e045d91a6b8ac6803710808ffd299a0fb6def45481369d85bda373f392f682e6d24b138208fcf46b914583acb07a3db15fa3112fbb3af74c037d64195cb613fe1a249613c5867d8b4c04ff724662fb1e87cd1bc1c12af2d3024654f1bb26119665f7fc948cc706a4abcf777b2f95c0182fc41026f212b81b118741c1ffa03730ec4e616d8936537874b8dd130048afd2dd699da779a027b99bd2a4ca90a61682e13d1f3fec26c98f8c809cb479756d19495d5108e8633f0a2eaf7b8b59930427341541e06b690c11d681735141642c74259eabd86e13151bd1eb55938264131b74044c160a3d8d025c20eaf87414133c14402af427881aa2892b3fe04d4ca23df7a72ab2d1d18f64cd34695124bf7978f504e48f84302989b0e2ccfddf8d891e69a2ca1c5b4f055ad91680c81e4f817809483359b1713fe6e7dd371f43165eaadcf70f56abf67d37705774a7f56a38a2cef4893ecbaf69b846030e22f7a351a6111b0b56be5b55b0cfc4c80e7789b97b4e34e01572b5895cff9ba30edc054a7f4e57f1ab9a1e792ee474b335b3b7b792fe877f5881878809e9442fe3c8d07013c9fc3631bff42a558c2ea062a00bc9940f7a1f789987927d961a062aa5abee58150b29814869e426f4e1b383577210e99724d3ed7742c25b9b664359a4d77b73c926f1fd11d375bb4139eef3f470f6df669df6597c78721d2b2954b9204b4b6b8cfde142719c829cee72deed1df7b796413a64047e606f022590d42321dbf7e9425fed4c20a10582f78899c966026ac89c883a9ae9dd3588845f37361a31e3df3764cd09b3ea3360e6ea45bf675b04f1da2bbfecd125c77bd1474b5cb17f5018f8980ef4c9922f90d8c682fb4c91b31885156f9c9d5bd1036433c86af4fa609bc661c6f90267111a928338538919b69a125f77bcd6916a7c9c588e0febd7a5d1c7849b34eeff02d40ee8b66656b3ef07e0d5cdf75ca2c72c9bd1206b88b1a23f8c0c1e9c3fa03c3e3d0d8525c065b40e1c25321ba3f08505be46b3a3338eb30d3808826d13dabb37146879539244ba58dd66ce6b9d498d018de6047f9a1af3e80c75dde28045f7fe9db7edde2e8d5494b8edf6d9b5b096a13c6a0e2870222eebbb932acf6d7a72458398e225974e402d87fe284b5f45bcd76e5d1c1c2d892deeccd8ae44c876ef91b97f57bb5a3d7e081f5268f481de8cbc9c26ca82fc19990ca8f4ee91be509a84a03a98601c3af8451ded278324f32be07395c46288c5a02cbb4f31badb92a6ba29f4fbd6ba866279d409bb786a424e08f7d9a28b79d7b4938111b623a343c8dad410f0837a147a64c640c366e448b748e70d1bae19b85a0012ec3c7c52b26396e163df97e5322cf0747c118151b8fd3bc9e01c612b0ae502661dc0dc3a1d2f797a617c675aeb11a194a76113e4abd4947b345c32241268744503988e6fc7af19302e58a48b63af03522bee677a12c39e0893e2938a1ce5799fd27f4f43a9e79b92ffed55aa911bb6108f7092022fd60dabc6e2870d12c2194479eb4a2ed500fe015d41009d2458948cc3322abd3a840acb1e3877f695990af600a4da81146b7b3f6b03e88aa3afea471cf95cf22d52b025845dca3c04144a950b2948243a7623691d5f2a74f39e3ca4f5da1b98112b3b19613b16189e5599dea1037f62ada324e34d8919d67ed99ecf310e87496acf9a221f6db202ca3d730cd5358cf913e9801f7a08583fccc0df258288d9d823b5d7caa9ced48255cdf3523b6523e862d39fcef243957ae194f761edcaa76d9499bbc1f871683f00cce9263fec4002f78fe38d31aaa2f6131a494a030af53126e44aea5099d1663d933b0f70b82e07a651009b9dc9b2f94e2af19ec1ee233fc8af95e2469310d45dae43cea2fc947ccd66fa76251a84dbb76b9f7012e58883abd68ee415dceb1b810c550a5aa5c260b53921c2a8fc57055b3a41e8fcea5a9b17b5a7e53d93841aa99f5b7d61dc66d77472e65917b9f5188c319c48cd56889de101e47085298ca392d26b15533a929277a2d4ba611c8553869674fc3795854dff5a3f4bbdc085237f7b7283adc2cce7e3ff6fc4ca8f89ecfb1f4b5024686a7014f46d25d3dc812defe97c2e573d547c8eedefdcc680795af4dfa1fd1da3df66367bdb79618dbd7d3f75261918017dfb267f6dccc27beb8cb9759329f996c098ba4066e098efb45b40232d35868f5da794cdd5aec9e87f13932e07a7110209e704e22ae0b80ee4bdee40811f6f9e18305f321a076eadfe0bf5ff42eb2fb6e1304161e23ed2674e97343ba0931891454022c506bd3cca585eca945e70f8b22fe5344341b5a53c7673eac4ca24683c2df482b35897c2833e25266fafeafe03ee86ad721ebd4b9eb707da9586062407755d9eef1331c195b6a0fc275f3e577df7dd16826df2e2e9032afc919c75a11226a9b96a89aa5fa65b28c359b28f8d0ac4ea4aa424e42294cb9df145b446797c9c94e6386d7a74fe4174cc2c9e61f872d57597c9f74107ec9917b09eae42f09d167d195b6f18f27b642c46ce446717af5ad8bac0917d3a748eb5ba2c72786f768fd4724a5fe0f8f11f811c2f48afbe5067815d7c988f6dae7ad4e18680431c44fa7cbaa4a12d245d79d65") r4 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x5, 0x10000) setsockopt$inet6_MRT6_DEL_MFC(r4, 0x29, 0xcd, &(0x7f0000000100)={{0xa, 0x4e20, 0x3ff, @remote={0xfe, 0x80, [], 0xbb}, 0x1ff}, {0xa, 0x4e24, 0x7, @mcast2={0xff, 0x2, [], 0x1}, 0xe56}, 0x3f, [0x4d06db73, 0x2, 0xfffffffffffffff9, 0x42e4, 0x7, 0x10000, 0x1, 0x8ca]}, 0x5c) ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f00000000c0)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1}) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000013c0)={r2, 0x2, 0x6, 0x9a5, 0x59}, &(0x7f0000001400)=0x14) bind$alg(r4, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x11ca400a) [ 227.684092] print_req_error: I/O error, dev loop0, sector 30720 [ 227.690337] print_req_error: I/O error, dev loop0, sector 32104 02:29:58 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 227.728378] print_req_error: I/O error, dev loop0, sector 2304 [ 227.734735] print_req_error: I/O error, dev loop0, sector 3328 [ 227.740905] print_req_error: I/O error, dev loop0, sector 4352 [ 227.809396] print_req_error: I/O error, dev loop0, sector 5000 [ 227.815525] buffer_io_error: 1015 callbacks suppressed [ 227.815534] Buffer I/O error on dev loop0, logical block 625, lost async page write 02:29:58 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x5e5) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x101000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000000c0)={0x9, 0x0, 0x80000000}) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000140)=0x1) 02:29:58 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) 02:29:58 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x11, r0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) 02:29:58 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcf84020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:58 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x81, 0x11402) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) getsockopt$bt_hci(r2, 0x0, 0x0, &(0x7f0000000380)=""/182, &(0x7f0000000040)=0xb6) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$fiemap(r1, 0xc020660b, &(0x7f00000000c0)={0x2, 0x3f, 0x7, 0x8000, 0x2, [{0x4, 0x0, 0x400, 0x0, 0x0, 0x609}, {0x4, 0x800, 0x100, 0x0, 0x0, 0x1100}]}) sync() ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000180)=0x14000) 02:29:58 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:58 executing program 6 (fault-call:6 fault-nth:23): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:58 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1700000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:29:58 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:29:58 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) [ 228.069147] FAT-fs (loop3): bogus number of reserved sectors [ 228.075317] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:58 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, 0xffffffffffffffff) [ 228.136760] FAULT_INJECTION: forcing a failure. [ 228.136760] name failslab, interval 1, probability 0, space 0, times 0 [ 228.148172] CPU: 1 PID: 12723 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 228.155548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.164914] Call Trace: [ 228.167538] dump_stack+0x1c9/0x2b4 [ 228.171177] ? dump_stack_print_info.cold.2+0x52/0x52 [ 228.176376] should_fail.cold.4+0xa/0x1a [ 228.180440] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 228.185550] ? kasan_kmalloc+0xc4/0xe0 [ 228.189447] ? kasan_slab_alloc+0x12/0x20 [ 228.193590] ? kmem_cache_alloc+0x12e/0x760 [ 228.197907] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 228.203003] ? kvm_mmu_load+0x21/0x10e0 [ 228.206990] ? vcpu_enter_guest+0x3aa6/0x6090 [ 228.211481] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 228.216502] ? graph_lock+0x170/0x170 [ 228.220295] ? do_syscall_64+0x1b9/0x820 [ 228.224348] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.229709] ? find_held_lock+0x36/0x1c0 [ 228.233943] ? __lock_is_held+0xb5/0x140 [ 228.238183] ? check_same_owner+0x340/0x340 [ 228.242524] ? rcu_note_context_switch+0x730/0x730 [ 228.247454] __should_failslab+0x124/0x180 [ 228.251693] should_failslab+0x9/0x14 [ 228.255485] kmem_cache_alloc+0x2af/0x760 [ 228.259629] ? lock_acquire+0x1e4/0x540 [ 228.263603] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 228.268439] mmu_topup_memory_caches+0xf7/0x3a0 [ 228.273108] kvm_mmu_load+0x21/0x10e0 [ 228.276909] vcpu_enter_guest+0x3aa6/0x6090 [ 228.281226] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 228.285460] ? kvm_set_msr_common+0x26a0/0x26a0 [ 228.290214] ? vmx_vcpu_load+0xadf/0xff0 [ 228.294275] ? __lock_acquire+0x7fc/0x5020 [ 228.298522] ? vmx_vcpu_reset+0x1040/0x1040 [ 228.302834] ? graph_lock+0x170/0x170 [ 228.306638] ? __lock_acquire+0x7fc/0x5020 [ 228.310873] ? __lock_is_held+0xb5/0x140 [ 228.314944] ? lock_acquire+0x1e4/0x540 [ 228.318922] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 228.323935] ? lock_release+0xa30/0xa30 [ 228.327899] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 228.333168] ? kvm_arch_dev_ioctl+0x610/0x610 [ 228.337653] ? preempt_notifier_dec+0x20/0x20 [ 228.342163] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 228.346999] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 228.352031] kvm_vcpu_ioctl+0x7b8/0x1300 [ 228.356095] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 228.361796] ? find_held_lock+0x36/0x1c0 [ 228.365854] ? find_held_lock+0x36/0x1c0 [ 228.370104] ? lock_downgrade+0x8f0/0x8f0 [ 228.374248] ? kasan_check_read+0x11/0x20 [ 228.378389] ? rcu_is_watching+0x8c/0x150 [ 228.382527] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 228.386948] ? __fget+0x414/0x670 [ 228.390495] ? match_held_lock+0x821/0x8d0 [ 228.394819] ? expand_files.part.8+0x9c0/0x9c0 [ 228.399405] ? kasan_check_write+0x14/0x20 [ 228.403632] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 228.408666] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 228.414381] do_vfs_ioctl+0x1de/0x1720 [ 228.418263] ? __lock_is_held+0xb5/0x140 [ 228.422315] ? ioctl_preallocate+0x300/0x300 [ 228.426719] ? __fget_light+0x2f7/0x440 [ 228.430702] ? fget_raw+0x20/0x20 [ 228.434150] ? __sb_end_write+0xac/0xe0 [ 228.438120] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 228.443650] ? fput+0x130/0x1a0 [ 228.446936] ? ksys_write+0x1ae/0x260 [ 228.450746] ? security_file_ioctl+0x94/0xc0 [ 228.455148] ksys_ioctl+0xa9/0xd0 [ 228.458599] __x64_sys_ioctl+0x73/0xb0 [ 228.462479] do_syscall_64+0x1b9/0x820 [ 228.466445] ? finish_task_switch+0x1d3/0x870 [ 228.470965] ? syscall_return_slowpath+0x5e0/0x5e0 [ 228.475889] ? syscall_return_slowpath+0x31d/0x5e0 [ 228.480828] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 228.486191] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 228.491118] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.496297] RIP: 0033:0x455ab9 [ 228.499471] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 228.518977] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 228.526689] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 228.533946] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 228.541204] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 228.548465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 228.555746] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000017 [ 228.571773] FAT-fs (loop3): bogus number of reserved sectors [ 228.577887] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:59 executing program 6 (fault-call:6 fault-nth:24): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa27620") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:29:59 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r2, 0xc00, 0x70bd2c, 0x25dfdbff, {0x10}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x0) r3 = getpgrp(0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r3}) 02:29:59 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x10000) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x8a, 0x800) ioctl$EVIOCGBITSND(r2, 0x80404532, &(0x7f0000000480)=""/241) r3 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) fcntl$getown(r0, 0x9) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000140)={0x7ff, 0x3, 0x7}) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r3) creat(&(0x7f00000000c0)='./file0\x00', 0xa8) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000100)) 02:29:59 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:59 executing program 3: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x2469, 0x40) execveat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=[&(0x7f0000000100)='(vmnet0-\x00'], &(0x7f0000000240)=[&(0x7f0000000180)='{GPLvmnet0\x00', &(0x7f00000001c0)='vfat\x00', &(0x7f0000000200)='vfat\x00'], 0x400) mknodat(r0, &(0x7f0000000280)='./file0/bus\x00', 0x20, 0x1) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r1 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000002c0)=0x0) syz_open_procfs(r3, &(0x7f0000000300)='net/nfsfs\x00') mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) 02:29:59 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 228.880182] FAULT_INJECTION: forcing a failure. [ 228.880182] name failslab, interval 1, probability 0, space 0, times 0 [ 228.891638] CPU: 0 PID: 12753 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 228.899025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.908403] Call Trace: [ 228.911018] dump_stack+0x1c9/0x2b4 [ 228.914674] ? dump_stack_print_info.cold.2+0x52/0x52 [ 228.919905] should_fail.cold.4+0xa/0x1a [ 228.924001] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 228.929242] ? kasan_kmalloc+0xc4/0xe0 [ 228.933159] ? kasan_slab_alloc+0x12/0x20 [ 228.937424] ? kmem_cache_alloc+0x12e/0x760 [ 228.941834] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 228.946698] ? kvm_mmu_load+0x21/0x10e0 [ 228.950697] ? vcpu_enter_guest+0x3aa6/0x6090 [ 228.955186] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 228.960201] ? graph_lock+0x170/0x170 [ 228.963990] ? do_syscall_64+0x1b9/0x820 [ 228.968051] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.973417] ? find_held_lock+0x36/0x1c0 [ 228.977493] ? __lock_is_held+0xb5/0x140 [ 228.981572] ? check_same_owner+0x340/0x340 [ 228.985902] ? rcu_note_context_switch+0x730/0x730 [ 228.990856] __should_failslab+0x124/0x180 [ 228.995089] should_failslab+0x9/0x14 [ 228.998879] kmem_cache_alloc+0x2af/0x760 [ 229.003029] ? lock_acquire+0x1e4/0x540 [ 229.007031] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 229.011904] mmu_topup_memory_caches+0xf7/0x3a0 [ 229.016573] kvm_mmu_load+0x21/0x10e0 [ 229.020394] vcpu_enter_guest+0x3aa6/0x6090 [ 229.024713] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 229.028944] ? kvm_set_msr_common+0x26a0/0x26a0 [ 229.033627] ? zap_class+0x740/0x740 [ 229.037340] ? vmx_vcpu_load+0xadf/0xff0 [ 229.041409] ? __lock_acquire+0x7fc/0x5020 [ 229.045650] ? vmx_vcpu_reset+0x1040/0x1040 [ 229.049974] ? graph_lock+0x170/0x170 [ 229.053793] ? __lock_is_held+0xb5/0x140 [ 229.057852] ? lock_acquire+0x1e4/0x540 [ 229.061818] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 229.066918] ? lock_release+0xa30/0xa30 [ 229.070894] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 229.076180] ? kvm_arch_dev_ioctl+0x610/0x610 [ 229.080679] ? preempt_notifier_dec+0x20/0x20 [ 229.085176] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.090012] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.095043] kvm_vcpu_ioctl+0x7b8/0x1300 [ 229.099101] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 229.104814] ? find_held_lock+0x36/0x1c0 [ 229.108881] ? lock_downgrade+0x8f0/0x8f0 [ 229.113034] ? rcu_is_watching+0x8c/0x150 [ 229.117176] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 229.121586] ? __fget+0x414/0x670 [ 229.125041] ? match_held_lock+0x821/0x8d0 [ 229.129280] ? expand_files.part.8+0x9c0/0x9c0 [ 229.133865] ? kasan_check_write+0x14/0x20 [ 229.138107] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 229.143042] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 229.148744] do_vfs_ioctl+0x1de/0x1720 [ 229.152630] ? ioctl_preallocate+0x300/0x300 [ 229.157032] ? __fget_light+0x2f7/0x440 [ 229.160996] ? fget_raw+0x20/0x20 [ 229.164536] ? __sb_end_write+0xac/0xe0 [ 229.168503] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 229.174134] ? fput+0x130/0x1a0 [ 229.177402] ? ksys_write+0x1ae/0x260 [ 229.181197] ? security_file_ioctl+0x94/0xc0 [ 229.185599] ksys_ioctl+0xa9/0xd0 [ 229.189050] __x64_sys_ioctl+0x73/0xb0 [ 229.193025] do_syscall_64+0x1b9/0x820 [ 229.196910] ? finish_task_switch+0x1d3/0x870 [ 229.201400] ? syscall_return_slowpath+0x5e0/0x5e0 [ 229.206324] ? syscall_return_slowpath+0x31d/0x5e0 [ 229.211252] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 229.216626] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.221509] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.226689] RIP: 0033:0x455ab9 [ 229.229862] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.250684] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 229.258609] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 229.265881] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 229.273149] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 229.280408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 229.287681] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000018 [ 229.316640] FAT-fs (loop3): bogus number of reserved sectors [ 229.322596] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:59 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) ioctl$KDENABIO(r1, 0x4b36) rt_sigsuspend(&(0x7f0000000180)={0xfe}, 0x8) socket$alg(0x26, 0x5, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r2, 0x23, 0x70bd2a, 0x25dfdbfb, {0x3}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_TYPE={0x8, 0x4, 0x3}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000004}, 0x20000050) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:29:59 executing program 7: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4000000000004000) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 229.405388] FAT-fs (loop3): bogus number of reserved sectors [ 229.411365] FAT-fs (loop3): Can't find a valid FAT filesystem 02:29:59 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) 02:29:59 executing program 6 (fault-call:6 fault-nth:25): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:29:59 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf2ffffff, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 229.549216] FAT-fs (loop3): bogus number of reserved sectors [ 229.555151] FAT-fs (loop3): Can't find a valid FAT filesystem [ 229.606132] FAT-fs (loop3): bogus number of reserved sectors [ 229.612126] FAT-fs (loop3): Can't find a valid FAT filesystem [ 229.647511] FAULT_INJECTION: forcing a failure. [ 229.647511] name failslab, interval 1, probability 0, space 0, times 0 [ 229.658900] CPU: 0 PID: 12793 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 229.666273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.675672] Call Trace: [ 229.678261] dump_stack+0x1c9/0x2b4 [ 229.681879] ? dump_stack_print_info.cold.2+0x52/0x52 [ 229.687079] should_fail.cold.4+0xa/0x1a [ 229.691136] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 229.696230] ? kasan_kmalloc+0xc4/0xe0 [ 229.700104] ? kasan_slab_alloc+0x12/0x20 [ 229.704241] ? kmem_cache_alloc+0x12e/0x760 [ 229.708554] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 229.713390] ? kvm_mmu_load+0x21/0x10e0 [ 229.717369] ? vcpu_enter_guest+0x3aa6/0x6090 [ 229.721848] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.726853] ? graph_lock+0x170/0x170 [ 229.730646] ? do_syscall_64+0x1b9/0x820 [ 229.734701] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.740079] ? find_held_lock+0x36/0x1c0 [ 229.744142] ? __lock_is_held+0xb5/0x140 [ 229.748196] ? check_same_owner+0x340/0x340 [ 229.752508] ? rcu_note_context_switch+0x730/0x730 [ 229.757431] __should_failslab+0x124/0x180 [ 229.761658] should_failslab+0x9/0x14 [ 229.765450] kmem_cache_alloc+0x2af/0x760 [ 229.769593] ? lock_acquire+0x1e4/0x540 [ 229.773558] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 229.777781] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 229.782613] mmu_topup_memory_caches+0xf7/0x3a0 [ 229.787271] kvm_mmu_load+0x21/0x10e0 [ 229.791066] vcpu_enter_guest+0x3aa6/0x6090 [ 229.795382] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 229.799622] ? kvm_set_msr_common+0x26a0/0x26a0 [ 229.804292] ? zap_class+0x740/0x740 [ 229.808081] ? vmx_vcpu_load+0xadf/0xff0 [ 229.812133] ? __lock_acquire+0x7fc/0x5020 [ 229.816354] ? vmx_vcpu_reset+0x1040/0x1040 [ 229.820660] ? graph_lock+0x170/0x170 [ 229.824472] ? __lock_is_held+0xb5/0x140 [ 229.828540] ? lock_acquire+0x1e4/0x540 [ 229.832503] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 229.837520] ? lock_release+0xa30/0xa30 [ 229.841480] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 229.846743] ? kvm_arch_dev_ioctl+0x610/0x610 [ 229.851234] ? preempt_notifier_dec+0x20/0x20 [ 229.855722] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.860561] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.865596] kvm_vcpu_ioctl+0x7b8/0x1300 [ 229.869658] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 229.875365] ? find_held_lock+0x36/0x1c0 [ 229.879428] ? lock_downgrade+0x8f0/0x8f0 [ 229.883574] ? rcu_is_watching+0x8c/0x150 [ 229.887708] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 229.892312] ? __fget+0x414/0x670 [ 229.895931] ? match_held_lock+0x821/0x8d0 [ 229.900238] ? expand_files.part.8+0x9c0/0x9c0 [ 229.904808] ? kasan_check_write+0x14/0x20 [ 229.909035] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 229.913956] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 229.919652] do_vfs_ioctl+0x1de/0x1720 [ 229.923529] ? ioctl_preallocate+0x300/0x300 [ 229.927922] ? __fget_light+0x2f7/0x440 [ 229.931896] ? fget_raw+0x20/0x20 [ 229.935349] ? __sb_end_write+0xac/0xe0 [ 229.939326] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 229.944853] ? fput+0x130/0x1a0 [ 229.948119] ? ksys_write+0x1ae/0x260 [ 229.951916] ? security_file_ioctl+0x94/0xc0 [ 229.956316] ksys_ioctl+0xa9/0xd0 [ 229.959856] __x64_sys_ioctl+0x73/0xb0 [ 229.963742] do_syscall_64+0x1b9/0x820 [ 229.967616] ? finish_task_switch+0x1d3/0x870 [ 229.972188] ? syscall_return_slowpath+0x5e0/0x5e0 [ 229.977106] ? syscall_return_slowpath+0x31d/0x5e0 [ 229.982031] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 229.987399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.992230] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.997406] RIP: 0033:0x455ab9 [ 230.000576] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 230.019887] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 230.027585] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 230.034843] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 230.042199] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 230.049482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 230.056739] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000019 02:30:00 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000000)) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:30:00 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa27620") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:00 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x800000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:00 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 230.271548] FAT-fs (loop3): bogus number of reserved sectors [ 230.277632] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:00 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$EVIOCGUNIQ(r2, 0x80404508, &(0x7f00000000c0)=""/71) ioctl$LOOP_CLR_FD(r1, 0x4c01) setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f0000000040)=0x1, 0x4) sync() socket$inet6(0xa, 0xa, 0x1) [ 230.337124] FAT-fs (loop3): bogus number of reserved sectors [ 230.343080] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:00 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcb00, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:00 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000480)) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0xb941, 0x6, &(0x7f0000000380)=[{&(0x7f0000000100)="7fe86f531e508503c5da1db6e5164a5c9d0548136ee681c652c65136e81ef3fac4f9704b3b4e6b95383853faf4f3e3805ed5e6f3c843fd6fad05", 0x3a, 0x9}, {&(0x7f0000000140)="02a260de8faf091bf92f3e403a5aa94b681b24083bab7250d70d4691b098a1f14d24e1eaec68c0a215d90e5d6f", 0x2d, 0x3}, {&(0x7f0000000180)="829f09eb32bf9cc314fa2a1547986ddee2b08314005f4528ee3c2282b524013252603f22f38e780b0386b60c2db3f76ba9429cdeea686bcb23f1bc1a2bdb72541fbc74814979ea9eb112990b94e3ec3ec13b07ef8fb696071e", 0x59, 0xbe1}, {&(0x7f0000000200)="7a82601f31ab78370eecc0c824247da63126f507fc85fd1a2037374c7b1f1a128f86a8f445eeb1629cbc0d73031c5a565702e20801046d61980e5de1e4bf587ad9ab12fb977508422743cf6d011d6b44f7e3e4224ce896de1e41b1e8072a1a8dcc529cc24a2d3a12e72db902a0ba74b5f4729b2c458a874c13543979", 0x7c, 0x7f98}, {&(0x7f0000000280)="b187a268df12b40075402bb385d4c95812c5767d7198f5d8e51b32b508b15bcb05ff9e50a3698604e135feeee844a083f45cfc24603ff173eac8c71337d636c4550995060ec221ee2aeca14621ee0a", 0x4f, 0x7}, {&(0x7f0000000300)="44b79528fe3b88cde902b95d9ad3f2a263fd17529bdf7ad22a4d8898727642515e00222e0aa85c8284610588304d5b7b488184cbb805ce45401af9c739ad53990e82ffbdd7616cdb180dd6347f9cfa5a7e74379f3fe08a7fdf133e5fea67cce838f1be7b34e0a3875ea74f0bebb6bc0616817087d523c0a6fb16aa2724fa495a", 0x80, 0x5}], 0x800000, &(0x7f0000000440)={[{@nls={'nls', 0x3d, 'iso8859-7'}, 0x2c}, {@nobarrier='nobarrier', 0x2c}, {@umask={'umask', 0x3d, 0x6}, 0x2c}]}) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) syslog(0xe, &(0x7f0000000540)=""/4096, 0x1000) [ 230.494617] FAT-fs (loop3): bogus number of reserved sectors [ 230.500580] FAT-fs (loop3): Can't find a valid FAT filesystem [ 230.538776] hfsplus: unable to find HFS+ superblock [ 230.583860] FAT-fs (loop3): bogus number of reserved sectors [ 230.589819] FAT-fs (loop3): Can't find a valid FAT filesystem [ 230.643475] hfsplus: unable to find HFS+ superblock 02:30:01 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() socket$inet6_udplite(0xa, 0x2, 0x88) r3 = semget$private(0x0, 0x0, 0x120) semctl$GETVAL(r3, 0x0, 0xc, &(0x7f00000000c0)=""/100) 02:30:01 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x400100, 0x0) write$P9_RATTACH(r1, &(0x7f0000000040)={0x14, 0x69, 0x2, {0xd6, 0x2, 0x1}}, 0x14) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:01 executing program 6 (fault-call:6 fault-nth:26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:01 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x2300, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:01 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0xd}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000280)={0xb, 0x10, 0xfa00, {&(0x7f0000000140), r1, 0x1ff}}, 0x18) r2 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) getsockname(r2, &(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @host}, &(0x7f0000000100)=0x80) r3 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) inotify_init() mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r3, 0x0) [ 230.876306] FAT-fs (loop3): bogus number of reserved sectors [ 230.882315] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:01 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:01 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) getresgid(&(0x7f00000001c0), &(0x7f0000000140), &(0x7f0000000240)) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x0, 0x8, 0x6, 0xffff, 0x23c}) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) timer_create(0x7, &(0x7f0000000040)={0x0, 0x0, 0x1, @thr={&(0x7f0000000000)="efcdcdd8e716caa7d02d3c2997a17ca9b134a443cc8f9cbcfc873598e49f4584a78f9a79ee5ea35e795e63cd098bb2a37b", &(0x7f00000003c0)="0992ccdb3a172f6fce390400878093c2fd7ab2c1cad312b9592222e13ecfd717fdb0b5135ca3557ef378d42890a5cb586cb755e2174a458874733f5a207fc5182bb0157a9066817a3bfb60945c382f1f2fe8f6f044383d72fe30b3729a24fff5d6039a35e417e6414ad5e913fbf2d8b3bd40b37b54d8ee5c02840fa84297890f49ec4d2cf381c02d039acdfae0011f05dfae8f83deb15b79638ede6d3f356125dfaa6d1180fb0d124bedbee9bc8acdf8938bf0a0603201d238478982cd2b5dac98219db010a18d77819b1d"}}, &(0x7f0000000080)=0x0) timer_gettime(r1, &(0x7f0000000100)) [ 230.940498] FAULT_INJECTION: forcing a failure. [ 230.940498] name failslab, interval 1, probability 0, space 0, times 0 [ 230.952005] CPU: 1 PID: 12868 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 230.959383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.968926] Call Trace: [ 230.971538] dump_stack+0x1c9/0x2b4 [ 230.975195] ? dump_stack_print_info.cold.2+0x52/0x52 [ 230.980416] should_fail.cold.4+0xa/0x1a [ 230.984596] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 230.989824] ? kasan_kmalloc+0xc4/0xe0 [ 230.993743] ? kasan_slab_alloc+0x12/0x20 [ 230.997909] ? kmem_cache_alloc+0x12e/0x760 [ 231.002252] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.007116] ? kvm_mmu_load+0x21/0x10e0 [ 231.011107] ? vcpu_enter_guest+0x3aa6/0x6090 [ 231.015617] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.020653] ? graph_lock+0x170/0x170 [ 231.024470] ? do_syscall_64+0x1b9/0x820 [ 231.028604] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.033992] ? find_held_lock+0x36/0x1c0 [ 231.038080] ? __lock_is_held+0xb5/0x140 [ 231.042179] ? check_same_owner+0x340/0x340 [ 231.046529] ? rcu_note_context_switch+0x730/0x730 [ 231.051466] __should_failslab+0x124/0x180 [ 231.055804] should_failslab+0x9/0x14 [ 231.059603] kmem_cache_alloc+0x2af/0x760 [ 231.063775] ? lock_acquire+0x1e4/0x540 [ 231.067748] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 231.071979] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.076829] mmu_topup_memory_caches+0xf7/0x3a0 [ 231.081504] kvm_mmu_load+0x21/0x10e0 [ 231.085305] vcpu_enter_guest+0x3aa6/0x6090 [ 231.089620] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 231.093861] ? kvm_set_msr_common+0x26a0/0x26a0 [ 231.098540] ? vmx_vcpu_load+0xadf/0xff0 [ 231.102595] ? __lock_acquire+0x7fc/0x5020 [ 231.106823] ? vmx_vcpu_reset+0x1040/0x1040 [ 231.111145] ? graph_lock+0x170/0x170 [ 231.114956] ? __lock_acquire+0x7fc/0x5020 [ 231.119192] ? __lock_is_held+0xb5/0x140 [ 231.123337] ? lock_acquire+0x1e4/0x540 [ 231.127303] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 231.132323] ? lock_release+0xa30/0xa30 [ 231.136313] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 231.141584] ? kvm_arch_dev_ioctl+0x610/0x610 [ 231.146068] ? preempt_notifier_dec+0x20/0x20 [ 231.150567] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.155750] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.160766] kvm_vcpu_ioctl+0x7b8/0x1300 [ 231.164822] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 231.170688] ? find_held_lock+0x36/0x1c0 [ 231.174747] ? find_held_lock+0x36/0x1c0 [ 231.178817] ? lock_downgrade+0x8f0/0x8f0 [ 231.182984] ? kasan_check_read+0x11/0x20 [ 231.187226] ? rcu_is_watching+0x8c/0x150 [ 231.191379] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 231.195787] ? __fget+0x414/0x670 [ 231.199242] ? match_held_lock+0x821/0x8d0 [ 231.203475] ? expand_files.part.8+0x9c0/0x9c0 [ 231.208053] ? kasan_check_write+0x14/0x20 [ 231.212282] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 231.217222] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 231.222924] do_vfs_ioctl+0x1de/0x1720 [ 231.226806] ? __lock_is_held+0xb5/0x140 [ 231.230867] ? ioctl_preallocate+0x300/0x300 [ 231.235271] ? __fget_light+0x2f7/0x440 [ 231.239236] ? fget_raw+0x20/0x20 [ 231.242697] ? __sb_end_write+0xac/0xe0 [ 231.246671] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 231.252374] ? fput+0x130/0x1a0 [ 231.255662] ? ksys_write+0x1ae/0x260 [ 231.259459] ? security_file_ioctl+0x94/0xc0 [ 231.263883] ksys_ioctl+0xa9/0xd0 [ 231.267363] __x64_sys_ioctl+0x73/0xb0 [ 231.271260] do_syscall_64+0x1b9/0x820 [ 231.275137] ? finish_task_switch+0x1d3/0x870 [ 231.279625] ? syscall_return_slowpath+0x5e0/0x5e0 [ 231.284551] ? syscall_return_slowpath+0x31d/0x5e0 [ 231.289478] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 231.294858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.299710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.304889] RIP: 0033:0x455ab9 [ 231.308067] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 231.328399] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 231.336113] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 231.343545] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 231.350803] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 231.358080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 231.365351] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000001a 02:30:01 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 231.409940] FAT-fs (loop3): bogus number of reserved sectors [ 231.415922] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:01 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa27620") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:01 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x5, &(0x7f0000000540)=[{&(0x7f0000000080)="c6813ddddf36efd0eb09c1435dfa2c4c637daaa0c74d73e10b60ce7ff2c1a96d173d74b380ee1f85fd7a0f71e24bc5e5f1472967d8615f168ad0f8cc159f5a019fcad62788b846cd50f9312b6d0b4ca1a6b1437de7e6acc60f46d970f2138b06bb229ceb23fd66232a58e5bc187dc3d927131c6620ef0a45f08d24cee0e898937f53f46eed262bd036b8dd0bab9c71f5d3ee397f11904f1ff35fd679400640b47f747dfb410b14889720f0c67e75a4b4933df47407bf04ca6d879f78ab540be39aa7381203a47bd488ef02023a87f1899e2dd15d6301a7a28ff56784f25b", 0xde, 0x9}, {&(0x7f0000000180)="403eed487833e829f60803e2c9e4122de6e7d425fcb28926d420d310d69691ffd91ea2839c07935e1eeebea7ea95ad192f03e7c170c7382f8ae653c3140f653a21afdea5d1d82da767088b503e457a9e4a216ac936311e523d71e881e1787dc14b77a6e4be196b72ba7343b97bfe2da330146ae949d4c53bbe39e787b8d52111b7ebe73447a309d6eba5d555d9cedbf50e45dea4f2016fe26dce91207d7d9210dff5189beabce6918636cbafddc4dc68e12d814c50fcd109bbc0", 0xba, 0x3}, {&(0x7f0000000240)="7a7225ac57227e056237f784edbce77b2bf47eafac9615c6ca18ab88cb7a7f3f4af0d200bc453a5cb85ed05fbc89043a96124dbd6b12ff4bee87b3e40b5f5bd5f830fb88a3affb463382dff1dd710c1c491eac2c7dda59c7d3641a84ded7f65d1ba4d190afcaaa1db1c5c13342d869c94762a070", 0x74, 0x40}, {&(0x7f00000003c0)="48770d2fb44c6db0305ffa310adf0f18a869b150077a3960cd6a2bd57e214b255d02474db8e0327d6d2f9efc7578bb374c67619384de3397fe1d37f293ae520a3ab8db0cd920e455f30b172335ea854a046276e95f2acdf2941623fb989412ed934e815be42ecbdb1f0173522e32b38268a6e46a713e0ca26ce288fc31e1386b79b4eb642127fad24682273e140761beb49ed2505b263834f331937119ed3db3a789a80b789118a80792532e438ef2d39ce8e09f2e5436c28ee1141b4550f14fb3b0f7f161c1e38376481daae760", 0xce, 0x400}, {&(0x7f00000002c0)="4feee77a283b4d74375e655a6d4e285da7434d6da1d73d7818adc2d34bfd1c1f6e3f174f425571bda85cdb7bea6c6ec2362960b1fdeeb371453dfc1ad570305ceffda697e4ed8d1c", 0x48, 0x10000}], 0x20, &(0x7f00000005c0)=ANY=[@ANYBLOB="6e6f6c6f63636f6f6b69652c6cc8f60b89e10e4911696e672c7374617466735f7175616e74756d3d3078303030303030303030303130303030372c7374617466735f70657263656e743d3078303030303030303030303030303030312c71756f74612c00"]) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r2 = syz_open_dev$mouse(&(0x7f0000000640)='/dev/input/mouse#\x00', 0x5, 0x40000) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000680)={0x0, @in6={{0xa, 0x4e24, 0xfffffffffffffff7, @empty, 0x9}}, 0x1, 0x8, 0xffffffffffff90c5, 0x0, 0x3}, &(0x7f0000000740)=0x98) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000780)={r3, 0x7}, &(0x7f00000007c0)=0x8) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) getpeername(r1, &(0x7f0000000940)=@vsock={0x0, 0x0, 0x0, @reserved}, &(0x7f0000000880)=0xfffffffffffffdb6) 02:30:01 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x8080, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) [ 231.532440] print_req_error: I/O error, dev loop0, sector 5088 [ 231.538573] Buffer I/O error on dev loop0, logical block 636, lost async page write [ 231.549742] print_req_error: I/O error, dev loop0, sector 5096 [ 231.555849] Buffer I/O error on dev loop0, logical block 637, lost async page write 02:30:02 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcb00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:02 executing program 6 (fault-call:6 fault-nth:27): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 231.701393] FAT-fs (loop3): bogus number of reserved sectors [ 231.707409] FAT-fs (loop3): Can't find a valid FAT filesystem [ 231.795537] FAULT_INJECTION: forcing a failure. [ 231.795537] name failslab, interval 1, probability 0, space 0, times 0 [ 231.803392] FAT-fs (loop3): bogus number of reserved sectors [ 231.806971] CPU: 1 PID: 12926 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 231.812806] FAT-fs (loop3): Can't find a valid FAT filesystem [ 231.820134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.820141] Call Trace: [ 231.820170] dump_stack+0x1c9/0x2b4 [ 231.820191] ? dump_stack_print_info.cold.2+0x52/0x52 [ 231.820217] should_fail.cold.4+0xa/0x1a [ 231.850920] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 231.856055] ? kasan_kmalloc+0xc4/0xe0 [ 231.859959] ? kasan_slab_alloc+0x12/0x20 [ 231.864102] ? kmem_cache_alloc+0x12e/0x760 [ 231.868422] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.873266] ? kvm_mmu_load+0x21/0x10e0 [ 231.877231] ? vcpu_enter_guest+0x3aa6/0x6090 [ 231.881723] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.886741] ? graph_lock+0x170/0x170 [ 231.890621] ? do_syscall_64+0x1b9/0x820 [ 231.894763] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.900210] ? find_held_lock+0x36/0x1c0 [ 231.904265] ? __lock_is_held+0xb5/0x140 [ 231.908342] ? check_same_owner+0x340/0x340 [ 231.912669] ? rcu_note_context_switch+0x730/0x730 [ 231.917589] __should_failslab+0x124/0x180 [ 231.921820] should_failslab+0x9/0x14 [ 231.925616] kmem_cache_alloc+0x2af/0x760 [ 231.929751] ? lock_acquire+0x1e4/0x540 [ 231.933725] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 231.937950] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.942795] mmu_topup_memory_caches+0xf7/0x3a0 [ 231.947458] kvm_mmu_load+0x21/0x10e0 [ 231.951265] vcpu_enter_guest+0x3aa6/0x6090 [ 231.955665] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 231.959989] ? kvm_set_msr_common+0x26a0/0x26a0 [ 231.964656] ? vmx_vcpu_load+0xadf/0xff0 [ 231.968706] ? __lock_acquire+0x7fc/0x5020 [ 231.972930] ? vmx_vcpu_reset+0x1040/0x1040 [ 231.977241] ? graph_lock+0x170/0x170 [ 231.981046] ? __lock_acquire+0x7fc/0x5020 [ 231.985284] ? __lock_is_held+0xb5/0x140 [ 231.989339] ? lock_acquire+0x1e4/0x540 [ 231.993308] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 231.998326] ? lock_release+0xa30/0xa30 [ 232.002308] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 232.007572] ? kvm_arch_dev_ioctl+0x610/0x610 [ 232.012067] ? preempt_notifier_dec+0x20/0x20 [ 232.016570] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 232.021400] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 232.026412] kvm_vcpu_ioctl+0x7b8/0x1300 [ 232.030909] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 232.036610] ? find_held_lock+0x36/0x1c0 [ 232.040663] ? find_held_lock+0x36/0x1c0 [ 232.044742] ? lock_downgrade+0x8f0/0x8f0 [ 232.048977] ? kasan_check_read+0x11/0x20 [ 232.053115] ? rcu_is_watching+0x8c/0x150 [ 232.057266] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 232.061666] ? __fget+0x414/0x670 [ 232.065109] ? match_held_lock+0x821/0x8d0 [ 232.069334] ? expand_files.part.8+0x9c0/0x9c0 [ 232.073996] ? kasan_check_write+0x14/0x20 [ 232.078224] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 232.083144] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 232.088843] do_vfs_ioctl+0x1de/0x1720 [ 232.092720] ? __lock_is_held+0xb5/0x140 [ 232.096786] ? ioctl_preallocate+0x300/0x300 [ 232.101196] ? __fget_light+0x2f7/0x440 [ 232.105168] ? fget_raw+0x20/0x20 [ 232.108611] ? __sb_end_write+0xac/0xe0 [ 232.112594] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 232.118132] ? fput+0x130/0x1a0 [ 232.121397] ? ksys_write+0x1ae/0x260 [ 232.125218] ? security_file_ioctl+0x94/0xc0 [ 232.129614] ksys_ioctl+0xa9/0xd0 [ 232.133066] __x64_sys_ioctl+0x73/0xb0 [ 232.136942] do_syscall_64+0x1b9/0x820 [ 232.140903] ? syscall_slow_exit_work+0x500/0x500 [ 232.145736] ? syscall_return_slowpath+0x5e0/0x5e0 [ 232.150665] ? syscall_return_slowpath+0x31d/0x5e0 [ 232.155591] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 232.160960] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 232.165800] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.170975] RIP: 0033:0x455ab9 [ 232.174150] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 232.193378] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 232.201080] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 232.208348] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 232.215949] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 232.223206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 232.230572] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000001b 02:30:02 executing program 7 (fault-call:5 fault-nth:0): r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:30:02 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)={r2, r2, 0xc, 0x1}, 0x10) 02:30:02 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0xdce, 0x3be) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x4}, &(0x7f0000000080)=0x8) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r3) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000000c0)={r2, 0x8, 0x10, 0x3f}, &(0x7f0000000100)=0x18) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000240)={'vcan0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000280)={@ipv4={[], [0xff, 0xff]}, 0x5a, r4}) fchmodat(r1, &(0x7f00000002c0)='./file0\x00', 0x1) sendmsg$nl_generic(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4010000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x1d, 0xd10, 0x70bd2a, 0x25dfdbfd, {0x11}}, 0x14}, 0x1, 0x0, 0x0, 0x400c0}, 0x20000000) 02:30:02 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1600000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:02 executing program 6 (fault-call:6 fault-nth:28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:02 executing program 5: r0 = getpid() clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:02 executing program 3: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0) sendmsg(r0, &(0x7f0000000600)={&(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24}, 0x4, 0x1, 0x3, 0x3}}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000040)="7be05850ac81fef4b6601917f310e898d190e0fa41c2b8b132a23b3448b451899c72632cc08a205a8b23", 0x2a}, {&(0x7f0000000180)="6745fa79411e016bab2b889834012dd12908f3b323a0cf705b890196797d82e2", 0x20}, {&(0x7f00000001c0)="f24d47a6687bb654aa7576d90de42f5887b01b18ed6779866ce188cc18f0c4af7c9e3f3b02219e2ede4fae379592d5b798cf79d9da67fe00a12af94a9958047c78e4616428b43cf1287f4a25e9a70c22c0d3b5b02f3da5573fe2af5efa470fcda6223035a6fa96d3a80cfb095737a3cecd1b93e715b3d5f353bca33747ad928e3540a3c7f6d7043281cff42c7e2a72641648eada9205e4410b5e6ce8904cc5c7f673229ac6eaf577f3119517d924320ccd9f85421a8a0fb4aca0250e68481005737f428abbe56f3ba66715677428354514797ae89aecc03b7da756b2d48602a3b263b9f72f0f7684657fb71aac7f72d6ef14bead4ced2603ff95dd", 0xfb}], 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000001401000040000000da79f8b300000000c00000000000000001000000060000007e0d4fbb1ae221dba03a5bd0b1fe15f26af34fad34776cbe0c625b8c5c3b441357ad2a672aab09a838b4d89d5df7fe9083bf21a8dd4e5e8a3fa9223c0e2c1debfebf6b18689959eb75cf810281251b5b11a75e397e275d5802eb02b82909f8a2be870343ca1b58136dfd3c69d6a6a3684cec818e3e48c5e9c6a5add5ca8ee880621b5c42ecbc803280ac722ca2163e8e6eb27b94b88c1831b8fdf2367cc5fe7fbec665aea7094e4456807aa400000000e000000000000000000000000600000049eaca8cdbc71c9bf6dbd18fd4ec69be1eaa0d6b82031441832fcbe387f5dd71213e81804645efbe7090ccd5e2b2a76d949671e7f93fe974bb1271f5a64f0d091523f890334f173eb31d1e70d43af891d912cb9d1fcdc10662e0e0ee41c500edbd1d5624548be46d246142b3f513a938585f8c25525cd4cd7a3cb0be8236c39b2cd9dad140a78cc1fdc76eeb0dc0b7225ad141d73b9c6f83b59599a25369e08f41a73e1bce56321e9a1282d497133fc14a3f4d1db268a0f8640c1a41ed6652f202b0ebe925960ce2af810a674d0000004800000000000000290000007f0000002eb69cbd5344db8c11a6283ea26c45e153450534c6f15d4317865f4086a41466b16cf816916f71aab06085e7244e9537fd89e350a1b4800000010000000000001901000000000000b3d6c255bc5eea9cd57fcf994bff1c1635b0249254495ab28a47473cb91158377ac14cd5c33c856ebaa4f3c7df6fb7d59d80a952f032187e6c0896a6cf5ac96e038eac7aa10ef84e3a01e333473ceffdcda029bf6d57a091a459c707ef9e655370b8385a93605304dffffc4171927ac72ad6c282cca0864788fabe037a518ec119aaefe73ab0d604df2600716f70696213a7f10e84c3b01d4778769e0830338c7d75244547b62e094cb0783fc4dc3c7763c86b5491fefbaae89fc2c2f303e03f04c988f56bfbe71421c8107f2cbe551ab55c296bac75e5fc1bf8c0a4ee6afdaf562392ff7084a170894a437678000000"], 0x300, 0x4008000}, 0x4040800) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[]) personality(0x1bb2baf3005ac137) r2 = creat(&(0x7f0000f66ff4)='./file0\x00', 0x0) fsync(r2) r3 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) epoll_create1(0x80000) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r3, 0x0) [ 232.430553] FAT-fs (loop3): Unrecognized mount option "/dev/full" or missing value [ 232.437697] FAULT_INJECTION: forcing a failure. [ 232.437697] name failslab, interval 1, probability 0, space 0, times 0 [ 232.449784] CPU: 1 PID: 12948 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 232.457166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.466536] Call Trace: [ 232.469150] dump_stack+0x1c9/0x2b4 [ 232.472802] ? dump_stack_print_info.cold.2+0x52/0x52 [ 232.478036] should_fail.cold.4+0xa/0x1a [ 232.482130] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 232.487261] ? kasan_kmalloc+0xc4/0xe0 [ 232.491175] ? kasan_slab_alloc+0x12/0x20 [ 232.495346] ? kmem_cache_alloc+0x12e/0x760 [ 232.499688] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 232.512244] ? kvm_mmu_load+0x21/0x10e0 [ 232.517719] ? vcpu_enter_guest+0x3aa6/0x6090 [ 232.522250] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 232.527297] ? graph_lock+0x170/0x170 02:30:02 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1400, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 232.531129] ? do_syscall_64+0x1b9/0x820 [ 232.535340] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.541177] ? find_held_lock+0x36/0x1c0 [ 232.545268] ? __lock_is_held+0xb5/0x140 [ 232.549448] ? check_same_owner+0x340/0x340 [ 232.553794] ? rcu_note_context_switch+0x730/0x730 [ 232.558797] __should_failslab+0x124/0x180 [ 232.563055] should_failslab+0x9/0x14 [ 232.566875] kmem_cache_alloc+0x2af/0x760 [ 232.571043] ? lock_acquire+0x1e4/0x540 [ 232.575040] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 232.579917] mmu_topup_memory_caches+0xf7/0x3a0 [ 232.584612] kvm_mmu_load+0x21/0x10e0 [ 232.588438] vcpu_enter_guest+0x3aa6/0x6090 [ 232.592781] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 232.597041] ? kvm_set_msr_common+0x26a0/0x26a0 [ 232.601735] ? vmx_vcpu_load+0xadf/0xff0 [ 232.605816] ? __lock_acquire+0x7fc/0x5020 [ 232.610069] ? vmx_vcpu_reset+0x1040/0x1040 [ 232.614410] ? graph_lock+0x170/0x170 [ 232.618231] ? __lock_acquire+0x7fc/0x5020 [ 232.622492] ? __lock_is_held+0xb5/0x140 [ 232.626568] ? lock_acquire+0x1e4/0x540 [ 232.630556] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 232.635595] ? lock_release+0xa30/0xa30 [ 232.639583] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 232.644876] ? kvm_arch_dev_ioctl+0x610/0x610 [ 232.649384] ? preempt_notifier_dec+0x20/0x20 [ 232.653908] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 232.658769] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 232.663815] kvm_vcpu_ioctl+0x7b8/0x1300 [ 232.667906] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 232.673633] ? find_held_lock+0x36/0x1c0 [ 232.677722] ? find_held_lock+0x36/0x1c0 [ 232.681802] ? lock_downgrade+0x8f0/0x8f0 [ 232.685972] ? kasan_check_read+0x11/0x20 [ 232.690131] ? rcu_is_watching+0x8c/0x150 [ 232.694289] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 232.698741] ? __fget+0x414/0x670 [ 232.702214] ? match_held_lock+0x821/0x8d0 [ 232.706471] ? expand_files.part.8+0x9c0/0x9c0 [ 232.710511] FAULT_INJECTION: forcing a failure. [ 232.710511] name failslab, interval 1, probability 0, space 0, times 0 [ 232.711160] ? kasan_check_write+0x14/0x20 [ 232.711177] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 232.711196] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 232.711224] do_vfs_ioctl+0x1de/0x1720 [ 232.741372] ? __lock_is_held+0xb5/0x140 [ 232.745446] ? ioctl_preallocate+0x300/0x300 [ 232.749862] ? __fget_light+0x2f7/0x440 [ 232.753834] ? fget_raw+0x20/0x20 [ 232.757288] ? __sb_end_write+0xac/0xe0 [ 232.761266] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 232.766797] ? fput+0x130/0x1a0 [ 232.770084] ? ksys_write+0x1ae/0x260 [ 232.773886] ? security_file_ioctl+0x94/0xc0 [ 232.778292] ksys_ioctl+0xa9/0xd0 [ 232.781743] __x64_sys_ioctl+0x73/0xb0 [ 232.785627] do_syscall_64+0x1b9/0x820 [ 232.789508] ? finish_task_switch+0x1d3/0x870 [ 232.794015] ? syscall_return_slowpath+0x5e0/0x5e0 [ 232.798948] ? syscall_return_slowpath+0x31d/0x5e0 [ 232.803910] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 232.809280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 232.814127] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.819310] RIP: 0033:0x455ab9 [ 232.822492] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 232.841983] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 232.849789] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 232.857054] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 232.864333] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 232.871606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 232.878870] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000001c [ 232.886157] CPU: 0 PID: 12967 Comm: syz-executor7 Not tainted 4.18.0-rc5+ #149 [ 232.893549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.902888] Call Trace: [ 232.905468] dump_stack+0x1c9/0x2b4 [ 232.909096] ? dump_stack_print_info.cold.2+0x52/0x52 [ 232.914280] should_fail.cold.4+0xa/0x1a [ 232.918507] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 232.923601] ? lock_release+0xa30/0xa30 [ 232.927574] ? check_same_owner+0x340/0x340 [ 232.931897] ? graph_lock+0x170/0x170 [ 232.935683] ? rcu_note_context_switch+0x730/0x730 [ 232.940604] ? find_held_lock+0x36/0x1c0 [ 232.944655] ? __lock_is_held+0xb5/0x140 [ 232.948726] ? check_same_owner+0x340/0x340 [ 232.953048] ? rcu_note_context_switch+0x730/0x730 [ 232.958065] __should_failslab+0x124/0x180 [ 232.962288] should_failslab+0x9/0x14 [ 232.966521] kmem_cache_alloc_trace+0x2cb/0x780 [ 232.971178] ? init_wait_entry+0x1c0/0x1c0 [ 232.975420] ? loop_get_status64+0x140/0x140 [ 232.979816] __kthread_create_on_node+0x127/0x4c0 [ 232.984659] ? __kthread_parkme+0x1b0/0x1b0 [ 232.989075] ? __lockdep_init_map+0x105/0x590 [ 232.993559] ? loop_get_status64+0x140/0x140 [ 232.997956] kthread_create_on_node+0xb1/0xe0 [ 233.002435] ? __kthread_create_on_node+0x4c0/0x4c0 [ 233.007453] lo_ioctl+0x7ce/0x1d10 [ 233.010977] ? find_held_lock+0x36/0x1c0 [ 233.015043] ? lo_rw_aio_complete+0x450/0x450 [ 233.019529] blkdev_ioctl+0x9cd/0x2030 [ 233.023402] ? blkpg_ioctl+0xc40/0xc40 [ 233.027278] ? lock_downgrade+0x8f0/0x8f0 [ 233.031417] ? kasan_check_read+0x11/0x20 [ 233.035552] ? rcu_is_watching+0x8c/0x150 [ 233.039686] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 233.044102] ? __fget+0x414/0x670 [ 233.047547] ? match_held_lock+0x821/0x8d0 [ 233.051766] ? expand_files.part.8+0x9c0/0x9c0 [ 233.056337] ? kasan_check_write+0x14/0x20 [ 233.060622] block_ioctl+0xee/0x130 [ 233.064237] ? blkdev_fallocate+0x400/0x400 [ 233.068543] do_vfs_ioctl+0x1de/0x1720 [ 233.072429] ? __lock_is_held+0xb5/0x140 [ 233.076489] ? ioctl_preallocate+0x300/0x300 [ 233.080892] ? __fget_light+0x2f7/0x440 [ 233.084854] ? fget_raw+0x20/0x20 [ 233.088297] ? __sb_end_write+0xac/0xe0 [ 233.092272] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 233.097881] ? fput+0x130/0x1a0 [ 233.101145] ? ksys_write+0x1ae/0x260 [ 233.104946] ? security_file_ioctl+0x94/0xc0 [ 233.109353] ksys_ioctl+0xa9/0xd0 [ 233.112794] __x64_sys_ioctl+0x73/0xb0 [ 233.116670] do_syscall_64+0x1b9/0x820 [ 233.120561] ? finish_task_switch+0x1d3/0x870 [ 233.125046] ? syscall_return_slowpath+0x5e0/0x5e0 [ 233.129961] ? syscall_return_slowpath+0x31d/0x5e0 [ 233.134881] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 233.140249] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 233.145088] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.150264] RIP: 0033:0x455ab9 [ 233.153478] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 233.172716] RSP: 002b:00007f087990ec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:30:03 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:03 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f00000000c0)={0x4, 0x1, {0x3, 0x3, 0x100000000, 0x2, 0x1ff}}) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$TIOCLINUX4(r2, 0x541c, &(0x7f0000000040)=0x4) [ 233.180414] RAX: ffffffffffffffda RBX: 00007f087990f6d4 RCX: 0000000000455ab9 [ 233.187671] RDX: 0000000000000013 RSI: 0000000000004c00 RDI: 0000000000000015 [ 233.194926] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 233.202187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 233.209442] R13: 00000000004be0ab R14: 00000000004ccbb0 R15: 0000000000000000 [ 233.265943] FAT-fs (loop3): Unrecognized mount option "/dev/full" or missing value 02:30:03 executing program 5: r0 = getpid() clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:03 executing program 3: syz_mount_image$vfat(&(0x7f0000000180)='vfat\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x4, 0x1) write$P9_RSTAT(r0, &(0x7f0000000200)={0x4c, 0x7d, 0x1, {0x0, 0x45, 0x3f, 0x583f, {0x47, 0x4, 0x1}, 0x50050000, 0xfffffffffffff801, 0x8, 0x3, 0x5, 'vfat\x00', 0x8, 'vboxnet0', 0x5, 'vfat\x00'}}, 0x4c) r1 = shmget$private(0x0, 0x2000, 0x820, &(0x7f0000ffb000/0x2000)=nil) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f00000000c0)=0x1ef7f6f6) shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000100)=""/82) timer_create(0x5, &(0x7f0000000000)={0x0, 0x1b, 0x4}, &(0x7f0000000040)=0x0) timer_delete(r2) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r3 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r3, 0x0) 02:30:03 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x8) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000040)=0x1, r2, 0x0, 0x1, 0x4}}, 0x20) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 233.482256] FAT-fs (loop3): bogus number of reserved sectors [ 233.488269] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:03 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:03 executing program 6 (fault-call:6 fault-nth:29): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 233.596667] FAT-fs (loop3): bogus number of reserved sectors [ 233.602627] FAT-fs (loop3): Can't find a valid FAT filesystem [ 233.761422] FAULT_INJECTION: forcing a failure. [ 233.761422] name failslab, interval 1, probability 0, space 0, times 0 [ 233.772944] CPU: 1 PID: 13016 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 233.780319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.789681] Call Trace: [ 233.792295] dump_stack+0x1c9/0x2b4 [ 233.795945] ? dump_stack_print_info.cold.2+0x52/0x52 [ 233.801166] should_fail.cold.4+0xa/0x1a [ 233.805255] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 233.810376] ? kasan_kmalloc+0xc4/0xe0 [ 233.814284] ? kasan_slab_alloc+0x12/0x20 [ 233.818445] ? kmem_cache_alloc+0x12e/0x760 [ 233.822783] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 233.827647] ? kvm_mmu_load+0x21/0x10e0 [ 233.831644] ? vcpu_enter_guest+0x3aa6/0x6090 [ 233.836151] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 233.841191] ? graph_lock+0x170/0x170 [ 233.845010] ? do_syscall_64+0x1b9/0x820 [ 233.849092] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.854489] ? find_held_lock+0x36/0x1c0 02:30:04 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000000)=""/79) socket$alg(0x26, 0x5, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) [ 233.858750] ? __lock_is_held+0xb5/0x140 [ 233.862838] ? check_same_owner+0x340/0x340 [ 233.867176] ? rcu_note_context_switch+0x730/0x730 [ 233.872147] __should_failslab+0x124/0x180 [ 233.876402] should_failslab+0x9/0x14 [ 233.880220] kmem_cache_alloc+0x2af/0x760 [ 233.884379] ? lock_acquire+0x1e4/0x540 [ 233.888361] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 233.892592] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 233.897427] mmu_topup_memory_caches+0xf7/0x3a0 [ 233.902095] kvm_mmu_load+0x21/0x10e0 [ 233.905895] vcpu_enter_guest+0x3aa6/0x6090 [ 233.910305] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 233.914539] ? kvm_set_msr_common+0x26a0/0x26a0 [ 233.919203] ? zap_class+0x740/0x740 [ 233.922919] ? vmx_vcpu_load+0xadf/0xff0 [ 233.926969] ? __lock_is_held+0xb5/0x140 [ 233.931023] ? __account_cfs_rq_runtime+0x770/0x770 [ 233.936043] ? vmx_vcpu_reset+0x1040/0x1040 [ 233.940356] ? graph_lock+0x170/0x170 [ 233.944155] ? __perf_event_task_sched_out+0x2f0/0x1a60 [ 233.949519] ? __lock_is_held+0xb5/0x140 [ 233.953585] ? lock_acquire+0x1e4/0x540 [ 233.957559] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 233.962570] ? lock_release+0xa30/0xa30 [ 233.966540] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 233.971811] ? kvm_arch_dev_ioctl+0x610/0x610 [ 233.976296] ? preempt_notifier_dec+0x20/0x20 [ 233.980790] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 233.985630] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 233.990647] kvm_vcpu_ioctl+0x7b8/0x1300 [ 233.994703] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 234.000408] ? trace_hardirqs_on+0xd/0x10 [ 234.004551] ? find_held_lock+0x36/0x1c0 [ 234.008614] ? lock_downgrade+0x8f0/0x8f0 [ 234.012758] ? rcu_is_watching+0x8c/0x150 [ 234.016924] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 234.021330] ? __fget+0x414/0x670 [ 234.024789] ? match_held_lock+0x821/0x8d0 [ 234.029362] ? expand_files.part.8+0x9c0/0x9c0 [ 234.034033] ? kasan_check_write+0x14/0x20 [ 234.038260] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 234.043186] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 234.048888] do_vfs_ioctl+0x1de/0x1720 [ 234.052780] ? ioctl_preallocate+0x300/0x300 [ 234.057189] ? __fget_light+0x2f7/0x440 [ 234.061153] ? __schedule+0x1ed0/0x1ed0 [ 234.065119] ? fget_raw+0x20/0x20 [ 234.068563] ? __sb_end_write+0xac/0xe0 [ 234.072531] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 234.078075] ? exit_to_usermode_loop+0x8c/0x370 [ 234.082758] ? security_file_ioctl+0x94/0xc0 [ 234.087162] ksys_ioctl+0xa9/0xd0 [ 234.090610] __x64_sys_ioctl+0x73/0xb0 [ 234.094513] do_syscall_64+0x1b9/0x820 [ 234.098417] ? syscall_return_slowpath+0x5e0/0x5e0 [ 234.103338] ? syscall_return_slowpath+0x31d/0x5e0 [ 234.108268] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 234.113639] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 234.118480] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.123661] RIP: 0033:0x455ab9 [ 234.126834] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 234.146117] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 234.153832] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 234.161101] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 234.168396] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 234.175670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 234.182934] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000001d [ 234.218270] FAT-fs (loop3): bogus number of reserved sectors [ 234.224240] FAT-fs (loop3): Can't find a valid FAT filesystem [ 234.300533] FAT-fs (loop3): bogus number of reserved sectors [ 234.306472] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:04 executing program 7 (fault-call:5 fault-nth:1): r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) 02:30:04 executing program 0: r0 = socket$inet6(0xa, 0x80000000000, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x100007f) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000240)={0x0, 0x5}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000300)={r2, 0x40}, &(0x7f0000000440)=0x8) r3 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000000380)=""/149, &(0x7f0000000180)=0x95) pwritev(r3, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r3) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_buf(r4, 0x1, 0x2a, &(0x7f0000000000)=""/62, &(0x7f0000000080)=0x3e) ioctl$KVM_ASSIGN_SET_MSIX_NR(r3, 0x4008ae73, &(0x7f0000000040)={0x2, 0x3ff}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc058534b, &(0x7f00000000c0)={0x0, 0x1ff, 0x6, 0xff, 0x80}) sendfile(r3, r4, &(0x7f0000000480), 0x4) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000200)=0x6, 0x3d285a5f241df2f8) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() socket$inet6_sctp(0xa, 0x5, 0x84) 02:30:04 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10, 0x80800) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x9, 0x1, 0x5, 0xffff, 0x5}, &(0x7f00000000c0)=0x14) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000140)=0x3) setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000100)={r2, 0x8}, 0x8) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0xb3580cb32e4ca0fb) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:04 executing program 6 (fault-call:6 fault-nth:30): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:04 executing program 5: r0 = getpid() clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:04 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x5, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:04 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:04 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0x0) ioctl$KVM_SMI(r0, 0xaeb7) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) userfaultfd(0x800) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) [ 234.461551] FAT-fs (loop3): bogus number of reserved sectors [ 234.468480] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:04 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) recvmmsg(r0, &(0x7f0000005480)=[{{&(0x7f0000000000)=@nl, 0x80, &(0x7f0000000280)=[{&(0x7f0000000080)=""/200, 0xc8}, {&(0x7f0000000180)=""/34, 0x22}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/164, 0xa4}], 0x4, 0x0, 0x0, 0x591e}}, {{&(0x7f00000002c0)=@pppoe, 0x80, &(0x7f00000003c0), 0x0, &(0x7f0000000400)=""/53, 0x35, 0x400}, 0x7fff}, {{&(0x7f0000000440)=@un=@abs, 0x80, &(0x7f0000002ac0)=[{&(0x7f0000001540)=""/227, 0xe3}, {&(0x7f0000001640)=""/203, 0xcb}, {&(0x7f0000001740)=""/102, 0x66}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f00000027c0)=""/224, 0xe0}, {&(0x7f00000028c0)=""/150, 0x96}, {&(0x7f0000002980)=""/50, 0x32}, {&(0x7f00000029c0)=""/96, 0x60}, {&(0x7f0000002a40)=""/112, 0x70}], 0x9, &(0x7f0000002b80)=""/230, 0xe6, 0x7}, 0x9}, {{&(0x7f0000002c80)=@nfc, 0x80, &(0x7f0000003e80)=[{&(0x7f0000002d00)=""/164, 0xa4}, {&(0x7f0000002dc0)=""/131, 0x83}, {&(0x7f0000002e80)=""/4096, 0x1000}], 0x3, &(0x7f0000003ec0)=""/236, 0xec}, 0xff}, {{&(0x7f0000003fc0)=@pppol2tp, 0x80, &(0x7f0000004400)=[{&(0x7f0000004040)=""/209, 0xd1}, {&(0x7f0000004140)=""/117, 0x75}, {&(0x7f00000041c0)=""/87, 0x57}, {&(0x7f0000004240)=""/179, 0xb3}, {&(0x7f0000004300)=""/216, 0xd8}], 0x5, &(0x7f0000004480)=""/4096, 0x1000, 0x5}, 0x61c}], 0x5, 0x103, &(0x7f00000055c0)={0x0, 0x989680}) 02:30:04 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x284cf, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:05 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 234.580905] FAT-fs (loop3): bogus number of reserved sectors [ 234.586988] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:05 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() vmsplice(r0, &(0x7f0000002400)=[{&(0x7f0000000040)="e12aee2b04df4cd32441", 0xa}, {&(0x7f00000000c0)="e5a4afa6d3ce70b50fc587da462a81355781d98049565feb8955fe0ecaa028756304df7a9844ee7cd57531f4f8eb866edd90792ee5ee17216d6f619a6005419737322f28e8448afa1409bafbe0e2e17a32e00c1b689b026d3dd77b72e1d8662fdd34ca79946a75190f512412ba4cfa7d4292ab15beef8f4af28964fd0e314809e099", 0x82}, {&(0x7f0000000380)="e0ca155ff2dfe7b3317cbd53c88e3a8872e88d3e5c16bb65aba6147fa8cac362c92fa19ed1880e597f0770499e2e9077e697a1dd040278a0ff3768fc925c2d0d7d7ec1f714c074292acc1bbea124138608dc9c9781f837105724cf8a749fa52cb9554a0ec392afc64f5ed9365c58a3fbc0a0b9ba823616a7dbbf11c93d12b29f434b7f81dae30b5014007759efe19a829d373879525c77a81417883794029f50e85bc0c249e9f7785a439563fca293504f888ea88819cd1b116dea9f923073591efe4ffa964a2fe389037a62eea9afce52f4d2f3f7ff6418275e2a03dce862de9b656ec27027406ad25a28b4018f8070a069f2b8b8d81fc8a55d89bafd3f071d49453b85ac8f24f2d132937a8a21f2a3a276e2d021d10a3303b8c79f00d8efcaf133e4480cfd282696a97c832ebfef22cff434d04649720445ac552a6a85514e039222b022ae3ea600070a2cc61c259e3161cb0be437eca332d9c4a81afb36bb5cc7d91adcf3007f0c41c2f36ee00a31e920760155cbf5771a6a11de0d3a81551e6a60f7eaec2a27bfc25adf72c9ce5529f15c74492b8baa4ea1af61b49c2b04c673c9b1b3d02a691cd3e96e1e477878bf57d9a675fcfbffd532d92211de611fb294211e9be342ee5b88a768eaad3b54840c2a53d9e21d5325f5855f069e50839dc3aae1b97edaab43a8948285b568ac34fb51f8176e350b0afbcf8bb9e00918b58fe6c72de9cd17b42ccb674b766dec0b6167a9f50e2a85f812cacaadba49dae82d71f7dadbcceb16e432f97f0df45866f4a0211f876f09fffdd859b7f838848d440e43226b5c2d503f2a97bd169b0f3d93dc153986ac4dd74910ebc69c63066946c0beeacbea1e20f02c8d375584a9a3ea0636309858ab2621c16bbe3242d3618bbe488a6424757e8bb3af0d9eb168ecbf4764fa638d2a5f28bfec3c9fd64bd3eae87134be54b5776a5f5085c72234e0620a4aa9ebe0828eec5d5d0dc47332cd0a669d3825c24a5dae68357bb4d921bf6b4ea355b18b1eae6d51e47a9d4c7f9f038d0537e53331539c4e7540a020edbbd53cfc3d3127eec3cbdf288524065008f5bd9be10fe7904e9f5ecb2e4d3159a143376fe0fb05de849ecb5d97bfd08beb5a5bfdf324f1b4887275b9745d889ccfba2068f63ef4f34a40e80fe1e2eb8fbdd4b6114960f2426328b2dae93868d9ee7ffdc61c4134028bdafa27d6c433e555791889a55e797d806ac39a0cb840057c4b17e28ff5ffedd7e78f2c65262076dc8832123359bfef55a2a5ef2aae5412c8955c0591fd696921d3b51e355eecb5fa0e70691239098d3169558508613e08ad9ef6cca82161878e3b127a4cbc837ffbb97ce73eaa6bedc451e0cc3e18f55d52440bbb682e9cddb56e8d766ffd09f88b1f62399080d94ae0084dc4ae49f27670fc78d631c29081d203fe02116ca4e6608487f0cc689a44c1ad3afe6ffd9cc5a8e19b3397dd0ebcc328c270aa8f6ce3edc262d35323ea60662b07b60bd213549716ae35e0107717a90ed27b57c4e1255f799bdae7d0ea389bdfc36dc5498e208b0eccce807e6bfc3d32b46cbaf2511d68d5462bb0e958e82e5641469e43b13e46bc220e97cfe371904a35715456932833ed42f1be5be115d209e10f39597e866a7da9529aa362beed2dfc5de86332e257d6d97e70ee2bbaa94b6a7234d16e2a48d723aaf0bf86e1d641541c226c67a74f6e5de09893408277bac94acfd165276901f0ad7f9755910e86bd9efe80eb56e9118c95208da41a68691e9a152165f5b8d3845d9c1daa38739ff589648594c660586dac94857807eb315483ca34a085486bcf31dcaceb29301f0a48c3e32f6acf0f7fd4585a286c6a2c5d3d2483b02c4f3b66b785de4198ceb81082535852b358251be61a1342cbb3f783121c78b29cfb9c76d90b0fbfae037b074891cb9a961549a9aede670fba9b9cfee2b9ec4bf261a0442726b5c7dd87f9b4d9056ecf9d99a2b9153289836be40504aacfddf263e354563930b34f2c56ba19c3f124e93c5b218ef3b28ce5c5e6a008e595503c2161549df5bfa4f0b694a473403768b6c3a36161c808693d074c9adb61d56271e4f26651ecd69781176a06e72f70f04742af9c1423063e86aa33b475e84c5393b3ec45161e9389f6c5ee1e8754f901d66004283d9696a6abdba2c925feeaa28d4265572516cdf60d0643feaba1404db39c3fc5520ddb479ab07b10eb4860b84181aedbcbe703f537dddbf7a2cd3a2e7c3c4cb275f6385e2922a01b7cbecb46cec2b0d0fc4ca9ab9514cfb2fa957fc15e1321838d4342a653805b3e7a77462e914378b17c418cec24d2e25e0ca87226d039b4c374974a10162e098eafbfac19c267b348d79a26aaa02c7ab6805b6eb00352dd7f2e3d0a1bebeb0b1928de0c7f44744b28f00f711e8923f89a0cc2d8e66ea5f6a8804dde188d1e0dd6ea1184e9a6fc7fc66ff998ebdacd52820c30b7698ba5d135580f48b8ac53214c162089ef77b2bf59eeafc668fd74d830115e4b7f35ea8ac5c3870cbe43a0115991bb25672c1f3727d22d561d88811df7e5476a5249dcb1c237bda90d7985c10c487b72a5751d9e2f72d2a431d9a83638aee9c94b0f2a923b71eb74a710a046f992b7eea023340fd00f1214e2969cc196a4e143600c2f1b1d7c91d221b281462335c4ca2046a77ef0b469f02dd084a065863d5b75996152f785d59cb4598efe409c312c22521f741b7bf9768ba9e4e719100317fecd1b8ccf2ef2ae68765424fec99dd3214dfeef53583a4dc9c9ef671362baaaa7155abef4d7ce7780d824bff77dc6af24d9d0453acfa703a6f51417c1aff07f5486409e39dca1821b57bed2562cdb0eaacc6ef9286f89c297e4030e3a0f0745722cd2d34e4ca03cac2ee414e015a7af88a0973f27bb832cfd74d8458499c824db2ad08099f0db969324d41cf858bbaadc363c4302ae0e552a25e48ca83bb96bbae825b9b35279112bdc0d5dac20fb3c5cfffc70a95904746b6dfebece4d8bb9c500275c4d67a5b9bfbe3865e7948f83d1a2718641344a87e028f57ff1c476127dbc856cd1fe8fb18add4b948baee6f69df7483c1dde88cad3923486a10dd75fa85f9ed1ea11b3589fad4aff64d8db49e6c17deb891cd79d437d45061f94485e32346f827c979be0a04a242de18aa8e93ceb8d0b3a3663bb9b53bb83cc9fefec7f5d8d94b9d21ab819d5fea2c7815c0a42bb3a8876d4034b2348d27553b19a8c11fda9ee276579a4ae83f01d36191c8689e777fbc45dbebfc5cf277e21a3ee8e1d2d963fbf74999bb91b81ae30961eb2cad8aa96ef9288c67160765628291024358108729b12f6c7027e4630a2c9c4a9e26ca77ea76219e20e9fb43d6f0a6c7b724689c1343066c2b80c7f574f8973f3e6e4384f2f7abdc24141db2f4b2ffee1cdad5434bdffde580165ea02c86d371c889a5bb4dfa3a2c18b3314844375783206c88a83ae095330da74d82d1859fc7783dd6e6ee1fc2696ee3b6fe0a3451c3b5515dd9b681aeff94fc5c3683ce45e68a5d9b25f36e687c8b024ea8ab31fe61d829d3e84900fd218142951fb1ffdcc123f9ed2a810b348a661fdbc18b3cb995ad75d480ab768826cc1786dd03ef185bbda10edfd4762b2436e9dea047ff0c3c39ce4a56cd392d43f97ea8e1efce7521267ee73d10f66784090cd33435e201572380b77e4739115a31e3033cc820437bbf0a47a30e125d58eac058c813fa90e37d5b540f5cb489fc511f2b4955316b9f41b0986b07cb75c6336905104f118ae4e1eb665d13f0a1150e7155ed48806d9db1709f157e2cc54087de5f1923e82d8f104ad530e0759b5cd9d9890c0a53fb2d431023833ddb27dbf9ed933a67ba412c277ab3abcd586b5e65427a1577433c8eddec79b1ecfb3a2cf214545b52db3f7db252a46845dc69811a6fcb976399a158315cada5c6319daa6aa48b0f209f65d7571dd70bcbac30be853abfc20f08f147f1b5549d1268e05c6e9077e8c64864fb7f049926995e242538e93cacc8f27d900af2aefe0a2364d6f92536d5bbeebd4d26ff5822ca4291e91158f70fbc4ba2b582e7394edb876dd38ecf0a5877e1d9048b99a93a2965bc983119c22c39a5b30981f4cb104538a0764943871d53941a4d722b24945251652157eb83e819a10ca7827c84d5463c7d182b15d6c86fd982b0f5c1f7c8d69d9935687c415935b032bbb5dab2cfb71203cc46c51d6ffcb11ba241bbbc46c64447435cb1d318330ee97f9a6affb69369349f6282f57ed867314959b33fc591dad0ba3340b480e2264cf7f7680df262800872345ba80fdecb1cc1b4b9f4e8865b74ab51a8276c94b056de052e04c51b8e159fa24c38ba0650dca6a94f9f0b2ec1588558bad70bb71c2eff591a3a9c9501caaf378791d7eeb75455c9dedaf80f0744e6299e44e8d588afd1371419d92e0edcf808ed2a723c65e1503b6777e4b563ae29fb05ac1e37803d96a59a698da04489f3820fca1a1b45e1fcc7cc5b8849628ca9f4e23566ebd8b530cc5958358ac9d57e3e3b2fb9da2b08303849eadc0e6786bf0b2e529ef8b35541cb4d7505eb23f68405b1345543d6a3b01719ea1f84410e54db721e72a168406d52ea16b4023c1a7abc61d21229bde3db5af0b813a7448e4300c8603dff45f4f2c9f8c8adf2572b68988259e8690fb56d32cc98ee67fddcd25bcd57b263c9e85fe1e84d32b3be376e88e4e29f16d5ec7e58c8c9c22d86dc7ae21c61a00d32efaa9322f17c0658ee5a99bd1639d6e689e151fd727078fe92e51f032ef561801f95b26784a1299ca1bf8aa49d75783b5006ef1e1fd5856ebd5232b8bf298b2dbdd3158ff48a5da5b01cca62fe7256ac8bbc9b3eb102dbc479c2dcbebc830c98d5ecef76ba55bbbe4985cf2bc7e1459925ec30147c12782cb2e6c7253adbf58cd08b177188c6537c3b158e0586da80d1b7d0db64779e6b97bc279dd7dd7e0b06d025a4d23a2f5824c747a8529f6206bbb5b288777e7915776d72664059ebb336657647efc60e40246ca968d780d01781f6fab4c1b19f4b8b9c83d4e9eb9fa8abcb7b47f59c5ff06bba13a7693d54638f6c3a1b9e2f03870b0194205c0d15ae005576e9587f6d3b52164efdd79b3a074e8c396dc2e88356d713119b5e3df86023de71495fffe4f07170d730c702fdc08e51c44fa7501afcae480367b2012225df196524f3d33b539b0e5f9e7b72c58a57d46722a48b234bb62b18d7a16ea58e859bd4c6d5db4604a673a15a7e969b4a50feafcbca6eb95d0094631414149d79f57a6cf049fdaa215524bbd3e1a77741d6dd0bf28f564e2a01a6261b2a13be5ace686d6b34f217e2f59b4e3767e1f8b3fcf3a7e2006a7391d4cecc39ddc97b4acbfc721be0bd0932eae5abad85fa2416bb669dc022bbd475d6e367d7bb7689836cc3b23839c79cc3320fa245194f3f664c5bd295221510a0fec09585b5ebdeccb3eccf242252214f9175cdf6026e36c391dbb077a16c26b1b99527076e158a700c3146323660eaea724fbba3f546a7081581114de24e57d2dd53cc94987966b7a8ee33ac9cea13c9341cc0f84a512808124d723dfeb5f0b23015e07bf01b80086a02678a1410817c2a00b4c5eddb459c0866edd249464444a78b82a47974081b59e6a107506b88560eb02f17b1899cd8d9fc697b102f7308dea76774931b32a4ffb9e28bf719a3e3ea1e6099099c7a5ae67b03ac2c37ddec5cb877fcf3faee8199d9d31eac561621db5a9df7f1bf1f0470a83c8697f32", 0x1000}, {&(0x7f0000001380)="5d1bcc0d861ffa0e7467e0f48f91f40a0ec617d5e96075b4b4d9f26bfd823348f69ad7a12875a36367200a4cf416d35784668f81527e29a7276753692ab67a8bd03ec0e4fee216d290823903dbfac4b1e630e0e983e2d1c76f6f607f3c5bc6686f614959f84ef42c390c916da324ec39cf0fb35c1fcece623e2f9d1cb90611edac83d2cf55fff285d9936caad6be152d87f03c8073a22de84a3603a72a767688f4b9c12f3e63b697a89a04dc22e46c5c57ecc49b76734867d2e3648676b6836ae1217e118e3bf6bf24f215d5e4b731e173e45d2f758958a7956dc87171a655a0ef2e611f7bf1afff6bb41d977724c74500e02e6838f353f8039a5ad7d55b316c64e7ea20c9f39047edda8767432248a5ab1b59e785fa3d67df3390d65871310f6d6f78b911ce0c5c3a8b8d428c7bb18dfcd91055c1b4b4729ee54011f32d33204347036b19072be96e48255f3abee528e58a171f863f4ecc3c6c8465c1225832e863ab98511c189d0393f3fcf9088ee76293b3de4cefb3bae9625fb2beae34d943286b111a0b990d2e3072c23fce0028498be3f9b2c1381040e00d826c42d9af7ff8671dd91ba3f1fdae596ab5d91e9a84aff81599aee50fa8bc7828c2a011419821354c32e1edd64a0cac3327b349c437f0a523240fbd1b9647d20034f0db323f7aa35fe77610f8ce0e0f097a8869f5ac3c8d3ed4d4b2356d48d9b2fcbb6e40fd2b27c5a8baa8f262140f61905bbc1c6f556303b99680300d848b895f74af321b22648b9aaf49380508f2017097afd2f676001280b67d740d744d50bf6a407c147ba95003aacd5210cfcf0672554be9c922c71f5d094e356c37b1a5928d1d4243b2989d3e814ec2341d6113f6b52d66f9ff3995f8c7d0cc77f5fef07f2d5184823935dc53ef531adaf4ae53c89205b83fd2aabe9043b3c075829a9c78b959d067096fe2dcc994c9927ae4e87d31f3c0df5fe1eb00aae212605e2d96c57c428dfcce08f1648eda1f1c3a2a1c4daedae0514c7e551a01432c05e729663a38a0f54709c0fa23179496ae02f2a8bf4a1d62237cfa1602145e5b2fd2b53a80f0115daf6e6ccba28b6b5ad07225fc966818c62cc2c69d38f0217bd6c79a861713c59e3eed66f23eb056a42222597041905622167851d915f357dfa6ce7964a7c6379f0157967b0430b5e8292b0cc47587b0405d42e4e14357a2d0ec6aa7a561a4c2afd1b4439113ed513b10f49ff5c7da32c85d9d991e977ce82df6c5f3ba8527c59ad672b94b6404230b5805388b6b30ba4d5e938ff7900762f1ff1a05a181fcb24900433ec3c6bb2c22089be1d45a5ee23f5b7e29f6222a96d03617e0a50ad564dc248bf733071948e5a6535a279f5364a421b0ac54e01748c4817bece8cb81881d08bd5e9861b30f715c77aa69353a61e9812b0373bc5c27d577bc855fea99f99d5a8a9ad332a5055c09883c6b139e8b960da883067a889a1416499ae79da8a9b1e7620ff97f26c76c8783fac13961d7fc8ee4118b01fbcbecebf4238e601dc3969cbad8394f25ec26edb5d8f4ed10bce4db8e966b50b666233103dd0880e3c7ad6b85088d9cec4a04e4fbcb38001ec0310434b7fc28931d5ec09b7eff6a770c4eebc22934cde1b4ee35e9c6645235fabb11d7843a01e1793180a555f7f5acadcec807e392a15e5972c1cf2178f7cce57b6bc8639bcc14f19959ba40736278a126f1f41c687771edcbed982bd75b383c5ddb5d20f0fad8e6bfdba443d954f0d8e7de578cff44333122b92fcfb57bd03ac7f0b27beedb147484f4f71422238e0bc8f2f00edf3c5125ba505ba50290de59d8fc3c759b7d14b866ba371e01e8552c88641599e89455a7b74e4066e7967788fbfd65b729fac352cc54b1e934fad9571f064fdf34a296927aefde9de2d97e80e61297d1da4eae801bf8a3ef58e4fe6e6b52475a38f6bb10369557ff747099a9f3703223407dbe6720cb7f81e34cc6bcff1f6b27f6ac7e3740811a0cc090c09923c63d9b3e2724c15abdaf4e6e2b8ad4fb12a852886ab7caa35c8c6aca7fa5ed0a11ade927ea442e46dd6974821cba7bb630af5976891d50018df9b0084d9441fec48b12b4e4609ee490e153b1fe20d212d095a984f51ee43ec4142faf0a0f3d367a6d4e1d07a625313dbed150b12d193a0b2e7541aa08367c1fd5cb6f8105ce67471ce73109d3225cd23001afd8f5ba7d63f46f7db4c5fa5eba155ebe554dfa4d38106a7affdc1928323b2931691e9591b85cfe19dd0a35af44fe1a1e6f5cc3d84b09c29c91ca6b0936753d887bd21bdb71ad6b037f540b8aa3340f03f770957b13d64ed4c191cf2680303e9c1c1a4a91557f2ca267452aefa3c641bb4424c24be330f628f2786b2335a4a86ddd535736dd9f77eb64134aae1095a33b7fe76eb08aa813a23ed1dafba63a95ebae465359901a3a851334481342a8a175a1ddeb80ebe7ab8209a77c109d0bf81b7f59e32cc0edbfe095984fd4ce5745a5e6f9dbe4e955cfaa656e4f64e41a0c255bb7de063e5e00f07b6118e6015e37c91c96a985036ec942569ba1903760482ee7222cbf5b63845ea2f79e10f4fd075de8145396db84e56a559b85d602feeeb2ae2d34d9a5c410aeae31ffd25802f0a501a3e68544344ada2d518e29a659213dad7a25b6c95ae9ffedb684bc65db78cd66d4ab1817e748e91838bbc5c1c236f75923f8f990adbee22968481e67e618d514a51547f70da92766b9117ea08dfb3b949c43c89ac26598be84f25a01d28781eb5d3a69ceaf79c59ae52e435200ed883aed53c1f8e5e1095e4f087053a5ae05845839c48bb35ab8447b541492c38ced3b5ddc0aeb12de580041e7fe2aa9cb88db197da96a5c2ce60557f30c841cc5702fbbf5ee8c3cdd3a622f11abf14fe58bca48c2efb32785ea34aaa7f64f76e15383984dd9345de45260a69d2e89e76895c22920f04a6e1768bf41db2ef147af067eba27232b8408da8839d94aea32adf9c2ec64af47f3e21854d3633d912952a1d21bdef1b3ba75f5e264ceaefe72c8a2437be16cd2b08bf2d30f1256ed678b50c321520f0d8764fcaf129675da1f818b4454713009fb28bebf43917b59911781f3aa37cea3f52686319b68567dbbac6a9857748fd25d5ff6622a8e28cf3f5a02540638ac1639b2f91aa56fd2776103e5f9cf69669746b9a29a2e7688a09142cb20ceea8f43b756c2fd6e6af8dbd37fd111fea9c03be23bd0d16b651ca3d317a8dc334f5a49e14890fa500503a2275744589d6c8096a0df1c0b3d2bb7e5863a94d11ea1520aeead991f7dbee99ef1eb82306f1839c1e0dfeefadcb73a3a8202e8efa556e1de0a4ead010f15a98537ec9500599f1178fb2f6e48d79ebd65f65709b0a0f2a30d47e45d796dba649cc8f36f387ca1e1607dfccc9183f4050f47a0b0c4703b3dd0560f2dea711f0754f5c4736516b82d93f2f1b99735e99974c9d22fb9782d16f51aa9d7efbf16e97d4a371924da2f7b02eecf54d7c0c50faf9ef959e5bd0d3ee9bb5c4cade7e6f404480dc1d7ff1f50935f23ca31d56a3195ad595d08f1c8fa145629e30ae34cde6eb96657703616e19decdfbc7b0fed0b86d60f136d55c74383a07af955c3c667ef2a550206169c1e09c2a7e2762893580390b09132ab5f646577aa3d6c13ad7e5d948cbfec0be32d0565a6f114749250ad2bdf27e00d79044ca039df30e1dbe2e4050bde016c4fc03e0af05304f51b99c54ba71b50f6482b4e5635919e5a828f0d4a8122517290a6ca9332190721630ada7d1c76088656d53e44d05d732eb27eed78dc63d9e56185abe7bfcf6ec5a0114e03fb422e8d39e3b29bcc79f3717fd3cb22c2941b1e27750ad732feab52fca713cfec093402cbe33678e4b2b8a56fc38178403dd5c72ae0ef74ae2f5bbf3ed35c8f98d0e32a0e2cd7f75cd2ddc74b455016399db17a22d2f53d14e8269b5ea66f853a5a02a804bad7c4731058e4666ac73241a76be2e499a1e297dd24e4ec96a64a2daa093fc2b357bcbbc187e6fb0ab90775a9609b12f6ab1e1a456be29b4e10a05fac8ed79a26e55b27a4607f6c6d242cfcf0268aceb4e687700a4a95fe7eb6fbaee71151c798a1869beba40af9bdc11c90ffb9bc76decc2d7341cfc912681647df5340f3c49a94782c5297c50a02fcc6004ce521c018b61d33ca392a69ec01f060cc092fc73f8ffa95c1de846f26483b99fc9ccd9fb2dfe10a1550912fe5ca222b73350ec135bdef35ac6b65b79870063f2586d5e42b6133447536adaa7e0a212804ad1004fa36ffa298a17bc693c82103fee69b57a21ec9b1f407c660c00f2345f316df9118ec9e1403a73d85dbf1a79e5f34322406a9a6184ad11df31509c08c26657921ce55fd2e44c40ad9f1deb30b05aa289056137a87ec97f21791b812647e9a2895264cd4022428b8c00a0777f8cfe3a4b83813c418a2b34e8af24434406a46edcd51556181c6ce11fdeda80cfeb5feae6fd15b486811133762fd4e71aec2ab1821db56766bdf557d486ffca207cb5e2320caff3b6a40c62916b82edbeee15a5f250cb8effd63ab140d4ef20cce623859ef0549804e99b6fa1e3471ef56eaf2e5f9ed081573a86fd3213c2f4c447de6c5b48cc8ef083dcdcf7091168c7d47abdcab22703190b7a3e82c98f6e78502e90e96b0e2f6ce105e428c1597c464318c207f093deb42a565879a2be2d2b861113e549cf01f9cbf56a4e499abddb1d36200155a7e8d58d1ef40e1758e49fe61ed8f591043032d8a0402de35807783ef2fb854674d6f4d64b4e23768a7f2b016f8bdfb8a6460bd29c0865f308f42d1fa78e75f8ffc86d5708719b9512585dcab4d2b876e34ec3ea5aabba7a337d6b607f4c162c78d160af0f70f421c04c31a0e5dbd0fcdfa70bbd7c1f1cc59105b4f95a2f94a062626dfcbbf33973be42bcb146b28140c9329fa48f9aa93c44aa1f3e0b400f1918ce56bf2a3afb7df5102ef10a668c3c51b7c564271813c37840e9f8570aa5f4904f4429f03d8d26c5817d963686cf56140a4fbcae20dd52d8856b38e31b04d26aa77b7ac95cd68d45030c101fe2bd25eeb47009337956c654e0e45ed6fd273118b25cb08250d3d55a0ea0337a9462c778dc2028e7f9abeec97b64eab72f289900fe59ccf06ca96a75684756a8a875a7330ff63542b15a3478bede5c7f58ad6e72878646566466251d72ea1062c9ced083615d1a68e7a2fc212b1ac41256ef9dc6c633003b083ac855743db602f851775421503a1e20fa0fb2f6941b537f3e45ca2fc95e49082fbd3d0082b323a5b315eca3ec993194a26db70259512023979696e15efc959f6973cd04856f18f24d14ddaf4f67f2906ac0551ffc49a29c8441a3c875babc0baf138da8bdafea991755f846f3508c91991004746f933c28d78ad513d08a7dfef5bc83957b9ece721b697a7f8106ea6b302dac4a71ab3e6f719db745fef6f6658d19cb1928b2bb3245e3c01946299d8959f54e21d31af1454699da81d7aa677ab33b4d31cb838ba08a26c86ddf6fa1193e02d6cbab5028a0a91985e73a4c8dcc6408519444ef7054a26c607c538ba0a4bdf0d2e8802030742f66c958fe7c1e670efbd0c10129ad17e7e3de09aed34068fb92dfcda320b1984ed65e49079b7841a7748eddf7f3a73327d48bd5f25566af0b28b16a202a31a99eb2ee59faf50add39b4b614cd1e33d89a8ad56acba9a85009acf1287504bb3f2eb5f64e4e5ee8f6b22b1c96c0e225839953e8bf75e1d9c8c13029429207df7f4979b", 0x1000}, {&(0x7f00000002c0)="3af53b6155762b135b645bd79a0cd64b85025272b3a6692d386decd9b2427c12eab41e5e9354dcb4b8c11caabd3457caa261f1a29055ab5118fcd6126d633143346572aa02f76bbb80991b09b6a942a4e75cb44dd8bb0b87aaeae9082f4ce33e8a8bc77a", 0x64}, {&(0x7f0000000180)="5d2ebbb42d5d687ce05e06db5d482b8f935f32bec9795cb2ebd3ce5dc747a07ff832bfab4a34b9842e981e665ca45c86", 0x30}, {&(0x7f0000002380)="bc858c5b0e8e227c6af4ff9c370fb27244bd9274f71e6447e4a5cc27610335d3a675c4491aa6c122c58b9ccd4189b9b7a92e4007a22144b6453ecadc95aefc0e8ef6513766141087b06b1d3185f112eee77fd0ca672e746785c7", 0x5a}, {&(0x7f0000000240)="66511a0b2146153c96373b20dcef9f9860e30abf5c5ad9295261da4ff7543f623dc69bc1265d9ed5400821c615def9", 0x2f}], 0x8, 0x4) 02:30:05 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x4000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:05 executing program 3: syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f0000000240)='./file0/bus\x00', 0x1, 0x9, &(0x7f0000000800)=[{&(0x7f0000000280), 0x0, 0x2}, {&(0x7f00000002c0)="cfdbdb838324b3c4d524cbb53f2658d972a3b2e971c02d3774245c8e85885550f892e1a16b05e7ea508b4220695a2757c91e97a9f375292e1b4c96b168dfa01d556d03426d66231602a46030876e6119310b9b723bdf6886f67262fda385323bfd67cf1eea7a14da499bd485600aa3f3f97180022e77cc1c2fd1a4f5ba2ae07ee0870743c2f869cbcf76045fcf3b2dc1a012b2e4fa1bf9c4f1eecbac4fecced3f16c446795ae164bccac0b649c8e885723f614fa", 0xb4, 0xffffffff}, {&(0x7f0000000380)="9f077b77c073aa8e42016c776ac2e626", 0x10, 0x100000000}, {&(0x7f00000003c0)="af5618ca79a091cc15ed1a86597d2202a0c90ec08376503aff1c64dba2db3ffedf714b4a0d9dd3f10c1030fa6b44be1687085ce926a8f2fc93d576adf0aa41b0535654a78d031323f24917326f1a8601b9a4c570b05341790f778492b1363d678997be32cbb217ada8a3d8e0d7d9f78dea1b71a6faa6165bec87777d6ff4a08641b1d343501f876a775821a3de67a6994ab7f5a146af781bb9a77da8066922b07280814569dfbde670fec2685428a3a95598579445269690cdf81096ac8574c414e9", 0xc2, 0x3ff}, {&(0x7f00000004c0)="116fee0fc0e5d1df0373d8b3906dab43ad46a541b595bc02a0", 0x19, 0x3ff}, {&(0x7f0000000500)="9484b46b546c8076b21f9eabf2afac5487b6da5fe07441305c344197624fd5bf3afeffa03fd43996309045c97d29796e1e68ad6cdf0a67d309aea09a68244f0f27641f5bc3ed16420c05d18c612dbef5662d96be542e6e7424256497a0efad06e681ae8f0ed3b1d50d243850f0bf4ce53f3bbd5e27a4ccb355c4cf5a9d39fdae612159f11cb36320ba963374e49ed5f0bd4bc2e1e6149ab517d428b6c644753b46584b7724aaf576a9681cd4c690cf3194479151185a78ee69c6a33dfda30ff7753be70b8db65a6ad2d0abff274097568b87ebd1971f7ec672e1dbd7ff6f6e156503afc8e12a37ffca", 0xe9, 0x7fffffff}, {&(0x7f0000000600)="7b8a81fcc43966f9e53ab033f3de7fabad7560a00fd0dceaad61331358a394e30604b799cc399da584c493651d8f2b340fbd1d22d9dd0cffd339a1679d7c975f4db0", 0x42, 0x5}, {&(0x7f0000000680)="1f5cf21969f74d5f8aad14028d20b29fb5ba0436f6ada7321d781a526c2195cbfcc9e22c68a836b6d9d72401559ae6dee60b8a2611a6ba3a3694713e64eb7b4eadb50465dddad33fbd5ebffff0b28c36cb150a5aba9dd8513c6157d18dfeae2d58692480f5ced05c020ad869ef7184dbc0c6244a9cba232cf19afcca7aff9c03ad7b40c610a802", 0x87, 0x5}, {&(0x7f0000000740)="1fe89ebc071d4d7428a1a9ac784f9524748d3585e758a7ca18782d657e78bcb39025c118f736c486e7ec855aa3350993fe7a50e920783ad46d1f11aa2224ccb3b9dbada85d566adb71868515cf26d320911646c96b47a3121a0be80baaae0d3223cee2cb1a54615e2e25d7ba8382310ba1d2ba92c816bc80afec856f0d96b4795d42d53bafc99d5d173ef3a14042d1042e32404d680804d7e0422be788cd86d2e2d4b56aa8bb91d8bd30ec9039b7984285f61b207d6edafcd0e1b839d7", 0xbd, 0x58a5}], 0x101000, &(0x7f0000001f40)=ANY=[@ANYBLOB="756e695f786c6174653d312c000ac21f4a65b484958e08eec23d9b90a89dace0078e7905b996b36bc80b07a703ab7d834bd55bb02aa91c32db"]) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000940)={{0xff, @loopback=0x7f000001, 0x4e23, 0x3, 'dh\x00', 0x2c, 0x100000000, 0x18}, {@multicast2=0xe0000002, 0x4e20, 0x4, 0x4, 0x2, 0x200}}, 0x44) writev(r0, &(0x7f0000000a80)=[{&(0x7f0000000a40)="f0095aeedf562710ebe2bd7bdcc2eb", 0xf}], 0x1) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x201, 0x0) faccessat(r1, &(0x7f0000000140)='./file0/bus\x00', 0x20, 0x100) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) setpgid(r2, r2) r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x0) statfs(&(0x7f0000000180)='./file0/bus\x00', &(0x7f00000009c0)=""/104) open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ff4000/0xa000)=nil, 0xa000, 0x1000001, 0x11, r3, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r3, 0x80045400, &(0x7f0000000280)) syz_mount_image$vfat(&(0x7f0000000ac0)='vfat\x00', &(0x7f0000000b00)='./file0/bus\x00', 0xffff, 0x5, &(0x7f0000001e80)=[{&(0x7f0000000b40)="c06f885879fd0ed82103f23faaae5b91764e85c954c2e40c5693302e691c712d1575833b6886919c252dab82e9012ccbeb196371f6db9c74db50fbe2b58bea90667d9c087ce21234fa75a10fd417c2b3a0be427cb5ca7e78bab2ddd7394dbf0dbbf79eba76406449d9e735a59c1e0ce6e964a640c278715ff32374c6245a6f2300a672888d8d79c1c64c18d9cec8b154ffdb4467bf0e195a355d", 0x9a, 0x9c87}, {&(0x7f0000000c00)="5eac84f7b20ca6b0343606f79d2c40dfa96d33d0221c7c933abcb58251bac0e9ce4a705da0b3960c114c99f55eb1bbafa6f468a0abbbf9eecdbc8cf7aae35b558b419019d058c59d8a33bcbc14ca8dfe856656bd2e01", 0x56, 0xed3}, {&(0x7f0000000c80)="4ce9238e7cb354cff3deac55be8e515473cd5f6c0747daacc22cdf6732490917926b7e65bb43189f3cffd1eb8b574bbeea3223eeb364214cc32cd331f91e59b0daffdf73551d7ce26b8312bc733a3206b03774eaf12b6232498cb0043997da62f924a47a489c6a16ae0d933709d8043331a96e4395d12422cfd9e873aaa59f7ea640a71b28b860e55e499e57f30c5a726e58dfb8acfc4a0b9b2dcf8ab7948684bf262210fdd602c9a0889c1892ec5c4954c9ac97ec9a4904bd2a6dde6812daaff64fc47df4abdf7f32cfbeaec781de29e29a42ed197777875376daf05e06aaa57e65", 0xe2, 0x9}, {&(0x7f0000000d80)="bf959c8a0152c6c812724b9a1fd2bf6899c5b2015e376cdde5e160d09015c3cef8186c028c479e1aabdf715ef7224529ad35ac384e543e0ff88d912ee19b70612f27d948729eb5d16dd7cdb718aeab2890455ac0cbe17f5ca9cdef9fcb76508a4ea47e751311fefb31566087e01966ac818d1dd22cfc93ac04be1095eee36b0ce0a41e2653be612f25de30fb0d79cad433203ba9ad8c136dbac346947140540e23fca5d38d0d16955943b4836b239a167049d904d49014d654808cda2e4d0b1f225ee17048fa113c4f3d", 0xca}, {&(0x7f0000000e80)="176096571030a6d289b812857f223fe622ca1057420e539c2867aeb8a1687104d9a1f3bf553a096bb65c5c083a3151465005cad9cca26e69b397c0a50051f8e0975cd87c250fa824759669fda7c682f49ea0bd4f2e9f16154b18b282ec0da8fe8bae9bbebc4c316d641c3d11128d2e5775472b0ae90a04e404602d3ceadb893d1dbb1f832ccdf34013fef19e10dd4b355c4d026e8a58e005c2008b1ea12c4e0b1a23a5622d3bf44be454e4dd3a34e85a8b2de3db617d500679632b18dcc8902e39c00b50705dd6f49aa344ec3f251806d3050bc600f94afe9fdeb1faf8928d183af62d9ef2e7bef19539b709a1e806059982054d3f0796c40ec86b7e05908054abd2631a08235d0a60f4b7e7792df15d48aa989f2f1564d87cf7fca857a3440fbf0b3ebafce28dfadccf82d770014ed04d77f8e6cbafac78c395150805843dec731f8f826e53272d90d6a8bd7c021b986933756a698258fdee212e5697f0cb3f1e0c7e2562084e0c650f96a62ecc8cdbce495c623f9b761307a70957898a1482cd5038891093af824a74039015eca549d3ba4521d6f39606b35e991170d046e5fa0e4e61a5f636c5e723d01b3365fb4724872531aacc559f2a55b3dbff805e9690376531309f8d49930b920cb34c2abf5512097def252e43cb685b5d9bea4ea94c2ec5d6a78055f4cb8f7d7c70481ddbbcb86c40b0f0e3f047f5c0972207948793b7553249d2b39a821f5d5962719c60f9caf9b7d8695282e990f0c5614402257d8353452c43821e9bc28b6de8acb1670c64dfcbc81378e63d9153eefb0b17bf19277ccd77e08600f85070435610a35f4a5490d87d7f8f766b2fb46b972a3d32f9ff8b859b1055e2b501a7ad78d7d6ee0a2e63c134b5a4767313c8370ea0d0657cc109b19d48062c7064b04388dad165879829042c7efd631a0a1a03e20ecc3ca5ab376b307f180c9d1c5c40d7f2c4e586b85e7c00bc0c81dd99a6bc29dc6386f5bf45e27edb39babb6867c6692ed7d4ddbb424e3c348492a9c1487de73c8a477a7596354be2664242bd066b3be720aaf64e9c502e878618f456ae1ea9bf5437fe621b997ca43cc7452cd2fbcc0b6220b47693b6b09ad82dfdad373a22f29fd620051a6914af5dec262e7d2feb794ad62a8949543f774122fc4dbd84ff76c4eb5e3903d1b387050d20f49af4d60111b1421f75bbd40da494c964cf76d3d6654f31ae6f98fbda8aef6a23172d98898785dd919fba9affe8d1dab1a9ff51bce796f948e960a3c1b08146f6eb38395d701edd75a8d56149c1cac2856cb5c8c6c74484171b975853ac8e3ac2c79605fda635701a15a0ed897c072dcb73f330a232e2f104ddc0844fc87291733fd488b5b732d05122847df4ef4161c5bff0507eb1a524154552e2ebb7ce07ac515d698c865e02c0966c29e2e919a0dbce773b81cc1bb845af4247644d6d3bc472e183a50678be2494c565d244671df808d27c2aa1f2581aa8c4553de36c3890baea874cb2f4e82a830a8e42f22955818b181939239604f05ff1d5946b0db179ca2dcc1c5181a4ca7ab3c296774c03e08bbdfc6b89a4699851be8d88a827b427bd31e76f375f192a6548014d5c74805ae878729aae050931d7ccfe1d1e8494661e92ab0224f3fbd914b1741ba7ed1299e5e644511d8a4659431fb5e74aba1a32c8c3c66c25129914ef9817e7ca17beee2d5fc043309f35fba0b1b0426c3108d579ebcb07903c1155c5117629c63c8559ab4e74591b34f3d903bfcd83215fa5110948cb21e3393e4d1a72d1e04fd1d821b0346b35c92b09392cc6eb41ee8636fc1ba669006652d317c1b0fe54e62a06e1819bbee72cfc38030612a09f8c00cf85be710153fe7fad9a68e4f9d9d08c2e800da12712932d6a7e60cfedf48435e65cedc6ff39e319e5a1418e785bac6063609873ed205450e3c064f758fe5ebc79d5dc57c95e8b3d1bfc4e015866b5a6d5eb61df2486455865349479f75f3a83a2fd8ad3f2bc70d88e528616433f3f1ad151ea1e0870ee832dffaac7387928c7e1ad8dbbe855025fa9bb15182d597c131eeaa99b9a2bbc57c009acea72a1d6353ad51cc6e848c90d31d5b63bb1991446e3b2d4caa8b39e8a84fab669d326aa0c327192e4abe577f8aa9bae65098e4de4e412c6d10e9266685059e572c57d6e8994a0b7b631126b39461fda1a5068481c51a9f04c499ce35857b0d746ffc7c6789e45b60a517619fc4d5b88830790e0edc58f760fefb3f92294f3ed4bd0b0a7d73980de762dad7096ed00eb89b1d60e2510b5d32947cc559c5e95e488f3c5c8e725d6421b19f49913747785cac99d657cb581a858816a50e357c4c1a43f3bd3ed368fd6e92bd67b2e82e83f22bcea888f042d16a30c155375c9ed435baaaf4df1949c7fb73b5af1934da8b36d5eb0c62ba86d6a8a2771fa6cf7fb79a2a0d581313bdb1b900bd18bd6822551ae37cf15578f234d8e61964dd23e08a1b458cf1da9ad024480cdcca69a6399ac2b847b14bca61757d735c96fbd52edbb634d54486816acd58c3e34a4007c3ff1fc5990952c77c1ff78f961b2a134e7d08a5dbc9951f1cb95bc54dad8f4ad1dc24e6fc5034cd24a932a636cab0cd6511b550729ef85ffcfd84131d3ec376faf65bf2b1f8280f8eab44aabf7d979cf1ac7d6caa05c44222b5b3d29ad1e28b32045e2dcdaf0cfc9a672000345f0d1177b8a2669559d350174f2aaac7feafe7ec0a8ba7d0fc8016e4330fdfbbf03e5ace2b72c17411f6fecf2f315ddf02e39160a7cbcb7570fb0512d106cd88faad453b29f0b6bbd6d3f0185c533e8b3af156946fdd209557c561d9dba40175129f00a169e480d7252b8551af6404bd16fdb25c41fe5f497eaeffa98204cf0bb4fd4990e61e4a5ad43f66934d3402c382919786706e9bdc9686652c04870b8fa8b6409292a639e30c5d0029388e8c0c26fe476eb22822471037d03c6953d6ff3645def648695751ad235bd652e3f10da6555a885b624e3540dd497c6a0e7d4973b3d9055222b3d9aa91621b0a0e55d17301f99a934173e13bcaeee1277a5d90d0576d98b6645aaa3528f147fb0c3771c423e2d9ffe92b64a4363c47783e25da5a27ef16b0c796b25e702814db95eab6c55f1e6976b690226662f25bf1b3be1328d8dcefa936f82803f34879349296171a21f4bd97c68a9d13922c0aadd469e389707d92aea3d0ddd43b2e5f386e616937fabd949395a33960257e56cbd03559e4738c96820ca9441897f8b7a505ba7e24f9d7c4d7bbf956bd9eb63d4befab126a42015f20aa6bf3efba3426e51534244d10e8a5ad86233b48855f35022e97f0d95adec189f7b51421bb17f4847630a158dc8f79b8f0b118ad6784d153c64088098b74364e803782cbc24816d52df1b7997b87c81517bbbd2c620d8202899470fb865076a3491d4d864ae7a83cecb7fb202b3939bdad60badef25daa8aa14302229188f48f405bba6d042329cb8b4b64add122e562a3798eda6dfec3597655684e5250bad6e36095f6a885b81fc45e9005b41ae14dd7049734f08daf9944c6e5143b99bd6ffe6be46063a96b35489c6883715c882e4684cd6deb2f616f182a51a792c8e9076519b5206ee49d9819bf484d85d434525d821a3f2daac9ce728eb52b6a24f1b58e77c02abda712808a6ad613c0e6712c414fc3b941840fdae68a56b34dc2528a3e5d4866cde6fea906dbbeee8ba720cfe94133c311549a095381e59ea27d6588034b8548040ac2055689d319a111f494da6cde0930fe4c9dd0bdaa7dea1e1a6e5f0ac80a3c9b46009e85cb7f42f502aec5803d85668750fc13ebee310f1171a3150f0dee3ac8a09e7baef9578d29d466cd85ac97a6709d3848d4cf1876d67508267d24204c78f8c1bf47d86a47fcf3fc5ad4ac60d599bd326d653ef7634cd145987139c0264888bbd0b68b08f70599968b63101aacbb11a96b22f68072881d4fb4f8e34d85fffb0759ceefb0b5fc4f9fa787702822bae651463ce8111a658d6b5a85860d7796df5c5489a8e72027bcc8402b8b5246c854e6fa6df44681638524fd2f13fee7a0bc7e3c5fc24170d265e82d67cd6dd524a2deee50c0227b22393d692d59cbbbd9099fc3c1a6ef76674521715a09140e4156b1b068f4252af0329f00ce4c884d57d351d1f4fabb568fbb90819a435d59619d74a88f6f165e048f0a53d9b1e89d5b0bc73cb544cac078da72543dac75630c2c76df03b874dbb36864ae50517edfcd55bb29f06e4a903efb9cc3d3a9962dde8b826630435ecabe904d19a85af7487dd6a9fa58955a20ad0a7eb653503c2dd0c339fed2d92c91fb84d9f235c0144dc686acf4cfc0d7a357fab0c943d3413c5959615cb21d420160c333003d7e28bddacaaabfe6429c3bfba3646ff1ba869b27302423499de470dd97bb34248bef0bb20d9d8362f165a31981dba9ca9cff2e491fd4a89df7551a59e9cb01e2882c4272bccc8e26ae4606af7486bf736c877685a77c2e88ed1114682cd3994174b6cb10c1d11c968cc50bac1c83eec4879e0c5d22b9ec28b8487da909e9fdd9f11134481a9440576dfabd7ed4684b979cd34d37645f492253e74835f0ddbdd975a070351172f0a22d5986d05842c18c69826d2c5b3678d47e4858baad5a979bedd62173ef1a1821af8653dd6d55cd572db17e9979ea85e899947ba2402f8db4318af4ce6f4ee8e83a56466662526faecd7694db0ecf71b3e837be2860113ded642fba352b08b9352c553f056d2e07ac9e53b26b0d281feeddb5e90d414be599b1e0cf23e310dabe5294fa0a74131e444f38aa1d5b68c089f373fdb05946d48d0822ff19506993884ebd5169f99152720abae728c402f97647c8bb941acf0c3580e41e55e1fc05c7600d48d1307cff24a3cb8f1007cc4f10ed0e2890c119a2f2c36f4ec8cb6f09be7a392ad3913741cb37c635d716f8f51079d91ce6bc3d95a55358ac56d73820e001ca5e8d577237b6fd73e1d6e6d1ebf4d75849c96f59010e04a6ea308e3d3b738fd4d8145b3ee4dae93747bee887997737fd9ae2e7b13f7f4fcb1c8a50a6afdaa35a1d4614945d2a39948721353e52916d1619becb00b2b11dad33ea9638cfe00e8876b9b523f4d78391fe35b781390c83e713cf4286c66293e6d19914f780a5390e52e38c079f35c5dfb1825de1f3a3dae4908ee47648ee689cff20ca40388151a6dbe871228aa7ce447c588abd2bb0da502e249cf9dec0aab885a1d373f94c1273c46ef87ab0c6cc2c0b5e7a054593bbe0ead08c74918b13af7d8cbd9b2f30768017ba6c6ae43ff1e1b85e9d63fd0103849314ae9319d9f78a38f293a52f93668088917d6bb0f22cd9de53c2f5b10e0116327b60f0c3bc7db884b3a8036868c9d2f4664d5e1d98ac11041cfa6a65f3bc0d8de20e5918d5ec2d8f625338df0771f56c7f5b2358cc429d0280e9a9c903b1eb801e23d27dc2dab9d9a89435e07feaf3e661f19c8d2c437ac99f211f0d3e38674324044cbfd2bda505dd5fdfa2e892e7c471251fddf42402705b83aad01a49a4b0a31309cbc0b0caae10d136ca2e0a215af2d154151664fd680de03bf410c91fcf3c09af1ffed78879975143e2480619658b42a4a66d246d2392d9f352c6f1fb8105aaee1472a78b4ffe6f44c39838a5fb5ee3aab8e0b3bdccc8e57e1512a4644070f140f7ec52e10b08c830fc4bbe54ee9ca5f1152484deb30d059d2b675c1214935089a131d64b2fb04fc8cd111b49e772e850157787fcd88c7fe7145566e273c", 0x1000, 0x7}], 0x2200022, &(0x7f0000001f00)) 02:30:05 executing program 4: r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000040)=0x1c, 0x800) r1 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0x108000004, 0x27c) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000140)={0x9, 0x401, 0x100000000, {0x0, 0x1c9c380}, 0xe9d6, 0x81}) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r2, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:05 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c07, r0) [ 234.875134] FAT-fs (loop3): bogus number of reserved sectors [ 234.881130] FAT-fs (loop3): Can't find a valid FAT filesystem [ 234.886700] FAULT_INJECTION: forcing a failure. [ 234.886700] name failslab, interval 1, probability 0, space 0, times 0 [ 234.898561] CPU: 1 PID: 13093 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 234.905932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.915301] Call Trace: [ 234.917935] dump_stack+0x1c9/0x2b4 02:30:05 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xe00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:05 executing program 4: socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000040)={'nat\x00'}, &(0x7f00000000c0)=0x78) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 234.921588] ? dump_stack_print_info.cold.2+0x52/0x52 [ 234.926810] should_fail.cold.4+0xa/0x1a [ 234.930898] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 234.936021] ? kasan_kmalloc+0xc4/0xe0 [ 234.939927] ? kasan_slab_alloc+0x12/0x20 [ 234.944095] ? kmem_cache_alloc+0x12e/0x760 [ 234.948448] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 234.953312] ? kvm_mmu_load+0x21/0x10e0 [ 234.957351] ? vcpu_enter_guest+0x3aa6/0x6090 [ 234.961861] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 234.966892] ? graph_lock+0x170/0x170 [ 234.970710] ? do_syscall_64+0x1b9/0x820 [ 234.974812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.980196] ? find_held_lock+0x36/0x1c0 [ 234.984282] ? __lock_is_held+0xb5/0x140 [ 234.988373] ? check_same_owner+0x340/0x340 [ 234.992716] ? rcu_note_context_switch+0x730/0x730 [ 234.997666] __should_failslab+0x124/0x180 [ 235.001925] should_failslab+0x9/0x14 [ 235.005770] kmem_cache_alloc+0x2af/0x760 [ 235.009940] ? lock_acquire+0x1e4/0x540 [ 235.013938] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 235.018196] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 235.023063] mmu_topup_memory_caches+0xf7/0x3a0 [ 235.027762] kvm_mmu_load+0x21/0x10e0 [ 235.031600] vcpu_enter_guest+0x3aa6/0x6090 [ 235.036021] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 235.040305] ? kvm_set_msr_common+0x26a0/0x26a0 [ 235.045005] ? vmx_vcpu_load+0xadf/0xff0 [ 235.049099] ? __lock_acquire+0x7fc/0x5020 [ 235.053362] ? vmx_vcpu_reset+0x1040/0x1040 [ 235.057713] ? graph_lock+0x170/0x170 [ 235.061719] ? __lock_acquire+0x7fc/0x5020 [ 235.065987] ? __lock_is_held+0xb5/0x140 [ 235.070073] ? lock_acquire+0x1e4/0x540 02:30:05 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 235.074084] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 235.079155] ? lock_release+0xa30/0xa30 [ 235.083149] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 235.088476] ? kvm_arch_dev_ioctl+0x610/0x610 [ 235.093016] ? preempt_notifier_dec+0x20/0x20 [ 235.097548] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.102410] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.107457] kvm_vcpu_ioctl+0x7b8/0x1300 [ 235.111551] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 235.117378] ? find_held_lock+0x36/0x1c0 [ 235.121469] ? find_held_lock+0x36/0x1c0 [ 235.125591] ? lock_downgrade+0x8f0/0x8f0 [ 235.129767] ? kasan_check_read+0x11/0x20 [ 235.133941] ? rcu_is_watching+0x8c/0x150 [ 235.138107] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 235.142554] ? __fget+0x414/0x670 [ 235.146037] ? match_held_lock+0x821/0x8d0 [ 235.150283] ? expand_files.part.8+0x9c0/0x9c0 [ 235.154884] ? kasan_check_write+0x14/0x20 [ 235.159141] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 235.164095] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 235.169823] do_vfs_ioctl+0x1de/0x1720 [ 235.173728] ? __lock_is_held+0xb5/0x140 [ 235.177806] ? ioctl_preallocate+0x300/0x300 [ 235.182230] ? __fget_light+0x2f7/0x440 [ 235.186223] ? fget_raw+0x20/0x20 [ 235.189696] ? __sb_end_write+0xac/0xe0 [ 235.193692] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 235.199246] ? fput+0x130/0x1a0 [ 235.202628] ? ksys_write+0x1ae/0x260 [ 235.206446] ? security_file_ioctl+0x94/0xc0 [ 235.210868] ksys_ioctl+0xa9/0xd0 [ 235.214336] __x64_sys_ioctl+0x73/0xb0 [ 235.218236] do_syscall_64+0x1b9/0x820 [ 235.222137] ? syscall_slow_exit_work+0x500/0x500 [ 235.227006] ? syscall_return_slowpath+0x5e0/0x5e0 [ 235.231953] ? syscall_return_slowpath+0x31d/0x5e0 [ 235.236904] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 235.242288] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 235.247153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.252359] RIP: 0033:0x455ab9 [ 235.255547] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 235.277034] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.284769] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 235.292056] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 235.299332] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 235.306680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 235.314916] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000001e 02:30:05 executing program 6 (fault-call:6 fault-nth:31): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:05 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c09, r0) 02:30:05 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x380) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2, 0x0) ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f0000000040)={0x348a, 0x43, "a0c74279f36454ba9ff26fd00a26d901672578ab1965c8a49eecf28862599397617c50d7e908b7118c387a65f5a1818a58b15cfd0a1516850fe6601161a200a9c6ec3d"}) 02:30:05 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:05 executing program 5: sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:05 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xff010000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:05 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x200005000011) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) getsockopt$inet_udp_int(r0, 0x11, 0x6f, &(0x7f0000000240), &(0x7f0000000280)=0x4) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) getsockopt$inet_udp_int(r0, 0x11, 0x0, &(0x7f0000000040), &(0x7f0000000100)=0x4) recvfrom$unix(r0, &(0x7f0000000140)=""/105, 0x69, 0x2, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000000)) 02:30:05 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x1e) getsockopt$inet_dccp_int(r0, 0x21, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x10400, 0x0) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000140)=0x140, 0x4) [ 235.577429] FAULT_INJECTION: forcing a failure. [ 235.577429] name failslab, interval 1, probability 0, space 0, times 0 [ 235.588873] CPU: 1 PID: 13158 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 235.596251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.605617] Call Trace: [ 235.608226] dump_stack+0x1c9/0x2b4 [ 235.611871] ? dump_stack_print_info.cold.2+0x52/0x52 [ 235.617090] should_fail.cold.4+0xa/0x1a [ 235.621184] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 235.623754] print_req_error: I/O error, dev loop0, sector 33280 [ 235.626314] ? kasan_kmalloc+0xc4/0xe0 [ 235.626332] ? kasan_slab_alloc+0x12/0x20 [ 235.626350] ? kmem_cache_alloc+0x12e/0x760 [ 235.638265] FAT-fs (loop3): bogus number of reserved sectors [ 235.640473] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 235.640491] ? kvm_mmu_load+0x21/0x10e0 [ 235.640510] ? vcpu_enter_guest+0x3aa6/0x6090 [ 235.640524] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.640542] ? graph_lock+0x170/0x170 [ 235.644932] FAT-fs (loop3): Can't find a valid FAT filesystem [ 235.650688] ? do_syscall_64+0x1b9/0x820 [ 235.650710] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.650731] ? find_held_lock+0x36/0x1c0 [ 235.650750] ? __lock_is_held+0xb5/0x140 [ 235.650774] ? check_same_owner+0x340/0x340 [ 235.700661] ? rcu_note_context_switch+0x730/0x730 [ 235.705613] __should_failslab+0x124/0x180 [ 235.709858] should_failslab+0x9/0x14 [ 235.713667] kmem_cache_alloc+0x2af/0x760 [ 235.717840] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 235.722699] mmu_topup_memory_caches+0xf7/0x3a0 [ 235.727379] kvm_mmu_load+0x21/0x10e0 [ 235.731190] vcpu_enter_guest+0x3aa6/0x6090 [ 235.735506] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 235.739836] ? kvm_set_msr_common+0x26a0/0x26a0 [ 235.744504] ? vmx_vcpu_load+0xadf/0xff0 [ 235.748561] ? __lock_acquire+0x7fc/0x5020 [ 235.752793] ? vmx_vcpu_reset+0x1040/0x1040 [ 235.757106] ? graph_lock+0x170/0x170 [ 235.760915] ? __lock_acquire+0x7fc/0x5020 [ 235.765154] ? __lock_is_held+0xb5/0x140 [ 235.769211] ? lock_acquire+0x1e4/0x540 [ 235.773177] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 235.778187] ? lock_release+0xa30/0xa30 [ 235.782149] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 235.787419] ? kvm_arch_dev_ioctl+0x610/0x610 [ 235.791909] ? preempt_notifier_dec+0x20/0x20 [ 235.796405] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.801250] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.806270] kvm_vcpu_ioctl+0x7b8/0x1300 [ 235.810325] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 235.816034] ? find_held_lock+0x36/0x1c0 [ 235.820096] ? find_held_lock+0x36/0x1c0 [ 235.824172] ? lock_downgrade+0x8f0/0x8f0 [ 235.828331] ? kasan_check_read+0x11/0x20 [ 235.832474] ? rcu_is_watching+0x8c/0x150 [ 235.836616] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 235.841031] ? __fget+0x414/0x670 [ 235.844484] ? match_held_lock+0x821/0x8d0 [ 235.848721] ? expand_files.part.8+0x9c0/0x9c0 [ 235.853307] ? kasan_check_write+0x14/0x20 [ 235.857543] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 235.862471] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 235.868174] do_vfs_ioctl+0x1de/0x1720 [ 235.872059] ? __lock_is_held+0xb5/0x140 [ 235.876113] ? ioctl_preallocate+0x300/0x300 [ 235.880528] ? __fget_light+0x2f7/0x440 [ 235.884495] ? fget_raw+0x20/0x20 [ 235.887941] ? __sb_end_write+0xac/0xe0 [ 235.891914] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 235.897442] ? fput+0x130/0x1a0 [ 235.900726] ? ksys_write+0x1ae/0x260 [ 235.904520] ? security_file_ioctl+0x94/0xc0 [ 235.908920] ksys_ioctl+0xa9/0xd0 [ 235.912382] __x64_sys_ioctl+0x73/0xb0 [ 235.916263] do_syscall_64+0x1b9/0x820 [ 235.920138] ? finish_task_switch+0x1d3/0x870 [ 235.924625] ? syscall_return_slowpath+0x5e0/0x5e0 [ 235.929547] ? syscall_return_slowpath+0x31d/0x5e0 [ 235.934477] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 235.939869] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 235.944749] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.949943] RIP: 0033:0x455ab9 [ 235.953134] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 235.972521] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.980266] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 235.987545] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 235.994810] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 236.002083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 236.009345] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000001f [ 236.087158] FAT-fs (loop3): bogus number of reserved sectors [ 236.093161] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:06 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000040), &(0x7f00000000c0)=0x4) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:06 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x401870c8, r0) 02:30:06 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80, 0x0) setsockopt$inet_int(r1, 0x0, 0x0, &(0x7f0000000040)=0x1, 0x4) 02:30:06 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:06 executing program 6 (fault-call:6 fault-nth:32): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:06 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x7f510100, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:06 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) accept(r0, &(0x7f0000000000)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000100)=0x80) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:30:06 executing program 5: sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 236.370666] FAT-fs (loop3): bogus number of reserved sectors [ 236.376762] FAT-fs (loop3): Can't find a valid FAT filesystem [ 236.381955] FAULT_INJECTION: forcing a failure. [ 236.381955] name failslab, interval 1, probability 0, space 0, times 0 [ 236.394078] CPU: 1 PID: 13202 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 236.401635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.411003] Call Trace: [ 236.413615] dump_stack+0x1c9/0x2b4 02:30:06 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:06 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x401070cd, r0) [ 236.417268] ? dump_stack_print_info.cold.2+0x52/0x52 [ 236.422496] should_fail.cold.4+0xa/0x1a [ 236.426603] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 236.431728] ? kasan_kmalloc+0xc4/0xe0 [ 236.435630] ? kasan_slab_alloc+0x12/0x20 [ 236.439791] ? kmem_cache_alloc+0x12e/0x760 [ 236.444132] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 236.449010] ? kvm_mmu_load+0x21/0x10e0 [ 236.453102] ? vcpu_enter_guest+0x3aa6/0x6090 [ 236.457621] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 236.462659] ? graph_lock+0x170/0x170 [ 236.466479] ? do_syscall_64+0x1b9/0x820 [ 236.470562] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 236.475949] ? find_held_lock+0x36/0x1c0 [ 236.480069] ? __lock_is_held+0xb5/0x140 [ 236.484334] ? check_same_owner+0x340/0x340 [ 236.488668] ? rcu_note_context_switch+0x730/0x730 [ 236.493595] __should_failslab+0x124/0x180 [ 236.497824] should_failslab+0x9/0x14 [ 236.501616] kmem_cache_alloc+0x2af/0x760 [ 236.505752] ? lock_acquire+0x1e4/0x540 [ 236.509728] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 236.513956] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 236.518790] mmu_topup_memory_caches+0xf7/0x3a0 [ 236.523455] kvm_mmu_load+0x21/0x10e0 [ 236.527254] vcpu_enter_guest+0x3aa6/0x6090 [ 236.531566] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 236.535809] ? kvm_set_msr_common+0x26a0/0x26a0 [ 236.540472] ? zap_class+0x740/0x740 [ 236.544175] ? vmx_vcpu_load+0xadf/0xff0 [ 236.548225] ? __lock_acquire+0x7fc/0x5020 [ 236.552449] ? vmx_vcpu_reset+0x1040/0x1040 [ 236.556759] ? graph_lock+0x170/0x170 [ 236.560571] ? __lock_is_held+0xb5/0x140 [ 236.564837] ? lock_acquire+0x1e4/0x540 [ 236.568804] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 236.573816] ? lock_release+0xa30/0xa30 [ 236.577776] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 236.583047] ? kvm_arch_dev_ioctl+0x610/0x610 [ 236.587541] ? preempt_notifier_dec+0x20/0x20 [ 236.592043] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 236.596879] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 236.601894] kvm_vcpu_ioctl+0x7b8/0x1300 [ 236.605956] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 236.611747] ? find_held_lock+0x36/0x1c0 [ 236.615810] ? lock_downgrade+0x8f0/0x8f0 [ 236.619950] ? rcu_is_watching+0x8c/0x150 [ 236.624094] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 236.628508] ? __fget+0x414/0x670 [ 236.631949] ? match_held_lock+0x821/0x8d0 [ 236.636183] ? expand_files.part.8+0x9c0/0x9c0 [ 236.640753] ? kasan_check_write+0x14/0x20 [ 236.644976] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 236.649910] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 236.655612] do_vfs_ioctl+0x1de/0x1720 [ 236.659501] ? ioctl_preallocate+0x300/0x300 [ 236.663895] ? __fget_light+0x2f7/0x440 [ 236.667857] ? fget_raw+0x20/0x20 [ 236.671301] ? __sb_end_write+0xac/0xe0 [ 236.675268] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 236.680796] ? fput+0x130/0x1a0 [ 236.684067] ? ksys_write+0x1ae/0x260 [ 236.687857] ? security_file_ioctl+0x94/0xc0 [ 236.692254] ksys_ioctl+0xa9/0xd0 [ 236.695696] __x64_sys_ioctl+0x73/0xb0 [ 236.699573] do_syscall_64+0x1b9/0x820 [ 236.703459] ? finish_task_switch+0x1d3/0x870 [ 236.707955] ? syscall_return_slowpath+0x5e0/0x5e0 [ 236.712891] ? syscall_return_slowpath+0x31d/0x5e0 [ 236.717815] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 236.723170] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 236.728105] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 236.733301] RIP: 0033:0x455ab9 [ 236.736473] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 236.755817] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 236.763519] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 236.770786] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 236.778041] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 236.785309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 236.792579] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000020 [ 236.822013] FAT-fs (loop3): bogus number of reserved sectors [ 236.828357] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:07 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']) ioctl$KVM_RUN(r3, 0xae80, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x0, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:07 executing program 3: syz_mount_image$vfat(&(0x7f0000000100)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0xb3, 0xaaaadd0, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x1000000) 02:30:07 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c03, r0) 02:30:07 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1100, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 237.081545] FAT-fs (loop3): bogus number of reserved sectors [ 237.087509] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:07 executing program 5: sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 237.244428] print_req_error: I/O error, dev loop0, sector 15360 [ 237.250879] print_req_error: I/O error, dev loop0, sector 16472 [ 237.257105] print_req_error: I/O error, dev loop0, sector 17496 [ 237.264434] print_req_error: I/O error, dev loop0, sector 8 [ 237.270369] Buffer I/O error on dev loop0, logical block 1, lost async page write [ 237.299754] print_req_error: I/O error, dev loop0, sector 0 [ 237.305591] Buffer I/O error on dev loop0, logical block 0, lost async page write 02:30:07 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x80) ioctl(r0, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f0000000180)) write(r2, &(0x7f0000000240)="45f4ac303fca542cd777e1a2ac4638dddbd0ce6d332fe4dd221f8ae5e228b55d474e6ca6f3679c829d29e1d400b3d162a2a93f96128f5930a32d92768d2fc7946b18767b87e0c9a3ca6774cfc7230d56910810c16b0dac7b4784caacc0eb0f226cf9dccfd67bdb7012bbbbb071367437b12c772caeba9aa2be0fa85f74d07446affebcb7fad65f82cc45f90104bd2f4cbeee1f09e1747754319a45957993845397617646df522376860d6376f4c4583701899fa427dbad9e126ca463e7468397b5db609adf93b9c00b3f0ad2b97d1d8b711d61217fdd", 0xd6) ioctl$RTC_VL_READ(r2, 0x80047013, &(0x7f00000000c0)) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:07 executing program 6 (fault-call:6 fault-nth:33): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:07 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c04, r0) 02:30:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x0, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:07 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x5, 0xe800) 02:30:07 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r1 = shmget(0x0, 0x2000, 0x54000080, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_LOCK(r1, 0xb) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x3}, &(0x7f0000000040)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e24, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0x80000000}}, 0x6a6, 0x69, 0x800, 0x9, 0xd5}, &(0x7f00000001c0)=0x98) r3 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r4 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r4, 0x0) ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000200)={0x81, 0xa110, 0x5}) 02:30:07 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1600, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 237.470237] FAT-fs (loop3): bogus number of reserved sectors [ 237.476204] FAT-fs (loop3): Can't find a valid FAT filesystem [ 237.549495] FAULT_INJECTION: forcing a failure. [ 237.549495] name failslab, interval 1, probability 0, space 0, times 0 [ 237.560875] CPU: 0 PID: 13278 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 237.568249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.577698] Call Trace: [ 237.580306] dump_stack+0x1c9/0x2b4 [ 237.583956] ? dump_stack_print_info.cold.2+0x52/0x52 [ 237.589180] should_fail.cold.4+0xa/0x1a [ 237.593280] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 237.598403] ? kasan_kmalloc+0xc4/0xe0 [ 237.602305] ? kasan_slab_alloc+0x12/0x20 [ 237.606470] ? kmem_cache_alloc+0x12e/0x760 [ 237.610880] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 237.615737] ? kvm_mmu_load+0x21/0x10e0 [ 237.619729] ? vcpu_enter_guest+0x3aa6/0x6090 [ 237.624326] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 237.629361] ? graph_lock+0x170/0x170 [ 237.633210] ? do_syscall_64+0x1b9/0x820 [ 237.637292] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.642691] ? find_held_lock+0x36/0x1c0 [ 237.646781] ? __lock_is_held+0xb5/0x140 [ 237.650897] ? check_same_owner+0x340/0x340 [ 237.655253] ? rcu_note_context_switch+0x730/0x730 [ 237.660205] __should_failslab+0x124/0x180 [ 237.664483] should_failslab+0x9/0x14 [ 237.668301] kmem_cache_alloc+0x2af/0x760 [ 237.672472] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 237.677337] mmu_topup_memory_caches+0xf7/0x3a0 [ 237.682031] kvm_mmu_load+0x21/0x10e0 [ 237.685860] vcpu_enter_guest+0x3aa6/0x6090 [ 237.690200] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 237.694495] ? kvm_set_msr_common+0x26a0/0x26a0 [ 237.699182] ? zap_class+0x740/0x740 [ 237.702932] ? vmx_vcpu_load+0xadf/0xff0 [ 237.707044] ? print_usage_bug+0xc0/0xc0 [ 237.711118] ? __lock_acquire+0x7fc/0x5020 [ 237.715372] ? vmx_vcpu_reset+0x1040/0x1040 [ 237.719712] ? graph_lock+0x170/0x170 [ 237.723546] ? mark_held_locks+0xc9/0x160 [ 237.727710] ? __lock_is_held+0xb5/0x140 [ 237.731794] ? lock_acquire+0x1e4/0x540 [ 237.735784] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 237.740824] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 237.745595] ? lock_release+0xa30/0xa30 [ 237.749581] ? retint_kernel+0x10/0x10 [ 237.753494] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 237.758346] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 237.763390] kvm_vcpu_ioctl+0x7b8/0x1300 [ 237.767556] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 237.773318] ? find_held_lock+0x36/0x1c0 [ 237.777403] ? lock_downgrade+0x8f0/0x8f0 [ 237.781571] ? rcu_is_watching+0x8c/0x150 [ 237.785731] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 237.790154] ? __fget+0x414/0x670 [ 237.793628] ? match_held_lock+0x821/0x8d0 [ 237.797875] ? expand_files.part.8+0x9c0/0x9c0 [ 237.802470] ? kasan_check_write+0x14/0x20 [ 237.806720] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 237.811670] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 237.817394] do_vfs_ioctl+0x1de/0x1720 [ 237.821298] ? ioctl_preallocate+0x300/0x300 [ 237.825716] ? __fget_light+0x2f7/0x440 [ 237.829700] ? fget_raw+0x20/0x20 [ 237.833169] ? __sb_end_write+0xac/0xe0 [ 237.837161] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 237.842711] ? fput+0x130/0x1a0 [ 237.846027] ? ksys_write+0x1ae/0x260 [ 237.849840] ? security_file_ioctl+0x94/0xc0 [ 237.854284] ksys_ioctl+0xa9/0xd0 [ 237.857806] __x64_sys_ioctl+0x73/0xb0 [ 237.861711] do_syscall_64+0x1b9/0x820 [ 237.865608] ? finish_task_switch+0x1d3/0x870 [ 237.870116] ? syscall_return_slowpath+0x5e0/0x5e0 [ 237.875061] ? syscall_return_slowpath+0x31d/0x5e0 [ 237.880025] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 237.885431] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 237.890296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.895492] RIP: 0033:0x455ab9 [ 237.898679] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 237.918117] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 237.925845] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 237.933128] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 237.940422] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 02:30:07 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x301, r0) 02:30:07 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x928e) r1 = socket$alg(0x26, 0x5, 0x0) mount$9p_tcp(&(0x7f0000000140)='127.0.0.1\x00', &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='9p\x00', 0x2000, &(0x7f0000000280)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}, {@version_L='version=9p2000.L', 0x2c}]}}) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x128080, &(0x7f00000001c0)=ANY=[@ANYBLOB="747261fa013d756e697c2c6398bc616368653c6d6d61702c00a2cd00fe118cb2fb10671bce259d42d786b07591528cacdcde7646b9c6745dea25c2e508a4cd7a522c37d362faa6d99930c2c2e49310553b44c52ba90e1d46eabb367e9321c1a21b6c707d"]) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x0, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:08 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000100)={0x4, 0xfffffffffffffc00, [{0x9, 0x0, 0x7}, {0x400000000000, 0x0, 0x8000}, {0x20, 0x0, 0x4}, {0x6, 0x0, 0x9}]}) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000040)={0x54, 0xffff, 0x6, {0x2, 0x80000000}, {0x8, 0x1000}, @rumble={0x7, 0xffffffff}}) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:30:08 executing program 4: r0 = open(&(0x7f0000000180)='.\x00', 0x10000, 0x0) write$FUSE_WRITE(r0, &(0x7f00000001c0)={0x18, 0xffffffffffffffda, 0x3, {0xa767}}, 0x18) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f0000000040)) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) connect$bt_sco(r1, &(0x7f0000000200)={0x1f, {0x1000, 0x4, 0xe88f, 0xc0, 0x4, 0x1}}, 0x8) open_by_handle_at(r1, &(0x7f0000000080)={0xe9, 0xffffffffffffff01, "bbd107601a02af31f8bc42b53171962f8ac9134a2553695dfcbb7ac667c282310419fee2eec22cc7a631512073e329d4af68e4c015d2b7358db9e01d89d6dd162b952650c1b186914d63a2a1914cfa81cab2d02b0e132af85d49358988e1e07eb1ce4b572f4afa52b3ad45677501c9a0f6ec1b4c001f92f9a564f56905c20c6734ea41541a2678b80a45f000967e68b58ad09b37ec8de75db3be3243f7ca24c5eb5dff6d30913f12bb7d190d4dd1fda50e03bec77514e8db902cd7b8a07c56dec45aa42c42837b971e2749ff5a1c02b0ded31deea9ee849947789fb881933f6604"}, 0x101000) socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000240)={0x0, 0x100, 0x10, 0x81, 0x2}, &(0x7f0000000280)=0x18) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000002c0)={r3, 0x5}, 0x8) 02:30:08 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x5460, r0) 02:30:08 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:08 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) fallocate(r0, 0x20, 0x2, 0x4) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x409) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x200000, 0x0) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000003c0)=0x3, 0x4) [ 237.947702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 237.955071] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000021 [ 238.002208] FAT-fs (loop3): bogus number of reserved sectors [ 238.008159] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:08 executing program 5: r0 = getpid() sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 238.137861] FAT-fs (loop3): bogus number of reserved sectors [ 238.143795] FAT-fs (loop3): Can't find a valid FAT filesystem [ 238.320534] print_req_error: I/O error, dev loop0, sector 25600 [ 238.327090] print_req_error: I/O error, dev loop0, sector 26624 [ 238.333272] print_req_error: I/O error, dev loop0, sector 27648 [ 238.340903] print_req_error: I/O error, dev loop0, sector 0 [ 238.346747] Buffer I/O error on dev loop0, logical block 0, lost async page write 02:30:08 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:08 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f00000000c0)="6c4c9e3900b67e3f4a31606bbee21de92fa9ca8ed21e31e19039fe4c697b90a77d32c010c384902e3a1b61f8508ce6a17bb4df51f55e083e1ec3fcdeb65c14078a05f3e3ea4a64b74d177b7fbd7cabd3f5a43e") dup2(r2, r1) ioctl$int_in(r2, 0xaf2d4f7ae59df1b7, &(0x7f0000000240)=0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r4 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) socketpair$inet6_sctp(0xa, 0x0, 0x84, &(0x7f0000000140)) pwritev(r4, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) sendfile(r3, r3, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r3, 0x4c01) sync() connect$vsock_stream(r4, &(0x7f0000000180)={0x28, 0x0, 0x2711, @host=0x2}, 0x10) 02:30:08 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) splice(r0, &(0x7f0000000000), r0, &(0x7f0000000040), 0x9, 0xa) 02:30:08 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0xc0481273, r0) 02:30:08 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x700, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:08 executing program 4: bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast5)\x00'}, 0xfffffffffffffd57) bind$alg(0xffffffffffffffff, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x480081, 0x80) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000100), &(0x7f0000000140)=0x8) ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000040)) 02:30:08 executing program 6 (fault-call:6 fault-nth:34): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:08 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f00000003c0)=""/244, &(0x7f0000000280)=0xfd) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="baf80c66b82095da8566efbafc0c66ed0f073e65660f38393e763f66b9800000c00f326635000100000f30f0113c66ff6f02260ff39b0d00b83a000f00d865f3260f062edbe3", 0x46}], 0x1, 0x4, &(0x7f0000000200)=[@cr0={0x0, 0x10}], 0x1) r3 = dup2(r0, r0) ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f00000000c0)=0x1000) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0xe, 0x1, "3d6842182db169c4fb8260f46f0d3b4a9bfd45507ca0c7097ce8e88a7d02db79ccc79d27397529cdc01031af86aefa0f84fda74c7770fb5cd76691c55f94f92a", "d6aad65ef8afcb783864081d4d81156c5eb97ef1a26cb4356fc352ab69448544", [0xff, 0x2]}) [ 238.569144] FAT-fs (loop3): bogus number of reserved sectors [ 238.575129] FAT-fs (loop3): Can't find a valid FAT filesystem [ 238.617248] FAT-fs (loop3): bogus number of reserved sectors [ 238.623188] FAT-fs (loop3): Can't find a valid FAT filesystem [ 238.635458] FAULT_INJECTION: forcing a failure. [ 238.635458] name failslab, interval 1, probability 0, space 0, times 0 [ 238.646897] CPU: 1 PID: 13367 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 238.654285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.663654] Call Trace: 02:30:09 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:09 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x401870cb, r0) 02:30:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 238.666268] dump_stack+0x1c9/0x2b4 [ 238.669920] ? dump_stack_print_info.cold.2+0x52/0x52 [ 238.675242] should_fail.cold.4+0xa/0x1a [ 238.679330] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 238.684454] ? kasan_kmalloc+0xc4/0xe0 [ 238.688355] ? kasan_slab_alloc+0x12/0x20 [ 238.692520] ? kmem_cache_alloc+0x12e/0x760 [ 238.697032] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 238.701892] ? kvm_mmu_load+0x21/0x10e0 [ 238.705886] ? vcpu_enter_guest+0x3aa6/0x6090 [ 238.710395] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.715433] ? graph_lock+0x170/0x170 [ 238.719255] ? do_syscall_64+0x1b9/0x820 [ 238.723335] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 238.728709] ? find_held_lock+0x36/0x1c0 [ 238.732773] ? __lock_is_held+0xb5/0x140 [ 238.736829] ? check_same_owner+0x340/0x340 [ 238.741139] ? rcu_note_context_switch+0x730/0x730 [ 238.746058] __should_failslab+0x124/0x180 [ 238.750295] should_failslab+0x9/0x14 [ 238.754095] kmem_cache_alloc+0x2af/0x760 [ 238.758230] ? kvm_clock_read+0x25/0x30 [ 238.762196] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 238.767205] ? ktime_get_with_offset+0x32e/0x4b0 [ 238.772747] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 238.777578] mmu_topup_memory_caches+0xf7/0x3a0 [ 238.782247] kvm_mmu_load+0x21/0x10e0 [ 238.786039] ? vcpu_enter_guest+0x298c/0x6090 [ 238.790528] vcpu_enter_guest+0x3aa6/0x6090 [ 238.794857] ? kvm_set_msr_common+0x26a0/0x26a0 [ 238.799518] ? vmx_vcpu_load+0xadf/0xff0 [ 238.803568] ? __lock_acquire+0x7fc/0x5020 [ 238.807792] ? vmx_vcpu_reset+0x1040/0x1040 [ 238.812099] ? graph_lock+0x170/0x170 [ 238.815886] ? __lock_acquire+0x7fc/0x5020 [ 238.820115] ? __lock_is_held+0xb5/0x140 [ 238.824166] ? lock_acquire+0x1e4/0x540 [ 238.828144] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 238.833149] ? lock_release+0xa30/0xa30 [ 238.837109] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 238.842382] ? kvm_arch_dev_ioctl+0x610/0x610 [ 238.846863] ? preempt_notifier_dec+0x20/0x20 [ 238.851350] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.856265] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.861278] kvm_vcpu_ioctl+0x7b8/0x1300 [ 238.865338] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 238.871035] ? find_held_lock+0x36/0x1c0 [ 238.875087] ? find_held_lock+0x36/0x1c0 [ 238.879143] ? lock_downgrade+0x8f0/0x8f0 [ 238.883296] ? kasan_check_read+0x11/0x20 [ 238.887429] ? rcu_is_watching+0x8c/0x150 [ 238.891562] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 238.895961] ? __fget+0x414/0x670 [ 238.899415] ? match_held_lock+0x821/0x8d0 [ 238.903648] ? expand_files.part.8+0x9c0/0x9c0 [ 238.908218] ? kasan_check_write+0x14/0x20 [ 238.912460] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 238.917391] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 238.923099] do_vfs_ioctl+0x1de/0x1720 [ 238.926987] ? __lock_is_held+0xb5/0x140 [ 238.931038] ? ioctl_preallocate+0x300/0x300 [ 238.935450] ? __fget_light+0x2f7/0x440 [ 238.939427] ? fget_raw+0x20/0x20 [ 238.942881] ? __sb_end_write+0xac/0xe0 [ 238.946857] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 238.952386] ? fput+0x130/0x1a0 [ 238.955666] ? ksys_write+0x1ae/0x260 [ 238.959468] ? security_file_ioctl+0x94/0xc0 [ 238.963883] ksys_ioctl+0xa9/0xd0 [ 238.967323] __x64_sys_ioctl+0x73/0xb0 [ 238.971285] do_syscall_64+0x1b9/0x820 [ 238.976550] ? syscall_return_slowpath+0x5e0/0x5e0 [ 238.981480] ? syscall_return_slowpath+0x31d/0x5e0 [ 238.986664] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 238.992046] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 238.996881] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 239.002055] RIP: 0033:0x455ab9 [ 239.005226] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 239.024449] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 239.032157] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 239.039420] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 239.046777] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 239.054034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 239.061290] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000022 02:30:09 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000000140)='./file0/bus\x00', 0x20002, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000000)={{0xfffffffffffffff7, 0x4}, 0x40}, 0x10) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x1000001, 0x11, r1, 0x0) 02:30:09 executing program 6 (fault-call:6 fault-nth:35): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:09 executing program 5: r0 = getpid() sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) sendfile(r0, r1, &(0x7f00000000c0), 0x8000) bind$bt_sco(r0, &(0x7f0000000c00)={0x1f, {0x0, 0xffffffffffff8000, 0x1000, 0x6, 0x100, 0x1}}, 0x8) pwritev(r2, &(0x7f0000000040)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000180)={@remote, 0x0}, &(0x7f0000000240)=0x14) r6 = getpgid(0xffffffffffffffff) wait4(r6, &(0x7f0000000400), 0xe, &(0x7f0000000440)) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f00000003c0)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000e40)={{{@in6=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@remote}}, &(0x7f0000000500)=0xe8) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000540)={'veth1\x00', 0x0}) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000580)={@empty, @multicast2, 0x0}, &(0x7f00000005c0)=0xc) accept$packet(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000640)=0x14) getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000680)={@local, 0x0}, &(0x7f00000006c0)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000700)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@loopback}}, &(0x7f0000000800)=0xe8) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000bc0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0xfa96e368a1be64ce}, 0xc, &(0x7f0000000b80)={&(0x7f0000000840)={0x31c, r4, 0x104, 0x70bd2c, 0x25dfdbfc, {0x2}, [{{0x8, 0x1, r5}, {0xe4, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3ff}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7fffffff}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8001}}}]}}, {{0x8, 0x1, r7}, {0x44, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x401}}, {0x8, 0x6, r8}}}]}}, {{0x8, 0x1, r9}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r10}}}]}}, {{0x8, 0x1, r11}, {0x17c, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x8}}, {0x8, 0x7}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r13}}}]}}]}, 0x31c}, 0x1, 0x0, 0x0, 0x4}, 0x1) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:09 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x40100, 0x0) recvfrom$unix(r1, &(0x7f0000000080)=""/44, 0x2c, 0x40010002, 0x0, 0xfffffffffffffc1e) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000000)={0x343, 0x7fff, 0x1, 0xce8, 0x40000000000000}) socket(0x8, 0x7ffff, 0x80) bind$alg(r0, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha512\x00'}, 0x3bf6b6c55fa82c4f) [ 239.275407] FAT-fs (loop3): bogus number of reserved sectors [ 239.281375] FAT-fs (loop3): Can't find a valid FAT filesystem [ 239.348584] FAULT_INJECTION: forcing a failure. [ 239.348584] name failslab, interval 1, probability 0, space 0, times 0 [ 239.360242] CPU: 0 PID: 13405 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 239.367620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.376992] Call Trace: [ 239.379607] dump_stack+0x1c9/0x2b4 [ 239.383264] ? dump_stack_print_info.cold.2+0x52/0x52 [ 239.388485] should_fail.cold.4+0xa/0x1a [ 239.393523] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 239.398625] ? kasan_kmalloc+0xc4/0xe0 [ 239.402509] ? kasan_slab_alloc+0x12/0x20 [ 239.406753] ? kmem_cache_alloc+0x12e/0x760 [ 239.411245] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 239.416073] ? kvm_mmu_load+0x21/0x10e0 [ 239.420037] ? vcpu_enter_guest+0x3aa6/0x6090 [ 239.424520] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 239.429528] ? graph_lock+0x170/0x170 [ 239.433327] ? do_syscall_64+0x1b9/0x820 [ 239.437391] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 239.442745] ? find_held_lock+0x36/0x1c0 [ 239.446797] ? __lock_is_held+0xb5/0x140 [ 239.450850] ? check_same_owner+0x340/0x340 [ 239.455168] ? rcu_note_context_switch+0x730/0x730 [ 239.460098] __should_failslab+0x124/0x180 [ 239.464324] should_failslab+0x9/0x14 [ 239.468125] kmem_cache_alloc+0x2af/0x760 [ 239.476093] ? lock_acquire+0x1e4/0x540 [ 239.480184] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 239.484522] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 239.489359] mmu_topup_memory_caches+0xf7/0x3a0 [ 239.494027] kvm_mmu_load+0x21/0x10e0 [ 239.497823] vcpu_enter_guest+0x3aa6/0x6090 [ 239.502145] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 239.506372] ? kvm_set_msr_common+0x26a0/0x26a0 [ 239.511046] ? vmx_vcpu_load+0xadf/0xff0 [ 239.515099] ? __lock_acquire+0x7fc/0x5020 [ 239.519321] ? vmx_vcpu_reset+0x1040/0x1040 [ 239.523633] ? graph_lock+0x170/0x170 [ 239.527424] ? __lock_acquire+0x7fc/0x5020 [ 239.531655] ? __lock_is_held+0xb5/0x140 [ 239.535717] ? lock_acquire+0x1e4/0x540 [ 239.539686] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 239.544691] ? lock_release+0xa30/0xa30 [ 239.548657] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 239.553922] ? kvm_arch_dev_ioctl+0x610/0x610 [ 239.558404] ? preempt_notifier_dec+0x20/0x20 [ 239.562893] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 239.567722] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 239.572733] kvm_vcpu_ioctl+0x7b8/0x1300 [ 239.576802] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 239.582497] ? find_held_lock+0x36/0x1c0 [ 239.586565] ? find_held_lock+0x36/0x1c0 [ 239.590633] ? lock_downgrade+0x8f0/0x8f0 [ 239.594771] ? kasan_check_read+0x11/0x20 [ 239.598904] ? rcu_is_watching+0x8c/0x150 [ 239.603039] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 239.607438] ? __fget+0x414/0x670 [ 239.610879] ? match_held_lock+0x821/0x8d0 [ 239.615099] ? expand_files.part.8+0x9c0/0x9c0 [ 239.619668] ? kasan_check_write+0x14/0x20 [ 239.623900] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 239.628831] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 239.634527] do_vfs_ioctl+0x1de/0x1720 [ 239.638403] ? __lock_is_held+0xb5/0x140 [ 239.642463] ? ioctl_preallocate+0x300/0x300 [ 239.646856] ? __fget_light+0x2f7/0x440 [ 239.651155] ? fget_raw+0x20/0x20 [ 239.654598] ? __sb_end_write+0xac/0xe0 [ 239.658565] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 239.664088] ? fput+0x130/0x1a0 [ 239.667355] ? ksys_write+0x1ae/0x260 [ 239.671147] ? security_file_ioctl+0x94/0xc0 [ 239.675560] ksys_ioctl+0xa9/0xd0 [ 239.679000] __x64_sys_ioctl+0x73/0xb0 [ 239.682884] do_syscall_64+0x1b9/0x820 [ 239.686843] ? finish_task_switch+0x1d3/0x870 [ 239.691338] ? syscall_return_slowpath+0x5e0/0x5e0 [ 239.696265] ? syscall_return_slowpath+0x31d/0x5e0 [ 239.701183] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 239.706539] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 239.711378] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 239.716728] RIP: 0033:0x455ab9 [ 239.719911] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 239.739159] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:30:10 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1100000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 239.746954] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 239.754301] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 239.761556] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 239.768809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 239.776066] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000023 02:30:10 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1263, r0) 02:30:10 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0xfccd) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:10 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x40101283, r0) 02:30:10 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x8f6e, 0x80040) ioctl$KVM_GET_DEBUGREGS(r1, 0x8080aea1, &(0x7f0000000040)) 02:30:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:10 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x700000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:10 executing program 6 (fault-call:6 fault-nth:36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 240.061013] FAT-fs (loop3): bogus number of reserved sectors [ 240.067064] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:10 executing program 5: r0 = getpid() sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000040)='./file0/bus\x00', 0x2, 0x2f3, &(0x7f00000002c0), 0x0, &(0x7f0000000280)=ANY=[@ANYPTR64=&(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRESOCT, @ANYRES64], @ANYRESDEC=0x0, @ANYRES16], @ANYPTR=&(0x7f0000000240)=ANY=[@ANYRES32, @ANYPTR=&(0x7f0000000180)=ANY=[@ANYRESDEC, @ANYRESOCT, @ANYRESOCT, @ANYRESDEC, @ANYRESDEC], @ANYPTR, @ANYPTR64=&(0x7f0000000200)=ANY=[@ANYRESOCT]], @ANYRES64]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80000, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x11, r0, 0x0) 02:30:10 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1264, r0) 02:30:10 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = geteuid() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000080)={{{@in=@rand_addr, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8) r4 = getpgrp(0x0) r5 = getpgid(0x0) r6 = geteuid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) r8 = getpid() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000003c0)={{{@in=@dev, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@remote}}, &(0x7f0000006140)=0xe8) fstat(r0, &(0x7f0000006180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) pipe2(&(0x7f0000006200)={0xffffffffffffffff}, 0x800) sendmsg$netlink(r1, &(0x7f00000063c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)={0x614, 0x1e, 0x100, 0x70bd29, 0x25dfdbff, "", [@nested={0x2a4, 0x1b, [@generic="7066fd1ee32bec770f14be232cbe2ba1ae1b41308fc6428b168b3caf39193bd80413d1eda8317ced1f79e6961f87038e6bd014573daabc24eddc10318937683910093f28eb71f2bf460e1f8bfd65a4967148f25f05da3ff67302b899a189c19a9d9f32b6e5591a0b0c5ae118f39fcc2a03c0cc17bc05727a6e7e276e015823ca8ba7704b26e1ff0a4fb8c562d48eba2fbe16e31d2e2fa968223a5290d2e0c1f312c8a1e1cd8c02ffc869a5187dfd62e2e4d935bee516f1aa9e8134d8dc8357c7d79caaafd1d63697", @typed={0x8, 0x93, @u32=0x80}, @generic="4beec93784915c6c53e2d46925b9140db74aec7de44350f2d54691ce7f63fb3663bc65b885a4dd93ce873231f817addb9c45b401ebb673e41b18ecba478965e3b22042b03769da5b98f1fc8913b481236de4ec38b846ef09e42c527cc7e4f21ff21eecedc34efc7456841044b34d93c85d3f8d1e8eac4dd6397d5ed918e509", @generic="3def9497d7ef175ab7c617240394fb015dabaccdc43adcc0b537c3f4964a5602f71f253336ad959de2d9b689cf98c95d887941b961917b2dd92098a6f8bd7bfbac14c7934fecae586ab0bb5e26dc01e621d1450da8c76b01cd51ac75dd792301f7945391029ce8caa18a7f2f10384d0fe22c0e21524f8abcc918c70b0dc4c45a81588790c12b96068d37efbd6427303f17b850a564f8c56041476b0f929bd53b6bc373e9f61e0c95e53ab394923ffdbe30b82010e233a6997e87d51e3d9f", @typed={0x8, 0x3d, @fd=r0}, @generic="37f66d7cc29d654afbb6eacfa62da9db07b6453f670b85fce97eb31b916ffc502c7fa1471ccc6a50419fea9f9639a8cad52ed2aee6cfbb74561db4d457608ac58ff41ef63cebfb1b3645f33047e97e08a33a8ed0ab3a76e685d2d70bc969e6b3b0141030ec227f23b49f06c1ecdb8d95db77aca8fae6c0e27bc96bd1", @typed={0x4, 0x7c}, @typed={0x8, 0x7a, @u32=0x800}]}, @generic="47f921e6276cb882375b3bf596607e94c269ff86a7fdf99d8e60bc103b50d8adfac0d6e3ab18d25ac58a262e0f12b64ed70eb335bde057e09e7ac112f77a44b72d99a72ecd4a6bd7fb41eeb8692655ced053cb7bfc2c5e331374d59ab310e8e77ede566b55bd6d8d0e7c18b435d2de4ddcde403a800267b7425b46f922f7a66809cda4105262f0146d902ce4efc94ddb53f9ad60ee604b63e25dadd4510f2dd46d72d2c732bf77b1cb1862", @generic="e73b39ccc112a8142a72a73f39ed2264f691dee42cd1fd328ac6a872bce3f2bcd58fb7035e4631cba6d0072f1cd9e5cd1f28f58ad1318eda28a3d5ec3519746c305202e8307c30301c9106c61af68da8904c1cf196d47569f345cd2af2453478571a8708ae59a91b0303d83a535b1ac997", @typed={0x8, 0x7c, @uid=r2}, @generic="6a292799f67c52108fd6c0363bf6a261a3fd307963f01c0734e1849b935705220b232e66f9db4327e4fafd38820cfb28f1b69bf455fa2b3c9780235702a8d56338713ba86e3260ca325269fd703cc5930ae3e36c772a3d668fe78272fe4ac75c9e2e6a0eec7c61f58beaa9fbf057d9c06be8e9dfe71482f38a60a18e66f461f1617b07f05a9d51fc1699f2b4a3d2a689ddfecf73978ee00b97ef69dc9f371e1ae0618511d5ad04e8cf060f7d42e0dc3b89aa", @nested={0x70, 0x96, [@typed={0x8, 0x90, @fd=r0}, @generic="09fb51bbbbf08dcb8ae4275a49ba42c0253a8843b11611c3ee837c64db15dd19a481167865692bba4a2f255171950c5a301333c55cd27ece689ded173cd86e19a7793a62d2a819cdbe1d3bcd40e409d43f186cddb948f453a7f9820b8dbe54a2ee30ca7b"]}, @generic="36b0690544148e6593c55e4036f2cee38b8feb5ab6229b53f4c9cbf73d33925381835df8481e", @generic="ba90bc79", @generic="f2136a1997192a58821e0409a89469798e7e8937d598db36e739f0ccd9616516ada890beb364db1473b506ff363c4176dd49703fd17245180ade0b93b2a6e976b1f465bb3f09f399f6974df33562fe96dd8624ae069564389d19565f33f46d0c2eb78f8357a962bbe1c02da5c5f74d9758fbda7b9a52f7397316d413b4a377627506c3", @generic="f2ce6c33cc79c230d47a0755cc67a935d84767e04cf4d35c5826014901338397a360b22a3743509f41a09df75e28bf48cab397bc7c65707b47154920c1066b4a7114266646df87d447f184a0c4eb19df032847e8bc5bbdc040bf7e513872b39dbea968979e9993910d987ab7"]}, 0x614}, {&(0x7f0000000b80)={0x30f4, 0x23, 0x200, 0x70bd2d, 0x25dfdbfb, "", [@nested={0xc, 0x33, [@typed={0x8, 0x2d, @uid=r3}]}, @nested={0x30d0, 0x0, [@typed={0x8, 0x58, @pid=r4}, @typed={0x1004, 0x6a, @binary="7ecf6534acc5f27cb58ebcf211c52d2803ff5b234c46cc99a078623fbee5ae6c21cf332cecaf88b976e26cf4f048368ab0c7c758761deb520592237ffbd2d9032335556168f395e8b752797fe3dd3037e75b72163d34618af44aa6de2e00abfa425a3fd8ca680da7beeaed39442fbd920e3721610913a02d471b50268c323960ee89919de60bdf081d28c72ebc1dccc9fe35c127ecfb09ad768ae448aa19d97cca64f56510dc0118a4d0887ffd79739ac1948a888c544523277ac576486fe5b0016e0b3ba9e156df181c28524fac3591817a95ec62221f059ee6cc2c3407e5bc0c6ae0d33ff9f02bfa154e4f5d54d11d01735de98c6699370d03c93bc7aa6173f9aa0c9da7d6c274d66f62520fb64f048f2763cfad3a447cb38a269829f9ff1ef5dd61c139f9ee5d5854dd3d54319bb46b570b75a3c9f8f8f94755b10cfa27411d626eb0ce2711510d449c1719f26926f6589754f8457aba96bde7ddb880f687971a50df226becf00d4cf408990fc1d99f08518c6f2263e822593de473b84692a6c3db98c37e1a63de2f8842f4f96606dab1ba6618ee61ac70c65ea07624fd18bed292194ded440be0fa2287a95d4311bf1b043705add35f41641953329436f000310fd29ed674072a93c4378a6fd52b908843522d2d811bca31fc2c7a9794f1ed3f3bd6abe073587752848bd69d9e84559ffbee6cbab0aa77a1a4ae1b7eda02d4e1e7e470925246bc9f4264e05e3ef2c4ec5f9a4c8c6cd30f6a6a6c98706d4e8d35624f3e48d4e53351599ab786c5330dfa39d02278994e890c5e3d45a53bd1dec290f18c7ddeb3a4e188fa58ef3758b6ae85515fd7e4ea9a36fbd0481878e8f65c8c4419ebc12f4853b0f9a3e5a8fa87f33d9c26ee058c696f8bb2ee477be2a8d3353e3bf7dcdaca8f4d2d2da943f6596e1b51b6aed01ff601af8414cdfc893b2f122259aed718fee945417da75be47430e8cf4eaf77385587d850885457866bfff3cea01355914a2f9d5e83f0274428229218e53e03bb237ab9516ac4cfc4b52125295e0d369e439260b94946609327ae6627d1b58ee9e25b9b2ea4b01969e84b050cca6dd3557b0020a2278e189c965f6a7438b6b679c081158bd4c60f4061cf28087ca36c84ef37bcb918cd01efc92221c4725d4e73cc007e8ea19c42d19eeecd79c913a49363d75bbb9116c33d453cab1c5825b4ebb66e1c4fa5b9623103c34b2c27214cba59fc880b86981c080f5a2c397f5d6775ba6febd9f2a3049ed7e8b47796144c5de047ade0e389fce73ab449d90733f0d5221f41592854eb6158c71ee978c800de649218c9767ef4f3e2d3830b68d4686ed6e6c7fdc2742ef2fec40f0a3b3aa085854990715f492df78fbd8b62f104fb78ea87141017c982ce0703bb569700a2e1ebabbdad4ad0caa9756f873e17bfbaa665a232d6dd465f1f65b9c8b31516c06ee304e2448be8c1d984ed820bb99dcd15b9955453375d7f19cea631094aacbee00c85b9a0faaaf1a0c8a4225636fdbe37b6eb643650adbfee2e04f9cda5e5b5c5c5508c542b4020987199dc3a347abd1b34088576396c18971f2c201caeaa6c708bf8d2fdaee4ab261e625e98b993f45b24c369217bf4e6aa3e71a96a8254439bc71309a25fb8d6119811b8d6f02f62d5693e84f2861f5bdba9caa5d556e5e695b6aa1a99495fada210de187ec15db29a14606261e2ee66ea506e179df62903b1c186e06ae36b6eb5e53c6135f940c70af510fb7eb8db2cd6cbc4fbc75acddec50738b441ba5bbfdb3c23547104672098e39b2fd17a475a06d98891e1eceed8b890aae4af7d392bd34f4d8916628c4f15f5bc546a99e36f2cd978bc231e0f2f174457f3d7435fa1a73b61bf17474e67e15bc5d72365ca6ea7c1eecd80636c9c02c916a4ad7db140e69d942ccb8233cf9820617f300445aa09e376a6a6a708cf391c55aaac055208aff78aa059d364232df2a083a7c3bd240cf5466bda3b2617e492e17d82ee7de3afcd60361bc8d0c70f9c45a1ab3ea28974ff668a82e994c3c6adc5fa1508495da01855e6fdfa0bd19c03d2f9bf52ab91b0655c0b3fa00e180c979d6be9f9fff776447ca897fb5e9fbe20ac5fd30de809469e9ab3f74a459ea851a2f1df07b5c3668a149d02fa4ba201e54892dd96a5bc18a25b0dcd3a0546842bfc64a5506e3b3dd95d93f9b5545cae9f57a8a623ac2c29985f57c4510312d45f852db4b4c7dafee964dbad271a871a9e58670ba1c52da9aaf6b75618ea30538c187322f43073e416492ce5401d1301a4fbed82f4dcd0a5a0654841e143a1b39c03a50b19c61f2ff665825f43751d89ce70a8e209846bd6552993ea05914530b3ac407e51b55eecb1179da1d7fa5dced0f717ce2fae6b11b4c62ddb017e958d602899cdec5f3afb0edca0bffda7aff7ce333b348121e17ccd387195a7677c5c95d6cfa7a4fed2af13c3f4c5d294693dcf00bee7dddfa935e7eee62beb3efa66d12a4fbf8be4faa1575771a326ad1b08e7d69577ff62906c3030e9f4e8e1e058abffe1db3c4348ccf7bbd9cf2aec9f5be48d5d4694b7598cabf1fa8a23b9051e357fc28c1192611265f9955105190d07e55b04e690e19da5c3e42b367a06df8e52539a226661a169cdfe68bcbe388213eebceaee6a4f364d6ca72b18d418d6a3ac89ab6bbb1faf20f3297cabce3159976ff16e3fee88f2f8a7b289a16f728d62e0c248ec41ab2ca7381440db396d72a0f68acfa548bf5c1fdb7e98000e74fc26e474a494806f9409a6e092b00ed116b6eedf599e1296681d72b48248c7cde0cc4c79df41868ad1d8066d9244facb946ffd197d9365c80bc8f67e9d30ebea79fc1e4d82ac64c08f76951e0aaffbb24e96ab73d68d611559fa07e2da5b37e974c8cde1eb9dc05c03a8c1172ee400ba7ee42ba5bf3487cef4ad2802fb79dd42f937f8507756458c2d9d085489f6e8c27726ca9553d0751ad900ac19f0df96a3c15eaad63b0b9b534728ba61e726811c07c5d7e43030c8227944c4dacca3c104bdad0f53623a5da58c10aa00a0e16d31c776fb5530cf17e749487f4aeeceaee005b81d9da52306c887dc5d825fb0bbf68c2bbb48cde9b26e55d69eef6b59c569c0ffb969acc4d5bca472690764d81e2175a121d2f798715115346eee2173f3b084b3ba94ea726432c55e83f414c5bde456af3cf55be9c6f2612701995897d63ffb471b3d97ce48c3b5bce0931f752b48b849f3361bb25bd0d2443dc3fa0b2d9140aebe4540c3ec9c1068d6a7a2d702e7e142fb08156dbfa2d9d0e133acd54b7c1713bafb4d6332597d08711dc8ce0e467fc938b6385536efc2158cef7f7435e22849501a54deb46fbb31571dbc178db2aca8343f4e3a6d2cbf7858a356d0086275b2c4b8c06d7410ef71ff9ea9f690615fa13b6d9af7f1b6313802a58bc39a734ffcf5bde2416279f9af42149cf3e7bbe7eb1421843504a36e4ac188b9d9b69b84df7f556a334a53d822d507ac2991487cafbba35816130c091119942038f1f4c4222acd3db2b82171085eea99efa54c48f4a429d3d8fa572a6d110c9583384a47367185e19c95f29a993c4275920548e0f1d1ebe3e08ea4e3903a78942ee9276e9dbe97cb9b22f0d97824cf7309dc43482f8e17e4535955b9821c59ef69a4e3b32ebcdb4a9cf8907ae03e7377a6a1dfeb142d388eb22c3d2173860f4eb3b887439e16bb639c15c6655733969e7b278379d4bc27a7b6f30e6ac3143179f400017a798a20dd0f9770d5818f8687568a8647a15884ed473b69bd1873fa178739899858f2b3c3df831e543a8c8b9b738612991a92498d575c3b79a6c832f43397a81992c24f2d20884bcb28aba9af3bf6bd605bc3af863256c4989cfda1aa6d2d4ef58c021ddeb5bc9f1cb312ba758e69b96ac0775b9c549a0169f1534cb847d0aa056691494cd9a1813487f070bd507ac576027e3e6e940bebc93989a79b3afbc6479a5b7eafb99c33174d989f51b24f5fc9906fb5303ced37254866464367ba61f603c3798a49851fb33d77311fad4efb92f02317c5108f59b77b7a970b4ee69d270752c407d776e1f90206a68579fc71d136d4326dbe6de70aa21b2ea1cb0c6832371afdea94520476416ab6087bdbe2447682a08e9cb17041b6b43c5cd3d2a29a029da5e81fa1b9712f363bc926cdb952d10e2a08f9ce4533e02a0c00d056af5cea34e62742c7186cd1c4854a82e543514ed1108a9b4c48c424cc0179b79d6c702514841dfa424635983ba7983acf8df031f99c14cf6ceed71e589d7e1001b9b6607d599cfece94b0ab06ef40a003b8961988157f507d10ccf510a94a73ecffa4f557e972b9e8e30d9f4035d02c827875023db395c3c5a54430e1b8d743a61481f45dad68e85d5e4083330035e8b402559b2c975285a0af8cc5490cb557f89531037505b45b0229f3f4bdef291096c78ef9f235a5957c5a72347a9ad46ea06b0f90cea0ce8fae47602e728f377e0f5497c04ffe5143ea0b86929a5a1fad5f8e100052cc3d862d2b507f2a2ce3fdb3beb6c73a2c58145dc32cf83e84ef81ae1157688c71c71dc0349d6776c8872853cf831911dc9c1b5032db80023d794b845fbddc6eae1f210c21ca53aa5358033de50dc9a901cc5964005fa993522ed1c368e6e2e4bd7c98eec02864aaf41004239ad348a90bb1f939483a79defb22d8481c4a5868b536089c4938789ec0e441314c5b68a5dd1cc97e807f0b40eba3fe7a780478201b695263e15956eb574641fc11d4f94ffa0203eac75093d0eb480693b969e7e57871f306d4377c35065d2f1c6e97b042e399bf46cb627c9b592924d6de61ea78a2ee41c893a70ad4cc4d24ce69fb7f45fedcbbc6d38fc674b5f6f1df06575a39d947d6639e48fdc4b9076da8f17f341817dccce0e5a7ca16367aca9adac5098c4103cff657c5339ec3fdebf37f472c9af9303505cad7b9951894939086079d16fb71ef1fc67346370bb9542dc8d63f7cfd4bd1924dd87e9006272aa5d8e7aa6e92216d12d53095e55c79fc8a1539f40decb74bde22a15370aac467b47f85082ed14d7911a619fffe287d071c9a6b1b68f2518250606d047a177782ada2716fecc3d85f10b418bbb2d925728c6ba9fe1535ebd5403a00b2f3696848fab2715153ebf8d0979b735683108c4bbe29d2f2fd64c9ee03d3ca4826807a492ec064ee9ab59d81a2536aa3b26b85ab9c4ce09f9d0d65b4e70dc489c3ab0ff338505e592caee73a190757c2c7aa9eaaf435a184f18b5ee886ef63920a79100002daf5f439cc72def6d3d965ba3f46119129d3b83f31d77f29688c40ce73329e56030f15cc6988df7c65f84948cc97a4e82747569c673f5bfba6590da056b818e33dc9280bba8379fde3cc03ab7304dae95c9f22d6c6a67e313ece6f19d4de270de27ec566d50a77807c89181bf8d31837379896e4cbec9eabed271b3c77740167d976daca88145da41ab41758d21bb567ba6b1b71b81c3d606f5dac0de0abe9da724d8dbc92cdda96699faba6046e8ce3cdfb1b5d05e43218d2145251a6e9d46808823ba8336d66383c4b68080ac1ac9689280accb67f1b02225eab8e556a0024a1c501bb075fc8954163afe10aec0c050d4aad532eb1d2026a9a27ae0fb032645e1c86fd637f65bdbd6c999968a82d6e998a37d8d38bb9aa595074bee3631deff3134b5b2e73a012d073600c1b97010852825514a9244fb30b2c6dff3fbe77aa40818130e43ea2f944a41ec6a8c461096371e240e786635ea4aee3"}, @typed={0x8, 0x14, @ipv4=@multicast1=0xe0000001}, @generic="d6f7726d3317c0d1a7540f19be970a0f4157351f31b08b639e3ed5af9256ba0b651e335e27f5cca1ca3d19f3d7155aa6aa7d99441e80fcc18d4f65d9ad92262f139004420886dc35ff13675b7a73deabfc38bc10566b6b230c68d529ecaa7ef6d831d1127bcfae066fd324eb2ef9b6bec7a541c5807f8d6e4e07f915cda5158fcf1bdd1185b3c7f66bcda0db36a7dda00396f457194952e6be775f9e984cfe496d75c01e383a5a6f5b365019ebc75283388705921913b2d7eed38824ed75552d0d14fc02e0448f006ad093b159c0e25aaed65a360b1c0fd05166acae04fce43e560acdf3189ee9b3ac4cc4730c8fccc4925cd6ae97d7a8c63bfe57abaeb3c67d37380968228037cfc88967a55d3c59bf05623741e066b516d4b66adb82477687753aa17decc854748ae5957117d2b1b6b1be2bd4b5df0eb0de946624ad5a8e5789778045b8225ae61e2c713ca05411586ee1ff1e17e6aeea187dd8cd3184eb5e278550d8082984a35aa5ffbaf5d84929e3004d0e8aefd016dfe6adee7342565bd97cbd9a979b35f529b9236aceeae375fe2dc7ebf1309da269b95b5c6d03817309a3419b5b88d635b4b992bca37d7e171b82c712c4220fc277de72f84c582d8ac084f00e9ddbbf486017dd55db6c9158506cc08a574b44b3a230d14eb9b989789c11863b40f82814dd9c1300ddb6cee6a8f1327b02c9d04d11c8d2c1d68cf48a82fff66f1640041760c6362f7f3a6c70d687adc84b869d26c2dcd4c2d3d0dc6c9078c2445c7867be69570c7e85a6962a92a2a8a1bcaa3fffb40b66c5565675abfa55dcf27d794117135076a60b34beedfc375aba6bf5c20f958458d51636f1e84fe04e3235d7b8553e279697653b942cb55ca58188948c22e130549110b0e4ae48165e740457909b53f8da8403cee901d872c1db1a945dc2448f93d1fdf519f6050370cf72ce669cb5d015d6d04caf7dacc6b39706c7abe29d89e37f6722745749ec9542e173287e969bc9a0f20316f52f0249718d2a4a0e505a2cabfbf0fc60732d7d453e1f42b081420b07f696598d0e90689f8592dfe78c3c3aac4cdcff3c5b68106bb65d382b8461e2be8828102d1288910f83c818f3eae9eb24a5d5687984d38a8e0cdb8708f6568e2e83b52b8a43eaafce606c49b9241506117a69e5ed346095c03fa65deb4b787f7354231a0708d00474ca253f7d166afb2559d1b2f52506a07d3aa2c48a98fd29b51170f5f74a86212f99ebee8d0ca90319dedbc20a6757da914add08160877a26c63c166966d74eb135412086f2fba1d88df9125727959b779fe747a7befb5cb34250f4d87d7052187b620b87e198e9e465abbaad703fc9ebcc08a6a06879c44d958b04b575796fb1f31b189086443893de2495ef071ec9ce10dc31f73c873c4fb96de66fa8d3a186e75dbc2ab6adc9f790b770a63304f2bc4285bc893a11ef9dd2acbf31abe227bd58dc520b00af65a2f17b6b3d0b103962feb4211780ac83fc691362db8e5445de2d9518e2938c8a547e70d2dc79cc925efc6888127553815e3c7494f8dde67dc988a0ff46fb41d3a560049ad9d07fe401bb5ce3da0434d9a7b5fc541887dd2ceeb04d8c887676dc0fc85eedc85700dcb7ea800a957e4192788bf750555ac0ff8973b8adcbd226f3df8c2d96d60ec4967688c962a1bbfa66029bc9d7e21aad413226ec08410ff488be16a17f79c682638565f6e75f7a6b0260382efe86034a87e27504cad4c36dc2e548a3d5e946eb60bff77c14ddd003fc88d0bcb4a366232c7b6766a8663035b44c2f0b0d46cfefe0a8b3ddb77787c7fb270c5bbf4b629e3e7328cd33e651d849e60ff9e233c0753655c48b643b64bd3964c322eabe2d2fb742459355161d337743bb78d97a1e6628a9c011c010f6c43d09bde419a3c570569ab82a6700d6490e462bfc685abf6eed392f6c23b79d197dcc27f1176c026990ec3e4cdc228892f724050c83ec65b0761dbc68be0bfddf59c44b2b0791f701fdb2bebf1bacd6deb2aa2f1a4633ab641d0383d99762736a2e3911bdde17531f1be318ecc134186bbccb9fb6f93a4274a514ec5334b1d0e29fd9c51600e42238a55d1424efc82a0a9c905df45f94fb70e39c9045963b6c3d8499216f0d3cc0859ca60117f307d971ec7a71f313ec4901aacc62bf0e67519ce906ad23d38ac711f86c1abf65a91061ac50d2b6f93f8b2c8a0a7bdf7dac602615ef6114bf67bd30273960ed1bea8fad5107995901e1dcf6fdc81e779a919d498320b191d8825dbffd1ff78c3c86bec0bbddc12e8a5ca8b83ca91074a39112c5d6d0f2eb3e143ce71c360581673456f2bc6f37932e128c3bcc8f906f545ccf1c9f603767d80240bb9e93a2c55b41987823d8451e07816e9960ea2b46c190f0683cef2eb413241a292da5a4732082a4570f8e4dbc97ae873720c73ffcb6d578e21362b7e3df81177f63656268dbab28bce25838b2ee57e4fee09fdd2eba5e09bc831897be59aa55fb0a57553e116852600d10b6b8351c0156fc157f63b9af023f74784459e52e998a43d1b86b001e5bea4b0fb81c9d9a0d2aa76e52f21ed00422d1e48fc14d0c7a031eff0f46a4310a230b5e8336fdf6532df02ea585baebfe7c2631b45e0c78150972552eb6dddac75195a22bbee898623e68a0edbef3b44eb9f7b8297079ecfae72b5566545af5695cabe6dae52efe99733cd0c169ccdbf180678f8212414b42337e1222e575619046604ad900d1e66869656eb562e64205d571d1bc6eb1ccf1b52419148247a7d9febe58eb971ec28307525d01d83abd9c1223377f55189a0818236f040c1f4f786016186f3bd035418d8d1fde1074c98a82812d834044d569d2b1af4ef8cb913cbc66b232ede1f51e62fe9e30ec9094c270a92ede84cf983b1d4a04f23097d21abf0b142f3d8427a34eaf3024ed1ce0f0ebb41015b8f0bfd2b287cb8332ba38ea90c33fd8df56388d6dafaf449572107e9ebc2cbd9073be8bffc3f136a89d846ddaf6a824c84a5589bfc5d5143d2e3f77a05832c60f39bfba5a9a735043581425fb0aca7f22bff51974e1a724d3f0bb2b8f4c1cfb9a5cdc3ec0acadcddd544c79528800e893f41e42300b9c89cd8712bb136711ecb1932fa655795ceaf1e99512c1a3330036bb6a853e5e448db8236a6db0dfa14419ab5ba9af4d67de690c81a058815acaad77a4d5d497b3de5868ee5c07d04d70474e10f0d0213fe529621d41ae5ac64b8ac1a37ecaccecf61099bbf969ab857656120c2e3c089301517f44ebd20ee6db663346df5be47a01b90610b42e21b307febe9b9716a401990098359dd343fcd30410e5bec34254ea3d90c3f57db96aee2289ac2387c4f4ed560dd4708bbf72d4f2ac851588053354f0579fc3d2433af209f6d3efdd917e30145b7a29c2a0004f639946da51c8fd757f236c4707df8a9bbc2f2a083863f0fdd9150aee26ddcf53f990affa2eef522378c942c8af844c6ef51c0917b4953a5367984e6440b592c0c549f56e1f06671beeb6385f0a89dcb37a23a641b083c4a8e8bd9cb71997ba96631834cee6801ed19b350e1217e8137d1bf8b9d853e6caa953c9f924bc42a95e523db68a563ed6a2cb7b67e2b3801724fd57c36892d3d17f4db863bab7c2871c8518951370990a7b4c0f1b670f198e4bf4004b6ef2cae87620f88e80da3690fed833f029242672221dda12c81f00c73d27e97ac86072915da5cecd805c2ffc48c027981f221605e17dead05529ba8e07a48ae7926f8d0773fcd2625ecee662687621aa128f0dc66b5d054c65ede2c5b940137c09521d4c203fa80dfd0a37b869e1f4ac97a7d7b8866fe98399aa539b5fd7a81c9fce1025fac10d371dcf47a914a94aa5c8ed89a97771a70ffebc738b920a75045ff89266ba73f2ec2359d4f8ff637f3d1b3357b89899a3d91c03368344e34f47057b844dfc25e7be50aa28d0b7613a3af9e3e070882066750c9bde2f5ae181e41c03b319d89c608e3985e6804de057dcf1c6e7618992a826149a5906a0b7d0c24450e8677387ddbf73e869e42bb3a8d62ff6a69940ef1f54865117b6d84cf924d04a541b9b842b1bc112e54c520edb5835854d68a1e761c8373bd196425acc45c427c5275760b2d6a2541095e44afb6a4386d99ec08a0d86907081ee611711c8b0b69096c6f392932fb9dab5d9da35c23f4bb70789c103ad7bb67515dae39e28346cacb50e94446a1f491d389e0c5ccda4a4f175264250d10950fa39a30b7d2a736a6bc9cdc2fbc0d2aeccc2ef3b515f5618e607d5ddd049e402e460a51e9d87658f244581ada4820ff9c29a7ce5833975e4cda7b6c568b05dd4f687c5c37a51ef9f1e33e8106ecab5c22e9ef4a4d6eff3126acef88ec4bf98b3629a0a7186a98d858b805a473f6f4fbc44ff79b8fcafa8c47fba02a885efd75bfbd6f0147d713a16b14fed1ad83410c90a760915f3738b0f20f6d716fc1dcf413a1a49a9c233fb1966bcb66a5b2c7ff9c2ee1b6affdfc66d323073668c19e5cbd25c89f4865a5d0e6f5fcfc9088e60c70180c695074aece738b2b4a1165ab2208117ddb344fe32a1ed14ad489e83f9aba2cde5f27bbd4a5a629e32f9649993c9d714dd18f3ff2d31bc7561f8b4bfafffc352bfd4b58fb97120c716c30f51aeb574861302a75ab1735516478debdd542bbb4e52a9cb252f4d37bab57b313e2c5385227225021307960ab878c3fc767f957e0b211069433f694885b59f206d87395db0a979a926e895791542fb6af8196dbc520d89aea1dce53e2419fe104b62863f99d2b90ff21b3d026beffa56d699f02ca3482a4f77651a873970438fe4dfeef865579afa0f773e290983479525a3b5d187faa186c3fad28ae05f6e907fb6d90063a5fc3d3430bed4a5c84125fff24fa00e1032dab6410397b03edf2d8edf788de9cdcfc9e79530f2c446efbce77da77cd316a90b8a83701a8efc0f10d5cfcb31e528a2484fd50f71c9fee5c016fda45fbb5fc883377606c07cff6f8f452031ee2479c19d66465a17f7caa9662f1b896b4e5048d4e6a6687adee74b2b6793c9319621e0c1ff81dc02464ef9e54087498c132ecef2a6c8090b210ac9a4f5d769cf11169e3adcbd9b230648a16ff30c43fc3cfc0ac90f3fcead4ee323455efb0dde51709b011431012acfd1be8010453520ac7f65f275e6d8e4c92148aab4ab8087f276c27c2f06735e7f59df0e45a6fe8dfd0a3e7afd11e20d219847f73de9065febf9815b04598652d5378ecde02c0bc88a2ca29be5f8a068d75e4e30fd5bfe2690129da404cd025384db17133e57e9ee970fb13344f6c637d9db32fd8c28a7b1b68ce8ecf693ea3cc0f9572b90cf82a95d5018821ead074ff5208b0fb5d2d000e9bfe612d045e556803607fde01c31b2a4b9811c7a5d7f1ccca8e0f4285f9c9148f195370798837d282775df150336872798ad9e0c49f46a353fa393790a5e5e593c12ce2fd8747e6d29bf8944f59acc7ee5cc2df44dee6239d958031ea870ca0f4f93558a8294e4e4dccef0997ab64c210b3bb0306168bbe04b02fcbc63ca5792d17188fa1be1915d8d1dcf2a4a199ba902d015bb984f09140e8a4c957ef4bf3766b36563829af7502d0340109b95585d65982327e997aa7cc347da30665b95ab333ca4b7130b0c48c1b514cafd88917eca6215192f544bc3c85afbe32d504f462209c0ba831fcfbb11706891420a2fac6803bce7d91eda8c2f89c6e269dff65f498d5cc2cd71ad0836467b01f572de211c8a9c63e", @generic="56f6396dd589a2b80648368a1bb504353bc65c861cfdc7fb7e20d1fba87a3027937484b9ed0352bafc9d0ed731bcbbe692b0fca912d6a19be21cf5a4426a8e17ddca904b986d3bf36408332744e55e62ce33f871e9813bf1a482489fbe30d63cc3ff8368452bc4c7e01cd2b420c63befaea205383f5ffed8661c41840f317129c2732139694093aa2474dbcc346bb5551b57e8d48d97b31bb323fc2a5322fe9ea7362524b1e69f6c8e866bc643914677c3b53681f758708150135b28b8ff7c42d917c69c05b758b183136811b8c8dc3a5a2d6a0a2e1bb4d5984acf6e29c9041580318ae419791f6193db318066e2be4021afd79e2ee325a12f1e563556336490b466743d6f02c12f0bec09f6976376270ac7291feb747213b41a7c85f67e32a2e86a9e1f11981930c90def3b3a4c4740bd062d91b1189927bb85bef8a7a5bb0eee43ab59d612e43c99444af90398d392785da8910eb498878b75d0d9ff35b228f0de767e6bb395cb0bf8f2c127f60259b420f1d39cad9d3e51bafc9753676a8eeae8da96de2544929a92fe3f0b571844c5ba07709215088207e75420aa1b8f52ea9c88d35c9a37a814e87ba453a1714b6b963fbdcf16a8af204a8a71dcce504a28f380fdbe9cd29e9968a3fce7d1155514b5096a3d9f71e8df846f2196a9591d22fef7c1fa7a0e2b40cea00897d83e07e5b432949e6ffef5bb150eaf19e08a8b759e53de04e83dd9d4f969c76507f8f1ab06b32416f919add52c3d9bebdc20b3adba865cf4ef69d533502525b7f37ae4baeff4b23fb392dfb005db6ccd27f40a395974542fb07d8ebf9151ebd0c2753f7356f3cbb104f4f505430a8837def22988b1ca7e1ab16c9fcfc1ffeb8e046bedee4c64937b32ae14ebddf49b3b581e96cd39dadfd6ee679adb60912d530f4efd3ee791ec6c80c026ae8f3741a99a6ff60e5505a0ddce086c8a3b0e9806087d5d86e20e7254988cdc2a5d883ad42ade344beeff85e894dd89cbf2feaa3818befeed2d2cbf5cbc7538bbdbecb32d59fbd7c835ef72abd14a965dba51a48d4cfe75750ad28458ad95c14e3df9f32a9577e53e0bd8e37a3ddc8d7c27db51415f584d40ac1f4a36756a8eed2f2222c7e14ad10872a2b9db6eaa9cc13e3ef664c8167ae117c4b477a9c4012002be4feebc08fa1545d40d2c5f1526bae285414f8b6716ba10f8a3375552adac16c6a81e34522aa6e79462cd723300e10e39a2ecae05fdf0b2d0b5f38dc420ba4c47f66ac0a654588d6c762b94627822db192ee78399dc9cfacb8bf76f16231f9a5939d30f1d3c40ea4068ff50bd5a6af8893ada7c2ce753b7e71454765594e15a140dceb9316e3bfd607925ea6398d51d1eb030d78392553cc19b3286d22f44c88a5211a3a6a9e7c7c40ae4a14f0fcaba1af80a469dc191d0a58187b353517db1dbfbbf1d9fe812fdde2f1e9055aaaac9e14d959ce1e27c7ec8a8fa23ecfcd70698b82091aa8040c0a9dde7081303f6902b09f4dc375e8711dce0584d5689213060d59fbde53978d8d9be2e85d405d0c00a55272cc3eeaf48d9727d2a54d03bc8919f22d917dcb40deefd8b752f27a616dd2caf1626fe30590baa5ce620082d1faa257e0c61b3b7770ec5a55d63f770df72fee9e4a561434c3fab29be74137dfd48e655dc8dd235104efa3c75fed6b5718529fb494e909333b5f26cf346c29d7581c118cca6b5981d3601c6c0152556e146a21139a61fbba090dcacd3ff4f75c9b85a094f6d51cc2f1b988a9a20ae90d6f6dd6160a0e59078b4308ba4c8fe9f02fbc492793cac1797708350901fdd8c8b4ae1043d7a25cb206f32c7ab6c7f073303b67773d02dd07b03b13cd8adb8efd5b1d1d1de9097ae6c80069a5c41cedee2435962f0b3ff94768487b1a2e3b44472d4ed219d335a444b5c326cc3472342cab435eb9f1101f9872c54af59b8d1f7171ad3ff7a275888d4582572f5031c56c938a50efae72e70d313e7180783e1476b150eed958642ca7c2b866f6a5f83fa2f2e60baf2dfbaa6175a6b0a3ee42ef5033e9772bdf248e22eb486508f22aaec7b19a45e4e73f478279682659ff428d1d7176d6f1eca976769d3298f8ae1cf729dd8b063b88dffac2716bb700f4c212a8ef8a0dda22b0a4b97bb1308a1be4049e90fc9ec7e9ce0cfd1e0b38148ff33f7283dd641bf609063feabc4f9a5250137a199189a35abb6222b99951d2a43419d25e3348efb06256a921736370f08f2817928c3747788775f727764a7ea6c0b88f9db4ea000b145cf39f80c3b04f460651f6d930ac0854558227a7bc2c26ef2ec24174ad1cd818d7fc22f26789c568fd890d03a65aafa671932b13f2e86f8faad82d22d8145596f404db36b346f91a411a741b4cbd2ceff1aa43b5a0c44702f430584568d7de08e028089d7965f0f20f787a36171899aa756d12b3ffc7fb6c9c1caa7c9ba844da44e84d2f26985a821477bfc9679d0d1810e762f7986f28252afe49bc195081ad14becd34079e523ca1f73744d7d6b74611b9a92f888067773b1ce120b133b0f301485c34ca7c70b9ca878e956a3e774f9ae990071850fcb7be37e43ab5241556757b20846691d7ab80b557fec83fc4cd254862aa2d058bd98c877578923145d18f013a202096fe80b0e84bd6dc8dcacc9dc3fbc489c5ae181ecaf0172d085e65065c85542272f427525f0da8ebda2fb520983736cfe265545658a61a119f541a9d499384c9c6f55d7ddf1db351d3544ede6c4d5640e1823d517e6946251ff2d134b77d6a81e5367b3f9f83b70f59f7fda152fd439304e310737115ba3db98e2227baef69e35009b0d92fa6fb6c3a2b3be77616beafaed66ef8d5c89e92b00139cfe39fc9fe3e6757d81de4555b474c2c0e8a558de7f5d1319cd5e0be70b70b4578fcf21e287aab164eecb73705a862f8758aa0828ec9befdd74c0e558746d7fdc6382c390fc66df3e18bb2ea663e040028f6e6e7955b53fa54703f65d8faf06986a0f9933438e980681d8414408c0f52de9d1c7234b08a2df344b5aff2c296d0fc88704b6eec25c192286c89ba77c3b097cff5d736d6a70df9a0925698ac4c765e421b9aa7b0618d6bf8d4dd519a16da11b4cfedf36087bded0b83f7c35cf7b1426ded01068027989f585799f23d7448635c6f3986a8c4654d711420d3e772cff9c45554dd687de0a97084cc04dd600fb552dee25252efa498f6527f1fb1c11f30b2acda05a8b927796ce1155bcfa002e403a9408e35316b9830635d2d39402c541727cee3e8f7d0ba070bf7c71a5170a29bb0e1d613d74722e96942df5a72b7e0b2a9d71ad95bc365871575f2946ef8d5292fb4a827fb98e22b37dc3af7eb18bee62aee75e787f5e18bc5173c904102132fc072239bb014ad594e3547f17f109b2ad1e6eeb56a54b571ea1fee6a0231ba9c8f98ac5b93d3f9765311addfde393bc8445c690e7237c351af5a865d6961cec0fc38a03389ee04d161770ea77b95db4bd4e074f1e1489638e250858e2985754e3266d6b4a846538f7f74a240928aa4e8b081ac7ad016b45b2a000af39c9368210b253732bcc4494f8aa65b68e7fd5948d798b947a05d73a6b9a45274009f7b8e18fdcb87e61a95e2b316354ea0d4ca517e2b25c4b060fb2be772b71536f18f516acad3d7096b51cfb149a1553c892b81f5a441dfd4a066d9e4c58d0a866a3df7715975e14844993e25a82603ce3edc74f31de30f7fc3a6d68093138713f9a3146412e4571924dbc23a35ce37d5ca0f153de8fcdeb1ff01548043edbaf9f49b4bad50a0ada341a0c3d77166b657d869d6c58f5f1a4f755fbc60c95fb1eff72012afe9b7bd08c6a7f2b7885586c6f002c854307189b3f20b88f5a1f31dfa4a32f7be19a10f2fd48d5be8d5132c6f161df5899152fc764a6ec00929fc66013a5a9abfe7584388c9c756a1b2ac5779fae573cba2d5a8b028bd1e1cec306232f9a21936daf940f59d6907ae7d014a25430d688f1f8df3207562ed7ca543a9970431299af4d3ea39fde21f5cbb5a29e520b5e4a6383341c7a2dbe68bc6171154e1dbfa7447f721846da6b94904874e29b71cead177023f08c1b18a437177c606a23275b58153246b17f40a23adcc63a37800dad357fbdc37d32be7ca01402fb87855c00703fcd415d4e87aa76f9e5062daa73512c839fc7118c8b639ca05c5af3cf1899b6db74aa331a08788abb13aca9edd5b0125c14fb2ea527d09f4289698da1fd34a87cc21ae514b49ce3d93622e956504deaccf1b63d556676bc74f255e29a29d8e25fcf6c06fc0c1d1b709caaf4cf2aef718f5ca7b4c2b76b1381015b938bbe1bc6bd66f86c50a2e852b93ac081e4586f9abdcea899bc64b58240b2adfaa813fdf65c426398404d2622ef5e6343bece1bb377fa3f0ee591c1f57aef6cd4d51c109ed6af01600f2668ce72f0f0eae3ab3932d9fa78ef814506dab8887eda53535d89d0ee849aea4649078c018aac103b0a0db5603856633eb7cdac2f35532d96ba5b72ef5378992ed217b667ca8e40a5b6448e3d1848cbedd40246a14ba90d2289e98b972411a46ee6e5fcdd4048ba1f4a77e6d371e4a08211a9c22d5247db3416de57cea648ebc8cb2d83bfe5097ff5dbc37568e20bfb5db9dabe88d56b9d112657f4a725d04992dd8d27d96fdb800782ced303c7c201c219b2168e9c1df5f9288bed5fe91234ee2ff06bed705cc0110122de59a61925dffc088499df63b060390aabafccf16e7af207b506a40ed900ac122624a7098441e0c5e9507108ed6acc9038b087dc844fadebbaf18e1b2c11d63ef862b18d31f0f52cd496208b0c7619e8c6e8544e7ffb2dd6ee5adcaeb0dc45556803f6dbc8c1119d422572cdbfa9ea574b5800177758096d704a8141b177f93d908e6a813702eb3388cbb6e84de7ea36b6a683f2b35f7e1c76283dbd78ba3af90c7b243f2949a6fd625d48637015775fa92c84f12543bded6ffc65d2548969969c1a4bd9066769e02f7e476a667f661b91b7c53192a5d3b3c0c5b680dfef3daaf7bcb9b15bac2f7eea82cc3ff419bd5d437d36e1ca7a4dd4c5c33889f3a50b849fe88d8e3a048d7279d47b1259f5b97ee5f93fbacdc2c2d63fa68236b4fd4a06fb61ed2158e53666fa0ae83f38b2e30be1932aa316a15d516293444032dddc5bede0654993ef622eed16851ada47d794a5f0cf012f1a43ae67941704e47c11d7b76e8210b3357e6d889c5584c1add3a198cc9b3629efe401fca569319bda5d62518b67e5a8384e845cdd1f565dc215d0ec91ee79a79fd05d2379b69a948719c3312f960438b93a36a5f5029011d5440be790160e86725032ffec09589e7a222dc0e283e82fdd10691da55092680fe4dc85f093e508d87e1f48fa0d870f1dc3f458a9ff901e66a71a550c6fc3a368d8c9421ccd5d2041922b5c2aca875f3f90a431b462d764dc230f02180b13bd0984635246317957053211325fdefa0735b82fe6c8043a18869c815f14122048da553fae203137b436725e406ae56846bb81b70fa8552c662f5473dffeb13a3a5a68cabad7f29937c3dfce1b5d73462bdc6ab6ee4b09f4e02c23c84847f8c8651d86bd878360f08aa53d33742cab2f856ec0fac63fd51f780ab5cd526dad569b686b9513d967eb3555240976ebf84b6834010d329d1f206a9dcca5f34305c210ad70e0ac857d16006590289181a3b36d562bad0ede6bded09710925771b9c90289d16e85c1fafa40384a81b39fe6010a624c756aef71cae8f30c07ebfee25b6f", @generic="9adc9bb3f09c831e4292cae77edd62e545665cf6a6c63ff488a48e3b9cd79f3ad1b5a5871a21ca930c68ea5f9c279f207e9d1f37e1c1e5629079c945796d504ae7acf997e0ec3a5d461595f11086854dfb67d28de3e3b45ce00da9da820419c435468a20a6b30419371888a4df45df07b348652c9ec53559a297", @generic="e55b50af2d06d7b6a302626eca7dacc6af24811e74a5b8d5c10c373d5c6ce3e1697aa18df1e2ebc1d55b176196aee03478c359757823fbda978311"]}, @typed={0x8, 0x87, @str='rng\x00'}]}, 0x30f4}, {&(0x7f00000001c0)={0x48, 0x1a, 0x0, 0x70bd28, 0x25dfdbfc, "", [@nested={0x2c, 0x93, [@typed={0x8, 0x5b, @u32=0x8}, @typed={0x14, 0x3f, @ipv6=@loopback={0x0, 0x1}}, @typed={0xc, 0x72, @u64=0x6}]}, @nested={0xc, 0x50, [@typed={0x8, 0x6c, @ipv4=@rand_addr=0x100}]}]}, 0x48}, {&(0x7f0000003c80)={0x1dc, 0x38, 0x800, 0x70bd25, 0x25dfdbfb, "", [@typed={0x18, 0x59, @str='jitterentropy_rng\x00'}, @typed={0xec, 0xa, @binary="3d17fe88068f69b5d9395ae84fc76ac9c5f2cf760e1086ab94091912a84a78971deffccac20632422b46ae63a9314de4c2bd32d0d667b881917702f4154218b4681e5e5325617781ebc5871cefd3a150ab59ee471f4ca123c5b29e6220894ae31d491a15493b1612d1e83b9c427e3068115abeb9659f6f934230affdf5b7f108f6807b5f76947b33d3ad07c5df0cabaf1e21d788b2464670158cd3213abe024fc98d9f8381eb7ae5173ebd0ff5fffd61d7dbf857983292571e5e78c52d65d6267ad3b6375e44738665a9245269690b2747e139fe5363aab7f89031e771f728e13a447a7a8950b0"}, @typed={0x8, 0x4f, @u32=0x1}, @nested={0x40, 0x83, [@typed={0xc, 0x49, @u64=0x200}, @generic="b481a74921349c5816bcce942dc6bf6cb80e6a97b415e630e0b84d79ff1d1f3710c65dcf6f1ca2c86d4e8427cf6d"]}, @generic="173266e082c60be5533efcef114b490a98b16b770d72fb4b0d6aeb3a73de8f3da3a400594bfd47b6b82655d0d403c4fd1e2f80539fb7b02e1aa3f5c79595af1ff3120836df617e160b4da4e5f8e0ad247ec1e45ff8e09a5d2b46fe805067f4e2e3c0efa3b254f7f54dc3c8afe53a8a63fa9be28229c54bb681686a78205c"]}, 0x1dc}, {&(0x7f0000003e80)={0x22b8, 0x2e, 0x200, 0x70bd2c, 0x25dfdbfb, "", [@nested={0x11cc, 0x36, [@generic="abeaa13d7608f81387c11153efff5ea3ab2776c7ba826ec9560b127d632225e8f4fdc87e9b47236b4c", @generic="b5dafa913c612e6662085986aaba8e440f591bff0644efa2a82963b14d4b29b1429befe4176bce9df284639cae962b6a7011497174943952942c035f448f04e25b294847fc31e42d2949d111271a215046cde49ad4d4b4ff66ad054cb32babed54165a5f029fedeec3008fbf2561c27fe56614d74cf1d98953c780f65acb8ac85764722b4d66584e173e0049e038654abe67b64cfee84e2caa563b023062136864f25a16d70daccd2e559fac36b1f5531101e8f9ff98d3897a1a6cd81cd84c71c8dbb093f95d355df7f115f797e6cc23697669abb62568b6c2301b12525d895f3def7b0be7ad3a6acb158b7afe02a62991ac0e54a3a8884ea3b3d907fce86330dcdbe8524dcb234352517f82b0bf6ed46eda2d64fa478875479b07adea557187d440418cf72f2529e622a3ec01fee685b1f9231c6e38831d7cff340fdb35b58a6f26cc3fe0891616bdaf496b2b70cefc532fdfff4481c07f5bddcb785a484ebea85d8ab22e029a746b1ebc6fe36840911e35cea8d802bd0c25d4c7ed8f957e644753b498ff1c5ef52dd1dfb35d3b4d50d33cb7b1283c77a49722d7b1b45745d84609742037395c2dbbe7f9e0028aad10b01bab806ba8e2af912c74ce2c8950ad03401c8beec72e68399a0e7ee152b8adefdee6fd38de56150a1b6fd7dcf6dfacbec6a2afaa3675cfaaa514db01f50fdd57323c3ed4969375f42e10265d802b6c75482d77bf1bc8e500162f42bf2a7f8ee3791d547eb54299f9d354ea1b007bde783a84a71c92e9e108a7a71ec735068de1a569ec77986d9c31df352bad1251d584109dce43e4ff3d9febc88a1bedb218ac940ec13ca808b15de11b95549a3584d74ec01c6172e82388b5647533e98d5e17c45d91f71da4429dcfcf0abb0c1a822d0d19e613a7a0af9188707583baffee7690c4282d386ef32231302342611ea97a1b84b4e30c69a0ed6933feccd6a88ca62ba449f4ec39c2dac033ac0bad7802260a7aad205996a6b020eb9a2fef0936131818687dc8518130b991694a6b1b0f11620a3363912d6d540b64501041419d147413a198f9622025e6a7453d145e74d0b149144c8063c2cb94da46d852d33d6d5d422d1092a543006cef4b1a0c9c4769930d16b2b412398a0fcaebd1e724e454e2e63acc8449ac1223b9fa7b5094437c5db1519ab10238b2bc5a332d543ce38293644076cc33a3f079f2c4737e1d8ef495e75b8c60eb5a03dc64cc55c36ea35f04b2bb63e9e82fbf8f634fcaa571629e595154c01c478b6541bbd108a292cc7c502a881f96c41caec5984caa39446e1443d0a5b2434e2ca36b9c5c94115e72d8591bc936a48cc57eb8e28d471b9451e930ded24c8e60a4e1973016154c3f9637f5b352afdd66bb7b770d7b2fad545089c8b11785dcbe7e520f6deea597bcee4cc9133270db35c48f2bbd19a7561a88a689954bdaf4261e071ec7a9cfeb250f8f7b31b5bc2f30f5ee3f6207d02800d77d8ae931f53efbdede0eebd09ed2b98b264f9145f508c91d54fae6a6e2b094e2abf69290714254f45127ffbbf08b2eeb76b99c86e72d27f767c3e3b7b459c0b12cb00b235c3fb134b920bbb1eff30c010811ea6610cef9e52e58c77fcdd1a1e7dee3accf4e4dcbf0d767ad2a84d03352080845c8ec2db9786b9a6d69e4597816dc191e6e6d1fd464077750b3395d52f10322040c4dbbf5ac0ebf01f0f6c99535c099767d3b1ec7147be22e1576d479ac1546c1d5f0f1d1fd73b1a1ec2330ce6ca451dcc6fa4f8cf744ecec91352e9ccae14ef1de4ff4cfe1af8333b050c340360ad07df63fda7c222ec22a8aef50e2c0b34bd2893713b600de3bcbd25647ee4c190928520e52d6e016dada92f6d95f13ef95f267fa46c02b986f78363cb9e2cbed3083f4d622751d29b84af6e8234ea857be972a89d4627adbf86d3cd04effff9cbfcee9064bf0f28b420abb0a87962e0e6edd1bb60182b2a1a86bd6bd8b3a769416289c1a230784f5f9439867f1b6f5cac41e795398f9de149061297b1814afb0b959df7aef666b35c5ce9abd203dfaaa405a953ba0c2c5ddf93cc33257ec4687ea7e916d3915f989728b57b4656df53a7255d966244e87a3df31f9bbe7361805669b82f2377d363f2f82a98eb5fc4bbdcfd9fb5dbf6c3abddd3897ca7a9db00db1f3a3229e20734d4cdfc7c1ae3519902699b39bcba0fadb105071a583a1cbf1911d1f1897b897980e52e11e96de2541cc5cd82f740e525823550a404a2ae8dba0ac7843b8c4123b055d1dcdf9a82e940162f3d00be70449e6d1f24d03abf531ec09711eaff26a99a2a23c28f55e8e7ace748a183740de32ee49dae40a5e13b8f89fd359b1df60c18d7909a9771761c5255b1da4e3415c7fdca02649fbd361ec5c5490bca88d4a06134c51b5aa048a694c40410da1e6ce2f187d82f47ed169abb564b6d4ecd47be599ab2bb63e58f55871508f5f671f445150f25829554d4bd9e741a426321525ee510ab5caee3a3e214a2f87b0abb0e8d1ac99660306ccd864dc3d461a312373b20d9171f51c6ca0d311be415e184a2f324e3dd69157e4f6b306a3d5d262e01bdc0926c7461f2fb712b2670e10ea952c4839fa7511ed0282771e935627bb6b533f45b58b39dd140b37cc7ffc6c139a74966eb5ade10d30b2ff12f8a2ce4c2e15c77370c0422fc35f4004764185d5b0d1a56475f98416417898a32082ddef1856b80c8040b4431d4da9ab5f9a1919dd78d039c3b6c38c420591491a31401a016b14cad3884a97a32b208386de651e22684373501ca0b4a9a14a3835478cfd93711139d487098aade0d889d01ab7579e7524517069b7f1b4ec0b800d6ab367ec143d95e9594adf4a1710f760953c201129b64f7b85cede9eeaf87a2aa9771717e5ae9f47578640007719be7278e7ddf6016deed0c3c9e163f48b52a22b7a7411d3a1bea6f13bff4c1e6808e00afa20e984fa0d02e1af7c38351dad3559468d21d55ccae3892b0d38c0525119f01594f6283177dc7f06d68d21bc2b70a19a8d86e7c07636775c1727c0d999c6936e6e46092617e41644e4fbb4f15e238ed93d6c48dff746948f623c8345f47c50f7ec42707a0e16c18bde2cf9ee5523a252de2c187d2e5790af6bbbd606f43dea3d271f4a52e5bc208bf68cd5172af5a58d5789bc0be5af7811fe432470bec34e7eccdcc5605b14b891689e66d8785c2acb97b85f039e5a19e0cf527a11679eb24ef5c36bf1ddbb32551e41367365881c3ec96a173c02a03030d269083738bc374b5de546fe2b223bd657aaac2c7d754665bc58dc9b1919870221d7bb65dce102929ab862249317cf46894b2506aaac073d0f45d8d605c3cccfe9bb59804c35e504f676f281f531e78ff8e59d9c909834223908a836c2e9d19c727761337a6ccfb9e5bcb936fd4cc7ce400ddac77d6f98f64e8a23134cde2a36749b0d67586c33796e6ab582da6d578292e5b3a2d84aa40c623f81b62f9a4f9e9fe963c66d5290b5ec52c28633dc389edf1ebae9fe960b376c3de6bdc3a6ff4f4f55cdd98d6b7b7a3e282e2181de348e5376dbc79141a03e962395d2e19bc8fbafb5471237127543a90f8899c6551ea523d4e3c32b99decd5060d835c46605caf94961bafa43ed3b6132ad8a8c1e40e5d974b3406d804835dfcff67fd2b32bc683388235fc982c9e04327d2d0b82d178b60de23c7346956a7faef6f70ded62af91a05b1d663fe9274e38fb27518a91ab6ed4b4d3aaf6acfc1cdc2591c94cb728906fff5c0e087f11193b75960785b2b3ff6603b3d6a6e743cab95d78dcee88c71a5f76e2a88869b8e0d38531162e8da76ea9b9bb9cb1b3c19a43c68065639964bb523705bbc96038028b70f992afa0262cc1a68e360eed1d3cd41238bcaa384fc5a0f754af91047a7d7563fea2d9ebe44b04462bfc1c44b8e786082667166d97cbd7bbcf44e1388c80079da3e8a226a727a8a39d36da655370c18db7f057048960fadad70016d606ec9ab2bef2e4f1fb57ce608baf9fd145c41d3e923a05303e28fde47203bbfe1511a42f52938b449364ea10fa912764c45764351c882563a0cb301e49db25958a2deaa0d3b2404280f0c714c1a5837eb3926575fdc781ba6414760ced8fe24109e262db51b404230fd23c9c7dd1556e3b6af5d68fb08e87d48abbccdf95d83981fc2dddf190ac3411124065208fb0c579fdb8a98af4e2fd7763c72905f082b6a9388cc5bcb14cf3924a58efc79df0eb9a40abc233e3644b139d8ef521fb05c8d2d9f60a0f858478795d9f6875c347875304a188b0ddcc0f5f7f586c9f972f95b3239c08e393be98ff7c7f79931ae8ed9bcc01bdcd3d3841c6918b6e10efc69052a53348c09328f5e4a81be3d96e0b4d4244d3587564f234415124a7edf72a1a0f6ef33ec0716f9484b504c576b4a3f99538a67710ed5c86f349acfc480c066b0dd4e0fdfb71a6ca8675aef44ae2baf2e5ea05206439b80b3cc951820e0493bedfe640f0011c086794d9c8b6796dd81721d9d9e2ae04dfcba64854719915fdf4736de823e21282073ee16df83f262b42b830f224ebdef25bc5b16e5dcc6078d713b1f9dffa15868e6b4c179bd4fc9c7ed2865d1e8e096975830149b4fed01d0205d6b642c9b995174a7aa142cbc7e349938c376ee6fd0d4b93d8d38210fd2dff682689d29ede6b747e09381309504af12ff6e91c6e472d235452b484355d7b20f0273cfa507cdd5e6d88371aa51fdce3cc26b86c056bcc78bb84a070926b7285cbb8a8d2fa4f4fd77f46984fa30a3ce301967719a5d6de065f5b70d40957ec307a9dd64a60b31403ae9ced493222715adbcf6197ee5276302b804f86f460b9c0df809dc313492bb4620a2add32aed6d983fc24d32b074c478f91bd3bb9346ced28c5092b763949732f91584f02c07ac24bd7a205ab077523d26f00b6d365bbb570a3d0c6d72b21724b8dc62f034fde2c6a7926f7a77ccfeaa3e258052bb63ea6613561aed2922c7847c09dc785543f596cfbad45f357416aa2064680d7a4016446c06928ff92321e5ed43ef311c0c2a6fd20cf13c781dce2d745323e048b06f429bbbca6cebb3abf6ead417c22254816609be970ddb4c7f1fcfb7d5915abe8afbdc330c7f18ae445d55bed1533d9f3c68a6c4158afc75eaf56d8b237e7d39fef079e9f5aad646fde83ded504eff14488fc7b5ba38798f4db94390bfe38f9b2c3000e17222a16485bd8476429f400adfc05b3d91228067e6c0686b118d55cc9e547763ae4449a9bd1fc945733ef5d2e0126cf3d1a19d2bf3dbddb8da15b092b87962cd59e7651d2fc9881634b998d58a1a076c335ff8f365e3c9d0fd534970ebd12aa6a2813b0e364c36b98d17203ce5f803a170fb3b25ed3c19c3136dc8348b2c6551e8f57755e7f4b0ffe85a603e6b99539e55507f1edf8d0cc320b548a98d658f7ffc9284d10482fefe0063ba00ad97b87da4aaf3730bec1b861404d3f284eec17deb32973cc126b9d3d4921f8f47b3bf43216c5ffd6781ea9ddfd1261d95bec133fe0371a3cddb88fecbb8832c5cee6f1bb0ea2da88c43037620a616a1235b03975ab1f65f76163cc54b01d15dc7feab87b1d8df68f03e078b7f694678679b4ad85d36178ddfdb39ed655221140cb7cbf8fe0bb22a0fa2c6d68618bdc8da89ffd199dcd2dd66ed9aa25c0c3cd630657f8c3c3f1ed82fd7de80758ab534e37213d3ad77e2b449968677a42830a7191b9367d952f60f773f681a65206dff1f72589658e49fc268d6419eb34", @generic="948a695ac996cd9931ef4cc6d2eb61b8575c66ffbc802964388697fc365b32b602507feea746f838b32a87f40cbd79476b0edd36acdddbb0787e5e7fe7948c989449995cd10a", @generic="18b11d15ed225d3b3ca51c31a9f81d344c5c9defbed508d77bbc27066213fd1322eacef0478f26ee8aa29789c9dd99f67172b48430aa8073d09aa95360e756f35de126695b06c49a421a806ca7713c655ecd8debd0882e10e5f506349bc02734d665d6bd29c10048691b193c442b01", @typed={0x14, 0x8b, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @generic="35c1086ba8e4a85eba769164156e1aeeda39485a45e111fc59594f53eafa5062ddfc984a1f1a7f4f9e4df0b807f41bc12fca31f4074db596af35e018c662a37e60093ae369f2ba473e22dedcc05f08d11b69c931b25397605f430359cd209bff4cb787a1d6966c30ce69f0c8adbaa70257295cfb1fc35967108bd8c7a625ede95f3bae7114b0955c6bdd3f5fea6729b44769ea297e1737c418d4dcf27421fa2423", @typed={0x8, 0x46, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @typed={0x2c, 0x1c, @str='echainiv(echainiv(ccm(cast6-generic)))\x00'}]}, @generic="09905168a27664ec46c0fa9b5aaed2b302c458f86d8aae4dd2c62df9c2919b2b47625081008e7531456b7dea5a0e3bcba04caae31b2425d63d4fd79ddfc4c2215eefee90e639242abc16ccef315b3b0cd2c2650515c39aa6c1062c236c38fc95c67397f67b1c908ba8e56a3c28d2fcd8a664dfd204006fceb2dbbbfa4be9f66fa261df186d7797d4d7e4d0c55e6170ae41723cde8016dfff70ac3777138d8fb37e14a22835d48423f9be9d67461abaab43b3ad7a259707f8192a9050f00850d8f03b3ffbaaff2b50d7624f9c537dc61560460182fd510cb336e685c9128bffe48cb3b172c9c94431c081e09ad97644e92225d12b395874dd7b4d87d07785fdb5c3243059fcdfbd22cc498b2686b4f80faf82d8bd767fac11c92170721ab92eba478e5ced4106e680583da49c1273afb0186abf8bbda5aaa6db3e89b136b7ab2b897555825fd74c2b38514cebc0ca92b268ed16dd1a88d0aef399b0c360a410c03d7d42d8d6af6ded06a85d20814e5e66f1cc383139959cfd331a21cf9bf560e8a82e92f0b8fa06a4697203efd0b0bfb499646127828891d31902e5f49d60d3c70111d7c7027ab7803432b5a21ff836ed6df5a6063ea4ef72fe3207f8ac272cb7049d0301651fe86ad516c2db700a88a0773d2bf7029e1bec80a29344a3a0335cc495271a4860f48b143f20683304454622ae918d3329d1154c294a114d2c0ea54966292bf85af4732932d529a60df22d832c14f807b687bf7af5a68745490d5f203a5b9f639c6c957005cfe287ca4f8a2625cdbcd7a9309ac7c127ce1b2aab73c9ec46b200dea0cfca722f78b2b51f9ca4e021b551da5d9d7faaad79eec3bc9c43ba56b8537e74166eee350b72335712849675af6285fc40b433a21fb11c79a5c8414e38bfaec7e269b0047bddd7c001355312ae15ddd044f34110e3b492d11da387f44761a7b24eeae5f1174fd86da6896617ec8a9d207887615621da1c8efc6004eb2122ce309857686f2fcba9ffd21be4700702d5ee9a4591100dc4667a2a025656986f9a73f2d15067f2a6134f74ce0174a730285f65374cb634f6c2b7c45bc4d7c762b74ccbd4ea90902b07d85158f6e14ec2ff520e9dba82c531f7e5e268c228bef832075e22c992f9050c5f6ea621bd59f07050a37cf5cee26d86aedb3dd79897851bdaf01ca75c01446014ce999b177f0b74bc1b1c5142a6feb06ae2c0d53a1d950ffd2ae70bd0342ee7d36c1f1b77cc38ff903e38df614fc5a0ee9fa0e083b7b64805547d59d0b59361cd910f88cd0bde6a55a220f3623b3289024a778ad5718561090895402cd0ae47443a0bba640ed03155a6e79aa952bc6098ab23cc3eed9bf78a2721e582d77039827fc9993525b7bfcc63b279370a252b91a801aed428010879580c4981e1be831a138e637ed821016d8cf4b744055379db5086a6c87722e8a99498eceed62d2caf25ba01cb156b522a4afddbe23cb857beddef5bf8466daa6a28246096f2cfba985c1f94ba2b5c131f8701b60e369a39692304cd3c06b9e5fb64e29d5d01e7b3cdd18acf65cbc05731271966b9a92e52055d34c2c60fdaffe7e54df17ae8b3f0dded0fd5ce41d41ccf77208d93167e3c46f3a67abbdb69a595004308c2e819142b14c56e9c5a60e6e3cc16a527ebdf3ed4977e563bcdea7f391f14506b15f05126a72b983f274ce3ff88b242ba1b936ae387f46173b78d4548c4951ca61b8614721d41987ca17398373f5bc30433f4e9de4ac017d2f5d37ea13514b7f415e1e62cc6fb145de906d14d6d9a1c2c357390a1be9a82abdf80d4505772e6cf94ddc01f65b79d925314436031f5ee0ec9f2bb291029a523ede49bea82b26d0bade5b82adac15f63fa1c5c45b0b9356e5a594ae49ab3762d29c5d005f0d768a8b449e9ae382578756d2f184a32b199d154c49f7729966196c8820c220611a9f7e5b106a45e541610890f2c0e85a0d0b7ace099d246af3793c674db7bf141b2879923ddaaec1564d3ab4bb94811f512ea2f6fc8ef68eb5d0622763bd6ff7472a66c4bf30d6e3295d64641a69a567157f669c65a34e77c65b6d537490ee6938376e80367d702a36b2eabb61d8480a4f66b6bbb74b413fdc45033ea78edb5982b789795c27beed38d23b05f2921c22877f2279ee330a350d186e24b0fd9e2aec7edda7cb8caad78ff917b11d67b37f21b398bf4766b4232f58b2e4a9f6a811677c67e02753af3aa5fcbdaacb1ff9dfbea7731d977602c899587640396b551f93a162cde735d73fd324f4f2b325cfaa81c6dfb2d253934deedf09755d8ace31fa06ffe8074c4312a6177021aad571fe1f4e6af3d6fe393b94c5d7e347a5432e536c3866678f5f2db6962f0d993637da74fe821d28c00aeba516a8c91461e2aae5314d2e23d9a7a375028c679a862f0662d1bd4bf50504230f9a5b046288ce848ec40aa5aa34843bc4aa78bf206c12e74279af424495b7e7d5e4797514b1ec78966df857fe68879829a1fb11acd45045ac01758d66959f9440e5a0e3098483612948de279c48b5b3c90f9d2c64a978c2569e281455f40bf0eecb61fc1599a10549936bfa06693addbae97fec782dfc6451aabbb68e1c0fa0a7c549f594ee61455f0005917063d5c40e67f8e3650034f6e25708abd7f32f8f6a811cf237b8acee177b14bbc4c8bf0d2704004dab509a2d22e6962b9aa85eed74d4f5c9e052f0a8ceda1cc67674aa5f21d4679da792a0e6853911cd14b12a969089327c0df843be54f03320a80c525272fbf99a5dc79cfc480a7d8715a6630dbce19abd39bae739a5d12ccdb63aea5584183b5dc54ae2cb8ff9820432ceaf87a50111c676df702e1fbc0bdd1cf3670e2510a9251995d13da73954e4d6f4f73d788bd95ecf1cdb976012d624ce3d88c8f1a549cb4cbeeba8d09fe533dadac07c1f365301cd4302b109c51e6e81c62e32b3d986d3c45da3f07c004f233547a91712be28177b43878f2beb2417ee3cf93882e2db4c87a100f8c47179e3d48aa8e2dc7c9ca9d1033b2165bffec42872dabf8882423a69fb37dea1a03a6c2288fbde65e9f8ba44537201a99ad6cd8f49d2f4ea228fc0d9da32af5041e7b43c894d43b7a82490f90cb23497e806f902fbe10dbb857bf5a1dda2c57534b305844b4a31317c7147252bf986f337e284c358c919253d033582bbb9068800d4f3cbff768f1b5bfb72f318793637b86ff98391fc561dc40eaafcaea9f51c91d924ad27df1c24cde9bd96fc40c67ee46788be8e987c4ff4f363e4ee133e792d6ecb39d26088634ca9bc540b337a6cdb458f786f16852697e5736dd03a552aa907630439adf4172d4e9b95a0d63a5e64684d9bbcdfc2c91dcfc4ebcb89238091689aad8dc13a1e33c5d4c11b023a3192a9163c8a4e61e26999014359c581bf9dc454c82473b97aea7e67c41b0081620daa30c56d56a6c7d5c660e830b7c3bc654154e98eea7aba242814af3b2f81af55d36818124d5bbba08b89913df3a49b9083defc227b5b8ed887b3be4ebbba4099f077de3358714541ca2ca7cf591c6d99638d2d12464dfe2af6e398835487d094d75b78764e985372e9a31593fefe7f498574aaae288cef50401ca3405d0ef55fc28120ff8a52081e68377523f888c0fc6b7d2f219c555ddab22d2ecc27b91f95fb14f62427e4909eaa7f0736d6c363eedf884e17e6bb86385e5c52edfe4a11268624566b37c314b052583166ee7d73b3594f3292fa484e927c8ed1c762f94656c636d83646b2ef67ff1283bcb3d2da16d683f0fd066da8456b5644561adf46ddfc561af667278301be42b5780b7c91a130ef787e846964efed41a46fbfe3bed07d3f81e2c77d6d9570afc5b033e4032949a7e2b0f529c8585a6c8ccc5f59649a64bc41c6d1f3ddd102e1aee62d5d6a7af612f0ca01ce5b3e0c0e7019c102a74466f2c6f01720707debc0cdcb22a4c9b85903d4b5c9f6408803d2afd7d886e6764288609babe4025b45e1ea4615c233a86546dc7b30cbce79558d637ebaebc0a3713ed5e83ab182611044d8d7c2afc9e499c7046ca333309c019d87706d1e8bc3d8531a3a7df48f94e35afb0ce31aebea5b235c35876c90fe7de954722d6d61db3c07cddb0f4a4d3206517ce505dc26a511f00938beaa0f8924432dc73710be1f964ee307822cf58dc8d9367ebb35785e40f08fb8fa8e44d19d53f38ba269e0f9fedcac58314d7724a4d91d3d933075176b2abd531ce5a1236a41bac7fa6586bc4f76323122d79351599db6525e1ee738ef3ce0c5805cee5c38d6fcaf778f6b14abcb704770c994219ee43f37ed7d67f8994071b17ad15498928b0bfd4cd1fa9d206126220185a6dc01a500937c64276a454eaaebe73abc8a1f0430a600565c2420338a24fc761d88960d4cbc8b287534309e511c2628dc7954a8c82d5f93449130124d530506b62a3f2731867edc680138830142c75d54dfb1969b581bd87aae7b8c22e6878f8af925e31d4d0aee59cd486b395a206d250f6f251da4ae157211ca1814311d5f38a9f82b79f48a9b0f8d97e466c9b3086543ea1bb734c8cc6c0e82a76bc78c0f4e9739cebae209262d3a39216f96a08fefe3b376a07036d9973b5e4350f4160c4da045fe0e7eaac48c5d303073389ecb2d0eb79df3c12194fcd39f0a2347ed135eac9efe4f082c0930abf4243a04b0d5a981634353ef1b9c5de5282b23492ed866c538584b3fd15ffb344503121b5bd9ddf1389e716ffce10e8c2697158cefc51bbf7bcdea6df36ac15247110d8be347a4198716170dbf326cec26f79e684c96a6c83a2263fad2295b9da514d80759558eba0cdeff1a0d5542aa99a91ebd26c9b8aab19bdca11a5f80dff547f753a25608e0869951c828cb91db0c2e53641ba2de355437fce044680a1bd8de84c7645deb4a478fabe713165ee7e0b22ed4ce42ad589ed528aa5fa4b6c721eedce3342cfdbc808e40d84f6b016941f6fc7ee0fdc1e645306ba65c5d8eb92b677c1fae158571f363b5358f68e4229c233805658448e5e7fe1cbf06a9f33dd41ec31dd621e4fbf08289f1721cf32f78908c6b42380a5e6a8080f72f90b3b90fd57e402ed00bd106f32035a5580c4aba774444f2ef2b279eeef0df8ed419edb9075c95e9ce115496787d51ed6e7f7d1dc7687e558779330dc65e048b273af62ca8b90939a12f3953461fb0ccdcc67bfecb46e98cf021906f1d727b8e34cf87f9348505f7e353d7aef241dd077683a1138f7cf3c9bfde9eedc345ece0adffc2795d4a799cf82c22ee1c655c8398f94a2e262199ce1a781a6189062ac37b17977af1f4e63223125eef3a2d3472ca53224354c55462bf1623af9ddb4bc6993859c47b511cec060d211b52d509bbde6f48d14f98996ed6cf8d9d7d584fc09ee68c1702fcfb0ddad82301af22e57b72a875d53fe64f2d14c91ecaab7483179f472c50e8372cfb322bcdc50af0b7d0b6cc020c60d9844c6c8041cf0561db0a21a54c7b3dafd3001ffde2c592b012647bb7a8e7ec5f39a9386ab042d580996b2e0a73a147cc29540f18dc8661a57990d90c63115fe1e7e1906667919e75f110c8010b8f10e692b36af15a2ee07d6f5c8cb0e62f0ec164cb03a2df9599503547d8d8cac2111b503b7dd965b504d1052f4d8a26ca07b5871043b0665552074775df26ae5f063d8aef5cd484f9509313701625a14089af2bbffacdd3facbeb4793f39a587a4aa877aa7b9f9cbd0165f4175864347817ef6ccfba4b516908432961c5ea481756070ce75", @generic="d49546b562f86d73e35d7bb4dbb2377083a49728a3239da54a2132a6c2ac159ad0b83b3fe18f899235d67182abd1860fe30a15d055f7ff769787077a9d1de73a5843af133fe54416fb33315675905d5d0e241b6cc67a98bc7ab0a256b9e246b32ccc6f2b65e5d83042db31e615e5d735", @typed={0x4, 0x24}, @nested={0x68, 0x64, [@generic="5d981ee8280392fbffc43767a79ed7ba4ab32ec58394802fb4da3c745e6923a9f60e7a4b0d72c03095c2c6a43b6cf7310ff284f8d03a", @generic="4143c5b257995efba7b00fd43927bdc11484fae1ee5d59f970f13c26cc63ca8e2ce17a4add7e73e7237890a8d6"]}]}, 0x22b8}], 0x5, &(0x7f0000006240)=[@rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}, @rights={0x38, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r5, r6, r7}, @cred={0x20, 0x1, 0x2, r8, r9, r10}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0, r0]}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0, r11]}], 0x168, 0x4000}, 0x40000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) [ 240.298553] FAULT_INJECTION: forcing a failure. [ 240.298553] name failslab, interval 1, probability 0, space 0, times 0 [ 240.310025] CPU: 1 PID: 13464 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 240.317402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.326765] Call Trace: [ 240.329405] dump_stack+0x1c9/0x2b4 [ 240.333071] ? dump_stack_print_info.cold.2+0x52/0x52 [ 240.338293] should_fail.cold.4+0xa/0x1a [ 240.342385] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 240.347515] ? kasan_kmalloc+0xc4/0xe0 [ 240.351431] ? kasan_slab_alloc+0x12/0x20 [ 240.355601] ? kmem_cache_alloc+0x12e/0x760 [ 240.359939] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 240.364800] ? kvm_mmu_load+0x21/0x10e0 [ 240.369575] ? vcpu_enter_guest+0x3aa6/0x6090 [ 240.374092] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 240.379133] ? graph_lock+0x170/0x170 [ 240.383236] ? do_syscall_64+0x1b9/0x820 [ 240.387318] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 240.392709] ? find_held_lock+0x36/0x1c0 [ 240.396820] ? __lock_is_held+0xb5/0x140 [ 240.400936] ? check_same_owner+0x340/0x340 [ 240.405271] ? rcu_note_context_switch+0x730/0x730 [ 240.410198] __should_failslab+0x124/0x180 [ 240.414436] should_failslab+0x9/0x14 [ 240.418225] kmem_cache_alloc+0x2af/0x760 [ 240.422372] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 240.427237] mmu_topup_memory_caches+0xf7/0x3a0 [ 240.431900] kvm_mmu_load+0x21/0x10e0 [ 240.435783] vcpu_enter_guest+0x3aa6/0x6090 [ 240.440095] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 240.444337] ? kvm_set_msr_common+0x26a0/0x26a0 [ 240.449019] ? vmx_vcpu_load+0xadf/0xff0 [ 240.453081] ? __lock_acquire+0x7fc/0x5020 [ 240.457306] ? vmx_vcpu_reset+0x1040/0x1040 [ 240.461625] ? graph_lock+0x170/0x170 [ 240.465429] ? __lock_acquire+0x7fc/0x5020 [ 240.469661] ? __lock_is_held+0xb5/0x140 [ 240.473746] ? lock_acquire+0x1e4/0x540 [ 240.477722] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 240.482749] ? lock_release+0xa30/0xa30 [ 240.486719] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 240.491986] ? kvm_arch_dev_ioctl+0x610/0x610 [ 240.496472] ? preempt_notifier_dec+0x20/0x20 [ 240.501133] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 240.505962] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 240.510979] kvm_vcpu_ioctl+0x7b8/0x1300 [ 240.515128] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 240.520838] ? find_held_lock+0x36/0x1c0 [ 240.524899] ? find_held_lock+0x36/0x1c0 [ 240.528953] ? lock_downgrade+0x8f0/0x8f0 [ 240.533106] ? kasan_check_read+0x11/0x20 [ 240.537238] ? rcu_is_watching+0x8c/0x150 [ 240.541370] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 240.545779] ? __fget+0x414/0x670 [ 240.549231] ? match_held_lock+0x821/0x8d0 [ 240.553453] ? expand_files.part.8+0x9c0/0x9c0 [ 240.558038] ? kasan_check_write+0x14/0x20 [ 240.562273] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 240.567208] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 240.572912] do_vfs_ioctl+0x1de/0x1720 [ 240.576788] ? __lock_is_held+0xb5/0x140 [ 240.580937] ? ioctl_preallocate+0x300/0x300 [ 240.585334] ? __fget_light+0x2f7/0x440 [ 240.589310] ? fget_raw+0x20/0x20 [ 240.592762] ? __sb_end_write+0xac/0xe0 [ 240.596730] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 240.602264] ? fput+0x130/0x1a0 [ 240.605533] ? ksys_write+0x1ae/0x260 [ 240.609324] ? security_file_ioctl+0x94/0xc0 [ 240.613735] ksys_ioctl+0xa9/0xd0 [ 240.617176] __x64_sys_ioctl+0x73/0xb0 [ 240.621069] do_syscall_64+0x1b9/0x820 [ 240.624957] ? finish_task_switch+0x1d3/0x870 [ 240.629441] ? syscall_return_slowpath+0x5e0/0x5e0 [ 240.634359] ? syscall_return_slowpath+0x31d/0x5e0 [ 240.639284] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 240.644643] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 240.649489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 240.654665] RIP: 0033:0x455ab9 [ 240.657857] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 240.677301] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.685103] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 240.692381] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 240.699938] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 240.707282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 240.714540] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000024 02:30:11 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0xffffffffffff0001) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) fgetxattr(r2, &(0x7f0000000040)=@random={'trusted.', '\'\x00'}, &(0x7f00000000c0)=""/197, 0xc5) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:11 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x804000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:11 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-aesni\x00'}, 0xfffffffffffffdc1) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x600040, 0x0) connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10) 02:30:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:11 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4020940d, r0) 02:30:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x2) 02:30:11 executing program 6 (fault-call:6 fault-nth:37): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 240.986979] FAT-fs (loop3): bogus number of reserved sectors [ 240.993195] FAT-fs (loop3): Can't find a valid FAT filesystem [ 241.027536] FAULT_INJECTION: forcing a failure. [ 241.027536] name failslab, interval 1, probability 0, space 0, times 0 [ 241.039070] CPU: 1 PID: 13502 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 241.046445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.055913] Call Trace: [ 241.058640] dump_stack+0x1c9/0x2b4 [ 241.062288] ? dump_stack_print_info.cold.2+0x52/0x52 [ 241.067508] should_fail.cold.4+0xa/0x1a [ 241.071591] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 241.076718] ? kasan_kmalloc+0xc4/0xe0 [ 241.080629] ? kasan_slab_alloc+0x12/0x20 [ 241.084798] ? kmem_cache_alloc+0x12e/0x760 [ 241.089141] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 241.094092] ? kvm_mmu_load+0x21/0x10e0 [ 241.098092] ? vcpu_enter_guest+0x3aa6/0x6090 [ 241.102955] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 241.108009] ? graph_lock+0x170/0x170 [ 241.111826] ? do_syscall_64+0x1b9/0x820 [ 241.115905] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 241.121546] ? find_held_lock+0x36/0x1c0 [ 241.125612] ? __lock_is_held+0xb5/0x140 [ 241.129672] ? check_same_owner+0x340/0x340 [ 241.133983] ? rcu_note_context_switch+0x730/0x730 [ 241.138909] __should_failslab+0x124/0x180 [ 241.143243] should_failslab+0x9/0x14 [ 241.147035] kmem_cache_alloc+0x2af/0x760 [ 241.151172] ? lock_acquire+0x1e4/0x540 [ 241.156437] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 241.160674] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 241.165512] mmu_topup_memory_caches+0xf7/0x3a0 [ 241.170182] kvm_mmu_load+0x21/0x10e0 [ 241.174089] vcpu_enter_guest+0x3aa6/0x6090 [ 241.178407] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 241.182644] ? kvm_set_msr_common+0x26a0/0x26a0 [ 241.187306] ? vmx_vcpu_load+0xadf/0xff0 [ 241.191451] ? __lock_acquire+0x7fc/0x5020 [ 241.195682] ? vmx_vcpu_reset+0x1040/0x1040 [ 241.200019] ? graph_lock+0x170/0x170 [ 241.203817] ? __lock_acquire+0x7fc/0x5020 [ 241.208056] ? __lock_is_held+0xb5/0x140 [ 241.212108] ? lock_acquire+0x1e4/0x540 [ 241.216066] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 241.221070] ? lock_release+0xa30/0xa30 [ 241.225032] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 241.230298] ? kvm_arch_dev_ioctl+0x610/0x610 [ 241.234781] ? preempt_notifier_dec+0x20/0x20 [ 241.239275] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 241.244103] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 241.249129] kvm_vcpu_ioctl+0x7b8/0x1300 [ 241.253188] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 241.258883] ? find_held_lock+0x36/0x1c0 [ 241.262935] ? find_held_lock+0x36/0x1c0 [ 241.266991] ? lock_downgrade+0x8f0/0x8f0 [ 241.271132] ? kasan_check_read+0x11/0x20 [ 241.275271] ? rcu_is_watching+0x8c/0x150 [ 241.279404] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 241.283801] ? __fget+0x414/0x670 [ 241.287244] ? match_held_lock+0x821/0x8d0 [ 241.291470] ? expand_files.part.8+0x9c0/0x9c0 [ 241.296038] ? kasan_check_write+0x14/0x20 [ 241.300267] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 241.305188] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 241.310896] do_vfs_ioctl+0x1de/0x1720 [ 241.315948] ? __lock_is_held+0xb5/0x140 [ 241.320031] ? ioctl_preallocate+0x300/0x300 [ 241.324435] ? __fget_light+0x2f7/0x440 [ 241.328413] ? fget_raw+0x20/0x20 [ 241.331856] ? __sb_end_write+0xac/0xe0 [ 241.335834] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 241.341356] ? fput+0x130/0x1a0 [ 241.344625] ? ksys_write+0x1ae/0x260 [ 241.348507] ? security_file_ioctl+0x94/0xc0 [ 241.352912] ksys_ioctl+0xa9/0xd0 [ 241.356352] __x64_sys_ioctl+0x73/0xb0 [ 241.360248] do_syscall_64+0x1b9/0x820 [ 241.364120] ? finish_task_switch+0x1d3/0x870 [ 241.368603] ? syscall_return_slowpath+0x5e0/0x5e0 [ 241.373606] ? syscall_return_slowpath+0x31d/0x5e0 [ 241.378525] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 241.383898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 241.388735] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 241.393918] RIP: 0033:0x455ab9 [ 241.397098] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 241.416320] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:30:11 executing program 4: getpgrp(0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000001c0)) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000240)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000200)='net/udp\x00') setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000100)=0x24, 0x4) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x101000, 0x0) ioctl$EVIOCSABS20(r3, 0x401845e0, &(0x7f0000000040)={0x8, 0x10001, 0xfffffffffffffffb, 0x8aa, 0x1, 0xce2}) ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000080)) bind$alg(r2, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:11 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:11 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xffffffff00000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:11 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x80081272, r0) [ 241.424025] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 241.431281] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 241.438542] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 241.445835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 241.453194] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000025 02:30:11 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x3000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:12 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1278, r0) 02:30:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) getrusage(0x0, &(0x7f0000000140)) r0 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x1) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000001, 0x1f, r1, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f0000000100)) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e22, @loopback=0x7f000001}], 0x10) [ 241.783464] FAT-fs (loop3): bogus number of reserved sectors [ 241.789542] FAT-fs (loop3): Can't find a valid FAT filesystem [ 241.850612] print_req_error: 2 callbacks suppressed [ 241.850622] print_req_error: I/O error, dev loop0, sector 0 [ 241.861575] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 241.866351] print_req_error: I/O error, dev loop0, sector 11136 [ 241.876580] FAT-fs (loop3): bogus number of reserved sectors [ 241.882534] FAT-fs (loop3): Can't find a valid FAT filesystem [ 241.894633] print_req_error: I/O error, dev loop0, sector 8 [ 241.900786] Buffer I/O error on dev loop0, logical block 1, lost async page write 02:30:12 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() sendmsg$alg(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000000c0)="5925a75723869770723b3ddc6214346bbf7361010e13ff300a4b7662384288e6b5a5af7a4b28fa28099fabf4c93936e5e788652ecf135173460142e750e433822d083712e5e432ce8f5e0e5783a323cdedebcc11b31c50eea870aa597a7c6fbc3e38dad0225c86dd1e92798ab2c4f735ba5356aae6cd456075a5716c1f2e9e97d776f2787afaf07b72d65fb599bb1eaadf2d19cdf834ace0a86e984e2dea9a1185949c39d3da3fe9000a889521f52374c1b7a80f0adb33232f7d0729", 0xbc}, {&(0x7f0000000040)="aa1119dc5a29e739a206428c0bb81d1276279073a2cd6ae6", 0x18}, {&(0x7f00000002c0)="d68695e35a615df37208ca308c0998b15d0b567cff989a4385677a340dc0df03f93423bfb66666aa7c64f3e1aece019d6eba4a66ecb571ef3f71ef5790b901348e47edb64542dee3ee11e0fea67312fa0dc90aa854bc127fd46b4beecd78ec8917998c44dea9e610d7b6202e944389768fa64afc3c51bbf993c113caed0225", 0x7f}, {&(0x7f0000000380)="76af20007866bc9a5b564c24b2e324b8e3d1dbd7829edb25432616b7364649ace42c761d191699fdfadba290d856bcf8b054f3a9060d4b3bcaf58f2c7d24cabd1a6543feca875ee5fdea50bf95f7eef3c9766ce506777c11e5e9ef4f05a9be725bccf0afe6a7f009245015b980b43e8003193d60dd9456423ded09d5d9c4f4bfb9c8b313a95f5725cdf09415b49bf0a652830ebb0cd68e5867bdc421d11f74d4dcaf50f7c6ef108c4783dc334ef31d6db56dda7f37ea84c048f7dc32b117924bfdad7db9f72651d06d5cb0ac07446be1d2ed254c4f4fd9326019e57ebae2a9922b62441ddb670014be162a83c4bd2714dacc4c43cf6fbda66c55", 0xfa}, {&(0x7f0000000480)="ce8809dcb9020d4bc70e141f3a183750857297c33853113434e3252ffb5d655f24e3ed6f2e46091e60685380d4be713fb15f4fe857d8f5af53fffe226329abb5e24b9dbe3b98a4d7dc893a5472dcda735f4cb428cb72e9e722977549b20e9d6d1084a05e9d22f0e954c2b6b4ebb60b4cd5e2c751ece67fb5a71c614360ce36e3fee129e3f16f396cfe756c", 0x8b}, {&(0x7f0000000180)="b56804c55536ca1e6e626f31543e853f9ae8c8c295435e3ea1b1f9561e5b23f4a1909e61ba1f7e5c71d1451a3bb1c735578db767", 0x34}], 0x6, &(0x7f00000005c0)=[@iv={0xf8, 0x117, 0x2, 0xdf, "d2f2294804601a71df15d5b7591e56b6cb902f1fb7c4733ac696e5871af177b54886a943c2e1fd90a6ee176b3fb5e9a862dcb71eec678ef323eb63c8b65c379983b2aa79eb21994d04568d6cf7c4271feec2bcb74d860e92a8f051b900dfb0ee98541317d23710f904d8711ff0b67ad69bc631df3dbeccc28ce92b3b77e9759bb79f9563d6b44391beef3e58da430837d5f592d61cfc673ccadc98e7462bd8eb72614dde31d0a0ff325050343c833079fa73872fe8fadb016d42921f8eac7d620399cb401a5c1f025f0e39bbdad937e51840794ab036c2c3e2e52990125130"}, @assoc={0x18, 0x117, 0x4}, @iv={0x88, 0x117, 0x2, 0x6f, "905a7ebfb0880cd4ab86b770d22f410de4f09548202d7b4b4d21b8ed0a45d5184a100e6ba6f225b5b23faf86808a414e2446b9dac97713e70ac975ef874484b407507b32d52d6c758571545d379b2a9ec2b2770e8b3f1c65399f28cbc7ab34eb6a2772df81356cc91218ba9c2e3a33"}], 0x198, 0x4}, 0x20000010) 02:30:12 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) shmget$private(0x0, 0x2000, 0x40, &(0x7f0000ffb000/0x2000)=nil) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) getsockname(r0, &(0x7f0000000080)=@sco, &(0x7f0000000100)=0x80) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512_mb\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) fanotify_init(0x514cd3b140e18737, 0x80000) 02:30:12 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:12 executing program 6 (fault-call:6 fault-nth:38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:12 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1277, r0) 02:30:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x8) creat(&(0x7f0000000000)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) [ 242.047208] FAT-fs (loop3): bogus number of reserved sectors [ 242.053168] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:12 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1400000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 242.150064] FAT-fs (loop3): bogus number of reserved sectors [ 242.156053] FAT-fs (loop3): Can't find a valid FAT filesystem [ 242.177636] FAULT_INJECTION: forcing a failure. [ 242.177636] name failslab, interval 1, probability 0, space 0, times 0 [ 242.189095] CPU: 0 PID: 13585 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 242.196467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.205876] Call Trace: [ 242.208476] dump_stack+0x1c9/0x2b4 [ 242.212125] ? dump_stack_print_info.cold.2+0x52/0x52 [ 242.217343] should_fail.cold.4+0xa/0x1a [ 242.221493] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 242.226599] ? kasan_kmalloc+0xc4/0xe0 [ 242.230482] ? kasan_slab_alloc+0x12/0x20 [ 242.234623] ? kmem_cache_alloc+0x12e/0x760 [ 242.238947] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 242.243817] ? kvm_mmu_load+0x21/0x10e0 [ 242.247782] ? vcpu_enter_guest+0x3aa6/0x6090 [ 242.252265] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.257273] ? graph_lock+0x170/0x170 [ 242.261060] ? do_syscall_64+0x1b9/0x820 [ 242.265113] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 242.270486] ? find_held_lock+0x36/0x1c0 [ 242.274546] ? __lock_is_held+0xb5/0x140 [ 242.278611] ? check_same_owner+0x340/0x340 [ 242.282925] ? rcu_note_context_switch+0x730/0x730 [ 242.287850] __should_failslab+0x124/0x180 [ 242.292076] should_failslab+0x9/0x14 [ 242.295889] kmem_cache_alloc+0x2af/0x760 [ 242.300039] ? lock_acquire+0x1e4/0x540 [ 242.304007] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 242.308242] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 242.313090] mmu_topup_memory_caches+0xf7/0x3a0 [ 242.317757] kvm_mmu_load+0x21/0x10e0 [ 242.321560] vcpu_enter_guest+0x3aa6/0x6090 [ 242.325872] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 242.330102] ? kvm_set_msr_common+0x26a0/0x26a0 [ 242.334771] ? vmx_vcpu_load+0xadf/0xff0 [ 242.338832] ? __lock_acquire+0x7fc/0x5020 [ 242.343060] ? vmx_vcpu_reset+0x1040/0x1040 [ 242.347383] ? graph_lock+0x170/0x170 [ 242.351200] ? __lock_acquire+0x7fc/0x5020 [ 242.355443] ? __lock_is_held+0xb5/0x140 [ 242.359508] ? lock_acquire+0x1e4/0x540 [ 242.363472] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 242.368571] ? lock_release+0xa30/0xa30 [ 242.372632] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 242.377903] ? kvm_arch_dev_ioctl+0x610/0x610 [ 242.382394] ? preempt_notifier_dec+0x20/0x20 [ 242.386892] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.391737] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.396753] kvm_vcpu_ioctl+0x7b8/0x1300 [ 242.400813] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 242.406515] ? find_held_lock+0x36/0x1c0 [ 242.410575] ? find_held_lock+0x36/0x1c0 [ 242.414638] ? lock_downgrade+0x8f0/0x8f0 [ 242.418782] ? kasan_check_read+0x11/0x20 [ 242.422919] ? rcu_is_watching+0x8c/0x150 [ 242.427056] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 242.431461] ? __fget+0x414/0x670 [ 242.434908] ? match_held_lock+0x821/0x8d0 [ 242.439136] ? expand_files.part.8+0x9c0/0x9c0 [ 242.443718] ? kasan_check_write+0x14/0x20 [ 242.447959] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 242.452887] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 242.458584] do_vfs_ioctl+0x1de/0x1720 [ 242.462472] ? __lock_is_held+0xb5/0x140 [ 242.466524] ? ioctl_preallocate+0x300/0x300 [ 242.470920] ? __fget_light+0x2f7/0x440 [ 242.474886] ? fget_raw+0x20/0x20 [ 242.478329] ? __sb_end_write+0xac/0xe0 [ 242.483515] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 242.489046] ? fput+0x130/0x1a0 [ 242.492319] ? ksys_write+0x1ae/0x260 [ 242.496112] ? security_file_ioctl+0x94/0xc0 [ 242.500511] ksys_ioctl+0xa9/0xd0 [ 242.503955] __x64_sys_ioctl+0x73/0xb0 [ 242.507832] do_syscall_64+0x1b9/0x820 [ 242.511706] ? finish_task_switch+0x1d3/0x870 [ 242.516201] ? syscall_return_slowpath+0x5e0/0x5e0 [ 242.521121] ? syscall_return_slowpath+0x31d/0x5e0 [ 242.526054] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 242.531421] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 242.536264] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 242.541444] RIP: 0033:0x455ab9 [ 242.544623] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 242.564040] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.571739] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 242.578999] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 242.586260] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 242.593529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 242.600788] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000026 02:30:13 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:13 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x2, r0) 02:30:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x1) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) open$dir(&(0x7f0000000000)='./file0/bus\x00', 0x18000, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000004c0)={0x0, 0x6, 0x8, 0x904, 0x3, 0x4f35, 0x0, 0x81, {0x0, @in={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x81, 0xfffffffffffffffe, 0x49d, 0x6, 0x9}}, &(0x7f0000000580)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000005c0)={r2, 0x1}, 0xc) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000200)={0x0}) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000003c0)=@assoc_id=0x0, &(0x7f0000000400)=0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000440)={0x8, 0x8008, 0xfffffffffffffffd, 0x6, r4}, &(0x7f0000000480)=0x10) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0xac, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="066304400400000000634040000000000000000003000000000000000000000011000000000000000000000020000000000000002800000000000000", @ANYPTR=&(0x7f0000000040)=ANY=[@ANYBLOB="856164660000000000000000000000009a00faff004000003900000000000000"], @ANYPTR=&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00h\x00\x00\x00\x00\x00\x00\x00x\x00\x00\x00\x00\x00\x00\x008\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="01634040040000000000000001000000000000000000000010000000000000000000000018000000000000000800000000000000", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB="852a646600000000", @ANYRES32=r0, @ANYBLOB="000000000100000000000000"], @ANYPTR=&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="08631040", @ANYRES64=r3, @ANYBLOB="01000000000000000663044002000000"], 0x65, 0x0, &(0x7f0000000300)="3ec86ac51037243ce021feacfce5b29fc6cbc09d45288caa9a27c4986a31235325499023022d27446d8f93547b2ee62fcd5b5179fcd746f69280ba235123c408d2b589b76093fa0da9dee1892e2c571e177a8625942e3e73263297e1f01124ad454532cf8d"}) 02:30:13 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) 02:30:13 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x10000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 242.782243] FAT-fs (loop3): bogus number of reserved sectors [ 242.788192] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:13 executing program 6 (fault-call:6 fault-nth:39): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 242.885867] FAT-fs (loop3): bogus number of reserved sectors [ 242.891883] FAT-fs (loop3): Can't find a valid FAT filesystem [ 242.917580] print_req_error: I/O error, dev loop0, sector 15360 [ 242.923889] print_req_error: I/O error, dev loop0, sector 16384 [ 242.930188] print_req_error: I/O error, dev loop0, sector 17408 [ 242.986758] print_req_error: I/O error, dev loop0, sector 0 [ 242.992701] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 242.996960] FAULT_INJECTION: forcing a failure. [ 242.996960] name failslab, interval 1, probability 0, space 0, times 0 [ 243.011776] CPU: 0 PID: 13643 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 243.019158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.028520] Call Trace: [ 243.031107] dump_stack+0x1c9/0x2b4 [ 243.034726] ? dump_stack_print_info.cold.2+0x52/0x52 [ 243.039917] should_fail.cold.4+0xa/0x1a [ 243.043987] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 243.049085] ? kasan_kmalloc+0xc4/0xe0 [ 243.052958] ? kasan_slab_alloc+0x12/0x20 [ 243.057110] ? kmem_cache_alloc+0x12e/0x760 [ 243.061432] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 243.066260] ? kvm_mmu_load+0x21/0x10e0 [ 243.070219] ? vcpu_enter_guest+0x3aa6/0x6090 [ 243.074716] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.079734] ? graph_lock+0x170/0x170 [ 243.083530] ? do_syscall_64+0x1b9/0x820 [ 243.087579] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 243.093037] ? find_held_lock+0x36/0x1c0 [ 243.097089] ? __lock_is_held+0xb5/0x140 [ 243.101148] ? check_same_owner+0x340/0x340 [ 243.105459] ? rcu_note_context_switch+0x730/0x730 [ 243.110382] __should_failslab+0x124/0x180 [ 243.114609] should_failslab+0x9/0x14 [ 243.118400] kmem_cache_alloc+0x2af/0x760 [ 243.122553] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 243.127386] mmu_topup_memory_caches+0xf7/0x3a0 [ 243.132050] kvm_mmu_load+0x21/0x10e0 [ 243.135848] vcpu_enter_guest+0x3aa6/0x6090 [ 243.140157] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 243.144386] ? kvm_set_msr_common+0x26a0/0x26a0 [ 243.149043] ? vmx_vcpu_load+0xadf/0xff0 [ 243.153095] ? __lock_acquire+0x7fc/0x5020 [ 243.157335] ? vmx_vcpu_reset+0x1040/0x1040 [ 243.161643] ? graph_lock+0x170/0x170 [ 243.165431] ? __lock_acquire+0x7fc/0x5020 [ 243.169671] ? __lock_is_held+0xb5/0x140 [ 243.173721] ? lock_acquire+0x1e4/0x540 [ 243.177681] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 243.182775] ? lock_release+0xa30/0xa30 [ 243.186736] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 243.191999] ? kvm_arch_dev_ioctl+0x610/0x610 [ 243.196483] ? preempt_notifier_dec+0x20/0x20 [ 243.200985] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.205819] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.210829] kvm_vcpu_ioctl+0x7b8/0x1300 [ 243.214890] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 243.220586] ? find_held_lock+0x36/0x1c0 [ 243.224638] ? find_held_lock+0x36/0x1c0 [ 243.228693] ? lock_downgrade+0x8f0/0x8f0 [ 243.232842] ? kasan_check_read+0x11/0x20 [ 243.236975] ? rcu_is_watching+0x8c/0x150 [ 243.241111] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 243.245511] ? __fget+0x414/0x670 [ 243.248952] ? match_held_lock+0x821/0x8d0 [ 243.253172] ? expand_files.part.8+0x9c0/0x9c0 [ 243.257750] ? kasan_check_write+0x14/0x20 [ 243.261986] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 243.266911] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 243.272607] do_vfs_ioctl+0x1de/0x1720 [ 243.276482] ? __lock_is_held+0xb5/0x140 [ 243.280528] ? ioctl_preallocate+0x300/0x300 [ 243.284924] ? __fget_light+0x2f7/0x440 [ 243.289058] ? fget_raw+0x20/0x20 [ 243.292498] ? __sb_end_write+0xac/0xe0 [ 243.296464] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 243.301985] ? fput+0x130/0x1a0 [ 243.305254] ? ksys_write+0x1ae/0x260 [ 243.309040] ? security_file_ioctl+0x94/0xc0 [ 243.313471] ksys_ioctl+0xa9/0xd0 [ 243.316919] __x64_sys_ioctl+0x73/0xb0 [ 243.320795] do_syscall_64+0x1b9/0x820 [ 243.324679] ? finish_task_switch+0x1d3/0x870 [ 243.329161] ? syscall_return_slowpath+0x5e0/0x5e0 [ 243.334077] ? syscall_return_slowpath+0x31d/0x5e0 [ 243.339010] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 243.344367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 243.349374] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 243.354548] RIP: 0033:0x455ab9 [ 243.357719] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 243.376944] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.384638] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 243.391995] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 243.399265] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 243.406521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 243.413798] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000027 02:30:13 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffffffc) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) sync_file_range(r2, 0x3, 0x6, 0x4) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r0, r1, &(0x7f0000000000), 0x2000007) ioctl$LOOP_CLR_FD(r1, 0x4c01) writev(r2, &(0x7f00000004c0), 0x6) sync() 02:30:13 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x5452, r0) 02:30:13 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) lseek(r0, 0x0, 0x1) 02:30:13 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='timers\x00') ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000100)={0x0, 0x0, @ioapic}) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:30:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x0, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:13 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x8584020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:13 executing program 6 (fault-call:6 fault-nth:40): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 243.596541] FAT-fs (loop3): bogus number of reserved sectors [ 243.602521] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:14 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x10, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:14 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1268, r0) [ 243.720990] FAULT_INJECTION: forcing a failure. [ 243.720990] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 243.732958] CPU: 0 PID: 13675 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 243.740336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.749789] Call Trace: [ 243.752401] dump_stack+0x1c9/0x2b4 [ 243.756053] ? dump_stack_print_info.cold.2+0x52/0x52 [ 243.761262] ? lock_downgrade+0x8f0/0x8f0 [ 243.765447] should_fail.cold.4+0xa/0x1a [ 243.769534] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 243.774672] ? graph_lock+0x170/0x170 [ 243.778491] ? is_bpf_text_address+0xd7/0x170 [ 243.783005] ? find_held_lock+0x36/0x1c0 [ 243.787089] ? __lock_is_held+0xb5/0x140 [ 243.791180] ? check_same_owner+0x340/0x340 [ 243.795555] ? save_stack+0x43/0xd0 [ 243.799192] ? kasan_kmalloc+0xc4/0xe0 [ 243.803081] ? rcu_note_context_switch+0x730/0x730 [ 243.808046] ? vcpu_enter_guest+0x3aa6/0x6090 [ 243.812554] __alloc_pages_nodemask+0x36e/0xdb0 [ 243.817223] ? lock_downgrade+0x8f0/0x8f0 [ 243.821388] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 243.826397] ? graph_lock+0x170/0x170 [ 243.830190] ? __lock_is_held+0xb5/0x140 [ 243.834242] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 243.838665] ? __lock_is_held+0xb5/0x140 [ 243.842742] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 243.848280] alloc_pages_current+0x10c/0x210 [ 243.852688] __get_free_pages+0xf/0x40 [ 243.856577] mmu_topup_memory_caches+0x1f8/0x3a0 [ 243.861330] kvm_mmu_load+0x21/0x10e0 [ 243.865135] vcpu_enter_guest+0x3aa6/0x6090 [ 243.869468] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 243.873701] ? kvm_set_msr_common+0x26a0/0x26a0 [ 243.878453] ? vmx_vcpu_load+0xadf/0xff0 [ 243.882513] ? __lock_acquire+0x7fc/0x5020 [ 243.886751] ? vmx_vcpu_reset+0x1040/0x1040 [ 243.891066] ? graph_lock+0x170/0x170 [ 243.894957] ? __lock_acquire+0x7fc/0x5020 [ 243.899195] ? __lock_is_held+0xb5/0x140 [ 243.903249] ? lock_acquire+0x1e4/0x540 [ 243.907230] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 243.912250] ? lock_release+0xa30/0xa30 [ 243.916233] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 243.921509] ? kvm_arch_dev_ioctl+0x610/0x610 [ 243.926004] ? preempt_notifier_dec+0x20/0x20 [ 243.930518] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.935348] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.940363] kvm_vcpu_ioctl+0x7b8/0x1300 [ 243.944419] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 243.950129] ? find_held_lock+0x36/0x1c0 [ 243.954189] ? find_held_lock+0x36/0x1c0 [ 243.958262] ? lock_downgrade+0x8f0/0x8f0 [ 243.962426] ? kasan_check_read+0x11/0x20 [ 243.966586] ? rcu_is_watching+0x8c/0x150 [ 243.970726] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 243.975134] ? __fget+0x414/0x670 [ 243.978581] ? match_held_lock+0x821/0x8d0 [ 243.982817] ? expand_files.part.8+0x9c0/0x9c0 [ 243.987404] ? kasan_check_write+0x14/0x20 [ 243.991638] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 243.996578] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 244.002299] do_vfs_ioctl+0x1de/0x1720 [ 244.006180] ? __lock_is_held+0xb5/0x140 [ 244.010245] ? ioctl_preallocate+0x300/0x300 [ 244.014660] ? __fget_light+0x2f7/0x440 [ 244.018625] ? fget_raw+0x20/0x20 [ 244.022071] ? __sb_end_write+0xac/0xe0 [ 244.026045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 244.031571] ? fput+0x130/0x1a0 [ 244.034852] ? ksys_write+0x1ae/0x260 [ 244.038644] ? security_file_ioctl+0x94/0xc0 [ 244.043046] ksys_ioctl+0xa9/0xd0 [ 244.046494] __x64_sys_ioctl+0x73/0xb0 [ 244.050388] do_syscall_64+0x1b9/0x820 [ 244.054294] ? finish_task_switch+0x1d3/0x870 [ 244.058787] ? syscall_return_slowpath+0x5e0/0x5e0 [ 244.063721] ? syscall_return_slowpath+0x31d/0x5e0 [ 244.068651] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 244.074011] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 244.078875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 244.084053] RIP: 0033:0x455ab9 [ 244.087225] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 244.106654] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 244.114367] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 02:30:14 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:14 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) socketpair(0xb, 0x7, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f0000000180)) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) socket$alg(0x26, 0x5, 0x0) r2 = dup2(r0, r0) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="c4e2059804da66ba2000ec440f20c03506000000440f22c036410fc75a8866ba400066ed66ba6100ed8f8978c7aa0a0000004713787fc4839148c00066ba400066ed", 0x42}], 0x1, 0x20, &(0x7f00000000c0)=[@dstype0={0x6, 0xf}], 0x1) 02:30:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x0, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 244.121635] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 244.128894] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 244.136151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 244.143409] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000028 [ 244.168201] FAT-fs (loop3): bogus number of reserved sectors [ 244.174260] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:14 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x200000, 0x0) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f00000000c0)=0xffffffff) r3 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r3) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x1, &(0x7f0000000400)=[r0]) r1 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) getgroups(0x8, &(0x7f0000000000)=[0xee01, 0xee00, 0xee00, 0xee01, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff, 0x0]) r3 = getgid() stat(&(0x7f0000000040)='./file0/bus\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0xc) r6 = getgid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) setgroups(0x7, &(0x7f0000000300)=[r2, r3, r4, r5, r6, r7, r8]) r9 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r9, 0x0) 02:30:14 executing program 6 (fault-call:6 fault-nth:41): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:14 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x28485, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:14 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x127a, r0) [ 244.394615] FAT-fs (loop3): bogus number of reserved sectors [ 244.400643] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x0, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:14 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='.self{\x00', 0xffffffffffffff9c}, 0x10) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000080)=0x6, 0x4) [ 244.509598] FAULT_INJECTION: forcing a failure. [ 244.509598] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 244.521574] CPU: 0 PID: 13728 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 244.528947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.538311] Call Trace: [ 244.541021] dump_stack+0x1c9/0x2b4 [ 244.544676] ? dump_stack_print_info.cold.2+0x52/0x52 [ 244.549892] ? lock_downgrade+0x8f0/0x8f0 [ 244.554068] should_fail.cold.4+0xa/0x1a [ 244.558160] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 244.563286] ? graph_lock+0x170/0x170 [ 244.567135] ? is_bpf_text_address+0xd7/0x170 [ 244.571657] ? find_held_lock+0x36/0x1c0 [ 244.575739] ? __lock_is_held+0xb5/0x140 [ 244.580433] ? check_same_owner+0x340/0x340 [ 244.584768] ? rcu_note_context_switch+0x730/0x730 [ 244.589729] __alloc_pages_nodemask+0x36e/0xdb0 [ 244.594412] ? lock_downgrade+0x8f0/0x8f0 [ 244.598577] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 244.603607] ? graph_lock+0x170/0x170 [ 244.607428] ? __lock_is_held+0xb5/0x140 [ 244.611509] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 244.615943] ? __lock_is_held+0xb5/0x140 [ 244.620031] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 244.625592] alloc_pages_current+0x10c/0x210 [ 244.630022] __get_free_pages+0xf/0x40 [ 244.633954] mmu_topup_memory_caches+0x1f8/0x3a0 [ 244.638720] kvm_mmu_load+0x21/0x10e0 [ 244.642538] vcpu_enter_guest+0x3aa6/0x6090 [ 244.646866] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 244.651202] ? kvm_set_msr_common+0x26a0/0x26a0 [ 244.655875] ? vmx_vcpu_load+0xadf/0xff0 [ 244.659934] ? __lock_acquire+0x7fc/0x5020 [ 244.664180] ? vmx_vcpu_reset+0x1040/0x1040 [ 244.668507] ? graph_lock+0x170/0x170 [ 244.672309] ? __lock_acquire+0x7fc/0x5020 [ 244.676554] ? __lock_is_held+0xb5/0x140 [ 244.680620] ? lock_acquire+0x1e4/0x540 [ 244.684591] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 244.689610] ? lock_release+0xa30/0xa30 [ 244.693580] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 244.698853] ? kvm_arch_dev_ioctl+0x610/0x610 [ 244.703343] ? preempt_notifier_dec+0x20/0x20 [ 244.707844] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 244.712678] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 244.717698] kvm_vcpu_ioctl+0x7b8/0x1300 [ 244.721762] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 244.727461] ? find_held_lock+0x36/0x1c0 [ 244.731517] ? find_held_lock+0x36/0x1c0 [ 244.735591] ? lock_downgrade+0x8f0/0x8f0 [ 244.739736] ? kasan_check_read+0x11/0x20 [ 244.743884] ? rcu_is_watching+0x8c/0x150 [ 244.748029] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 244.752448] ? __fget+0x414/0x670 [ 244.755899] ? match_held_lock+0x821/0x8d0 [ 244.760123] ? expand_files.part.8+0x9c0/0x9c0 [ 244.764695] ? kasan_check_write+0x14/0x20 [ 244.768935] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 244.773862] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 244.779583] do_vfs_ioctl+0x1de/0x1720 [ 244.783463] ? __lock_is_held+0xb5/0x140 [ 244.787515] ? ioctl_preallocate+0x300/0x300 [ 244.791912] ? __fget_light+0x2f7/0x440 [ 244.795876] ? fget_raw+0x20/0x20 [ 244.799337] ? __sb_end_write+0xac/0xe0 [ 244.803318] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 244.808847] ? fput+0x130/0x1a0 [ 244.812120] ? ksys_write+0x1ae/0x260 [ 244.815928] ? security_file_ioctl+0x94/0xc0 [ 244.820331] ksys_ioctl+0xa9/0xd0 [ 244.823778] __x64_sys_ioctl+0x73/0xb0 [ 244.827662] do_syscall_64+0x1b9/0x820 [ 244.831540] ? finish_task_switch+0x1d3/0x870 [ 244.836034] ? syscall_return_slowpath+0x5e0/0x5e0 [ 244.841059] ? syscall_return_slowpath+0x31d/0x5e0 [ 244.846166] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 244.851534] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 244.856375] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 244.861572] RIP: 0033:0x455ab9 [ 244.864745] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 244.884087] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 244.891792] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 244.899051] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:15 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x109300, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000040)={0x1, [0x0]}) 02:30:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) [ 244.906411] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 244.913674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 244.920943] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000029 02:30:15 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0xc0045878, r0) [ 244.978987] FAT-fs (loop3): bogus number of reserved sectors [ 244.984947] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:15 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x4c) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000040)={[0x3, 0x7f, 0xacf, 0x7, 0x9, 0xad56, 0x7fff, 0x0, 0x1f8000000, 0x6, 0x400, 0x8, 0x400, 0x0, 0x40, 0x8364], 0x4000, 0x2}) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:15 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x13, r0, 0x0) 02:30:15 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1000000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:15 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:15 executing program 6 (fault-call:6 fault-nth:42): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:15 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x127c, r0) [ 245.205734] FAT-fs (loop3): bogus number of reserved sectors [ 245.211917] FAT-fs (loop3): Can't find a valid FAT filesystem [ 245.250404] print_req_error: I/O error, dev loop0, sector 12800 [ 245.256776] print_req_error: I/O error, dev loop0, sector 13824 [ 245.257939] FAULT_INJECTION: forcing a failure. [ 245.257939] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 245.262971] print_req_error: I/O error, dev loop0, sector 14848 [ 245.274755] CPU: 0 PID: 13771 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 245.288200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.297597] Call Trace: [ 245.300216] dump_stack+0x1c9/0x2b4 [ 245.303875] ? dump_stack_print_info.cold.2+0x52/0x52 [ 245.309100] ? lock_downgrade+0x8f0/0x8f0 [ 245.313387] should_fail.cold.4+0xa/0x1a [ 245.316773] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 245.317473] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 245.317497] ? graph_lock+0x170/0x170 [ 245.334044] ? is_bpf_text_address+0xd7/0x170 [ 245.338576] ? find_held_lock+0x36/0x1c0 [ 245.342654] ? __lock_is_held+0xb5/0x140 [ 245.346747] ? check_same_owner+0x340/0x340 [ 245.351083] ? rcu_note_context_switch+0x730/0x730 [ 245.356032] __alloc_pages_nodemask+0x36e/0xdb0 [ 245.360712] ? lock_downgrade+0x8f0/0x8f0 [ 245.364878] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 245.369906] ? graph_lock+0x170/0x170 [ 245.373744] ? __lock_is_held+0xb5/0x140 [ 245.377811] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 245.382241] ? __lock_is_held+0xb5/0x140 [ 245.386619] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 245.392171] alloc_pages_current+0x10c/0x210 [ 245.396774] __get_free_pages+0xf/0x40 [ 245.400675] mmu_topup_memory_caches+0x1f8/0x3a0 [ 245.405431] kvm_mmu_load+0x21/0x10e0 [ 245.409242] vcpu_enter_guest+0x3aa6/0x6090 [ 245.413566] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 245.417818] ? kvm_set_msr_common+0x26a0/0x26a0 [ 245.422495] ? vmx_vcpu_load+0xadf/0xff0 [ 245.426569] ? __lock_acquire+0x7fc/0x5020 [ 245.430813] ? vmx_vcpu_reset+0x1040/0x1040 [ 245.435153] ? graph_lock+0x170/0x170 [ 245.438943] ? __lock_acquire+0x7fc/0x5020 [ 245.443178] ? __lock_is_held+0xb5/0x140 [ 245.447230] ? lock_acquire+0x1e4/0x540 [ 245.451205] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 245.456239] ? lock_release+0xa30/0xa30 [ 245.460219] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 245.465507] ? kvm_arch_dev_ioctl+0x610/0x610 [ 245.469992] ? preempt_notifier_dec+0x20/0x20 [ 245.474575] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.479412] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.484445] kvm_vcpu_ioctl+0x7b8/0x1300 [ 245.488542] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 245.494252] ? find_held_lock+0x36/0x1c0 [ 245.498316] ? find_held_lock+0x36/0x1c0 [ 245.502391] ? lock_downgrade+0x8f0/0x8f0 [ 245.506571] ? kasan_check_read+0x11/0x20 [ 245.510731] ? rcu_is_watching+0x8c/0x150 [ 245.514879] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 245.519288] ? __fget+0x414/0x670 [ 245.522740] ? match_held_lock+0x821/0x8d0 [ 245.526978] ? expand_files.part.8+0x9c0/0x9c0 [ 245.531547] ? kasan_check_write+0x14/0x20 [ 245.535781] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 245.540708] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 245.546405] do_vfs_ioctl+0x1de/0x1720 [ 245.550304] ? __lock_is_held+0xb5/0x140 [ 245.554371] ? ioctl_preallocate+0x300/0x300 [ 245.558764] ? __fget_light+0x2f7/0x440 [ 245.562755] ? fget_raw+0x20/0x20 [ 245.566204] ? __sb_end_write+0xac/0xe0 [ 245.570176] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 245.575704] ? fput+0x130/0x1a0 [ 245.578983] ? ksys_write+0x1ae/0x260 [ 245.582776] ? security_file_ioctl+0x94/0xc0 [ 245.587172] ksys_ioctl+0xa9/0xd0 [ 245.590617] __x64_sys_ioctl+0x73/0xb0 [ 245.594508] do_syscall_64+0x1b9/0x820 [ 245.598487] ? syscall_slow_exit_work+0x500/0x500 [ 245.603329] ? syscall_return_slowpath+0x5e0/0x5e0 [ 245.608268] ? syscall_return_slowpath+0x31d/0x5e0 [ 245.613193] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 245.618575] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 245.623432] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 245.628611] RIP: 0033:0x455ab9 [ 245.631788] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 245.651230] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 245.658938] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 245.666291] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 245.673557] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 245.680828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 245.688101] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002a [ 245.723578] FAT-fs (loop3): bogus number of reserved sectors [ 245.729757] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000005, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) ioctl$LOOP_SET_BLOCK_SIZE(r2, 0x4c09, 0x7) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:16 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1260, r0) 02:30:16 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xffff0000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:16 executing program 3: syz_mount_image$jfs(&(0x7f0000000600)='jfs\x00', &(0x7f0000000640)='./file0\x00', 0x1, 0x7, &(0x7f00000028c0)=[{&(0x7f0000000680)="25321f9ef1f89595ceffaba2f170fe40907f36ef316d1d9411e1853a68dff77e5a07c7644b6600ddee44d4535391eef28efec2572dc148ef45d7f8c52752fb319890fac56dcda4309a9f0827cce35df0bafdb9cc2f275e02c489ea", 0x5b, 0x719c}, {&(0x7f0000000700)="804f5857aecf26dfa1d315e05378d239ac5a75aaf4766645bcfe9c", 0x1b, 0xfc}, {&(0x7f0000000740)="fba5538bc8feb9", 0x7, 0x1}, {&(0x7f0000000780)="4f0650f2515fce1614988937970087be96906c9caf4d7199d78117c5bc3302a478d3a05b36a9366b723fe174e494f97b715dfe1e1b6f70265286d721d3f5c42726dd56e6b62613d7447ca9c5301abcb90fec4eed2b42e05384502e639eb8c4acea745882f26df20ab4322ce09325dcd4c999fa40460dc9d5fdab6d4c3e55bcc27bd4", 0x82, 0x85d}, {&(0x7f0000000840)="a92f86bff56ee92fd676b221430f0732fec2736b0fd5320c573b540c84d155ba0ce36e599f88a95c7686e7858330d72e59b20860d7d7c6937d097fc18d66751729c877152726a42d7c771a144919b83cbaeef47ff80a63db63d5680a3a57bef926df8a22685b6ddb90e5f368876483c02011bc13ebaa98f8938642693fb8cf793db3300c8cf0139dd860f206dbbb3dd06e6b8837b53d92d826f9a8f420cbe0e352936673572dcef7f1fcb0186f5bb68d705b0442f81aa66f0eab7d54ca79d958e173cb0a631d02ac2723ae3808aa869699510596f57e74513bf5c5e08dc5019292960c536f8d38a62ffc81e72ffac745b016b6a177b3a32b6ad830e883c84be04a44d076f62aa6c896740d0458bba0bfe75c6da0986ea73f471d7cfa421e298737ba1993297dc671f721ff502f625b8028c6a40b0e39373238c7e76bc9328cfc617850f9586d6d959229ab70318ba706975fb7a98345bbb50f01b282f340971343815340e6f8e7511f3729bc9c294a4cf8e837b8e4b04bb3b389aa1bbb83961b501ad729e090da32979cad0f4d9ca98976f6805f33ebf2d826c2d6ef665cd6021152eea3b80496e986f51f8895f3e1c136ca65a01fb1a379eb6762f5d56ef73e98f8048bd2cb21a215623746528478f95297734e596a6ef5fe86f1c44da134bd2d9ad9c42d85eb110089665eb80edcc74ec598b0cc422d93ddd932ec5a6fdc3b2a44103213d4b2c246d948573a0aa06cb44008f79cd3818c7ebd88e448d46565ef021927af85bd946a89fdd07f934c8c25ef7fc57d9ed6486365130a05618e3c144ea278d4a73378784690bd68749fd83ab63412752d608c45845bc252a5df50351e1ead186c74922cc123f592fb7396d5b6ed621618043f8d7344ad8ef2e3572f6642d7408d0cc2399a0e2e4c92b1efce587aaf00a723583b165d3b75c3b4d251ee0ca886d8196f5041d61f091f9890f106d2e6ad1bdffabfef0059df54ec08a1c1edcefc8d8c335edfd0e95a582e174f540bef366bc3b52857cc76ff21fdb5ad83a3003e6d074656f18ccc7f8a71a229b5d28e01c05e120aa97d862999f12f5ab539efde9b391e8f8df2a24711fd4d962e87084cba44c16ec42d13d1136281e07f4a6c149f80a8af2cf5918fce6affb7f5990ea623d6f8892f6a8a958025df233143ee52b5440644e44d4304cca73e52caef1a2b78d39d51a82e1386b454ea1c0b2d2b3d1bf5f7015388b37ef264c7aca3beb71cbfabbbafa9bc6514bb82ab51ee4a16e0dc89fb608cc4730fe9720c1dd372511078bf45892105d760d88f13681e52d31c6e3db582e6878fc71dca4b3209978fed428d287002c4ca60a133dc124447b8de946cfe32e8ab9d832aa0e4f1d879d17e474140bc09fb8b6df0747f31267dec80119d5b51d6661913a8ab73ac2ee2d6ec31452e082de1f329568d83f517598a9298a9e5072931137a0b5b28fac05558a181142585f283c7103f4f95459aba5ad36d5c5923a50b7f97490db51853cda4d682957f2ea1f14232c38c989a90b9c6949134d781f08e2399724774a5bce210317f4921df77d1a8b2e107d18362fc03efde3a1a7799ff681d2720082b2502c9ffbea874b48a37d187e35753c9c5ca6d3cd9541645ad793bf86048a89ad1b3c7b5b624ed617496c9d59e25865ac04c46f844f1388b19de6e4bffb0c9c99d31c7007dfa833adda9d934a66dff6951b7b0fb61d5baea94f757c5d3370893ffa75dd1e2d3f9727696398f6681d04b33afba5f8b0a7adacb37471e1fdf42d7acd57e94a36ad872ae11dcdcc77bfd62b8d669ae05a09570df4dea13c2e77f89c7fd06a5719269d4088311676613fceae78e52e62db5720556dcdd1f3f569fe9518af1c5972284b1ef1c0aa195ffba38bc540c11dec9eb71bb6e71cda465b54e6c1ebb86f2a43e81ff77b8bd8ba2a229deabc1ab6b9ed9afd11a19b9af2e9d000a6b48bd349fa9dea4add17c80a8008875911769806758a1aa1bc69ff2e30e4862d4719013d2dd45af380fbb1e406cdadebf067df9bc69d2aeb79b957cdc78504adb77bfcce242e0b92d6522a0eacdd5f6c86fe3f674fcd6c29027cb996d1aa32708d36fa71d8463a6f90b13487e88f7dd1687395ade348536e9a52302739fa4bd85c0321fd0939ce0a2981fad3248612a7ff2edd259ecbff93ed8f9a612ae06fa48c3ac3c2e119835aaad8b469ef9c4d080db9a1170c55180a5073b084b04d564b90d9a276e717b00e249cd94be88c5673e0a0262f2735a18082fb24c09abe81b92413e560cd21952ae97c85a275bcca8f6b05330d7ab68b213f1c318b49c627f364d42bf9024cb32992a5808447438ba643fb5198dc24ee924441a8935c154561a689afe0096f992ec4e8a2c8b7d9f02296903c5eb54ced3d2d1820392e528bceef086c71b9ce0a457697c9d4d60db4d4dcb55fae65adbe0224b8c43a915f3d8c0c82e8c6a29860e94180a23ec36e06e9545acc4bd6232dde1f26c5bf1195aaaa5cb3e5e4840a81c00bf434988cd5ff0047e0523575bad7b4fee97d077fbe593f2806fe75594ca68d3737f67a67cffbdaa442581f718a58f8c7081c34e32f96b2e51be6e0be33be7b9356dbdd89738841e1898a4a2483cb2470068add696359be5d3ae6d3a65226bf4e5f72e496b64bf844147dfec7db1663cc15aafdab022caae9b22e699acb4ecc37a57d6159e84f1d11d7bf832967aa70fb86aafa72ec6c3ab29d6d79d3eb16af4c6d91a446d7da9632b4663ea71516803b9f2efe1dae9bdbdaf5ba7046c53458b8f5c24a5bcc3d47e9a5b24a0ca6efabd1019ab3a4d6b47950afff4a3c4ff89b19ecb3543318a84ef2a4895e40bd4a2d4330bee323599b5df26597fa202126aec9d10acc7cbf819b123c5fbc71bef5fb7963b20c1d9183a67c34ae7653714dae0728e829d4cf2ad02d576e4e42b575a8f9f0cec8249a308911aeb43065bbe9f9b9fb9004c451010f367ac9da2911a258ddd38e15c7c54bd45513768373e29df4b67ae9bf538c0b58dd2a5085afa5e6144ee8c09dc5065ad82317e75f084b25b13c807f8a99e81a3a648ad93aceb2c5af3ff83a3dbea033dfe6b44e96aad965df1dc4c28386d9504ceae8cc94bf756ba9aa612e2c52d8810eaa182533503c3ff00cb14194aae82df6e11e033536c1e67364fa810c1083bfa21c15aec496cfc072515185d207308d0864b238cb7f1ae23cdcc2800f69888a5ed8a28482bde9ec0f05e60966bd138c21ee2eb44d370d6e53c6fa1a391f088e70a38eae197a8bf46c9333389819d266506bdbd3042411837256cb637979025b3763161e10e6a39eb729ac3f92362b8394d3edea8a53838a09207fbaa19a6f0b6dc31c5f4dd4bad1ae4d126c1aebc6c593b4a758fc4e4b979cde3372697dacbb235fdbafa9c246332d4c3563286db0e0ff1a8b2768e96143ecb958b562ba30aaff465b7b976e8d3e69061bc5b3a146f22569610e731a760de5e5a8923bf6d097bd77c1bc72e6d634ba091d55c4e2aec0d5132806ed0e76900c15a7beeca6d79307b90f879df0759e2e28d26bdaf45f90d179cb98c82c4140cc090c5c08ce636b3f95d22c1cb695ca2e9a7e66c6d7441ebd033ee13b97c46a17ae34e4271548ef5727a8af0b127b562759893475f54c40681665c8aac06a37c56e2df6dd7ece4bc7005b261f541cac9d5f1a1f969221514ddbec646ece20c0e1e7d88f52ebd17975fa6bd80abb8a3253ea2b4c37612c0a2d9a12c8d10cdab64b020f1e79ac7f7d41c8532dbc6d9bf9aeb5c65d4728988ce88ace19e26f37ef2d1e1afd87c2ae39f29dcebb9d14d36b0de8495d79c3bb3fd17a0025a4a900d60c3c84219d88fd1b4738dff47255b86ab450cf57e5b8022974d7c8575c18dcea73a2c9bb1acb3d86f3ed0a871f382437dc8c953248d4b101f792823a4650c614ce1653101a7b283f7795c852339192105e80db8fd2d21eb046285266eb82224f749fc8aac9af5842c8c528623167d7c466d8efc99f0f334fd0752addd5cd08eebb11da9554f9a4fe5c7db53a6f7a90dc9926f40ffe1dfbc6a0794916a53a4649896fdf19892f1c7029f0507f2248aa3fd6d7f14f4c7667f367a4aeb90f0829ddf94df4645b3fff9cadac383c435cf137598e3a97384c12cfd92dab6741cdf10e507a193fc65973cfeffea8df00960def18d94dad33b346331dd088591f20aedc8b7d92faf7d8cf18f2fdd95e0a6f7abf232e989f1d645e80dfee81cc42cdfd4548e7c328c59273358940877219924c0a36b905e218dbac3c917f146360708c10f12531f7ec897fb058431e19a8c38f2f1ad9dc16b1516d4d98e8943b7ca9af77f5f7231786a369cc3817e4c55db1c6ec4891f58d8d78603d65f0cc0570b807d3ea0e97dc7076a24af8d00cc8de4b6b27079d7da599b49a866818167d56a0bb5ce59582fcce61893b6c72a555dd3af474e407c6a5f0cd4dc97368d19c16f6b2c1ee0bbc18548565cf2b0043b9cb7a6e412782827a59a77067b31374e2fcad94c6a577751805f687d9d02443babb5e7a9e6d6a89bfd1e7aac19bcc6307ad2156efd6f158a099053ccc2d89b88304995302c6b6c9ca6c13d2fca315b6aa5ae515c5b1224d124b8cd1a059331c3e39dec7ac0b0f351a516e1f5bb0476a79d15181791841b69db4b7159eca603aa18833eb89f94a82bbcb97b9512a5878b2c2a9a99b5b9f0b799fae7cb48678ed0691251463c8b55f08df88dcdea4007f30ee3aac3a8f024d0048caff541a6077eb4d94efe4608f30e0a1218899ed7b1a53299460293d5abd9820c1e4121c307a4a1ef8b109ddb12555ceed21df53cee980e7ff7a7904bca290455910068e9bcb02f3eecb19aaddd55b2797d5364445de1976c4692952f227d7640e95dce5784dd45d8d8a2dfd9987733601cd3853194ae8f4f1a803fe3c8412eeee57d4b1fc4b855057613dc7c830a51701089460dc32c79b2e775c40cb1b250a5bb08098eb420a075c1c6f53fbb9755e5e5cbace049a5e0c3aed1816244f0b63d53dff5a69266b0fdf309a4265feea40fafa237f42c959d2271067079c357a948ab0ac4ef3b683124d58ccb9f43e28ddee3f4c9318452fd49e7a5d4b9bee14ab42be561f3b7298d33a34d2e394e465dbf4f780d32ed3d86bc9b5d109a2772d6a20e1d0ecfb94c326b8c37b0309616ef99e1f8cfaa06be6e3ce60a700f0c8ac0928a959e738944732aedbb30b0a3a3008b58675f75aa13bcb0bc2a52842aa45c1c9e2ce16411ebc64d1fb60c6d0a7b18bfe850df4fbf5a47518da6fb3708645e4bf3d39aaf87f1823f9669c0bc4e284e02ca7db3d9388527c03194f3983e0952a7cd02394b4860e32097f9eded33564cc7ab373a40dde3ea79c22c1e6c913cf7be6383cef11cf45bc86c94a82afe410e31ea6d9cbbd70c38c66cf179bab0687ff7db717ad37d5ddf33529d71dc156919e778763c205ae1168380319fef70679a5bf8e887faf468f0e9c3a856c80b64f82baae7e9d89a553ea54a35d249a22992ce183c1f11dd05c0c4743af1b9c5e32c513820c3965be576cc0442f1a1e83011d664295f5d7b70d1c0822396c50099834d6075d5a66798271eee96ab5580a82faf80990e66f45eed0aae0232469235b774a63c04920943850c50b28bb7478d8837000913e6f36149d2612b810d8d65523068e910894795717ae627b48be5537ddf023366708a68c31372cc41d1edf083d0fb3147972ce0cd29b22d29106aaa963625798fbf1d23bcc21ba205b6e4c49c1491", 0x1000, 0x9}, {&(0x7f0000001840)="7548ab78716b2c30f4af368c60732c11afd9486efdc402d88f80227e3dfff60fc6a817aa238e660ed5f08105f040fb57d84975715a87c64d8026a5c8d0a0d52b9ebb440a", 0x44, 0x5}, {&(0x7f00000018c0)="9f8d7b3e4a5332afef5b31384639417150304ba67a2731cae4b3b4106f2cd75cfd10fefe8c0a4c59d0e23483750ef4ca2e5ae3b078b9b96557dd55a64b4eae32c2688dcff5cbcb6c1dcffa9bde677f288eccfba47a1b8967bf9d5ab868d8c691b40cbede3bae124301e322cd3626692fd0b419a5629d30ddd13b8d984df8ddc5075d99cdbbc05e3516d7582ee5ded54662a911844619803ec4506c76490d21fcdc965882f22eece0be9b338c83697f8604c84e1965744a6817d90e1b421090e72c983c5522eadbdf0967c799b92efb71630fc5e59bec4343cce0ac0717aaa692ba6dc79ee216a7bf9604dd79da2dba0c2ac2e3d42b74190468e202977e85b003f596e4c5fc9d9733636f09ddc7f38bb8a85b65887710bf2329aa0c9ab73d15b2eb23aea885ad7acf3cc0c91e2956a54e991d6be0150f8b7ef8c0529b1ed007dd52294f4ca0627d61bc20e8b99f76f8961c9a02e30d9b15003e6671242dad80bb489fa900643e8fc35978633ee5ba10e7554b67a45508b35435a2cb52df0c8a928e2e308a7722205474973b271b9a58529badc531f5d9aef4e16c58005e955f6f55c99d707250c783710be2a12ebeb35e016f9f9c08fe7e9e6c75e2c014ba6a8999ebbcaf6337d675ea2567736d72787af7b6e0d2c69cd00294944d1a1699312fd8d4992ea9af5e10849ece9d8ae7a5d7d9519aa76b0cc9d4e9a66f87101153339be9df0690ed90bc0a1ec6c733921799b85836900a72e643abd4da350dbba2c14509ce919a26e90892266e0f7347be37312922a5b84b5691795f4f2f2dff462653895e6637ee5900ef534719e89ff7aca623c924773f1dc26c57d9aa5aea82982498d84c363f4b045b709fb75d6e1ed0ec93452428960874770e89d26bbc170df75449f4aea262843669254061d4d7b8ec72dea94330887731c93e8675cacd1aba297cbafdc046cbc4dc073668debded3b516d188bfbb88720cbc34b79f450686bbf4edb4b1a427f828e4318e77dea3a3db3901f4d9415a8b077bdb46b4b387fd891849b9225d2e7daecc232f8ece094d9e959df472aed2360f01417aaace4816e32d48dd557ed876f1d32f2f18f9757fcea03447bda56a895183a09d7c4794332f5ad587ae551efab726d9464082d06d00bef6a7ddd69b6e93e2d86b919d978a5f8c805bb5f0bec9556d82a5de70b70e8365e89db51f2c2e3f2eac69e99a2ed428be9c5c20f7281317534a09de6a32af389204f5df66374ae680a57f572210af49a3ccbd2a2654535412cb329100bb02b63345f0439205a448905431168b129e13cbf7f0bc09245981982ddfd6e60eab5bd0c895612c08432350035e4e899058de551d2561bbf1100830aa9068adba5b3d263a3e4fe6e77224de02224711079696d3d08426de8893fec9fd84fc49dd32d9dc37975411ab35332ed21c8585c355d7659cb2f0fad5f2e439242d65d0be5f00ecedc8c54f659fd51dd47ad5b183143b89a667c525040cdfc8ca77b503e71fa12c774f54ae8e583f88d842e963705da6a399919dcedee54b7dbb86e5ef1b2c940a033128534f59304dee93bb01ba75ac83dee776c0dfde0aaba1e58b5335b45781bf337a9521d550cab425c40a8e833c21abb7646fef59a1d777d9eb3aa5334173ff4172834dea4847159b26f375e3a89c96c4d5e3a10ae8ca2ede30915584dab6036be2983fe9c71c3ddc7800684828d0a42c9a1171cf5d2ec5da402b98699d3097a685f8f371f895676651d97d3f9fcc711464682a5e1478e42f7fb2afdec48168138cae519527d7314a21dde58fda958c03abb0cde8f5b6955ff86469786cb8fe4c7e897ce2bf28f0c3726c576a43ee919f7ced478e7406ac5c4979656e5d4d8e7fb91fa00b88ab1f7f2b3cf16027ead5999c732c3d1462b85700e2b11ee334980c307004edf69cf856453df5fe49ecd768bff0ca412c5f7cf78d30817915d0db9c9ce14a3161ab391e2d2f96550f3d195d98998fe90c3a1104b8a4678f3222c9899dffde834c8a43097772b504cfc1cfb542314ca357daecf41bee01f959813a5bd3f201d029952418785f657e33671234631aab474d11261c46baaf90da3dd67382d15c685ff29e1d0c50dad20d59edc1dcda4c4794c3d7f8671cec3362e5ccb4a66a1c72ee68ba0aaa8250c39abc72242ca0f7d32d55a7182030794160933aed2fa403f1390904d3d998bd37dd89de5ff86f99751359b959612cc784808e2ce186546f6c6c8638e36d51000c323dc1a55e31b39ed576300bb9087fcb4c5f7239bb37b86f5bf68f3decc44888748ff799070672e9271aca5e37038d06db37a59ca82580af6f00ca42b91044bd02bc4890b1a0ee1a0a2c22fe12143f3771867c7e0c26e1cf71d48cfa7838f21e32dbb467587ce529f1080138f882af590ec302f818918a7cf1366e9805c653ae7d2878b11cb3d01c8bdb7abf7bae13cd0ff2aa9cc994f00c020136fa16c54debb285e53ae3722b0e4fc7dc7957b1942c460cab50451ac4848eaa6efeebdcf084d009aa92984775054d1d46ea9bf0173b79ae2864bc5c9aceff6b322f189878921204cfd4fea17351100ed3450f61f25a6875305448fbe1921a8ab01b32ee5c5750f1928149a0b273e540a5a8a61d2fc48daa514e43bfc6eb7606c061e9ae984a60d8632dea8910be15f1468792464ca54172dc661273f9221217de3cca9e6dd0f57cc71289ffb404a60b5d13cc2e7ea1fa813bf1b051ac76c529ab5e3b13846712572008e1385406322a3b9ddd2947e542cae7f4e75d5adbc6f96e5666fe70f935d62bc2f8d2d2a6dc6e3dfbc8874f798f58b5159256e531c7c4e9a7df120322fa29504326597dfc461305ef9e8e54801e8c0f733ab205778882d143fc1cb653fe15c1fd8181ce1c6f7b9e7adcfdd65a160a557e949a27ae9a6135bf4a017e4aa28bd28b7f67a3d7e0158778e9b82952cff87852a65b19c353ae2befa5da440fa456370d3e95337655e27327282f11bf3d1db638fb6623a0dcaf4b503b06d0ca710fde7dff4b92f4412d1ef09252eff8dd9bb592d1fe7a59b71ac510105f7e2a3f1fc2d4d5bbf90c7bcb714f598212fe5f125e4d76e96c108adefeba74cc2ab0dfcc269a2373f071ed05355466aaeec0c69480db40a997bffcb168186215b1cc753a53ef0b5a3671e681579559f3f55c20eb72d3e8798241a7a6b0f71c1d444235c7f976b68070ff5deab30bbc1e5974a976975c6a1818efd0c30d7e18909c875bd2f357e01fec067f99cbc9d69b65b526f11dda8f1c0ebf52de03943130ac53728ecb623264b6a37a1510a16d6dce8e4d4d28ac107f63a5d9171f9e3e27a3ebd8b5336bc4d159599b302773a13a069a1c5fb67c280319c210b4e16f0428a3f1b8e7b05e80606b60ce1399e75042324a68a9648ada8a1a826f734c27891ae5020dad60b434455f9a589a6fd48212b9e6af6f741bc0b74e03873be6a42db5d973fff1a3a7fe395d4161307794c79490b86b310a7a49fa5f7688bd671f030ef54f9929b27b546157ada143390a6eaecaf33f41907662f48c4899c4ce1223c7c4eac8f80e0cd39c8e284cf4ca7d158acf4ec371c9a9c862f74618f948ee2f40757bdbc97f8894be2e4b1a1c50eaa75075ef4233c7eaa54aeba2ffddf022c84784ab9b52b406bd61b2eb2d90c9dc2b80ba2bac37946dc927967e6863ccffc36080b8b79d904ef58e6ba9c8ef06ae2c82a7c267e8387e1dda48e1ec7c741380579df4bfde4d480de62f893dbf3fce5cda72ca0c1e6644f8a80f05d1f3d2e3e8de9cd4d64b24e3e27e61faa7e6fc25efa26db50a85f0170f5e18a348848a05bed6126e3cd67ca2a1043da3f60a530ec34f651691a63a9f0e21da39f0bc80b2aba85f11b839af09c5dcee909397ae0961f2f7d2eb5ebc8479cebb1ec876635969ecd8fa02f21676225c0108140b04179446b6240d174584e63fbd19074bbf3f49404baf0afa0bed2dc8e4e44b4e5dbf990e013c006c94c0322c6e1b0c7234b300591ceb19a622d334ebccd22447735a16bda3a5871e36ac803fa35a81de87d5f97fc2eff395ae5aee3a16f4692b6f890e1ce53a2f5ef9fa571e7e4c6cd66d2f3ec919f3956b40289df9d0c88ba8464abef61cb4e5cdb8dc541c957257415370ff092df548c77098a9af5b891ae2a53051a76cda21fee7355356144b11b7852a5d939e467a3de1c4e868a7b3d360082b4fb5602ebde35294a5cac65e58d769572777312e0e41f4baff7982985d9a93e0f4ede2c7bb2cc48983d05f4e13efcf37144704f5705c12e0d9c96913a9284ae56c13c37869771de72d706f9833fabf31dd7dbaa615a0bf33be43811e498ed086c3da08a6d0157445e77d3f6da1b25d60be9e5daa65c2d7f92199ca1f6e358c9361db4c5c3cba2c85c7c1346696e2699711dba86cad851b0a390e67f05f5c5b9d60b8be9651cd4f76bde5803feda2099ec97388b0f3aee78eb875598858cdb1048fb4a86c376d45f563899cd0a67bdb0e924391b817a9d4763e06f7c303211d7ef1b934da3ced2539b0401db3ece7e268a0d2601467b24decc3ceffed2a1865a1bcf556062ea2bc0f9f314a942057839872ddaa200d0b2b608ac544040d8895c631aa313d3c6496ed630e7f549c208e7cbf81b2c902d000b6f7f5cb07350005bee9820c0f8b6063224ef27ca1a8232e09bb7e72005ed629beeb5b14559296f9828142945c4c403fcd55887d71cada318c2f22ebb0d08f1f3a12c61dc3054fcbbf53a6613909125741c7eca88285c18ef6703ad55f4e53204ee1c8c95871ab09fdddc80fb583e30a0139f6176f3c0e8b94edac67c9805dba6d4f92d9cb7e4b51a2acdabf991d987f19ab2690660a8d80c15dacafc2025a308ad1305bc12819d5e1cc45f928c64e4654a5e16189918b0716eeb4a9386feb381373c73476df5c60e085961c9f7351bc94fb421b6cb39747a47ad6f8fb617ecb4a096ff9c64c66a2428e9f929fedc5d78f8d20479b45510994cf6f9f8a04bcfd308cbe878a473160d0241c6be4c7fa15640d1c40dcceba3a634277d8764d6d255b8ae6a64011a05e7dbf2bad3ff3b17adf79b1a96d2d0bfe2109c26092ae410b3f36e820cb1c6ebb266a11ea96eda508a30a721421a2c486d00668abd1951c03211b210051bad0a6eb0a33b33ed65c3a5dbf4150fd4320dcd77b987e25563326c844bb0460ee1c855f6ee64337ef04a391ea8ef07b8ddbac0030fa75155bf591a0b37535fe9b8720e29ca9f8dc8c2ee0084c1596f2b381a0e7cd64a296bde1488f531dd1b0d5ed2867dfad4b0af5bf61f608f4072228e8eb2a540e57104e5ae0651a54ca643a749bc75913333068a7643ec3a6409042276544862047ba39b23c058684e35acc62dffb4e0439cc7739f6ad80aa72747229aa11b29420d39705d6e9330cf97af5246bf758987df718f96cb48cd58ac6a79538c14b694bba3b2f11f5a4cdc5b6f5c2c22fcb4affacf7353e7e4da64cbcfb9adb7ab82cdaed76fe5bf0a8d5794931b883606212682741f83e422387c2b884d8da62698c440215001b25b8c3a6e3944cb35e1a1ff4ba6596007c40c23cdf3b2f98b4725aa723b6fe3eb667f84205cb499b0fb6a2337e27b347598d5c07cbc02a8d912d6209473fbc7dd1c1056e089dbd8f8ebfcd1a2679b7e272757a7d1dcf618216143776db68a01ca188d2cf756d7a9b87f5139774b8bd748b8bbabac4f1bb35e97408e5458a9932456f2f6768ba1809218a7f491df88006e1f6f80e74d5c389beaff73c9", 0x1000, 0x8}], 0x800040, &(0x7f0000002980)={[{@discard='discard', 0x2c}, {@nointegrity='nointegrity', 0x2c}]}) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f00000029c0)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x10000, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0xffffffff80000001, 0x0, 0x7, 0x80000000, 0xcb9, 0x2, 0x6, 0x7f, 0x359, 0x40, 0x2cd, 0xfffffffffffffff9, 0x401, 0x38, 0x2, 0xcc5c, 0xdd, 0x5}, [{0x5, 0x5, 0x8, 0x5, 0xff, 0x5, 0x6, 0x3}, {0x7, 0x200, 0x4, 0xcd0, 0x6, 0x4, 0x0, 0x1f}], "b9659a92b9380d7a5b5af77dce79b29129d31c57ba9e29b39a75efe28c0a7eb93b13771d2610ff36aa9522c1811b3afff2211ec6c1838ab18b422307258c8a9c16b4efd1bf3e9336568c6dc496876da0a60ca42837e434f0362d7ffb48b95cf8a6ae3208613bcdaa405488552451a0796f39ef434e8ee71fadff9e35120f8d62e45a5287d10952f7149ef6dccfd03cf711f4d3411aef8cd57c38c46564ec08999ead717c4164336d9baae04d31d7798e793def12128335227c9bdfda926f97eadab9f34d35ddf792213a682af4a3565c1226a5be4c94b23e19d97838551847", [[], [], []]}, 0x48f) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffa000/0x2000)=nil, 0x2000}, &(0x7f00000005c0)=0x10) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) 02:30:16 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r1, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(camellia)\x00'}, 0x58) timer_create(0x7, &(0x7f0000000040)={0x0, 0x31, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000080)=0x0) timer_getoverrun(r2) fchdir(r0) 02:30:16 executing program 6 (fault-call:6 fault-nth:43): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(0xffffffffffffffff) dup3(r1, r2, 0x0) [ 245.927253] JFS: discard option not supported on device 02:30:16 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x127e, r0) [ 245.997703] FAULT_INJECTION: forcing a failure. [ 245.997703] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 246.008747] FAT-fs (loop3): bogus number of reserved sectors [ 246.009717] CPU: 0 PID: 13813 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 246.015574] FAT-fs (loop3): Can't find a valid FAT filesystem [ 246.022837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.022844] Call Trace: [ 246.022869] dump_stack+0x1c9/0x2b4 02:30:16 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd0840200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 246.022892] ? dump_stack_print_info.cold.2+0x52/0x52 [ 246.049509] ? lock_downgrade+0x8f0/0x8f0 [ 246.053889] should_fail.cold.4+0xa/0x1a [ 246.057978] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 246.063098] ? graph_lock+0x170/0x170 [ 246.066897] ? is_bpf_text_address+0xd7/0x170 [ 246.071386] ? find_held_lock+0x36/0x1c0 [ 246.075440] ? __lock_is_held+0xb5/0x140 [ 246.079505] ? check_same_owner+0x340/0x340 [ 246.083843] ? rcu_note_context_switch+0x730/0x730 [ 246.088788] __alloc_pages_nodemask+0x36e/0xdb0 [ 246.093463] ? lock_downgrade+0x8f0/0x8f0 [ 246.097624] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 246.102662] ? graph_lock+0x170/0x170 [ 246.106506] ? __lock_is_held+0xb5/0x140 [ 246.110583] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 246.115021] ? __lock_is_held+0xb5/0x140 [ 246.119109] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 246.125100] alloc_pages_current+0x10c/0x210 [ 246.129508] __get_free_pages+0xf/0x40 [ 246.133405] mmu_topup_memory_caches+0x1f8/0x3a0 [ 246.138168] kvm_mmu_load+0x21/0x10e0 [ 246.141968] vcpu_enter_guest+0x3aa6/0x6090 [ 246.146287] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 246.150520] ? kvm_set_msr_common+0x26a0/0x26a0 [ 246.155275] ? vmx_vcpu_load+0xadf/0xff0 [ 246.159342] ? __lock_acquire+0x7fc/0x5020 [ 246.163580] ? vmx_vcpu_reset+0x1040/0x1040 [ 246.167894] ? graph_lock+0x170/0x170 [ 246.171692] ? __lock_acquire+0x7fc/0x5020 [ 246.175929] ? __lock_is_held+0xb5/0x140 [ 246.179998] ? lock_acquire+0x1e4/0x540 [ 246.183969] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 246.188983] ? lock_release+0xa30/0xa30 [ 246.192951] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 246.198218] ? kvm_arch_dev_ioctl+0x610/0x610 [ 246.202711] ? preempt_notifier_dec+0x20/0x20 [ 246.207209] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.212143] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.217250] kvm_vcpu_ioctl+0x7b8/0x1300 [ 246.221317] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 246.227037] ? find_held_lock+0x36/0x1c0 [ 246.231106] ? find_held_lock+0x36/0x1c0 [ 246.235178] ? lock_downgrade+0x8f0/0x8f0 [ 246.239327] ? kasan_check_read+0x11/0x20 [ 246.243466] ? rcu_is_watching+0x8c/0x150 [ 246.247706] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 246.252113] ? __fget+0x414/0x670 [ 246.255564] ? match_held_lock+0x821/0x8d0 [ 246.259794] ? expand_files.part.8+0x9c0/0x9c0 [ 246.264370] ? kasan_check_write+0x14/0x20 [ 246.268596] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 246.273528] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 246.279230] do_vfs_ioctl+0x1de/0x1720 [ 246.283111] ? __lock_is_held+0xb5/0x140 [ 246.287163] ? ioctl_preallocate+0x300/0x300 [ 246.291574] ? __fget_light+0x2f7/0x440 [ 246.295538] ? fget_raw+0x20/0x20 [ 246.299075] ? __sb_end_write+0xac/0xe0 [ 246.303050] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 246.308584] ? fput+0x130/0x1a0 [ 246.311855] ? ksys_write+0x1ae/0x260 [ 246.315650] ? security_file_ioctl+0x94/0xc0 [ 246.320060] ksys_ioctl+0xa9/0xd0 [ 246.323509] __x64_sys_ioctl+0x73/0xb0 [ 246.327389] do_syscall_64+0x1b9/0x820 [ 246.331269] ? finish_task_switch+0x1d3/0x870 [ 246.335759] ? syscall_return_slowpath+0x5e0/0x5e0 [ 246.340689] ? syscall_return_slowpath+0x31d/0x5e0 [ 246.345710] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 246.351074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 246.355913] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 246.361087] RIP: 0033:0x455ab9 [ 246.364349] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 246.383701] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.391403] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 246.398844] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 246.406102] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 246.413357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 246.420615] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002b 02:30:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000100)=[{&(0x7f0000000140)="2fc5278235cb36190f31649db91d9ed8b79a4935756b17127b75f456deeb59c62d9c5e1b4ab38062ee1379ffbf2e92379f1ee6cae01672", 0x1}], 0x10000000000000f8, 0x1081806) dup2(r2, r1) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r0) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000240)) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f00000000c0)=0x8000000000000) ioctl$LOOP_CLR_FD(r1, 0x4c01) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000380)=""/4096, &(0x7f0000000040)=0x1000) sync() [ 246.483184] JFS: discard option not supported on device 02:30:16 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x0, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:16 executing program 6 (fault-call:6 fault-nth:44): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 246.546095] FAT-fs (loop3): bogus number of reserved sectors [ 246.552099] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:16 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x40081271, r0) [ 246.601105] IPVS: length: 4096 != 24 02:30:17 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1517f, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 246.692180] IPVS: length: 4096 != 24 [ 246.693668] FAULT_INJECTION: forcing a failure. [ 246.693668] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 246.707937] CPU: 1 PID: 13865 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 246.715300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.724640] Call Trace: [ 246.727221] dump_stack+0x1c9/0x2b4 [ 246.730835] ? dump_stack_print_info.cold.2+0x52/0x52 [ 246.736020] ? lock_downgrade+0x8f0/0x8f0 [ 246.740184] should_fail.cold.4+0xa/0x1a [ 246.744237] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 246.749338] ? graph_lock+0x170/0x170 [ 246.753145] ? is_bpf_text_address+0xd7/0x170 [ 246.758667] ? find_held_lock+0x36/0x1c0 [ 246.762757] ? __lock_is_held+0xb5/0x140 [ 246.766812] ? check_same_owner+0x340/0x340 [ 246.771132] ? rcu_note_context_switch+0x730/0x730 [ 246.776057] __alloc_pages_nodemask+0x36e/0xdb0 [ 246.780716] ? lock_downgrade+0x8f0/0x8f0 [ 246.784853] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 246.789859] ? graph_lock+0x170/0x170 [ 246.793648] ? __lock_is_held+0xb5/0x140 [ 246.797695] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 246.802102] ? __lock_is_held+0xb5/0x140 [ 246.806157] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 246.811685] alloc_pages_current+0x10c/0x210 [ 246.816083] __get_free_pages+0xf/0x40 [ 246.819979] mmu_topup_memory_caches+0x1f8/0x3a0 [ 246.824725] kvm_mmu_load+0x21/0x10e0 [ 246.828542] vcpu_enter_guest+0x3aa6/0x6090 [ 246.832854] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 246.837085] ? kvm_set_msr_common+0x26a0/0x26a0 [ 246.841744] ? vmx_vcpu_load+0xadf/0xff0 [ 246.845795] ? __lock_acquire+0x7fc/0x5020 [ 246.850036] ? vmx_vcpu_reset+0x1040/0x1040 [ 246.854345] ? graph_lock+0x170/0x170 [ 246.858136] ? __lock_acquire+0x7fc/0x5020 [ 246.862366] ? __lock_is_held+0xb5/0x140 [ 246.866417] ? lock_acquire+0x1e4/0x540 [ 246.870377] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 246.875397] ? lock_release+0xa30/0xa30 [ 246.879359] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 246.884634] ? kvm_arch_dev_ioctl+0x610/0x610 [ 246.889116] ? preempt_notifier_dec+0x20/0x20 [ 246.893612] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.898456] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.903467] kvm_vcpu_ioctl+0x7b8/0x1300 [ 246.907542] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 246.913250] ? find_held_lock+0x36/0x1c0 [ 246.917306] ? find_held_lock+0x36/0x1c0 [ 246.921360] ? lock_downgrade+0x8f0/0x8f0 [ 246.925525] ? kasan_check_read+0x11/0x20 [ 246.929668] ? rcu_is_watching+0x8c/0x150 [ 246.933802] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 246.938201] ? __fget+0x414/0x670 [ 246.941640] ? match_held_lock+0x821/0x8d0 [ 246.945859] ? expand_files.part.8+0x9c0/0x9c0 [ 246.950429] ? kasan_check_write+0x14/0x20 [ 246.954650] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 246.959583] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 246.965301] do_vfs_ioctl+0x1de/0x1720 [ 246.969186] ? __lock_is_held+0xb5/0x140 [ 246.973325] ? ioctl_preallocate+0x300/0x300 [ 246.977813] ? __fget_light+0x2f7/0x440 [ 246.981771] ? fget_raw+0x20/0x20 [ 246.985218] ? __sb_end_write+0xac/0xe0 [ 246.989184] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 246.994703] ? fput+0x130/0x1a0 [ 246.997967] ? ksys_write+0x1ae/0x260 [ 247.001757] ? security_file_ioctl+0x94/0xc0 [ 247.006152] ksys_ioctl+0xa9/0xd0 [ 247.009590] __x64_sys_ioctl+0x73/0xb0 [ 247.013469] do_syscall_64+0x1b9/0x820 [ 247.017344] ? syscall_slow_exit_work+0x500/0x500 [ 247.022173] ? syscall_return_slowpath+0x5e0/0x5e0 [ 247.027089] ? syscall_return_slowpath+0x31d/0x5e0 [ 247.032013] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 247.037369] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.042213] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.047390] RIP: 0033:0x455ab9 [ 247.050563] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 247.069792] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 247.077504] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 247.084760] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:17 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000000000)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) [ 247.092020] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 247.099274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 247.106526] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002c 02:30:17 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) signalfd4(r0, &(0x7f0000000080)={0x2}, 0x8, 0x800) pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x4000) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x4) 02:30:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(0xffffffffffffffff) dup3(r1, r2, 0x0) 02:30:17 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1261, r0) 02:30:17 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) splice(r0, &(0x7f00000000c0), r1, &(0x7f0000000100), 0x1, 0x6) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r4 = semget$private(0x0, 0x0, 0x1) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) semtimedop(r4, &(0x7f0000000140)=[{0x0, 0xffffffff, 0x800}, {0x3, 0xfffffffffffffffc, 0x1800}, {0x0, 0x7, 0x800}, {0x6, 0x5, 0x1000}], 0x4, &(0x7f0000000240)={r5, r6+10000000}) r7 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r7, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x7) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r7) ioctl$LOOP_SET_FD(r7, 0x4c00, r7) ioctl$KVM_GET_DIRTY_LOG(r7, 0x4010ae42, &(0x7f0000000040)={0x10000, 0x0, &(0x7f0000ffb000/0x2000)=nil}) sendfile(r3, r3, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r3, 0x4c01) sync() [ 247.215687] FAT-fs (loop3): bogus number of reserved sectors [ 247.221665] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:17 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:17 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x5451, r0) [ 247.352933] FAT-fs (loop3): bogus number of reserved sectors [ 247.358933] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:17 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) clone(0x80400, &(0x7f0000000100)="9397002aeaf15ec690b07ff57918f6ad50459f475cb2cd53093fe5c6b0f871401a2d79c52690ce9b238036c2bc5d83a88b5946743c938c9d7d458d346999e16cc37b38fdf94d76230c3ef927dcd108aa2930b70c53764719d493df64602c66cf184c8cfa149387c29f4da4229a1686283c89a3ae4527a9dadb2ac771597d4d0a0dfa36a0a3d231202b1396a850b272de270699070272d89db6b2a54b0e0fc677f55e00c31f720894e5d51198adc827a28f36a4a5e2800c1b9565c129dd2936ce561647a917e5af6121aea5b0fd6962d05f6ff310f69ffd8b8e4620e3b596bfaf", &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)="919a5567e7be73a4aac0d6e3dfedf71ff15b8c526f5b2a4119e0421ea0181fc96da13071c7") creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) dup2(r0, r0) 02:30:17 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x0, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:17 executing program 6 (fault-call:6 fault-nth:45): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:17 executing program 4: removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="747275737465642e726e6700454dcffada04dcb892c13ff48792c44113cb29bd1018d7dd9b7c402f1b9e225cbc7e6dd837eddf4db2640785321f6b2243e0b357cbfd1f6818b271c1e112bdd634e163561e1327fe52a643d8c84a590b59849c1eefc5e13b325cfcf69eca8f5121d7d4fca9391939e16b2a2c62499825b31c070e5e8d70cba2c214eace294303989010cd80323a7ef8757a2e3870b0b7cc1eb3e84bcaceb1e89e084a9005c6f617ca2553c9efab2639df47d2af6105db12a8a7a5919ad5456c49cc565a26496a3772b3cfb466461d405c47836316776fbd69f329898f1ab6a1c6ca3a1cd8f1f72f8aeafb7425221b69a6f677d366528dc02731f29b5fd8e2da679967950e2fa30c97b46078ad499b83ab65fcb7ad66d97db7ae644078"]) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 247.515685] FAT-fs (loop3): bogus number of reserved sectors [ 247.521627] FAT-fs (loop3): Can't find a valid FAT filesystem [ 247.628108] FAT-fs (loop3): bogus number of reserved sectors [ 247.634102] FAT-fs (loop3): Can't find a valid FAT filesystem [ 247.680912] FAULT_INJECTION: forcing a failure. [ 247.680912] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 247.693312] CPU: 0 PID: 13925 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 247.700685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.710056] Call Trace: [ 247.712663] dump_stack+0x1c9/0x2b4 [ 247.716315] ? dump_stack_print_info.cold.2+0x52/0x52 [ 247.721525] ? zap_class+0x740/0x740 [ 247.725275] should_fail.cold.4+0xa/0x1a 02:30:18 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000000000)="e2fa15a687324b04a2eb1c55bbd5da28", 0x10, 0xffffffff00000000}, {&(0x7f0000000100)="a4d46228b86d98f1418e2b5dfbe8fc2f0ca05a6fdecc8af1b1be858066a1cc0f96a59068ac309334ba39b36541ec299ff728f0996ec19317eb5f850a6b193eb74089d7980e9a3cb449ca4151de25c6283c90eafd879e9bf93b0538fbed1a384d47ce67845e4144f90d2d65ac265bb3e293df154b4e6340281c563882f639", 0x7e, 0x1}], 0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="29e1f2d227e1ce8f796aa9cc262eefb8bcb16bb87010a85c7c815ecc75c2cfc5370a0d3efa356e4353621d5f235a78", @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYRES16, @ANYRES64, @ANYRES32, @ANYRES32, @ANYPTR64, @ANYRES16=0x0], @ANYPTR64=&(0x7f0000000240)=ANY=[@ANYRES16, @ANYBLOB]], @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="5c1b221aef5d2106795e050a645bf536725319df5396bb9e929bdb"]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3ad9060746764ab7, 0x0, &(0x7f0000000180)) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000001, 0x11, r0, 0x0) [ 247.729361] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 247.734485] ? graph_lock+0x170/0x170 [ 247.738308] ? is_bpf_text_address+0xd7/0x170 [ 247.742840] ? find_held_lock+0x36/0x1c0 [ 247.746923] ? __lock_is_held+0xb5/0x140 [ 247.751021] ? check_same_owner+0x340/0x340 [ 247.755366] ? rcu_note_context_switch+0x730/0x730 [ 247.760413] __alloc_pages_nodemask+0x36e/0xdb0 [ 247.765113] ? lock_downgrade+0x8f0/0x8f0 [ 247.769284] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 247.774328] ? graph_lock+0x170/0x170 [ 247.778154] ? __lock_is_held+0xb5/0x140 [ 247.782233] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 247.786675] ? __lock_is_held+0xb5/0x140 [ 247.790765] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 247.796336] alloc_pages_current+0x10c/0x210 [ 247.800768] __get_free_pages+0xf/0x40 [ 247.804673] mmu_topup_memory_caches+0x1f8/0x3a0 [ 247.806154] FAT-fs (loop3): Unrecognized mount option "18446744073709551615ÿÿÿÿ)áòÒ'áÎyj©Ì&.︼±k¸p¨\|^ÌuÂÏÅ7 [ 247.806154] >ú5nCSb_#Zx€" or missing value [ 247.809446] kvm_mmu_load+0x21/0x10e0 [ 247.809474] vcpu_enter_guest+0x3aa6/0x6090 [ 247.809501] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 247.836515] ? kvm_set_msr_common+0x26a0/0x26a0 [ 247.841201] ? zap_class+0x740/0x740 [ 247.844949] ? vmx_vcpu_load+0xadf/0xff0 [ 247.849024] ? __lock_acquire+0x7fc/0x5020 [ 247.853269] ? vmx_vcpu_reset+0x1040/0x1040 [ 247.857586] ? graph_lock+0x170/0x170 [ 247.861411] ? __lock_is_held+0xb5/0x140 [ 247.865472] ? lock_acquire+0x1e4/0x540 [ 247.869440] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 247.874450] ? lock_release+0xa30/0xa30 [ 247.878421] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 247.883688] ? kvm_arch_dev_ioctl+0x610/0x610 [ 247.888170] ? preempt_notifier_dec+0x20/0x20 [ 247.892665] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 247.897505] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 247.902541] kvm_vcpu_ioctl+0x7b8/0x1300 [ 247.906593] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 247.912309] ? find_held_lock+0x36/0x1c0 [ 247.916373] ? lock_downgrade+0x8f0/0x8f0 [ 247.920517] ? rcu_is_watching+0x8c/0x150 [ 247.924655] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 247.929242] ? __fget+0x414/0x670 [ 247.932687] ? match_held_lock+0x821/0x8d0 [ 247.936928] ? expand_files.part.8+0x9c0/0x9c0 [ 247.941525] ? kasan_check_write+0x14/0x20 [ 247.945748] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 247.950674] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 247.956376] do_vfs_ioctl+0x1de/0x1720 [ 247.960258] ? ioctl_preallocate+0x300/0x300 [ 247.964662] ? __fget_light+0x2f7/0x440 [ 247.968625] ? fget_raw+0x20/0x20 [ 247.972072] ? __sb_end_write+0xac/0xe0 [ 247.976043] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 247.981569] ? fput+0x130/0x1a0 [ 247.984840] ? ksys_write+0x1ae/0x260 [ 247.988635] ? security_file_ioctl+0x94/0xc0 [ 247.993139] ksys_ioctl+0xa9/0xd0 [ 247.996583] __x64_sys_ioctl+0x73/0xb0 [ 248.000550] do_syscall_64+0x1b9/0x820 [ 248.004447] ? finish_task_switch+0x1d3/0x870 [ 248.008948] ? syscall_return_slowpath+0x5e0/0x5e0 [ 248.013867] ? syscall_return_slowpath+0x31d/0x5e0 [ 248.018793] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 248.024151] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 248.029076] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.034271] RIP: 0033:0x455ab9 [ 248.037443] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 248.056773] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.064477] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 248.072072] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:18 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:18 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c06, r0) [ 248.079340] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 248.086607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 248.093867] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002d 02:30:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(0xffffffffffffffff) dup3(r1, r2, 0x0) [ 248.145205] FAT-fs (loop3): Unrecognized mount option "18446744073709551615ÿÿÿÿ)áòÒ'áÎyj©Ì&.︼±k¸p¨\|^ÌuÂÏÅ7 [ 248.145205] >ú5nCSb_#Zx€" or missing value [ 248.216759] print_req_error: 1 callbacks suppressed [ 248.216770] print_req_error: I/O error, dev loop0, sector 0 [ 248.227860] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 248.236951] print_req_error: I/O error, dev loop0, sector 20480 [ 248.243272] print_req_error: I/O error, dev loop0, sector 21504 [ 248.249458] print_req_error: I/O error, dev loop0, sector 22528 02:30:18 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x1500000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:18 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400080, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) [ 248.269361] print_req_error: I/O error, dev loop0, sector 8 [ 248.275226] Buffer I/O error on dev loop0, logical block 1, lost async page write 02:30:18 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x401870cc, r0) 02:30:18 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x0, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 248.360795] FAT-fs (loop3): bogus number of reserved sectors [ 248.366755] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:18 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000000)={'veth0_to_team\x00', 0x2}) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x4, 0x10000) execveat(r1, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0)=[&(0x7f00000001c0)='\x00', &(0x7f0000000200)='-GPLcgroup^&vboxnet0(!&#(\\\x00', &(0x7f0000000240)='rng\x00', &(0x7f0000000280)='\x00'], &(0x7f0000000540)=[&(0x7f0000000300)='posix_acl_access\'\x00', &(0x7f00000003c0)='@&$wlan0ppp0md5sumposix_acl_accessmd5sum\x00', &(0x7f0000000400)="912b00", &(0x7f0000000440)='cgroupeth1selinux\x00', &(0x7f0000000480)='aead\x00'], 0x400) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x9, 0x448000) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r2, 0xc0a85322, &(0x7f0000000080)) [ 248.445971] FAT-fs (loop3): bogus number of reserved sectors [ 248.452187] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:19 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x1, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:30:19 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c01, r0) 02:30:19 executing program 6 (fault-call:6 fault-nth:46): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:19 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)) r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r0) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f00000005c0)=ANY=[@ANYBLOB="6c000000000000000a004e210800000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044b3af1a6ff24e990a004e22c2080000fe8000000000000000000000000000aa00100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2108000000ff01000000000000000000000000000100080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000000000000000005f52f20000000000000000000000000a004e2200000100ff020000000000000000000000000001ffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x210) 02:30:19 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x11000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:19 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000000)={{{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8) r3 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x32f, 0x8002) ioctl$BLKROTATIONAL(r3, 0x127e, &(0x7f00000001c0)) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vga_arbiter\x00', 0x10000, 0x0) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000540)={0x100000000, {{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}}, 0x1, 0x7, [{{0x2, 0x4e22, @rand_addr=0x5}}, {{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, {{0x2, 0x4e21}}, {{0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}}, {{0x2, 0x4e23}}, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}, {{0x2, 0x4e21, @multicast2=0xe0000002}}]}, 0x410) ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000140)={@mcast1={0xff, 0x1, [], 0x1}, 0x55, r2}) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 248.668099] FAT-fs (loop3): bogus number of reserved sectors [ 248.674083] FAT-fs (loop3): Can't find a valid FAT filesystem [ 248.760469] FAULT_INJECTION: forcing a failure. [ 248.760469] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 248.772456] CPU: 0 PID: 14021 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 248.779831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.789205] Call Trace: [ 248.791818] dump_stack+0x1c9/0x2b4 [ 248.795476] ? dump_stack_print_info.cold.2+0x52/0x52 [ 248.800693] ? lock_downgrade+0x8f0/0x8f0 [ 248.804880] should_fail.cold.4+0xa/0x1a 02:30:19 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd4840200, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 248.808973] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 248.814104] ? graph_lock+0x170/0x170 [ 248.817929] ? is_bpf_text_address+0xd7/0x170 [ 248.822453] ? find_held_lock+0x36/0x1c0 [ 248.826543] ? __lock_is_held+0xb5/0x140 [ 248.830638] ? check_same_owner+0x340/0x340 [ 248.834981] ? rcu_note_context_switch+0x730/0x730 [ 248.840031] __alloc_pages_nodemask+0x36e/0xdb0 [ 248.844720] ? lock_downgrade+0x8f0/0x8f0 [ 248.848893] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 248.853936] ? graph_lock+0x170/0x170 [ 248.857735] ? __lock_is_held+0xb5/0x140 [ 248.862339] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 248.866852] ? __lock_is_held+0xb5/0x140 [ 248.870965] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 248.876591] alloc_pages_current+0x10c/0x210 [ 248.881000] __get_free_pages+0xf/0x40 [ 248.884974] mmu_topup_memory_caches+0x1f8/0x3a0 [ 248.889725] kvm_mmu_load+0x21/0x10e0 [ 248.893520] ? vcpu_enter_guest+0x298c/0x6090 [ 248.898015] vcpu_enter_guest+0x3aa6/0x6090 [ 248.902338] ? kvm_set_msr_common+0x26a0/0x26a0 [ 248.907007] ? vmx_vcpu_load+0xadf/0xff0 [ 248.911082] ? __lock_acquire+0x7fc/0x5020 [ 248.915311] ? vmx_vcpu_reset+0x1040/0x1040 [ 248.919629] ? graph_lock+0x170/0x170 [ 248.923423] ? __lock_acquire+0x7fc/0x5020 [ 248.927762] ? __lock_is_held+0xb5/0x140 [ 248.932102] ? lock_acquire+0x1e4/0x540 [ 248.936076] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 248.941091] ? lock_release+0xa30/0xa30 [ 248.945055] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 248.950325] ? kvm_arch_dev_ioctl+0x610/0x610 [ 248.954905] ? preempt_notifier_dec+0x20/0x20 [ 248.960450] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 248.965295] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 248.970313] kvm_vcpu_ioctl+0x7b8/0x1300 [ 248.974371] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 248.980073] ? find_held_lock+0x36/0x1c0 [ 248.984133] ? find_held_lock+0x36/0x1c0 [ 248.988213] ? lock_downgrade+0x8f0/0x8f0 [ 248.992358] ? kasan_check_read+0x11/0x20 [ 248.996512] ? rcu_is_watching+0x8c/0x150 [ 249.000658] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 249.005065] ? __fget+0x414/0x670 [ 249.008511] ? match_held_lock+0x821/0x8d0 [ 249.012735] ? expand_files.part.8+0x9c0/0x9c0 [ 249.017307] ? kasan_check_write+0x14/0x20 [ 249.021542] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 249.026467] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 249.032180] do_vfs_ioctl+0x1de/0x1720 [ 249.036059] ? __lock_is_held+0xb5/0x140 [ 249.040110] ? ioctl_preallocate+0x300/0x300 [ 249.044508] ? __fget_light+0x2f7/0x440 [ 249.048472] ? fget_raw+0x20/0x20 [ 249.051921] ? __sb_end_write+0xac/0xe0 [ 249.055892] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 249.061424] ? fput+0x130/0x1a0 [ 249.064703] ? ksys_write+0x1ae/0x260 [ 249.068496] ? security_file_ioctl+0x94/0xc0 [ 249.072894] ksys_ioctl+0xa9/0xd0 [ 249.076348] __x64_sys_ioctl+0x73/0xb0 [ 249.080227] do_syscall_64+0x1b9/0x820 [ 249.084110] ? syscall_slow_exit_work+0x500/0x500 [ 249.088945] ? syscall_return_slowpath+0x5e0/0x5e0 [ 249.093872] ? syscall_return_slowpath+0x31d/0x5e0 [ 249.098797] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 249.104158] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.108996] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.114175] RIP: 0033:0x455ab9 [ 249.117395] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.136816] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.144529] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 249.151793] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:19 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1279, r0) 02:30:19 executing program 4: io_setup(0x81, &(0x7f0000000000)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$mouse(&(0x7f00000002c0)='/dev/input/mouse#\x00', 0x8, 0x4004) io_cancel(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x3, r1, &(0x7f0000000080)="f215ee55ac8ec837cbfdc5e71373d2dbe3375ba07d28af662d189938a9a9b0f58d53b032bb705d932bde433eebbaf03dbd3a035bb52379a32a51cc974df396f47b76e8824ec42447117ff9bbbe6535427f552ae4da6811daebd1291e196a453c1599d794b90842", 0x67, 0x2, 0x0, 0x1, r2}, &(0x7f0000000180)) ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f0000000100)={0x100, 0xffff}) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r3, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-512-generic\x00'}, 0x58) [ 249.159057] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 249.166327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 249.173759] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002e 02:30:19 executing program 6 (fault-call:6 fault-nth:47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 249.227630] FAT-fs (loop3): bogus number of reserved sectors [ 249.233601] FAT-fs (loop3): Can't find a valid FAT filesystem [ 249.358908] FAULT_INJECTION: forcing a failure. [ 249.358908] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 249.370890] CPU: 1 PID: 14044 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 249.378273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.387642] Call Trace: [ 249.390265] dump_stack+0x1c9/0x2b4 [ 249.394443] ? dump_stack_print_info.cold.2+0x52/0x52 [ 249.399640] ? lock_downgrade+0x8f0/0x8f0 [ 249.403878] should_fail.cold.4+0xa/0x1a [ 249.407932] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 249.413042] ? graph_lock+0x170/0x170 [ 249.416838] ? is_bpf_text_address+0xd7/0x170 [ 249.421448] ? find_held_lock+0x36/0x1c0 [ 249.425503] ? __lock_is_held+0xb5/0x140 [ 249.429567] ? check_same_owner+0x340/0x340 [ 249.433880] ? rcu_note_context_switch+0x730/0x730 [ 249.438824] __alloc_pages_nodemask+0x36e/0xdb0 [ 249.443482] ? lock_downgrade+0x8f0/0x8f0 [ 249.447642] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 249.452648] ? graph_lock+0x170/0x170 [ 249.456438] ? __lock_is_held+0xb5/0x140 [ 249.461028] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 249.465445] ? __lock_is_held+0xb5/0x140 [ 249.469505] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 249.475133] alloc_pages_current+0x10c/0x210 [ 249.479551] __get_free_pages+0xf/0x40 [ 249.483433] mmu_topup_memory_caches+0x1f8/0x3a0 [ 249.488209] kvm_mmu_load+0x21/0x10e0 [ 249.492013] vcpu_enter_guest+0x3aa6/0x6090 [ 249.496329] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 249.500559] ? kvm_set_msr_common+0x26a0/0x26a0 [ 249.505312] ? vmx_vcpu_load+0xadf/0xff0 [ 249.509373] ? __lock_acquire+0x7fc/0x5020 [ 249.513605] ? vmx_vcpu_reset+0x1040/0x1040 [ 249.517929] ? graph_lock+0x170/0x170 [ 249.521723] ? __lock_acquire+0x7fc/0x5020 [ 249.525961] ? __lock_is_held+0xb5/0x140 [ 249.530018] ? lock_acquire+0x1e4/0x540 [ 249.533990] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 249.538997] ? lock_release+0xa30/0xa30 [ 249.542972] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 249.548238] ? kvm_arch_dev_ioctl+0x610/0x610 [ 249.552808] ? preempt_notifier_dec+0x20/0x20 [ 249.557298] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 249.562135] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 249.567143] kvm_vcpu_ioctl+0x7b8/0x1300 [ 249.571191] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 249.576898] ? find_held_lock+0x36/0x1c0 [ 249.580956] ? find_held_lock+0x36/0x1c0 [ 249.585014] ? lock_downgrade+0x8f0/0x8f0 [ 249.589166] ? kasan_check_read+0x11/0x20 [ 249.593308] ? rcu_is_watching+0x8c/0x150 [ 249.597441] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 249.601851] ? __fget+0x414/0x670 [ 249.605309] ? match_held_lock+0x821/0x8d0 [ 249.609533] ? expand_files.part.8+0x9c0/0x9c0 [ 249.614111] ? kasan_check_write+0x14/0x20 [ 249.618333] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 249.623251] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 249.628949] do_vfs_ioctl+0x1de/0x1720 [ 249.632821] ? __lock_is_held+0xb5/0x140 [ 249.636867] ? ioctl_preallocate+0x300/0x300 [ 249.641283] ? __fget_light+0x2f7/0x440 [ 249.645417] ? fget_raw+0x20/0x20 [ 249.648858] ? __sb_end_write+0xac/0xe0 [ 249.652823] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 249.658347] ? fput+0x130/0x1a0 [ 249.661613] ? ksys_write+0x1ae/0x260 [ 249.665404] ? security_file_ioctl+0x94/0xc0 [ 249.669802] ksys_ioctl+0xa9/0xd0 [ 249.673243] __x64_sys_ioctl+0x73/0xb0 [ 249.677137] do_syscall_64+0x1b9/0x820 [ 249.681013] ? finish_task_switch+0x1d3/0x870 [ 249.685507] ? syscall_return_slowpath+0x5e0/0x5e0 [ 249.690423] ? syscall_return_slowpath+0x31d/0x5e0 [ 249.695345] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 249.700712] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.705545] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.710718] RIP: 0033:0x455ab9 [ 249.713891] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.733147] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.740845] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 249.748100] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(0xffffffffffffffff, r2, 0x0) 02:30:20 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000040)=0x800, 0x4) 02:30:20 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 249.755364] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 249.762621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 249.769876] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002f 02:30:20 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfdef, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:20 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x1) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1000001, 0x50, r1, 0xfffffffffffffffc) 02:30:20 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x400001, 0x0) ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000080)) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x80000001, 0x8, 0x10000, 0x7, 0xfffffffffffbffa3}) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x8400, 0x0) ioctl$TCSBRKP(r2, 0x5425, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000180)={0x0, 0x2}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000200)={r3, 0x99, "f6126b10fbed680534e058495fa4729234c6c4669326513d7dccf96a3100eee3c36cb3170048944b31a85970abf627dbf75901e2a9b9b0cc6ca3955ac043a1a88aa798669f1850e907e49297519216816142f1416a5e0acb4464a386fe7a2121b8d3fb1beb20b6740c053bd375c051c62926af00fe556b2fdfd31efa964a1641e7e02c4efd7fd575703ab7015e053f17c3d406ddb5925246d5"}, &(0x7f00000002c0)=0xa1) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000100)={0x9, 0x8, 0x1}) 02:30:20 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x127b, r0) 02:30:20 executing program 6 (fault-call:6 fault-nth:48): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:20 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:20 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xa, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 250.019809] FAT-fs (loop3): bogus number of reserved sectors [ 250.025766] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:20 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1276, r0) 02:30:20 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x7, 0x9, 0x7, 0x6, 0x6, 0x81, 0x28df, 0xfffffffffffffff7, 0x3, 0x8001, 0x7}, 0xb) lsetxattr(&(0x7f0000000480)='./file0\x00', &(0x7f0000000700)=@random={'osx.', '/dev/vga_arbiter\x00'}, &(0x7f0000000740)='cache=loose', 0xb, 0x2) ioctl$EVIOCGBITSW(r0, 0x80404525, &(0x7f0000000140)=""/156) r1 = socket$alg(0x26, 0x5, 0x0) setsockopt$inet6_int(r0, 0x29, 0x50, &(0x7f0000000280)=0x3, 0x4) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0xdf) setsockopt$inet_int(r0, 0x0, 0x3f, &(0x7f00000002c0)=0x39a705e8, 0x4) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x18040, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r2, 0x40045731, &(0x7f0000000300)=0x101) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000040)={'filter\x00'}, &(0x7f00000000c0)=0x78) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000540)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in6=@mcast1}}, &(0x7f0000000440)=0xe8) mount$9p_tcp(&(0x7f0000000240)='127.0.0.1\x00', &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='9p\x00', 0x110000, &(0x7f0000000640)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@access_uid={'access', 0x3d, r3}, 0x2c}, {@loose='loose', 0x2c}, {@version_u='version=9p2000.u', 0x2c}, {@fscache='fscache', 0x2c}, {@debug={'debug', 0x3d, 0x2}, 0x2c}, {@afid={'afid', 0x3d, 0x6}, 0x2c}, {@aname={'aname', 0x3d, '/dev/vga_arbiter\x00'}, 0x2c}, {@cache_loose='cache=loose', 0x2c}]}}) fcntl$setpipe(r1, 0x407, 0x9) [ 250.146672] FAULT_INJECTION: forcing a failure. [ 250.146672] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 250.158676] CPU: 1 PID: 14085 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 250.166053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.175420] Call Trace: [ 250.178120] dump_stack+0x1c9/0x2b4 [ 250.181777] ? dump_stack_print_info.cold.2+0x52/0x52 [ 250.186988] ? zap_class+0x740/0x740 [ 250.190738] should_fail.cold.4+0xa/0x1a [ 250.194827] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 250.199954] ? graph_lock+0x170/0x170 [ 250.203773] ? is_bpf_text_address+0xd7/0x170 [ 250.208465] ? find_held_lock+0x36/0x1c0 [ 250.212550] ? __lock_is_held+0xb5/0x140 [ 250.216638] ? check_same_owner+0x340/0x340 [ 250.220981] ? rcu_note_context_switch+0x730/0x730 [ 250.225946] __alloc_pages_nodemask+0x36e/0xdb0 [ 250.230634] ? lock_downgrade+0x8f0/0x8f0 [ 250.234808] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 250.239843] ? graph_lock+0x170/0x170 02:30:20 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7d, 0x1) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000080)={0x800, 0x800, 0x2, 0x0, 0x1, 0x7, 0x0, 0x800, 0x2b61, 0xffff, 0x0, 0x3ff, 0x0, 0xd3f, 0x7, 0x5, 0x5, 0x3, 0x5}) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 250.243657] ? __lock_is_held+0xb5/0x140 [ 250.247728] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 250.252297] ? __lock_is_held+0xb5/0x140 [ 250.256401] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 250.261965] alloc_pages_current+0x10c/0x210 [ 250.266406] __get_free_pages+0xf/0x40 [ 250.270316] mmu_topup_memory_caches+0x1f8/0x3a0 [ 250.275108] kvm_mmu_load+0x21/0x10e0 [ 250.278935] vcpu_enter_guest+0x3aa6/0x6090 [ 250.283274] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 250.287538] ? kvm_set_msr_common+0x26a0/0x26a0 [ 250.292229] ? zap_class+0x740/0x740 [ 250.295963] ? vmx_vcpu_load+0xadf/0xff0 [ 250.300059] ? __lock_is_held+0xb5/0x140 [ 250.304134] ? __account_cfs_rq_runtime+0x770/0x770 [ 250.309174] ? vmx_vcpu_reset+0x1040/0x1040 [ 250.313515] ? graph_lock+0x170/0x170 [ 250.317336] ? __perf_event_task_sched_out+0x2f0/0x1a60 [ 250.322728] ? __lock_is_held+0xb5/0x140 [ 250.326803] ? lock_acquire+0x1e4/0x540 [ 250.330807] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 250.335843] ? lock_release+0xa30/0xa30 [ 250.339831] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 02:30:20 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x127d, r0) [ 250.345113] ? kvm_arch_dev_ioctl+0x610/0x610 [ 250.349614] ? preempt_notifier_dec+0x20/0x20 [ 250.354133] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 250.358988] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 250.364026] kvm_vcpu_ioctl+0x7b8/0x1300 [ 250.368121] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 250.373845] ? trace_hardirqs_on+0xd/0x10 [ 250.378003] ? find_held_lock+0x36/0x1c0 [ 250.382117] ? lock_downgrade+0x8f0/0x8f0 [ 250.386281] ? rcu_is_watching+0x8c/0x150 [ 250.390432] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 250.394869] ? __fget+0x414/0x670 [ 250.398336] ? match_held_lock+0x821/0x8d0 [ 250.402580] ? expand_files.part.8+0x9c0/0x9c0 [ 250.407175] ? kasan_check_write+0x14/0x20 [ 250.411420] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 250.416370] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 250.422094] do_vfs_ioctl+0x1de/0x1720 [ 250.425995] ? ioctl_preallocate+0x300/0x300 [ 250.430415] ? __fget_light+0x2f7/0x440 [ 250.434398] ? __schedule+0x1ed0/0x1ed0 [ 250.438382] ? fget_raw+0x20/0x20 [ 250.441852] ? __sb_end_write+0xac/0xe0 [ 250.445847] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 250.451494] ? exit_to_usermode_loop+0x8c/0x370 [ 250.456168] ? security_file_ioctl+0x94/0xc0 [ 250.460579] ksys_ioctl+0xa9/0xd0 [ 250.464043] __x64_sys_ioctl+0x73/0xb0 [ 250.467940] do_syscall_64+0x1b9/0x820 [ 250.471890] ? finish_task_switch+0x1d3/0x870 [ 250.476377] ? syscall_return_slowpath+0x5e0/0x5e0 [ 250.481302] ? syscall_return_slowpath+0x31d/0x5e0 [ 250.486233] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 250.491591] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.496450] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.501639] RIP: 0033:0x455ab9 [ 250.504812] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.524168] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.531880] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 250.539150] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:20 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1269, r0) [ 250.546407] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 250.553666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 250.560922] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000030 02:30:21 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 250.605471] FAT-fs (loop3): bogus number of reserved sectors [ 250.611439] FAT-fs (loop3): Can't find a valid FAT filesystem [ 250.681959] print_req_error: I/O error, dev loop0, sector 0 [ 250.687806] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 250.729276] print_req_error: I/O error, dev loop0, sector 8 [ 250.735202] Buffer I/O error on dev loop0, logical block 1, lost async page write 02:30:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(0xffffffffffffffff, r2, 0x0) 02:30:21 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x4800, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x8000, 0xa8}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x80000001, 0x8, 0x0, 0x2, 0x3, 0x1, 0xb9f0, 0x7fff, r1}, &(0x7f0000000180)=0x20) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r4 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r4, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) sendfile(r3, r3, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r3, 0x4c01) sync() 02:30:21 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000240)='/dev/loop#\x00', 0x7fff, 0x8000) fcntl$setsig(r0, 0xa, 0x23) fcntl$getownex(r0, 0x10, &(0x7f0000000280)) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/qat_adf_ctl\x00', 0x4040, 0x0) ioctl$KDSIGACCEPT(r2, 0x4b4e, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20-asm\x00'}, 0x55) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000001780)={@loopback, @multicast2, 0x0}, &(0x7f00000017c0)=0xc) socketpair(0x0, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) getsockname$inet(r2, &(0x7f00000001c0)={0x0, 0x0, @dev}, &(0x7f0000000200)=0x10) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r4, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000180)=0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001800)={'\x00', r3}) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r5, 0x29, 0x1, &(0x7f0000000040)=0x2, 0x4) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:21 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcc, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:21 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x2000, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000100)={{0xa3, 0xeac}, 'port1\x00', 0x80, 0x800, 0x0, 0x4, 0x5, 0x1, 0x3, 0x0, 0x4, 0x3}) r1 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000001c0)={0x3f, {{0x2, 0x4e21, @multicast1=0xe0000001}}}, 0x88) r2 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x4) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r2, 0x0) 02:30:21 executing program 6 (fault-call:6 fault-nth:49): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:21 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:21 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1265, r0) 02:30:21 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x5450, r0) [ 251.014404] FAT-fs (loop3): bogus number of reserved sectors [ 251.020380] FAT-fs (loop3): Can't find a valid FAT filesystem [ 251.086510] FAULT_INJECTION: forcing a failure. [ 251.086510] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 251.098501] CPU: 1 PID: 14153 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 251.105873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.115233] Call Trace: [ 251.117838] dump_stack+0x1c9/0x2b4 [ 251.121487] ? dump_stack_print_info.cold.2+0x52/0x52 [ 251.122721] FAT-fs (loop3): bogus number of reserved sectors [ 251.126692] ? zap_class+0x740/0x740 02:30:21 executing program 4: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x101000, 0x0) write$P9_RSTAT(r0, &(0x7f0000000040)={0x6b, 0x7d, 0x1, {0x0, 0x64, 0x4, 0x81, {0x1, 0x1, 0x8}, 0x10000000, 0x4, 0x8cd, 0x1ff, 0x4, 'rng\x00', 0x27, 'echainiv(echainiv(ccm(cast6-generic)))\x00', 0x0, "", 0x6, 'nodev:'}}, 0x6b) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) flistxattr(r0, &(0x7f00000000c0)=""/191, 0xbf) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 251.126723] should_fail.cold.4+0xa/0x1a [ 251.126746] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 251.126764] ? graph_lock+0x170/0x170 [ 251.126785] ? is_bpf_text_address+0xd7/0x170 [ 251.132655] FAT-fs (loop3): Can't find a valid FAT filesystem [ 251.136301] ? find_held_lock+0x36/0x1c0 [ 251.136325] ? __lock_is_held+0xb5/0x140 [ 251.136354] ? check_same_owner+0x340/0x340 [ 251.172048] ? rcu_note_context_switch+0x730/0x730 [ 251.176987] __alloc_pages_nodemask+0x36e/0xdb0 [ 251.181651] ? lock_downgrade+0x8f0/0x8f0 [ 251.185794] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 251.190802] ? graph_lock+0x170/0x170 [ 251.194599] ? __lock_is_held+0xb5/0x140 [ 251.198658] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 251.203070] ? __lock_is_held+0xb5/0x140 [ 251.207133] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 251.212669] alloc_pages_current+0x10c/0x210 [ 251.217073] __get_free_pages+0xf/0x40 [ 251.220954] mmu_topup_memory_caches+0x1f8/0x3a0 [ 251.225715] kvm_mmu_load+0x21/0x10e0 [ 251.229519] vcpu_enter_guest+0x3aa6/0x6090 [ 251.233834] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 251.238068] ? kvm_set_msr_common+0x26a0/0x26a0 [ 251.242734] ? zap_class+0x740/0x740 [ 251.246440] ? vmx_vcpu_load+0xadf/0xff0 [ 251.250491] ? __lock_acquire+0x7fc/0x5020 [ 251.254722] ? vmx_vcpu_reset+0x1040/0x1040 [ 251.259056] ? graph_lock+0x170/0x170 [ 251.262871] ? __lock_is_held+0xb5/0x140 [ 251.266927] ? lock_acquire+0x1e4/0x540 [ 251.270977] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 251.275999] ? lock_release+0xa30/0xa30 [ 251.279967] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 251.285238] ? kvm_arch_dev_ioctl+0x610/0x610 [ 251.289721] ? preempt_notifier_dec+0x20/0x20 [ 251.294214] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 251.299048] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 251.304067] kvm_vcpu_ioctl+0x7b8/0x1300 [ 251.308124] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 251.314742] ? find_held_lock+0x36/0x1c0 [ 251.318806] ? lock_downgrade+0x8f0/0x8f0 [ 251.322948] ? rcu_is_watching+0x8c/0x150 [ 251.327082] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 251.331486] ? __fget+0x414/0x670 [ 251.334930] ? match_held_lock+0x821/0x8d0 [ 251.339156] ? expand_files.part.8+0x9c0/0x9c0 [ 251.343727] ? kasan_check_write+0x14/0x20 [ 251.347951] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 251.352877] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 251.358576] do_vfs_ioctl+0x1de/0x1720 [ 251.362466] ? ioctl_preallocate+0x300/0x300 [ 251.366859] ? __fget_light+0x2f7/0x440 [ 251.370820] ? fget_raw+0x20/0x20 [ 251.374265] ? __sb_end_write+0xac/0xe0 [ 251.378233] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 251.383766] ? fput+0x130/0x1a0 [ 251.387039] ? ksys_write+0x1ae/0x260 [ 251.390830] ? security_file_ioctl+0x94/0xc0 [ 251.395242] ksys_ioctl+0xa9/0xd0 [ 251.398688] __x64_sys_ioctl+0x73/0xb0 [ 251.402567] do_syscall_64+0x1b9/0x820 [ 251.406440] ? finish_task_switch+0x1d3/0x870 [ 251.410938] ? syscall_return_slowpath+0x5e0/0x5e0 [ 251.415866] ? syscall_return_slowpath+0x31d/0x5e0 [ 251.420798] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 251.426156] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 251.431003] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.436186] RIP: 0033:0x455ab9 [ 251.439361] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 251.458689] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.466391] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 251.473916] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 251.481174] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 251.488429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 251.495693] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000031 02:30:21 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) getpriority(0x0, r2) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) 02:30:22 executing program 6 (fault-call:6 fault-nth:50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:22 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha1\x00'}, 0x58) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x30100, 0x0) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000240)) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f00000000c0)=@assoc_id=0x0, &(0x7f0000000100)=0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x100000001, 0x202, 0x9, 0x107, r2}, &(0x7f0000000180)=0x10) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000001c0), &(0x7f0000000200)=0x14) 02:30:22 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0xc0189436, r0) [ 251.696534] FAT-fs (loop3): bogus number of reserved sectors [ 251.702805] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:22 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180, 0x4) getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f00000000c0)={'nat\x00', 0x0, 0x3, 0xfffffffffffffca6, [], 0x8, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000001540)=""/4096}, &(0x7f0000000140)=0x246) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) llistxattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/4, 0x4) connect$bt_rfcomm(r1, &(0x7f0000000300)={0x1f, {0x739, 0x0, 0x6, 0x7, 0x4, 0x401}, 0x7}, 0xa) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x98, "2fbd7fa8895afd8738e17b591f4df8f6e6e1216fdd52b585b26834d372eee4f2e00b17d110ab9fce125147599d4bce62d5d601661f1176720598392161c2d1c4041999b0a036c460007796ab29cc510f16d966f49eb558f2adeb724cc06f8b54626ba1452d57cfcf63c695bbcb69b47279f7e523ec7a4d2fc760c7a2443927c51fb1a65b96bd45f2f77f5e2d1e3993295edc6c8f826915a1"}, &(0x7f00000002c0)=0xa0) [ 251.788598] FAULT_INJECTION: forcing a failure. [ 251.788598] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 251.800940] CPU: 1 PID: 14194 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 251.808320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.817684] Call Trace: [ 251.820297] dump_stack+0x1c9/0x2b4 [ 251.823947] ? dump_stack_print_info.cold.2+0x52/0x52 [ 251.829154] ? lock_downgrade+0x8f0/0x8f0 [ 251.833328] should_fail.cold.4+0xa/0x1a [ 251.837417] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 251.839285] FAT-fs (loop3): bogus number of reserved sectors [ 251.842565] ? graph_lock+0x170/0x170 [ 251.842585] ? is_bpf_text_address+0xd7/0x170 [ 251.842606] ? find_held_lock+0x36/0x1c0 [ 251.842627] ? __lock_is_held+0xb5/0x140 [ 251.848482] FAT-fs (loop3): Can't find a valid FAT filesystem [ 251.852235] ? check_same_owner+0x340/0x340 [ 251.852256] ? rcu_note_context_switch+0x730/0x730 [ 251.852281] __alloc_pages_nodemask+0x36e/0xdb0 [ 251.884723] ? lock_downgrade+0x8f0/0x8f0 02:30:22 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) [ 251.888892] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 251.893924] ? graph_lock+0x170/0x170 [ 251.897740] ? __lock_is_held+0xb5/0x140 [ 251.901811] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 251.906243] ? __lock_is_held+0xb5/0x140 [ 251.910328] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 251.915881] alloc_pages_current+0x10c/0x210 [ 251.920313] __get_free_pages+0xf/0x40 [ 251.924213] mmu_topup_memory_caches+0x1f8/0x3a0 [ 251.929013] kvm_mmu_load+0x21/0x10e0 [ 251.932835] vcpu_enter_guest+0x3aa6/0x6090 [ 251.937170] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 251.941426] ? kvm_set_msr_common+0x26a0/0x26a0 [ 251.946114] ? vmx_vcpu_load+0xadf/0xff0 [ 251.950205] ? __lock_acquire+0x7fc/0x5020 [ 251.954437] ? vmx_vcpu_reset+0x1040/0x1040 [ 251.958744] ? graph_lock+0x170/0x170 [ 251.962543] ? __lock_acquire+0x7fc/0x5020 [ 251.966786] ? __lock_is_held+0xb5/0x140 [ 251.970845] ? lock_acquire+0x1e4/0x540 [ 251.974806] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 251.979820] ? lock_release+0xa30/0xa30 [ 251.983780] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 251.989043] ? kvm_arch_dev_ioctl+0x610/0x610 [ 251.993522] ? preempt_notifier_dec+0x20/0x20 [ 251.998035] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.002873] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.007891] kvm_vcpu_ioctl+0x7b8/0x1300 [ 252.011937] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 252.017632] ? find_held_lock+0x36/0x1c0 [ 252.021683] ? find_held_lock+0x36/0x1c0 [ 252.025737] ? lock_downgrade+0x8f0/0x8f0 [ 252.029874] ? kasan_check_read+0x11/0x20 [ 252.034009] ? rcu_is_watching+0x8c/0x150 [ 252.038147] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 252.042548] ? __fget+0x414/0x670 [ 252.045993] ? match_held_lock+0x821/0x8d0 [ 252.050225] ? expand_files.part.8+0x9c0/0x9c0 [ 252.054800] ? kasan_check_write+0x14/0x20 [ 252.059038] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 252.063966] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 252.069663] do_vfs_ioctl+0x1de/0x1720 [ 252.073535] ? __lock_is_held+0xb5/0x140 [ 252.077583] ? ioctl_preallocate+0x300/0x300 [ 252.081990] ? __fget_light+0x2f7/0x440 [ 252.085960] ? fget_raw+0x20/0x20 [ 252.089427] ? __sb_end_write+0xac/0xe0 [ 252.093842] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 252.099367] ? fput+0x130/0x1a0 [ 252.102632] ? ksys_write+0x1ae/0x260 [ 252.106422] ? security_file_ioctl+0x94/0xc0 [ 252.110820] ksys_ioctl+0xa9/0xd0 [ 252.114259] __x64_sys_ioctl+0x73/0xb0 [ 252.118146] do_syscall_64+0x1b9/0x820 [ 252.122024] ? finish_task_switch+0x1d3/0x870 [ 252.126505] ? syscall_return_slowpath+0x5e0/0x5e0 [ 252.131422] ? syscall_return_slowpath+0x31d/0x5e0 [ 252.136341] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 252.141692] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.146522] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.151707] RIP: 0033:0x455ab9 [ 252.154874] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.174203] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.181982] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 252.189236] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 252.196596] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 252.203849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 252.211106] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000032 02:30:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(0xffffffffffffffff, r2, 0x0) [ 252.320449] print_req_error: I/O error, dev loop0, sector 23040 [ 252.326788] print_req_error: I/O error, dev loop0, sector 24064 [ 252.332992] print_req_error: I/O error, dev loop0, sector 25088 [ 252.442873] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 252.508765] Buffer I/O error on dev loop0, logical block 0, async page read 02:30:22 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1267, r0) 02:30:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040), 0x10) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() 02:30:22 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac13a) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001200)={0x0, 0x7f}, &(0x7f0000001240)=0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001280)={0x0, 0x3e9, 0x6, [0x10001, 0x7, 0x3f, 0x5bd1, 0x773, 0xfffffffffffff801]}, &(0x7f00000012c0)=0x14) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000001980)={0x0, 0x9, 0x0, 0x3f}, &(0x7f00000019c0)=0x10) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001a00)={0x0, 0x20}, &(0x7f0000001a40)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000001f80)={0x0, 0x1, 0x10000, 0x8001, 0x401, 0x7, 0x0, 0x81, {0x0, @in6={{0xa, 0x4e21, 0x2, @remote={0xfe, 0x80, [], 0xbb}}}, 0x8, 0xf8, 0x1ff, 0x4, 0xfff}}, &(0x7f0000002040)=0xb0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000002080)={0x0, @in={{0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}}, [0x4, 0x2, 0x1, 0x6, 0xfffffffffffffbff, 0x7, 0x6, 0x180000000, 0x4, 0xc1c1, 0x7, 0xb72, 0x6]}, &(0x7f0000002180)=0x100) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000021c0)={0x0, 0x8}, &(0x7f0000002200)=0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000002240)={0x0, 0xc5, 0x5, [0x5, 0xfffffffffffffff7, 0x6, 0x7, 0x80]}, &(0x7f0000002280)=0x12) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000003500)={0x0, @in6={{0xa, 0x4e21, 0x1, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x2a}}, [0x0, 0x6, 0x6, 0x1c, 0xff, 0x7, 0x3ef9b3fb, 0x0, 0x400, 0x7, 0x9, 0x4, 0xbc7, 0x0, 0x1]}, &(0x7f0000003600)=0x100) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000003640)={0x0}, &(0x7f0000003680)=0x8) sendmmsg$inet_sctp(r0, &(0x7f0000003800)=[{&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @mcast1={0xff, 0x1, [], 0x1}, 0x1}, 0x1c, &(0x7f00000011c0)=[{&(0x7f0000000100)="882fe6bcf5446c0ca2595a18eab4c060eeb10398a2d6824e30c801cb5ee37373d0ff24b67b652d3d63a10c432469cd529ae5c5e4671223e7771317c650b6f9f66691faa93a2b8f07ab87eb789254e9de399cb3386f8673205c5721a9972d687755730face5e5cc44f63e1d57be9c711a3df0b7793f77631ea85b7bb884468bed3f99879512ae32c7c6081ef6a647495912b3007a34f4e9134609c7164b901f18b3167db02b4ea2d9fcb30bb7dba24eea", 0xb0}, {&(0x7f00000001c0)="ff1cc3c46ca8d696983fc26e660611b3ee366ef6c8b6e4d238416af6427a6b92c8b141feafc999ff41f44a7e1cd00569481bc5f9e12fa4d489f3de2f5c522c3d69d77adf4f6d955f136c52c9a8116738357a6b41d0dda79027dd86bf5440cbe44a09d7e5a28d131cb75f224e10b59760041c78f56d3dedc364dcba9b702d8be4278fefec323a9b5ca4dfc963c924d14b465c59fbcd2cc091533faf796faa384e23155dd835f71f3546423c0a476ad531e41adbf02d4a71692f84b669315805655e0d2df2b5399601af21e3230cb8e9f967302e665b5f4910262845616e64a760fc1a167f1d05697359220160babdd0ba378a66b7b446f9ea68fa90a7ad45e19293de1e2e00e7e9260cfa029b2c5c0e6f9a2b317e2ca00737e15bd4769ab8908a1b5673bd444d28e608b72e3210d212a8e9ab3ad8032bbea4e1c5e43a51407a8eb3c72e258ceb6e35823c890d526099d8f085e7a6348639605fb20c20d04fc1a370bdffcec386b5c4a0a5c1d9b5e194d27a6c238bef49cf473225db9a0ac3f1f8a4eb9fc36527890e5979552d76ef157e0c38896bf3102af26c4e3a82ef2e1c3c1afdafa46ab2f0d5b52fc3a52af7d91f0b185ac9e5d850794d30f7fd6b351bd9c987f15e3f5d1273358e6829dc0158291cda735b3018dba245d48ab175a69daeddce42524ed37261d777de3f58d5f5a10a3645a686c98c54ebec77ea3ef35983f2a611d9d8119d1b94ff28f91f02b9f13e78c3ea72f726077dca9674b6694dc5e8daa3949cd5fc83f066a25f63d951171f2e05a5840a5647ddafff788b228613221ea024eb493585ba2c5503530556f73edf15d1ff889f79ed5eded7f727d099f4b449544f0b1cd19f22207226e102afdadeb3c784a758ee060b9b045321735c83bc6bd2558949113c7da4f86a102c39146ae481f209fc130138a9b180a32d7f568617d8d8896f3e5fbe17e393566652b6853f7f82114318b33bef18e5f5dc2428e2fefc57f8f407d96f7f07b203961ff6427c5e9c2c21764ff029d95668e680b80bc6a595cb7580820f3754d547f2e40a37ca107e0e64c6a086f14de9912419b7680e7b9da5fed29728f6be5513253e9ece973e24497acda04a685952246818fe6b6a792408f8d62861eea32c9f62b4f61740fff3e6e523ab36c810c40a3a4d3236ad23aaee7eb069df0fba365cddbd9d89d5546ae5349d804bd403493597ead55c0d16b9e8aeac74eff90a3405966ac5263276f55742fe2d7498ba2bb76b1e064d9cf815ac8e61a5353dacd766ca5d08be946efe132d2ad621b8f538e59edf00438f706c613f7f4f8a45fb12197c1e053d2d4b5f12e9cef06cdfe73255fad70fb653020537d6e4bd7414a4f97ac857914b6ded462740272cb50a8acaa3fb3a0a9505e286253a7af0a51da0c96ce6f2b84277b9b6c0bde1cebc912782f2840de1b9db34c26ee319f5642c1b45c3b02f321132f353ed1f4b038e2562f370edefc58f2dd69b37bcb05c0873455aaa4e84f271c79b9100ab3eaab313644aca4d408338698ed26647bc9a8a7521e6baab448377dc34ec36426a9ce0ca4dae90e0cf64ae62ae660801c89da844f3050226d56299477f0ddfef2c770b64af7482cb7f4468bacf4bf1da3365cfd3fb947cce8a4d0bf220036cf36c10a5adc9cf5d79ec7ba8e27fb83399e8572c240bfb8fdcddbf16148ff90cda2cdd2d623d23e2b271d24f927c567ce389f111df06c83504d4b6c37dd8aa5e26dcef597967c66dd64c13fc1ec2768f387da5d0ad759af6dc10a4ef16f7eb83383cb39a569d44f6ec3d78d01a4f4225fe1d9fe6a0257de9443b9220395e4606879755e47c121122e7d912300e8aec48f5f8bb8295d8658990e33142eec903bdae0ca085e2caad402a0790b8175c6606802d4de207e8ac3caf58774d49e89c372ce7428cd85fb20ad362ac92f37adaeb09d993939e1f61d3ce7e9efbec87f8e0d6a112060197186e1a2541cd126b8805b6188e65ae914ed736c1978468aeb5301586692ee09805ceca00c0fb2f9c0f821c5c4b205fe325ac1a167651fd4d65ecd119332c2f6e409279b239cc2ccd78a7b84f1cd6379743ba4d779705c587d3997b11fd89cb0abd34530b2152bc938539c0cc112d0550cd90cadf0ba76a1cd6a4b90f9e5dc6e55a39d6dd53346083592a0288c6f89568b7c014f17ba51c7a612cf4ef897fced37a77c054f1e6233f951cea440c6989758cd97978247f1d54b12c6f21adc60c5f7b61c49b78362475ee3e379fb1be26ab369433e3490772cd1d24e84feadf098adb314a911253810c578051224c6fa71e22633a0674df864668f9360c67b8f5928f4ec2940ecbd288beb59132aa854b5c4166f20d960868a46c334460cba1caf85c9c17b9fa00133a15fdedaf11de4fc653b1134d789d2f1bd351ecb83d156e0d74057c7fc5d900635666b46fc2782034706768dc4c814c39ad67d42f5a8085ac190e3a91e052d41179aecce0e1d18560868bbfa1171473bfff78a5d171bff7d4ae477d4687ed2723506f8c113bc369c175361695f468c3598f3457e0b52835b94b6a31e7410d2273f645b5e500688596087f4c77186fbfcd9dbcf9da9e85d150e362268d75434293e3eaaa14f25b3ba7565871698b8f2e10f9277aea39085b6aa123d1acb46457b5f21b4187358a0587731f6cddb24bb1c812de17a607c881b8410a3c4c368269728f5df2f28efd915a1b2032f3d7fd94d6456cc132b88c4ff99d6c6e83c5ae65cfabec609242d28a77350bf48e0743e8af7241e5303bea3d02d12713c0df6b180906dc2b7f4cdb35d0e143841a7ab260f8442c07c676c41038a38b8caaa95fedd43f637f62950811d48350d0d11649018a428e35360fc1698b2f508c809c46b082411cd5f1f1d0a31d81c95df398853b8d0f2289c03d6a31aa53eee9506120353c01478373b6edbf787398e2c9ec0795f50d7257b26fcc7242cb5c8a6ec9d40344075d880b07a3d69fe1ae423135df6019389df94972b84195e02c36c59deb12873bfcaf40e3ce71122bb6144c51d0deb8e1e60aca07035d7fff34735ec4d58a47e5fc222310903e0d92ba8361cc53d71a9ffe7ea0b89b5c0dbbe0bbaa2afc7383147d0c73f0df37868ed150b78a387c82f3933c4a714c5c65a87f9c06e189503f2fc364319fe30860650b2d889f66b281033de89338416dc41ea4d793e64d3a1fadd65fb24cc220519f959823b31203590784c34b045f016d709a0acad12a8416872f3e46145e88bc3c429e041dcb6284d42ed513075fde1723fd4823cc98e992f3c3924b395d9fa211bcca35d1ae5ae3a3d676def33c99d887ad29c31bc0180ea3da523883f52cf8ce8afda2823d9403bdac2ef9caff7884e65ef4ca1f5d03b088c4af340cdb79b6cbf7c22a2d6145a1bb92dc64691988bc7d5d9e565a7444d4fe96cc0a328c9a66ff4bab8bce83a32803ded7c0a8e1e12170b948f8a50fe7bb05491371fcf343b3662d494639580c6caa8f68457c4b4ad9a95f7d041be1ed6e9e341b71d576d3d084155c4f529251621d466a6bf9219c496aa257630b08d842def6307790c99c89e55098ae907b23808c6f08173f9cbbbebe0d195ed119e1ae456816061d8ed736796529110ebad9f6586d5f7a31516059e450027e7036d56960ffae21ee3c2fc05aa718c3d52d912dbefb8a080f4996422e9e667494be829a4623380ce605101d28577e400c1c4b5b9cd91062faed805b495a0a9ae833c0d61f939e20ca6d1cfa4d43528d4f5bea12d31184ed9f3e86cca4b447244b639d47e93f0592522992fb545f268a5def69514655483bd7a5ce66c38ab97560d1c8aa868be9df647e80c2cfb2eb7dd805281f59fe9286293d8923e09cf3e7324be047685ad04b14ed5e7590beaccfd5fa9ace55a9ff227533f6d204f8732024ddd9365f406a7afc372e2e04ed0423b7e22377405d97e813edd6586aa0fbc2aa03fe37fd98e2f8f77723498f0ec5a3964e9cd54182b287527af47fb6166b0a9a5efa09babc9eff5d39b1c56411d9a2e423b7d9a64993e6625c014e64323aff100f4c3e041eadd7ca309b36d8c7c11a8697178a1e0a6e3c6ce87381b73222506a9033d38bda1f24c082aabd9ee85f28664bb79404f4a6a580a98540f795661f2639edddd6655dbe4b3fe197896eea19d2a547411d601df9cfec0119a97e22414b76fd0d2b998ecc31039e9df0c02c3cb3f4d48557b585b3dedd026621c47d0bdbdbb6b0e408339f62a2f3551ba2c6214877ed9bda44bf39659ca9dbd22f14074319cf996422b332ae1099f61eb08442a4c806dd153601125cdd599fe84ce5a9329e9e28c154ce93dc56a03c85b3e7351bb76fa9c665dd5e434150cca90d12e18583bc3a0a5cf388fe264a78941365be9debc1175024289820f9831c68bc74e4aabc6595d0d7c023b0ffe5e69ffce1cb7a338fd8ad0c36ec7485ef5944f126933368455df234118ccb431eece6e144310a44868b40eb54507620db8e0ea066d05f3bb41894b21594e1b069dfe710583b4cb767acd9616e6c07e1810f36efe37ed754408e65566c04fedf092a7127be2e5e97d29ae63cfb88b9b15fe7f7fb5a156f73caf318f5d54f21fbd750aa7351cc66c5ee89c269f6d3dee86f970a62c71285e6bfd7dadfd71162f798fd3bf8b972f7ac6a15eead5e8ad77d765c80d726e4136c738c68fe156691dc9f2852d3cabeae5abef72754daf7d0667a80d9789a1981fbffd80497b1f24ba2b6e18b56dce7db1f5112e3097e69bbf5f94f710834899c77222058ba9e24d04f28870a6ddf2cc6ce34a6f368c0d311875750879bbf8bce796b8d7190042d6397cf7e680995bce1cf3e87dfa5bc6406bfc3d50252ebde8f044e4048dfeab28a28e6409fe7424bf416155a61279978f1e2fece122210684b99f56bca8639389ca3185ad7f8096915efdf5e98d492d8ec7161c15d937729bf916a5d750661bc0a646ffdcf5724c0602708cee8bf9a56f9a63bcfe51193780654a3c4ef1f274112bf80f806f47c99b7cc27dc37f8d9a6fd6410417b5d3a05e9f4ba96af7d7a8f8e751a671dac13d9d8e8f2ca42edb2f4439443c1edcfdea599650ba3005af33c9ac4bb9523a09ae3916e96d91dc3d0168ef57e8910a05d1f01aab8b635973c2d7955ec17fff54ad852a25437575acdfa0129ee10d4f01612cb65f6f6fac2fb9c2ab1c4dd036ed0da433e2332f34fef486eb463798b7bea1a409e0948e4d32dbb8a513858e8671089ca501c9f6470770aab0d454ffc14cbed085aace631224b4977d7c89ecbf3ee8b9cdb72a3770173adbe8bfc5c4cfd8b3dd25b4dd193aa605e1b0b5e47a2a1c5826e451daa48c957d8dce6f27d9e362783fc143f9c81fd547c06638623e03e4ddf2f6d007c265d8c2f2293cfb6e8e97254eef85a8d32a3fcd786078f81683a8c989cbb8fa0d3ab053440ed5d116278c2834ca2dc0ac0183dd4ef1ae4ee343f9c456b87eece0cf62dd225095bc5f8eab21fca514571b9f4d5330d27f2b982ca1255cc6bc0a764932213aaf0b26cee25d95e45c52fbc366dc05ed7a15241e39faec56d895d1d4ad5b9cc02a4329d569e8851d5421628c9a5413aea2596efcf6863c63992b1ed52623de8b183a0aa601cf1ac00ec71755a0394485ad4954fbcdc4092bb3c00a04ef1f65cd1cf27503a8a7fbc040768e3337b2ed6448d0a6565e1ba6d0c11e32d764f0e671edfe060998e805486bc866589327ce100c3279264e1811b99126fa1c41a76455e05319846f0a799", 0x1000}, {&(0x7f0000000040)="d8cb035f9629d23aeea6aef2538843cd56f361c57ce849e7c8ed15e0644b2a061804a734", 0x24}], 0x3, &(0x7f0000001300)=[@sndrcv={0x30, 0x84, 0x1, {0xf1, 0x3, 0x6, 0x8, 0x1, 0x0, 0xe05, 0xa23, r1}}, @dstaddrv6={0x20, 0x84, 0x8}, @sndinfo={0x20, 0x84, 0x2, {0x0, 0x2, 0xfffffffffffff857, 0x200, r2}}, @dstaddrv6={0x20, 0x84, 0x8, @mcast2={0xff, 0x2, [], 0x1}}], 0x90, 0x4}, {&(0x7f00000013c0)=@in={0x2, 0x4e24, @loopback=0x7f000001}, 0x10, &(0x7f0000001900)=[{&(0x7f0000001400)="0e95ac2abe0a65c2fb28395c3222c39c8ba70796e050fbfa0c1659c701a30b99", 0x20}, {&(0x7f0000001440)="37c8c8aa174aa5a35cebd6013d27ef451223a630ce897646f9a0c30f64ed1c27a3fd8b347b4374ebc74fcc760c54b4cf973aa43a2f26e4919ee99dc12498f3a72f6a8fda62d29147b160cefe0c44f68a2d896490093636", 0x57}, {&(0x7f00000014c0)="f2c21ed77499014dca074ea7e60f9a8a723c7a635bd3615cea4c2bc87262467f6020666a22da27a0d1a8a4556cb7d927d51b2a12639ee6d6ba48db854c5524425189e7bd501ed70a977fac07b0cf19463954a510385dec83313ff00f4b6b06ded429c1cdc9f722223071a28254cf309aad79a7a23aa7f00989c5790a3a097e115a368f86d538c489c809ed985b9554cf7ed11b1791c4403303c9475c3a0412500301745dadc22296d6fe4316358dbd03ac2a3e8cbc1d580198e5b95718361718b6ef6a4998fc8595ce00e7c28ac676e64792b96c36bd4377de880af1804bddcffbcafb4d50e2bf34fc1c5ea73c37c7bf15", 0xf1}, {&(0x7f00000015c0)="294277d408c8f80f2fe98f18ad3a934ae00d071e1d916ae5aca348a58ab50d38633679cb9a93baaee7210be8668ed2d2a33596c2080bdc9fb40c40b939e0259c4fb30aa214b6b10cf07f72d0ddce0a833aab1389143f4181fd2fa0c6e80cacf71e387b08a10a5f364fa1be1cf8346d8de5a2de5f4f3ca6c35afb3d99834867c49464e85f903aed419eccdad2a1be8c9c582bfeffc0238cc42c51729aefbb43989379f19b049a8a4e35c2d4c2", 0xac}, {&(0x7f0000001680)="bce36fa84ffe9571f34a621ca720463c9dbd448d1670c9260486a78728d6a3883bb9f5cb59b7f8a143dbfda66d5ae0e7dded01bbe0e0efd4a1eff3ba3cfa72489221d97acb6a6e", 0x47}, {&(0x7f0000001700)="edcdeca98439021d8e98d8f8e956154d1859b352918fc0b84445e199ae9cd0721059d58ceb03833cd172cf531942c3c2386f23e942464ec57226805d1dc825c836f25c0cd2373304de2758052dfcac450cc6989ddfa3d7a24934425b390da39114df81c62331accd16c83135401278d04ab7341992b9ab2a846cb739c8d3a958061c5f3b498e34afd0e8b9033a4a9b686e36bd41bdf9a3aed1e76e8b883039df42ad56a602a8bde89efff712d5b908ff12108176b4eb79a300e8b150fb32834791fe04dc1bfb07edcd1ccc95d230d5610396ce2285f56ffd6a873bb039a13bc887da77b8c2831d2f", 0xe8}, {&(0x7f0000001800)="9dbb6341be1a4e1507247eb4177664c33a7f6aa9f8c1394a880f0c784363a9b29ebbff6d377e4428d1fff9883b767b3c5afa8fc05458644de671553eb9ff4501623a9a46828aca2990eca5a1f2ee85696e54e8e842ab84c33699cf89d90731a8e3c4d5fb5130b9b63d3adcce022e512f09173a2a190bed48fe605cf4dc83cb8cac16630106b3c0fe6e99735ec4f6ad24d04f53d27c5e7dee00d9a448c7e38dbae583d45c8e5740272747a2d7610752067e7b0b46273b1c7b76767b9d1f40fe85f111a03ee246cfc1202684d1b241234912802615fa8afc42b1485fc09870c13864baf20591b99633bd21d44f6894d36ffa2ce40f", 0xf4}], 0x7, &(0x7f0000001a80)=[@dstaddrv4={0x18, 0x84, 0x7, @multicast2=0xe0000002}, @sndinfo={0x20, 0x84, 0x2, {0x100000000, 0x200, 0x6, 0x2ce, r3}}, @sndrcv={0x30, 0x84, 0x1, {0xffffffff00000001, 0x3, 0x8200, 0x9, 0x20, 0x1, 0xff, 0x75a, r4}}, @init={0x18, 0x84, 0x0, {0x0, 0x16, 0x0, 0x2}}, @dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x6}, @init={0x18, 0x84, 0x0, {0x5, 0xffffffff, 0x5, 0xb77}}, @dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x800}, @dstaddrv6={0x20, 0x84, 0x8, @mcast1={0xff, 0x1, [], 0x1}}], 0xe8, 0x20000000}, {&(0x7f0000001b80)=@in6={0xa, 0x4e23, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0x8}, 0x1c, &(0x7f0000001f00)=[{&(0x7f0000001bc0)="4a9d34fa7fd5db3f2eaa0bab78b78b3302b41856195240687540e02a1e43cff72551884357309ec909547f52939fe64541315b44010aea1ddc79722d8e9b5e98d6f66e06b009fe387c8c733576807745cf793f9261497d2d1c005af8cb7a53d02abdfab7f21669aeb97f1bc8578485e094c8163c8e8ddef798bc2eaf08074cc545fcd83a46c9420243a0e7d5cc26d16419af8355e8b5348f80f6b98d6bff7d4cb577a43840330e566692ccbe5cf256d8738f95159fe403e4a32ac0b5f83c7ec27c274e0d", 0xc4}, {&(0x7f0000001cc0)="7bc6ad806773bb6a892866cfa5594aaf5567cd2025b6b3c3a8dc7f4b12f0cea81cf2232ce8c0a136be3e3f9d8230fc90e51f00d6d160d2d3c21979043aa7ccf9f93fe2edd2edfe9d2add7b87d711c8", 0x4f}, {&(0x7f0000001d40)='-n8', 0x3}, {&(0x7f0000001d80)="d591c3797c0014754af5d60cf42157442c24f690f694ebfca21c264bedd9a3d22510fd6334420bff8cc9ee78d7c2fd46891cf39fc0fe3d11de1110513ffb077e7b9dbb94c046", 0x46}, {&(0x7f0000001e00)="2f808a7bb30d11fa36aec022924ae37e88a4578df8cbff42dd520e8222461175fc27fea030fc7720b59ac0e3f8021dad89ae5d15723dcccbe5a3c08e62ee17292344eac55eef91fa01fa7ce4a06ac1feb94fec965f593048452a769d78fb31a94f97930dc258ff44ba2b8375bf9b711061de764e18b01db9e31ced6a8936c2eb906fa8107020ebe96b789ea8c8f50728cf471b11037e471cfb2b9346afd6884fbd7c70d5604b25141d5b056058793546bee8f3dbec573b05f9e2", 0xba}, {&(0x7f0000001ec0)="84da4a4bf0b412ca57962c31954dc2271a17900393f717a0b91a7c0b78a03b032681ef88f33cb38e", 0x28}], 0x6, &(0x7f00000022c0)=[@authinfo={0x18, 0x84, 0x6, {0x4}}, @authinfo={0x18, 0x84, 0x6, {0x100000000}}, @sndinfo={0x20, 0x84, 0x2, {0x7, 0x8000, 0x0, 0x8, r5}}, @dstaddrv6={0x20, 0x84, 0x8, @remote={0xfe, 0x80, [], 0xbb}}, @sndrcv={0x30, 0x84, 0x1, {0x7, 0x400000000000000, 0x2, 0x80, 0x3f, 0x51ebb3f0, 0x4, 0xfffffffffffff000, r6}}, @sndinfo={0x20, 0x84, 0x2, {0x8, 0x4, 0x0, 0x2c2, r7}}, @sndinfo={0x20, 0x84, 0x2, {0x345, 0x0, 0xba4c, 0x3, r8}}], 0xe0, 0x4040000}, {&(0x7f00000023c0)=@in6={0xa, 0x4e22, 0x7fff, @dev={0xfe, 0x80, [], 0xf}, 0x100}, 0x1c, &(0x7f00000034c0)=[{&(0x7f0000002400)="db4e2d50770334e736cebf284111bea20ceae9cb8f455f6737b953f6bccb6b8da043e3f63136aeee8c8a5d179823af5165ce65bee16ae7974873fddbd41782ce84f07c0208ed3bbfc7ce226cff65bb49d412dd1cf9b6e8bd0b89c751790dae125eed9579ba15c404a3568b00d666b85992e6f1377a56d6a6c6c1edb814bed649d47d8e5129f9706889aebdff8aade4f10d0d2ab80585713a18c7c53d225dd6a6c39410370f60f57651b43f55a5f026c9d3219b644f61e2de168435f99e1e51048f38be1e69e80b6d0a633ac2ffba35fd68a92cd718ea70b0df66e60c63612a6103ecf0e78ed45fa22f06d6717c289bf4b2c53a8273ff6a20e3fcd7b94c07f225b21beb787fbfc7d2c6ce926f8fa89dc3712c02acdb8a831c2b12e7625146cdd2d5a3c451d45cfbe84f125a3969ff17c876304b8576aaa84f61935016fff598031d0c70ffe1957f0a96ed8978fd5be44dd98f560b3ac825694ef398137407b1c33a9d8475f2b2908c9ec578c7d663ed64936507a20564b78803cc5cb5ae2d4fa21ee6065e65c2b1b4444865bcf5b7cc284ddb54d23c512d31c89caedeffa8ff80108e94d13fe41aace9b923190718cd59b2068c3a6ba35b3b92319fbba285e464f31594c96cae0d91c85051d7d3bc5f88e40ad967d15501e4c9bec8d38895c2e1d0a7796b8a690f5b8ac54d3fea274896ed5fb104ed50124989ee7f9503f8399575008397d15afd4e9dc11eea91b05c26bc4e954b90b0179b45230917bbd34b7cea3dbfc12af266f17c47b0ff4c04697c86c838dbcabc3bc2c276e8039d56e01eb91f0742e227a3a56a87a728c91d01cd7b7bfdf5188ceeecbb8d5f9e34fd34bf9b07e0ce0e6eaf5b370d1bda2532aabead246814bb5119c845f1bc349341f08da8765c39d8b452431260e4f4d85d7eb47083a5e8c94d59f927422439d377865118cade5cc07810f5ffeb08ad44bbf1d393eeab8e8727a12635b10a9c27b62b2b474780464f30a7ff911e3275225bdf774be44d0e1f4354d452b6096595a9053406725b026141bd8a9387bd53816c86d0eefa607ff0fca4272350026f9cc1ce0c2afd96c064e3c663fec84424862ac20cb71064d2f9b33913d2d3babc08e3b4eb5f7a6dff339b1d21ff7fe508d2f0d0b4251614d7ac9aa345576254146076656c6876b0c6af295e6ac998e7642b394b93e3f3a17b414d4887a14140f330bb42b3e967f47db5df5fb5ba4dfdee47d2c0a5ec9eb3bb58928ada6d1f6f6c21f2057f6172753d70b63968da9f2a2534aa0a66bef3fcd2e38103b4d66376e3ea71619cc0e082877d4958f0e7b1ba2295b7c460e06fd51824e5e15ee898ff7db5f67e2c7117639d4018b340ebae79e1ff141bbf914fe985aa07b8aacceed4e1a271fdfd5e5143b3d1d1f7991db872ff1c62d253105a4598548f7286264165bdfc80ed975f83cca0640ba88ee1476a0a886a1a8013b6380263c01e59959e84e6aa6b8fb5224bdad1800645026423aa8e79686b99f638e23f54357fe7dfc7536d9d95d1a05c9f829f41bcf62d0ba4a23e3ca80c53cc1a7b9d16c273e759482eeb5c65cec093668b72d53f9be549c02cd2a38ce2ff027fb2842dcc7aa4d8c365b8c2924fabe2ac5fddadbf8307221e1ebc718a6f8b48994e40f9ab78fbdec2a3c87c14c9c386c636defa87266d3b7d8b4001eb3fdc17bed69a146c35137e4650ef1fc9776067c03de487d341186c047224af5fb42c50da2b1eef5ae0f931a8e30d23f0a2c335ed88c239fc4acb0bb0e3ac3e21256e8004390c002bcb1fdb42f14676a3b3ea1deeb60610648472722fefaa78ee5481850a1254c70532de3febe391c1b39662c793fc88320bc0b078c713a64289e2da9a6f5afa14d5db97b86e8840387e9c720c513b448012bf136e9c1bd5da2465bf9bbd1e729be5e3197d0d143fff0ab4375062dae080dd2672b09d6cb4151f7186d1f83985260f536eb8047c35b558784279707ee61f4aed7a24bdcc38a8934774c2f7830c785105da6976327e32d7f7d801f860fd6957164294c626cf02c8a7acb72741782c420ec8af7c71bcfc449f28440b3b8b797321ef617c3597c1e06f64fe1b7c967611aeaf37dc719417b4df159ec6179cd528c2ba995ccd17b72d5761b732c06c433db1202e8294ce1ea0bee64e038bb755581bb3d0956486fe3b039459f206daebf1c36d0b71ada5a1f71ac699e8a8536c7b461e8cb9cce3a5dc7328b1b119a68febb68c9f4ca8b6183f86412cdd222bcc0c6ef84f2b6da5a30ad2accc51ea90d3f399e655d4591755c8bbc443685d827e4473c560e7189ca91a8bc7ed89653ea19f36bb1035841620a4d493d1acc9b98c6b11b8926392f59d21f16e7b5cafd31b9f31cd42772b69cd7a34a3144496c5c86e7e107f0bb46e263f2ac3f27d9576c0dd3f6f8ac2b18334d1893a13429a17b8c8285789db4e1449df43a2a7f68f6857f417fab3c734f82a108b52105ef92a55f918d1cd5598e21e864028afec0610484e24a17d3c254a2c80f0dd27ee11bbf36aabec9ebac295ba5d7dd5a4259d9f238b6c99fa21848450759c6b5597d68dae2d0a2f727e955c0555236ba0c50797ad4c7578c670c6efd3489fa9163a7352a3d9b6c13d82f9e7d83dad064565ea2356972b493a4171e44857f5ef9b8357fbf458660c16457fd205aa4940cf55bc2588b022b3b04479d950407c535be9119749614faf8323dcc79f027e6e032ca6de8f6703ca261ba4ca743a93fdc0b7a030e6dbb2a0695d4c068e323ad06133b732abac88fc1e944ab479db777b26cd5d1653e74fef0df677c6a2a6575a324cc8c1260b36e15b0511046dc122bd1226ddafb3456e3bb880ffdd8b71854d49946a717b5ad4824800d4cbba155f42200fea70675f90b868a40c2712d32da80568663dfe02335a691077bfda5986c1e0dfb01712457bcd1530b84664c0d99a86d12d4c9f5ddc410be312ac11e46bc231b761ddc070070ed494877e1d2aa957dbd7a6b79054fae543d15017879624fc09d01d407c724bfcdf9fc86f1f4ceb4fe2a15e43edb8c5727dc3ea20c92071e22977a828a1cfceaf6d7d271fb5c3692e047490a08200eeeefb2cdaf4062543aa4c265772eafd6053f593c147d547e6604faa4774237fc10774c375a2cf49f77d38beb536771f71e8e43630f4ce04a364048b0bfeb58aa35f25920d976a77392806fc06542c37c3c945eefbae265e309d19c2f9f94ee412b0b3e3e9cc58bf159a92e05933dffa6b548efd6efa0ae4d851bfb685ab4da6ce1a7b192740f99b0e41eba07f1e052659bc36b725c09f1dfc2eb87048070c2a402f944a28e257f012eaf980fc8346b82eaa97a3c63033510c1aaf38c7aa2be411844afadeb3fe0e07d145ec929a213b4199a006670a75046bc921a76f41cbe80c451d642419e5bbb740e6b92f0c71f7e738f01320ef75ed8b11a7310e567516479520336cfa67546c7f6978c7337a39c12b71f413b332b42c88103649ae0a16479b9466770a9eca3681e3a7a63ccc8a8bd74cf3957a4d188ac6d3f4e33ee699d2212c5d0f80354b57ff4e15235560043a26830159ad9ae9e53d54adda95bb3001e9e5e9b970e8b95cf054baf2e0d401857c0effea78ff928f76cd491304df67f689e8d9b1e7d6815fff1f1dccd9929d96dc11f3e0cae650f6418db361a62a3c07b5c247bc9282c1db0f55961ffb4d7b66f8af9428b354dd3e5c7e63f177de1a3b77aa6b6e804692932d299aa82f09bb9d79285722f1872cb60c39ab2a909c5596aaa917c54164fcc64ca8d1bf828746b52275d6aa89d9bf563e121305ce6a4e39f31b03c031d4e1b0bcc8090ecec67c241b29a7b18a2411ab48560f2f5788741e05fdc10c9b4956b036592d76c5205513273a5dd697568a19192341eb93f492fc099a37135f9abefbb33e7c1c840db5493f9f547cc4439f795b73deb6a5554ff335525ef660d3de933163ac1fc4931b83f77da6318eb7cf1aac9b9b2e155f9509f94083a1b9c2f610c735837f8a235150dac018ce7feb7ae6648a2a1b826435fcbc6f1f8b4b412079fd3d94078edded064ca4bef6e2f1b25ef4d14e8f6ee0602b19db996080736a77d03dd797d171496ec974196679641fe453e4af45f6d6d8d6199350971b8c966da1acb9ca2fb6f611cd62ced8645f602a7ebcf1d9cbadc7764a6c9eb90279eba94fbe0f964c8799f9d196e134f383e1fb5ff490b33ab3d7016f16085bb0982ce2f134e9a95192ca0ebe0c65cc82a0b51fd2dec96f42ae2c9a318b5e76bb520ecbffd2524e5d8bdccaec1cba26894d26cfa3e54cd2929a544b69730c4ee319b01fe2d43b1230de177a642a66112814ff67a467ad5b29dbdbb6185df5b0d058ee51fd5441d7fa9feb6d56edd6feefd14cbde4bc18c16624f6737d38cf9804ca43793479ad807c879e5c80bec9cc2634275dceaa172ac3bedfd7eb365d2fdf9c4da3b2afc32e637065dd3a19c511601303e0441a50dc773968d356a325003dfbc41e0470b189d7936db4e80c731b7e6b82d7fb540e5ff46cbeacd4151f615b253a6f8014dcec274614bf25df95510ddfb84727b3af867466c210a33c05627a86160e25f99dc0bdf650512ac638f9e3dd4e391c9c5e7946a62974b7d6d2a7307e6601c8a49d4cf688634e100736e74f7aa94cde13d821b9abc4cfe5efdcecfb6afde298acf41b980fbf707411259673f5c5f875f203929ba5fd1d782537025a7ec436c1d2de737b7eee02f175348c075a7207753f3fd5cb8d9cf5078d013599adcd00fb60d99dcf1c6e3612d1b494dca3449fed133053d6cb7ad4afdeb4299f05c858c07ac9dcbdde41d6559167ebe6aeb6fa3e4eded98ef9795f1dbebb7ed35624cb15c79adb00c88943936f72a5ecb8e228a92e8c33ee0d9029240798bf5d9ee47f158f5c9c3de2720b50920b02520e842f40cea44bcc87722d9abe4015c578578984fe4a81f8bed58c84bca37fc6996b6af3d53f939695cc69e47b5e5386794af0e6d5668e303cb8f6d786ae370691a9e5beb97d69f9bdfeaebbaec038613a23f80aedaa24a952a49666c724d06fdc665dd729602ecf70102e867d6dd62ea0d7b62d5f9c542565b3bc29ddf2b9a20f9e97148a412021a8191f8d50ecefdf152672d9c88d9c60a7578812c2b48a83bf7d70e648336b382467d7aa1e2098ad8dc2277328256031ee46defe15f0dc3d9f6c6cc06ed5f3b7989559344a423844d500b44e8025d9797a66cf4cf3bcaa50201408872e8901fff63c077b630876702f3216a256af08ba8d6911e7edd3bef384fbb22a2dba1f5a1dba5d42adc1ea9fa0b137df04fd08bb3264ac4660d0a029c8589ba4d5dbc1ba61922c30a9bde07a8ab86fdaa45f1626044ab5765896dcbf09514544f4355bfaefe98c0bf6e70a5c400029fa9ba5a4af0d7c248d5000ce181a824babba741e8a6b6348d26b299e5786eb8b5774e91d2520c13bf5bf7650b37dd9f3538cd8e2fa4eda6b92fb8422370911663bb2d637a985f62a27c4383b6a88610485b1ea474825773c78efafaff580a2151dda64cb7af795dce9cfb4948d7385381976bbc1062f0bbe0435184a5a02d52d3e9fe15172a69b87cf68d74993b7dc75f48d55f16615706e5d4d2956571d200f6960cb591e6d2d4ed930f8e41ab4ce1f2ad2aa85d4346118ef9c1673c3bcddbc2df30977fe9cf40fefaa99a898569af085bddd8c013591816b01dfa3f74d936e633fb0db8a44a4259ba24faa995cb3619e66d84d24b72e6ebc0f17f37aa48866d5", 0x1000}, {&(0x7f0000003400)="723d6dfb391f16f83a18e17041f89ee6722b223b17e2cd66c54670a3074af63c6cdd5ff7e70576ebf038c3f0de61960880b2f189a6b65313fccafd6dc0c9ba1a091fb345b1f141338bb3e1efd01fb81bd0f4a833b2d9e7fd99768e816cf12fd59399ecbbdd049cc01f8c5bde793e7e08333b8b261b5956a5e3356429b297b6cae026b9eb359cf6efba5af899eab87fbf02", 0x91}], 0x2, &(0x7f00000036c0)=[@dstaddrv6={0x20, 0x84, 0x8, @local={0xfe, 0x80, [], 0xaa}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x100}}, @sndrcv={0x30, 0x84, 0x1, {0x2bcc, 0x6, 0x8000, 0x6, 0xffffffffffffffff, 0x1, 0x6, 0x7, r9}}, @dstaddrv4={0x18, 0x84, 0x7, @broadcast=0xffffffff}, @dstaddrv6={0x20, 0x84, 0x8, @mcast2={0xff, 0x2, [], 0x1}}, @prinfo={0x18, 0x84, 0x5, {0x0, 0xffffffffffffffc1}}, @dstaddrv4={0x18, 0x84, 0x7, @remote={0xac, 0x14, 0x14, 0xbb}}, @sndrcv={0x30, 0x84, 0x1, {0x2, 0x7, 0x0, 0x9, 0x1, 0x232cfc20, 0x5, 0xfffffffffffffffb, r10}}, @dstaddrv6={0x20, 0x84, 0x8, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}}, @init={0x18, 0x84, 0x0, {0x3, 0xfffffffffffffd6d, 0x3, 0x80}}], 0x138, 0x44800}], 0x4, 0x4000) r11 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r11, 0x0) 02:30:22 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="b30a27523928fea2e2bed85871f7e81c0b7a195a444d337ee5e105dbfa94891fc9f9676c36ed3aaef3d03471aece76e0338266f9b773c0545be834edef52e3d4b02244f67894c84cace7036d551942c208717efb47514439c390667d1522c7e4f28b", 0x62) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:22 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcc00000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:22 executing program 6 (fault-call:6 fault-nth:51): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 252.639988] FAT-fs (loop3): bogus number of reserved sectors [ 252.646081] FAT-fs (loop3): Can't find a valid FAT filesystem [ 252.679224] FAULT_INJECTION: forcing a failure. [ 252.679224] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 252.691302] CPU: 0 PID: 14240 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 252.698672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.708061] Call Trace: [ 252.710692] dump_stack+0x1c9/0x2b4 [ 252.714348] ? dump_stack_print_info.cold.2+0x52/0x52 [ 252.719567] ? lock_downgrade+0x8f0/0x8f0 [ 252.723738] should_fail.cold.4+0xa/0x1a [ 252.727823] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 252.732955] ? graph_lock+0x170/0x170 [ 252.736776] ? is_bpf_text_address+0xd7/0x170 [ 252.741299] ? find_held_lock+0x36/0x1c0 [ 252.745385] ? __lock_is_held+0xb5/0x140 [ 252.749564] ? check_same_owner+0x340/0x340 [ 252.753905] ? rcu_note_context_switch+0x730/0x730 [ 252.758860] __alloc_pages_nodemask+0x36e/0xdb0 [ 252.763552] ? lock_downgrade+0x8f0/0x8f0 [ 252.767722] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 252.772757] ? graph_lock+0x170/0x170 [ 252.776603] ? __lock_is_held+0xb5/0x140 [ 252.780678] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 252.785118] ? __lock_is_held+0xb5/0x140 [ 252.789208] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 252.794769] alloc_pages_current+0x10c/0x210 [ 252.799200] __get_free_pages+0xf/0x40 [ 252.803101] mmu_topup_memory_caches+0x1f8/0x3a0 [ 252.807881] kvm_mmu_load+0x21/0x10e0 [ 252.811707] vcpu_enter_guest+0x3aa6/0x6090 [ 252.816130] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 252.820389] ? kvm_set_msr_common+0x26a0/0x26a0 [ 252.825076] ? vmx_vcpu_load+0xadf/0xff0 [ 252.829153] ? __lock_acquire+0x7fc/0x5020 [ 252.833399] ? vmx_vcpu_reset+0x1040/0x1040 [ 252.837733] ? graph_lock+0x170/0x170 [ 252.841550] ? __lock_acquire+0x7fc/0x5020 [ 252.845816] ? __lock_is_held+0xb5/0x140 [ 252.849896] ? lock_acquire+0x1e4/0x540 [ 252.853877] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 252.858908] ? lock_release+0xa30/0xa30 [ 252.862891] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 252.868176] ? kvm_arch_dev_ioctl+0x610/0x610 [ 252.872681] ? preempt_notifier_dec+0x20/0x20 [ 252.877218] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.882072] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.887136] kvm_vcpu_ioctl+0x7b8/0x1300 [ 252.891211] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 252.896951] ? find_held_lock+0x36/0x1c0 [ 252.901029] ? find_held_lock+0x36/0x1c0 [ 252.905108] ? lock_downgrade+0x8f0/0x8f0 [ 252.909269] ? kasan_check_read+0x11/0x20 [ 252.913421] ? rcu_is_watching+0x8c/0x150 [ 252.917573] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 252.921995] ? __fget+0x414/0x670 [ 252.925461] ? match_held_lock+0x821/0x8d0 [ 252.929707] ? expand_files.part.8+0x9c0/0x9c0 [ 252.934300] ? kasan_check_write+0x14/0x20 02:30:23 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xee2, 0x2000) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000040)={0x3, 0x8, 0x3, 0x0, 0x9, 0x4, 0x7ff}, 0xc) ioctl$TUNSETNOCSUM(r1, 0x400454c8, 0x1) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000540)=""/4096, &(0x7f0000000080)=0x1000) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f00000000c0)={0x7, 0x3, 0x8000}) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:23 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x2300000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 252.938541] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 252.943483] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 252.949208] do_vfs_ioctl+0x1de/0x1720 [ 252.953106] ? __lock_is_held+0xb5/0x140 [ 252.957177] ? ioctl_preallocate+0x300/0x300 [ 252.961641] ? __fget_light+0x2f7/0x440 [ 252.965625] ? fget_raw+0x20/0x20 [ 252.969091] ? __sb_end_write+0xac/0xe0 [ 252.973249] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 252.978791] ? fput+0x130/0x1a0 [ 252.982079] ? ksys_write+0x1ae/0x260 [ 252.985883] ? security_file_ioctl+0x94/0xc0 [ 252.990283] ksys_ioctl+0xa9/0xd0 [ 252.993733] __x64_sys_ioctl+0x73/0xb0 [ 252.997609] do_syscall_64+0x1b9/0x820 [ 253.001502] ? finish_task_switch+0x1d3/0x870 [ 253.006185] ? syscall_return_slowpath+0x5e0/0x5e0 [ 253.011103] ? syscall_return_slowpath+0x31d/0x5e0 [ 253.016028] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 253.021379] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 253.026214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.031388] RIP: 0033:0x455ab9 [ 253.034564] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.054062] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.061784] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 253.069037] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 253.076298] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 253.083733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 02:30:23 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) setsockopt$inet_buf(r0, 0x0, 0x27, &(0x7f0000000100)="218f5618f715f5b80311390b7fd91796462ad357e85e673d0b555967ab1ac691327a7595590efe77c69dfc6b77d6622b9e7e034de41abf7b69455e1dff15255081883374a8ea9d2762d343c73ca5b8b2720391c7553385a69d07be888407bae780899aed75b99d0c2382a8d735113a84565665dd210e6f868d01433b729527cae06cf0c22e52d2315b0ed1e6b26b630f1540aa768e81185346715282f3425e67a01463713cf6", 0xa6) fchmod(r0, 0x102) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x4000000000000) [ 253.090984] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000033 02:30:23 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c05, r0) 02:30:23 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(0x0, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:23 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xa0000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:23 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x1, 0xc1fbd3ac5ca7837c) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000040)={0x2, 0x0, @pic={0x101, 0xb26, 0x37b, 0x7, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x4000000, 0x3, 0x5cf, 0x4, 0xcc6, 0x1000}}) [ 253.236531] FAT-fs (loop3): bogus number of reserved sectors [ 253.242572] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:23 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x401070ca, r0) 02:30:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, 0xffffffffffffffff, 0x0) [ 253.374257] FAT-fs (loop3): bogus number of reserved sectors [ 253.380213] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:23 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0xfffffffffffffffe, 0x0) r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$read(0xb, r1, &(0x7f0000000100)=""/73, 0x49) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:30:23 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x3f000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:23 executing program 6 (fault-call:6 fault-nth:52): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 253.534449] FAT-fs (loop3): bogus number of reserved sectors [ 253.540564] FAT-fs (loop3): Can't find a valid FAT filesystem [ 253.630983] FAT-fs (loop3): bogus number of reserved sectors [ 253.636959] FAT-fs (loop3): Can't find a valid FAT filesystem [ 253.649890] print_req_error: 7 callbacks suppressed [ 253.649901] print_req_error: I/O error, dev loop0, sector 11920 [ 253.660950] FAULT_INJECTION: forcing a failure. [ 253.660950] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 253.661258] Buffer I/O error on dev loop0, logical block 1490, lost async page write [ 253.673211] CPU: 0 PID: 14316 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 253.688276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.697617] Call Trace: [ 253.700198] dump_stack+0x1c9/0x2b4 [ 253.703817] ? dump_stack_print_info.cold.2+0x52/0x52 [ 253.708995] ? lock_downgrade+0x8f0/0x8f0 [ 253.713141] should_fail.cold.4+0xa/0x1a [ 253.717192] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 253.722283] ? graph_lock+0x170/0x170 [ 253.726079] ? is_bpf_text_address+0xd7/0x170 [ 253.730565] ? find_held_lock+0x36/0x1c0 [ 253.734612] ? __lock_is_held+0xb5/0x140 [ 253.738666] ? check_same_owner+0x340/0x340 [ 253.742983] ? rcu_note_context_switch+0x730/0x730 [ 253.747917] __alloc_pages_nodemask+0x36e/0xdb0 [ 253.752574] ? lock_downgrade+0x8f0/0x8f0 [ 253.756720] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 253.761730] ? graph_lock+0x170/0x170 [ 253.765513] ? __lock_is_held+0xb5/0x140 [ 253.769555] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 253.773956] ? __lock_is_held+0xb5/0x140 [ 253.778015] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 253.783545] alloc_pages_current+0x10c/0x210 [ 253.787939] __get_free_pages+0xf/0x40 [ 253.791814] mmu_topup_memory_caches+0x1f8/0x3a0 [ 253.796567] kvm_mmu_load+0x21/0x10e0 [ 253.800367] vcpu_enter_guest+0x3aa6/0x6090 [ 253.804683] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 253.808906] ? kvm_set_msr_common+0x26a0/0x26a0 [ 253.813563] ? vmx_vcpu_load+0xadf/0xff0 [ 253.817611] ? __lock_acquire+0x7fc/0x5020 [ 253.821836] ? vmx_vcpu_reset+0x1040/0x1040 [ 253.826140] ? graph_lock+0x170/0x170 [ 253.829925] ? __lock_acquire+0x7fc/0x5020 [ 253.834160] ? __lock_is_held+0xb5/0x140 [ 253.838209] ? lock_acquire+0x1e4/0x540 [ 253.842168] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 253.847175] ? lock_release+0xa30/0xa30 [ 253.851135] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 253.856398] ? kvm_arch_dev_ioctl+0x610/0x610 [ 253.860880] ? preempt_notifier_dec+0x20/0x20 [ 253.865382] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 253.870212] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 253.875219] kvm_vcpu_ioctl+0x7b8/0x1300 [ 253.879269] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 253.884964] ? find_held_lock+0x36/0x1c0 [ 253.889018] ? find_held_lock+0x36/0x1c0 [ 253.893072] ? lock_downgrade+0x8f0/0x8f0 [ 253.897216] ? kasan_check_read+0x11/0x20 [ 253.901357] ? rcu_is_watching+0x8c/0x150 [ 253.905498] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 253.909904] ? __fget+0x414/0x670 [ 253.913347] ? match_held_lock+0x821/0x8d0 [ 253.917567] ? expand_files.part.8+0x9c0/0x9c0 [ 253.922134] ? kasan_check_write+0x14/0x20 [ 253.926359] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 253.931280] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 253.936977] do_vfs_ioctl+0x1de/0x1720 [ 253.940853] ? __lock_is_held+0xb5/0x140 [ 253.944926] ? ioctl_preallocate+0x300/0x300 [ 253.949320] ? __fget_light+0x2f7/0x440 [ 253.953278] ? fget_raw+0x20/0x20 [ 253.956726] ? __sb_end_write+0xac/0xe0 [ 253.960689] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 253.966217] ? fput+0x130/0x1a0 [ 253.969499] ? ksys_write+0x1ae/0x260 [ 253.973286] ? security_file_ioctl+0x94/0xc0 [ 253.977678] ksys_ioctl+0xa9/0xd0 [ 253.981222] __x64_sys_ioctl+0x73/0xb0 [ 253.985095] do_syscall_64+0x1b9/0x820 [ 253.988966] ? syscall_slow_exit_work+0x500/0x500 [ 253.993890] ? syscall_return_slowpath+0x5e0/0x5e0 [ 253.998806] ? syscall_return_slowpath+0x31d/0x5e0 [ 254.003727] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 254.009079] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 254.013926] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.019101] RIP: 0033:0x455ab9 [ 254.022360] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.041583] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.049286] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 254.056641] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 254.063905] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 254.071161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 254.078418] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000034 02:30:24 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x27e, 0x0) 02:30:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = getpgid(0xffffffffffffffff) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000080)={0xa2c00000000000}) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x19f) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:24 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xf00, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac13a) r0 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) accept4$bt_l2cap(r0, 0x0, &(0x7f0000000000), 0x800) 02:30:24 executing program 6 (fault-call:6 fault-nth:53): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:24 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0xc020660b, r0) 02:30:24 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x402102, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000840)=0x14, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000000900)=@ll={0x0, 0x0, 0x0}, 0x80, &(0x7f0000001b80)=[{&(0x7f0000000980)=""/4096, 0x1000}, {&(0x7f0000001980)=""/124, 0x7c}, {&(0x7f0000001a00)=""/155, 0x9b}, {&(0x7f0000001ac0)=""/155, 0x9b}], 0x4, &(0x7f0000001bc0)=""/253, 0xfd, 0x3}, 0x40000061) accept4$packet(0xffffffffffffffff, &(0x7f0000003e80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000003ec0)=0x14, 0x800) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000003f00)={@loopback, @dev, 0x0}, &(0x7f0000003f40)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000004040)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6}}, &(0x7f00000002c0)=0xfe5f) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000004180)={{{@in6=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}}}, &(0x7f0000004280)=0xe8) recvmsg(0xffffffffffffffff, &(0x7f0000005500)={&(0x7f00000042c0)=@xdp={0x0, 0x0, 0x0}, 0x80, &(0x7f00000053c0)=[{&(0x7f0000004340)=""/4096, 0x1000}, {&(0x7f0000005340)=""/123, 0x7b}], 0x2, &(0x7f0000005400)=""/231, 0xe7}, 0x40000021) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000055c0)={{{@in=@multicast1, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6}}, &(0x7f00000056c0)=0xe8) getpeername$packet(0xffffffffffffff9c, &(0x7f0000005700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000005740)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000006880)={'team0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000006e80)={{{@in6=@dev, @in6=@ipv4={[], [], @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@loopback}}, &(0x7f0000006f80)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000007100)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000007580)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000007540)={&(0x7f0000007140)={0x3e8, r1, 0x100, 0x70bd26, 0x25dfdbfe, {}, [{{0x8, 0x1, r3}, {0xb4, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r4}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r5}}}]}}, {{0x8, 0x1, r6}, {0x14c, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}]}}, {{0x8, 0x1, r9}, {0x12c, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xce}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r12}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}]}}, {{0x8, 0x1, r13}, {0x88, 0x2, [{0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x14, 0x4, [{0x6, 0x5c, 0x1, 0x9}, {0x16b, 0xff, 0x4, 0x7}]}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r14}}}]}}]}, 0x3e8}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r15 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r15, 0x890f, &(0x7f0000000280)="025cc83d6d345f8f762070") shutdown(r2, 0x1) r16 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r17 = memfd_create(&(0x7f0000000440)="2f6465762f6c6f6f702300a717a78bc434e618b90761f08b9f4b6901d76300f9bdd8b064ba04afa09f6236197e10c6ddd8314fd10c416df1f44444090f7e0b994c9f5c1ad1ddf49e029a20bc464c296b2af99505932148516b79301900bdf181c59f3469b8a1eb6c01990eafad1ff65a8251988ee27cc75da79500f70f13415dd2aa63b394b84bf83d4b9b8854", 0x2) pwritev(r17, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r16, 0x4c00, r17) sendfile(r16, r16, &(0x7f0000000000), 0x2000005) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r17, 0xc05c5340, &(0x7f0000000040)={0x0, 0x1, 0x80000001, {}, 0x1ff, 0xc69}) ioctl$LOOP_CLR_FD(r16, 0x4c01) sync() [ 254.301356] FAT-fs (loop3): bogus number of reserved sectors [ 254.307330] FAT-fs (loop3): Can't find a valid FAT filesystem [ 254.385781] FAULT_INJECTION: forcing a failure. [ 254.385781] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 254.397883] CPU: 0 PID: 14341 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 254.405253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.414790] Call Trace: [ 254.417406] dump_stack+0x1c9/0x2b4 [ 254.421056] ? dump_stack_print_info.cold.2+0x52/0x52 [ 254.426263] ? lock_downgrade+0x8f0/0x8f0 [ 254.430434] should_fail.cold.4+0xa/0x1a [ 254.434520] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 254.439642] ? graph_lock+0x170/0x170 [ 254.443454] ? is_bpf_text_address+0xd7/0x170 [ 254.447975] ? find_held_lock+0x36/0x1c0 [ 254.452051] ? __lock_is_held+0xb5/0x140 [ 254.456135] ? check_same_owner+0x340/0x340 [ 254.460476] ? rcu_note_context_switch+0x730/0x730 [ 254.465432] __alloc_pages_nodemask+0x36e/0xdb0 [ 254.470236] ? lock_downgrade+0x8f0/0x8f0 [ 254.474413] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 254.480674] ? graph_lock+0x170/0x170 [ 254.484488] ? __lock_is_held+0xb5/0x140 [ 254.488565] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 254.492998] ? __lock_is_held+0xb5/0x140 [ 254.497086] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 254.502646] alloc_pages_current+0x10c/0x210 [ 254.507344] __get_free_pages+0xf/0x40 [ 254.511262] mmu_topup_memory_caches+0x1f8/0x3a0 [ 254.516038] kvm_mmu_load+0x21/0x10e0 [ 254.519852] ? vcpu_enter_guest+0x298c/0x6090 [ 254.524508] vcpu_enter_guest+0x3aa6/0x6090 [ 254.528882] ? kvm_set_msr_common+0x26a0/0x26a0 [ 254.533661] ? vmx_vcpu_load+0xadf/0xff0 [ 254.537743] ? __lock_acquire+0x7fc/0x5020 [ 254.541996] ? vmx_vcpu_reset+0x1040/0x1040 [ 254.546343] ? graph_lock+0x170/0x170 [ 254.550170] ? __lock_acquire+0x7fc/0x5020 [ 254.554434] ? __lock_is_held+0xb5/0x140 [ 254.558511] ? lock_acquire+0x1e4/0x540 [ 254.562496] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 254.567530] ? lock_release+0xa30/0xa30 [ 254.571520] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 254.576813] ? kvm_arch_dev_ioctl+0x610/0x610 [ 254.581323] ? preempt_notifier_dec+0x20/0x20 [ 254.585847] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 254.590971] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 254.596011] kvm_vcpu_ioctl+0x7b8/0x1300 [ 254.600174] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 254.605897] ? find_held_lock+0x36/0x1c0 [ 254.609984] ? find_held_lock+0x36/0x1c0 [ 254.614080] ? lock_downgrade+0x8f0/0x8f0 [ 254.618341] ? kasan_check_read+0x11/0x20 [ 254.622507] ? rcu_is_watching+0x8c/0x150 [ 254.626679] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 254.631106] ? __fget+0x414/0x670 [ 254.634572] ? match_held_lock+0x821/0x8d0 [ 254.638815] ? expand_files.part.8+0x9c0/0x9c0 [ 254.643410] ? kasan_check_write+0x14/0x20 [ 254.647653] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 254.652624] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 254.658366] do_vfs_ioctl+0x1de/0x1720 [ 254.662265] ? __lock_is_held+0xb5/0x140 [ 254.666338] ? ioctl_preallocate+0x300/0x300 [ 254.670768] ? __fget_light+0x2f7/0x440 [ 254.674751] ? fget_raw+0x20/0x20 [ 254.678215] ? __sb_end_write+0xac/0xe0 [ 254.682208] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 254.687755] ? fput+0x130/0x1a0 [ 254.691043] ? ksys_write+0x1ae/0x260 [ 254.694939] ? security_file_ioctl+0x94/0xc0 [ 254.699362] ksys_ioctl+0xa9/0xd0 [ 254.702829] __x64_sys_ioctl+0x73/0xb0 [ 254.706728] do_syscall_64+0x1b9/0x820 [ 254.710633] ? syscall_return_slowpath+0x5e0/0x5e0 [ 254.715573] ? syscall_return_slowpath+0x31d/0x5e0 [ 254.720520] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 254.725902] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 254.730875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.736067] RIP: 0033:0x455ab9 [ 254.739255] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.758629] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.766360] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 254.773635] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@ipv4={[], [], @loopback}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f0000000300)=0xe8) fstat(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r1, r2) r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x10000, 0x21) getdents64(r3, &(0x7f0000000080)=""/188, 0xbc) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="997169fe01516ece44fb0342a54213bc3b7fb13f6cf2fae69bf48f43cd8e5655479657d2afee8e7776dfdb3e", 0x2c) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000001c0)) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file1\x00', 0x0, 0x18}, 0x10) 02:30:24 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x125f, r0) 02:30:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58) openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x218000, 0x0) socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="9b1667afdfae8187eae2a31d0769e2ad18453910d3dc1d431e402c88576efd5e66e4bd47135503bc24a1c7b8e1495e106e9607c847ad2f0fbe926e7a889a0bacf2c827bec0b8bbdc2b9bd887825282473b12691bde2b0224b3852286a0e7062a5148a5f3150f96118cfd772a6ce4537f2cb68f454f1bba90e8ddeaa6d1a9cfc19ab4497c06f67ea17f02c9bd47a7e3dcbd48db87be90d9dd8344e041f8da48faa2c534419c67532c4c24befb68ea2923d47cd92fe1cfbd8ae7515acba99a80ab1b9753a7e1b4f4441c2055a1fcf63d4be330b4428d90bcc979b13fb174bc08ac06f8ef8c73ccf319db2399d1f2f3e1609a7ad0", 0xf3) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:24 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x401070c9, r0) 02:30:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="3bf72022f7683bb012f5a0322a17"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512_mb\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'ccm_base(salsa20-asm,crc32c-intel)\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) [ 254.780912] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 254.788169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 254.795424] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000035 02:30:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, 0xffffffffffffffff, 0x0) 02:30:25 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x40049409, r0) 02:30:25 executing program 6 (fault-call:6 fault-nth:54): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:25 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x14000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 254.852017] FAT-fs (loop3): bogus number of reserved sectors [ 254.857980] FAT-fs (loop3): Can't find a valid FAT filesystem [ 254.988074] FAULT_INJECTION: forcing a failure. [ 254.988074] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 255.000112] CPU: 0 PID: 14395 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 255.007486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.016852] Call Trace: [ 255.019460] dump_stack+0x1c9/0x2b4 [ 255.023106] ? dump_stack_print_info.cold.2+0x52/0x52 [ 255.028324] ? lock_downgrade+0x8f0/0x8f0 [ 255.032498] should_fail.cold.4+0xa/0x1a [ 255.036579] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 255.041702] ? graph_lock+0x170/0x170 [ 255.045519] ? is_bpf_text_address+0xd7/0x170 [ 255.050034] ? find_held_lock+0x36/0x1c0 [ 255.054115] ? __lock_is_held+0xb5/0x140 [ 255.058200] ? check_same_owner+0x340/0x340 [ 255.062539] ? rcu_note_context_switch+0x730/0x730 [ 255.067490] __alloc_pages_nodemask+0x36e/0xdb0 [ 255.072176] ? lock_downgrade+0x8f0/0x8f0 [ 255.076346] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 255.081396] ? graph_lock+0x170/0x170 [ 255.085206] ? __lock_is_held+0xb5/0x140 [ 255.089319] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 255.093755] ? __lock_is_held+0xb5/0x140 [ 255.097843] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 255.103401] alloc_pages_current+0x10c/0x210 [ 255.107831] __get_free_pages+0xf/0x40 [ 255.111731] mmu_topup_memory_caches+0x1f8/0x3a0 [ 255.116512] kvm_mmu_load+0x21/0x10e0 [ 255.120344] vcpu_enter_guest+0x3aa6/0x6090 [ 255.124687] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 255.128946] ? kvm_set_msr_common+0x26a0/0x26a0 [ 255.133637] ? vmx_vcpu_load+0xadf/0xff0 [ 255.137717] ? __lock_acquire+0x7fc/0x5020 [ 255.141983] ? vmx_vcpu_reset+0x1040/0x1040 [ 255.146297] ? graph_lock+0x170/0x170 [ 255.150098] ? __lock_acquire+0x7fc/0x5020 [ 255.154327] ? __lock_is_held+0xb5/0x140 [ 255.158381] ? lock_acquire+0x1e4/0x540 [ 255.162350] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 255.167355] ? lock_release+0xa30/0xa30 [ 255.171317] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 255.176590] ? kvm_arch_dev_ioctl+0x610/0x610 [ 255.181177] ? preempt_notifier_dec+0x20/0x20 [ 255.185662] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.190486] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.195496] kvm_vcpu_ioctl+0x7b8/0x1300 [ 255.199546] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 255.205247] ? find_held_lock+0x36/0x1c0 [ 255.209297] ? find_held_lock+0x36/0x1c0 [ 255.213361] ? lock_downgrade+0x8f0/0x8f0 [ 255.217512] ? kasan_check_read+0x11/0x20 [ 255.221646] ? rcu_is_watching+0x8c/0x150 [ 255.225789] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 255.230197] ? __fget+0x414/0x670 [ 255.233639] ? match_held_lock+0x821/0x8d0 [ 255.237857] ? expand_files.part.8+0x9c0/0x9c0 [ 255.242426] ? kasan_check_write+0x14/0x20 [ 255.246657] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 255.251583] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 255.257277] do_vfs_ioctl+0x1de/0x1720 [ 255.261159] ? __lock_is_held+0xb5/0x140 [ 255.265207] ? ioctl_preallocate+0x300/0x300 [ 255.269607] ? __fget_light+0x2f7/0x440 [ 255.273569] ? fget_raw+0x20/0x20 [ 255.277026] ? __sb_end_write+0xac/0xe0 [ 255.281003] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 255.286530] ? fput+0x130/0x1a0 [ 255.289808] ? ksys_write+0x1ae/0x260 [ 255.293596] ? security_file_ioctl+0x94/0xc0 [ 255.297993] ksys_ioctl+0xa9/0xd0 [ 255.301438] __x64_sys_ioctl+0x73/0xb0 [ 255.305317] do_syscall_64+0x1b9/0x820 [ 255.309191] ? finish_task_switch+0x1d3/0x870 [ 255.313688] ? syscall_return_slowpath+0x5e0/0x5e0 [ 255.318608] ? syscall_return_slowpath+0x31d/0x5e0 [ 255.323526] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 255.328878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 255.333711] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.338884] RIP: 0033:0x455ab9 [ 255.342054] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.361289] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 255.368993] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 255.376262] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 255.383533] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 255.390784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 255.398037] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000036 02:30:25 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) 02:30:25 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80040, 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) 02:30:25 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$netlink(0x10, 0x3, 0x2) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000480)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f00000006c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x11c, r2, 0x300, 0x70bd2d, 0x25dfdbfd, {0xc}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}]}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x200}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8001}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x5}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x4}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3f}]}, 0x11c}, 0x1, 0x0, 0x0, 0x40000}, 0x80) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-camellia-aesni\x00'}, 0x58) r3 = dup(r1) accept$packet(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x14) 02:30:25 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x2, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:25 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x80081270, r0) 02:30:25 executing program 6 (fault-call:6 fault-nth:55): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 255.513529] FAT-fs (loop3): bogus number of reserved sectors [ 255.519504] FAT-fs (loop3): Can't find a valid FAT filesystem [ 255.682718] FAULT_INJECTION: forcing a failure. [ 255.682718] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 255.694917] CPU: 1 PID: 14430 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 255.702291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.711653] Call Trace: [ 255.714391] dump_stack+0x1c9/0x2b4 [ 255.718046] ? dump_stack_print_info.cold.2+0x52/0x52 [ 255.723270] ? lock_downgrade+0x8f0/0x8f0 [ 255.727447] should_fail.cold.4+0xa/0x1a [ 255.731537] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 255.736662] ? graph_lock+0x170/0x170 [ 255.740485] ? is_bpf_text_address+0xd7/0x170 [ 255.745003] ? find_held_lock+0x36/0x1c0 [ 255.749089] ? __lock_is_held+0xb5/0x140 [ 255.753175] ? check_same_owner+0x340/0x340 [ 255.757515] ? rcu_note_context_switch+0x730/0x730 [ 255.762476] __alloc_pages_nodemask+0x36e/0xdb0 [ 255.767166] ? lock_downgrade+0x8f0/0x8f0 [ 255.771339] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 255.776457] ? graph_lock+0x170/0x170 [ 255.780278] ? __lock_is_held+0xb5/0x140 [ 255.784359] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 255.788803] ? __lock_is_held+0xb5/0x140 [ 255.792894] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 255.798456] alloc_pages_current+0x10c/0x210 [ 255.802885] __get_free_pages+0xf/0x40 [ 255.806791] mmu_topup_memory_caches+0x1f8/0x3a0 [ 255.811655] kvm_mmu_load+0x21/0x10e0 [ 255.815481] vcpu_enter_guest+0x3aa6/0x6090 [ 255.819807] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 255.824052] ? kvm_set_msr_common+0x26a0/0x26a0 [ 255.828737] ? vmx_vcpu_load+0xadf/0xff0 [ 255.832802] ? __lock_acquire+0x7fc/0x5020 [ 255.837037] ? vmx_vcpu_reset+0x1040/0x1040 [ 255.841378] ? graph_lock+0x170/0x170 [ 255.845179] ? __lock_acquire+0x7fc/0x5020 [ 255.849416] ? __lock_is_held+0xb5/0x140 [ 255.853483] ? lock_acquire+0x1e4/0x540 [ 255.857465] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 255.862486] ? lock_release+0xa30/0xa30 [ 255.866448] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 255.871727] ? kvm_arch_dev_ioctl+0x610/0x610 [ 255.876223] ? preempt_notifier_dec+0x20/0x20 [ 255.880732] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.885590] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.890609] kvm_vcpu_ioctl+0x7b8/0x1300 [ 255.894680] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 255.900565] ? find_held_lock+0x36/0x1c0 [ 255.904629] ? find_held_lock+0x36/0x1c0 [ 255.908683] ? lock_downgrade+0x8f0/0x8f0 [ 255.912823] ? kasan_check_read+0x11/0x20 [ 255.916988] ? rcu_is_watching+0x8c/0x150 [ 255.921132] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 255.925532] ? __fget+0x414/0x670 [ 255.929060] ? match_held_lock+0x821/0x8d0 [ 255.933304] ? expand_files.part.8+0x9c0/0x9c0 [ 255.937892] ? kasan_check_write+0x14/0x20 [ 255.942132] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 255.947082] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 255.952805] do_vfs_ioctl+0x1de/0x1720 [ 255.956705] ? __lock_is_held+0xb5/0x140 [ 255.960781] ? ioctl_preallocate+0x300/0x300 [ 255.965192] ? __fget_light+0x2f7/0x440 [ 255.969156] ? fget_raw+0x20/0x20 [ 255.972596] ? __sb_end_write+0xac/0xe0 [ 255.976559] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 255.982081] ? fput+0x130/0x1a0 [ 255.985354] ? ksys_write+0x1ae/0x260 [ 255.989147] ? security_file_ioctl+0x94/0xc0 [ 255.993547] ksys_ioctl+0xa9/0xd0 [ 255.996994] __x64_sys_ioctl+0x73/0xb0 [ 256.000901] do_syscall_64+0x1b9/0x820 [ 256.004783] ? finish_task_switch+0x1d3/0x870 [ 256.009269] ? syscall_return_slowpath+0x5e0/0x5e0 [ 256.014197] ? syscall_return_slowpath+0x31d/0x5e0 [ 256.019160] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 256.024796] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 256.029646] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.034827] RIP: 0033:0x455ab9 [ 256.038004] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.057265] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 256.065068] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 256.072349] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 256.079623] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 256.086890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 256.094256] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000037 [ 256.129809] FAT-fs (loop3): bogus number of reserved sectors [ 256.135802] FAT-fs (loop3): Can't find a valid FAT filesystem [ 256.141872] print_req_error: I/O error, dev loop0, sector 33280 [ 256.190133] print_req_error: I/O error, dev loop0, sector 0 [ 256.195987] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 256.212637] print_req_error: I/O error, dev loop0, sector 12296 [ 256.218945] Buffer I/O error on dev loop0, logical block 1537, lost async page write 02:30:26 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) pipe2(&(0x7f0000000000), 0x80800) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:26 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x7, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:26 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0xc0101282, r0) 02:30:26 executing program 0: r0 = socket$inet6(0xa, 0x80005, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) r3 = getpgid(0xffffffffffffffff) wait4(r3, 0x0, 0x60000009, &(0x7f00000000c0)) sync() 02:30:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, 0xffffffffffffffff, 0x0) 02:30:26 executing program 6 (fault-call:6 fault-nth:56): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000100)="d7dceb715b486dc3e463d782201927fa1050e932ee5b3e475dda9dd4982ac615c2f0f35e888d5f17527ead61ebca5f0633f85e2a49a3798910dc13866230861a70333dac5cc73dd30987931fcbe3a046bb36840a20a0edea5eaec8c6f3dd20b821ce4115a81332014a4d30293f6938ef2d898c3cfa2ff4dc19bd9cff62fdf92e9c929fdd49dc59a19b4c1e76fd5c9a99650f61d8", 0x94, 0x4}], 0x0, &(0x7f0000000340)=ANY=[@ANYRES64, @ANYRESDEC, @ANYPTR64=&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES32, @ANYRESHEX=0x0, @ANYRESOCT], @ANYRESOCT, @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYPTR64, @ANYPTR64, @ANYRESOCT, @ANYRES32], @ANYRESHEX], @ANYRES32, @ANYRES32, @ANYPTR=&(0x7f0000000280)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="65d313bfe91d444813381774e69627acc5f12bc66fa59e67953e9b1ac20179ad2998ec6e777349145947b4206be835d1784dc288cc2dc38e68d646917ea4af7040f12546a136ff944ac736f2331ac2fd1dfd2057316adde6c7c36d443f94653ff56041f7d5f0e6a0e501e73f3e25e033d4ff8af3b915a2265ad31fade3a0531614eea6d4ac6df4e3b52604667a38f66fe70d5553e8b3afd1ba85510718aac8032565e627"], @ANYRESDEC]) personality(0x400000f) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r0, 0x0) [ 256.332354] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿÿ18446744073709551615@" or missing value 02:30:26 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) r1 = dup3(r0, r0, 0x80000) ioctl$SG_GET_REQUEST_TABLE(r1, 0x2286, &(0x7f0000000000)) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="07e235acfcd63377db29456710eb9c930d978edafa8a7120ab85af174946ee12b63449df0bdb30a7da8e06007692f4bdb65cdbb65d7136fd2ff31926cc8fffff00002984db6bd854e0063f65ac18eb13502a6602aabf000000000000000000", 0x5f) [ 256.406913] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿÿ18446744073709551615@" or missing value 02:30:26 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xe000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 256.504397] FAULT_INJECTION: forcing a failure. [ 256.504397] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 256.516407] CPU: 1 PID: 14462 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 256.523778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.533228] Call Trace: [ 256.535830] dump_stack+0x1c9/0x2b4 [ 256.539475] ? dump_stack_print_info.cold.2+0x52/0x52 [ 256.544679] ? lock_downgrade+0x8f0/0x8f0 [ 256.548857] should_fail.cold.4+0xa/0x1a [ 256.552933] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 256.558049] ? graph_lock+0x170/0x170 [ 256.561857] ? is_bpf_text_address+0xd7/0x170 [ 256.566365] ? find_held_lock+0x36/0x1c0 [ 256.570446] ? __lock_is_held+0xb5/0x140 [ 256.574530] ? check_same_owner+0x340/0x340 [ 256.578863] ? rcu_note_context_switch+0x730/0x730 [ 256.583817] __alloc_pages_nodemask+0x36e/0xdb0 [ 256.588508] ? lock_downgrade+0x8f0/0x8f0 [ 256.592675] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 256.597715] ? graph_lock+0x170/0x170 [ 256.601525] ? __lock_is_held+0xb5/0x140 [ 256.605597] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 256.610023] ? __lock_is_held+0xb5/0x140 [ 256.614087] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 256.619617] alloc_pages_current+0x10c/0x210 [ 256.624018] __get_free_pages+0xf/0x40 [ 256.627898] mmu_topup_memory_caches+0x1f8/0x3a0 [ 256.632641] kvm_mmu_load+0x21/0x10e0 [ 256.636430] vcpu_enter_guest+0x3aa6/0x6090 [ 256.640737] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 256.644963] ? kvm_set_msr_common+0x26a0/0x26a0 [ 256.649624] ? vmx_vcpu_load+0xadf/0xff0 [ 256.653689] ? __lock_acquire+0x7fc/0x5020 [ 256.657911] ? vmx_vcpu_reset+0x1040/0x1040 [ 256.662223] ? graph_lock+0x170/0x170 [ 256.666013] ? __lock_acquire+0x7fc/0x5020 [ 256.670243] ? __lock_is_held+0xb5/0x140 [ 256.674292] ? lock_acquire+0x1e4/0x540 [ 256.678263] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 256.683267] ? lock_release+0xa30/0xa30 [ 256.687226] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 256.692490] ? kvm_arch_dev_ioctl+0x610/0x610 [ 256.696971] ? preempt_notifier_dec+0x20/0x20 [ 256.701459] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 256.706308] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 256.711316] kvm_vcpu_ioctl+0x7b8/0x1300 [ 256.715367] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 256.721068] ? find_held_lock+0x36/0x1c0 [ 256.725121] ? find_held_lock+0x36/0x1c0 [ 256.729183] ? lock_downgrade+0x8f0/0x8f0 [ 256.733330] ? kasan_check_read+0x11/0x20 [ 256.737459] ? rcu_is_watching+0x8c/0x150 [ 256.741590] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 256.745989] ? __fget+0x414/0x670 [ 256.749437] ? match_held_lock+0x821/0x8d0 [ 256.753656] ? expand_files.part.8+0x9c0/0x9c0 [ 256.758228] ? kasan_check_write+0x14/0x20 [ 256.762448] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 256.767364] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 256.773061] do_vfs_ioctl+0x1de/0x1720 [ 256.776933] ? __lock_is_held+0xb5/0x140 [ 256.780992] ? ioctl_preallocate+0x300/0x300 [ 256.785386] ? __fget_light+0x2f7/0x440 [ 256.789342] ? fget_raw+0x20/0x20 [ 256.792781] ? __sb_end_write+0xac/0xe0 [ 256.796744] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 256.802264] ? fput+0x130/0x1a0 [ 256.805526] ? ksys_write+0x1ae/0x260 [ 256.809313] ? security_file_ioctl+0x94/0xc0 [ 256.813705] ksys_ioctl+0xa9/0xd0 [ 256.817144] __x64_sys_ioctl+0x73/0xb0 [ 256.821033] do_syscall_64+0x1b9/0x820 [ 256.824917] ? syscall_slow_exit_work+0x500/0x500 [ 256.831497] ? syscall_return_slowpath+0x5e0/0x5e0 [ 256.836411] ? syscall_return_slowpath+0x31d/0x5e0 [ 256.841328] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 256.846682] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 256.851513] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.856683] RIP: 0033:0x455ab9 [ 256.859856] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.879176] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 256.886868] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 256.894120] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000040)='./file0/bus\x00', 0x102) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) [ 256.901374] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 256.908634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 256.915894] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000038 02:30:27 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) 02:30:27 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x127f, r0) 02:30:27 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-twofish-avx\x00'}, 0x299) r1 = fcntl$dupfd(r0, 0x406, r0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000200)=@assoc_value, &(0x7f0000000240)=0x8) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) accept$inet(r1, 0x0, &(0x7f00000000c0)) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) 02:30:27 executing program 6 (fault-call:6 fault-nth:57): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 257.007990] FAT-fs (loop3): bogus number of reserved sectors [ 257.013952] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xd484020000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:27 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1262, r0) [ 257.114301] FAT-fs (loop3): bogus number of reserved sectors [ 257.120249] FAT-fs (loop3): Can't find a valid FAT filesystem [ 257.198295] FAULT_INJECTION: forcing a failure. [ 257.198295] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 257.210567] CPU: 0 PID: 14513 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 257.217935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.227303] Call Trace: [ 257.229909] dump_stack+0x1c9/0x2b4 [ 257.233559] ? dump_stack_print_info.cold.2+0x52/0x52 [ 257.238769] ? lock_downgrade+0x8f0/0x8f0 [ 257.242943] should_fail.cold.4+0xa/0x1a [ 257.247023] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 257.252193] ? graph_lock+0x170/0x170 [ 257.256004] ? is_bpf_text_address+0xd7/0x170 [ 257.260513] ? find_held_lock+0x36/0x1c0 [ 257.264584] ? __lock_is_held+0xb5/0x140 [ 257.268663] ? check_same_owner+0x340/0x340 [ 257.273174] ? rcu_note_context_switch+0x730/0x730 [ 257.278129] __alloc_pages_nodemask+0x36e/0xdb0 [ 257.282811] ? lock_downgrade+0x8f0/0x8f0 [ 257.288108] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 257.293150] ? graph_lock+0x170/0x170 [ 257.296966] ? __lock_is_held+0xb5/0x140 [ 257.300740] print_req_error: I/O error, dev loop0, sector 11136 [ 257.301054] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 257.301082] ? __lock_is_held+0xb5/0x140 [ 257.315600] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 257.321169] alloc_pages_current+0x10c/0x210 [ 257.325592] __get_free_pages+0xf/0x40 [ 257.329504] mmu_topup_memory_caches+0x1f8/0x3a0 [ 257.334277] kvm_mmu_load+0x21/0x10e0 [ 257.338095] vcpu_enter_guest+0x3aa6/0x6090 [ 257.342432] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 257.342601] print_req_error: I/O error, dev loop0, sector 0 [ 257.346672] ? kvm_set_msr_common+0x26a0/0x26a0 [ 257.346690] ? vmx_vcpu_load+0xadf/0xff0 [ 257.346710] ? __lock_acquire+0x7fc/0x5020 [ 257.352431] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 257.357152] ? vmx_vcpu_reset+0x1040/0x1040 [ 257.357166] ? graph_lock+0x170/0x170 [ 257.357181] ? __lock_acquire+0x7fc/0x5020 [ 257.357205] ? __lock_is_held+0xb5/0x140 [ 257.389491] ? lock_acquire+0x1e4/0x540 [ 257.393462] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 257.398474] ? lock_release+0xa30/0xa30 [ 257.402430] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 257.407701] ? kvm_arch_dev_ioctl+0x610/0x610 [ 257.412189] ? preempt_notifier_dec+0x20/0x20 [ 257.416682] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 257.421514] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 257.426532] kvm_vcpu_ioctl+0x7b8/0x1300 [ 257.430581] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 257.436295] ? find_held_lock+0x36/0x1c0 [ 257.440345] ? find_held_lock+0x36/0x1c0 [ 257.444493] ? lock_downgrade+0x8f0/0x8f0 [ 257.448643] ? kasan_check_read+0x11/0x20 [ 257.452779] ? rcu_is_watching+0x8c/0x150 [ 257.456912] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 257.461398] ? __fget+0x414/0x670 [ 257.464853] ? match_held_lock+0x821/0x8d0 [ 257.469079] ? expand_files.part.8+0x9c0/0x9c0 [ 257.473650] ? kasan_check_write+0x14/0x20 [ 257.477874] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 257.482966] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 257.488664] do_vfs_ioctl+0x1de/0x1720 [ 257.492549] ? __lock_is_held+0xb5/0x140 [ 257.496598] ? ioctl_preallocate+0x300/0x300 [ 257.500994] ? __fget_light+0x2f7/0x440 [ 257.504963] ? fget_raw+0x20/0x20 [ 257.508411] ? __sb_end_write+0xac/0xe0 [ 257.512569] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 257.518110] ? fput+0x130/0x1a0 [ 257.521481] ? ksys_write+0x1ae/0x260 [ 257.525282] ? security_file_ioctl+0x94/0xc0 [ 257.529677] ksys_ioctl+0xa9/0xd0 [ 257.533126] __x64_sys_ioctl+0x73/0xb0 [ 257.537002] do_syscall_64+0x1b9/0x820 [ 257.540889] ? finish_task_switch+0x1d3/0x870 [ 257.545457] ? syscall_return_slowpath+0x5e0/0x5e0 [ 257.550377] ? syscall_return_slowpath+0x31d/0x5e0 [ 257.555296] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 257.560647] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 257.565482] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.570664] RIP: 0033:0x455ab9 [ 257.573843] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:30:27 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x8000, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000040)={0x101, 0x8, 0x7ff, @link_local={0x1, 0x80, 0xc2}, 'ip6gretap0\x00'}) r1 = socket$alg(0x26, 0x5, 0x0) mq_getsetattr(r0, &(0x7f0000000240)={0x1, 0x7ff, 0x7ff, 0x8, 0xff, 0xfffffffffffffff9, 0x9, 0x6127}, &(0x7f0000000280)) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) sync_file_range(r0, 0x2, 0xffff, 0x2) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000080)=ANY=[@ANYBLOB="070000000000000002000040010001000600000000000000810000000100000009000000000000000000000000000000000000800400000001000000a44f00000010000001000000090000000000000000000000000000004defd8990300000007000000ffffff7f000000000700000009000000000000000000000000000000010000c0090000000500000005000000070000002503000027aee240000000000000000000000000070000800100000000000000070000000000000098520000ff0000000000000000000000000000000f000900010000000200000008000000ffffff7f40000000ffff00000000000000000000000000000f000000080000000400000040000000060000000100010000000100000000000000000000000000"]) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000001c0)=0x0) fcntl$lock(r0, 0x7, &(0x7f0000000200)={0x2, 0x1, 0x1ff, 0x0, r2}) 02:30:27 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x1274, r0) 02:30:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'erspan0\x00', {0x2, 0x4e23, @loopback=0x7f000001}}) [ 257.593083] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.600791] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 257.608047] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 257.615299] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 257.623683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 257.630939] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000039 [ 257.731559] FAT-fs (loop3): bogus number of reserved sectors [ 257.737620] FAT-fs (loop3): Can't find a valid FAT filesystem [ 257.807247] FAT-fs (loop3): bogus number of reserved sectors [ 257.813189] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:28 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f00000000c0)={{0x2, 0x3, 0x4, 0x1}, 0x3800000, 0x2, 'id0\x00', 'timer1\x00', 0x0, 0x71cb, 0xfffffffffffffff7, 0x4, 0x6c5}) sync() 02:30:28 executing program 6 (fault-call:6 fault-nth:58): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:28 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x80000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:28 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x125d, r0) 02:30:28 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x125f, r0) 02:30:28 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x3, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000000)) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000100)={{{@in6, @in=@dev}}, {{@in6=@loopback}, 0x0, @in6=@ipv4}}, &(0x7f0000000040)=0xe8) [ 258.014562] FAT-fs (loop3): bogus number of reserved sectors [ 258.020519] FAT-fs (loop3): Can't find a valid FAT filesystem 02:30:28 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r2, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) 02:30:28 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x300000000000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:28 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c02, r0) 02:30:28 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) io_setup(0x3, &(0x7f0000000000)=0x0) io_getevents(r1, 0x0, 0x2, &(0x7f0000000040)=[{}, {}], 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:28 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xcc, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 258.088995] FAT-fs (loop3): bogus number of reserved sectors [ 258.095130] FAT-fs (loop3): Can't find a valid FAT filesystem [ 258.197516] FAULT_INJECTION: forcing a failure. [ 258.197516] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 258.209439] CPU: 0 PID: 14590 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 258.216897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.226257] Call Trace: [ 258.228863] dump_stack+0x1c9/0x2b4 [ 258.232505] ? dump_stack_print_info.cold.2+0x52/0x52 [ 258.237708] ? lock_downgrade+0x8f0/0x8f0 [ 258.241888] should_fail.cold.4+0xa/0x1a [ 258.245964] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 258.251089] ? graph_lock+0x170/0x170 [ 258.254905] ? is_bpf_text_address+0xd7/0x170 [ 258.259445] ? find_held_lock+0x36/0x1c0 [ 258.263523] ? __lock_is_held+0xb5/0x140 [ 258.267606] ? check_same_owner+0x340/0x340 [ 258.271942] ? rcu_note_context_switch+0x730/0x730 [ 258.276892] __alloc_pages_nodemask+0x36e/0xdb0 [ 258.281570] ? lock_downgrade+0x8f0/0x8f0 [ 258.285739] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 258.290765] ? graph_lock+0x170/0x170 [ 258.294570] ? __lock_is_held+0xb5/0x140 [ 258.298892] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 258.303332] ? __lock_is_held+0xb5/0x140 [ 258.307418] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 258.312974] alloc_pages_current+0x10c/0x210 [ 258.317399] __get_free_pages+0xf/0x40 [ 258.321303] mmu_topup_memory_caches+0x1f8/0x3a0 [ 258.326092] kvm_mmu_load+0x21/0x10e0 [ 258.329929] vcpu_enter_guest+0x3aa6/0x6090 [ 258.334271] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 258.338526] ? kvm_set_msr_common+0x26a0/0x26a0 [ 258.343220] ? vmx_vcpu_load+0xadf/0xff0 [ 258.347298] ? __lock_acquire+0x7fc/0x5020 [ 258.351546] ? vmx_vcpu_reset+0x1040/0x1040 [ 258.355882] ? graph_lock+0x170/0x170 [ 258.359697] ? __lock_acquire+0x7fc/0x5020 [ 258.363960] ? __lock_is_held+0xb5/0x140 [ 258.368047] ? lock_acquire+0x1e4/0x540 [ 258.372043] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 258.377087] ? lock_release+0xa30/0xa30 [ 258.381072] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 258.386364] ? kvm_arch_dev_ioctl+0x610/0x610 [ 258.390870] ? preempt_notifier_dec+0x20/0x20 [ 258.392709] FAT-fs (loop3): bogus number of reserved sectors [ 258.395404] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 258.395420] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 258.395448] kvm_vcpu_ioctl+0x7b8/0x1300 [ 258.395467] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 258.395485] ? find_held_lock+0x36/0x1c0 [ 258.395508] ? find_held_lock+0x36/0x1c0 [ 258.401408] FAT-fs (loop3): Can't find a valid FAT filesystem [ 258.406211] ? lock_downgrade+0x8f0/0x8f0 [ 258.406231] ? kasan_check_read+0x11/0x20 [ 258.406248] ? rcu_is_watching+0x8c/0x150 [ 258.447402] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 258.451828] ? __fget+0x414/0x670 [ 258.455295] ? match_held_lock+0x821/0x8d0 [ 258.459539] ? expand_files.part.8+0x9c0/0x9c0 [ 258.464156] ? kasan_check_write+0x14/0x20 [ 258.468400] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 258.473350] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 258.480267] do_vfs_ioctl+0x1de/0x1720 [ 258.484166] ? __lock_is_held+0xb5/0x140 [ 258.488243] ? ioctl_preallocate+0x300/0x300 [ 258.492662] ? __fget_light+0x2f7/0x440 [ 258.496639] ? fget_raw+0x20/0x20 [ 258.500095] ? __sb_end_write+0xac/0xe0 [ 258.504103] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 258.509644] ? fput+0x130/0x1a0 [ 258.512928] ? ksys_write+0x1ae/0x260 [ 258.516734] ? security_file_ioctl+0x94/0xc0 [ 258.521153] ksys_ioctl+0xa9/0xd0 [ 258.524649] __x64_sys_ioctl+0x73/0xb0 [ 258.528547] do_syscall_64+0x1b9/0x820 [ 258.532442] ? finish_task_switch+0x1d3/0x870 [ 258.536951] ? syscall_return_slowpath+0x5e0/0x5e0 [ 258.541889] ? syscall_return_slowpath+0x31d/0x5e0 [ 258.546826] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 258.552202] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 258.557149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.562340] RIP: 0033:0x455ab9 [ 258.565526] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 258.584864] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 02:30:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000040), 0x4) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x1) 02:30:28 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x5421, r0) 02:30:28 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c08, r0) 02:30:28 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0xc0045878, r0) [ 258.592580] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 258.599844] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 258.607099] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 258.614360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 258.621612] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003a [ 258.716073] FAT-fs (loop3): bogus number of reserved sectors [ 258.722364] FAT-fs (loop3): Can't find a valid FAT filesystem [ 258.808445] print_req_error: I/O error, dev loop0, sector 20480 [ 258.814806] print_req_error: I/O error, dev loop0, sector 21504 [ 258.821067] print_req_error: I/O error, dev loop0, sector 22528 02:30:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xfffffdef, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:29 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x125e, r0) 02:30:29 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$RTC_VL_READ(r2, 0x80047013, &(0x7f0000000040)) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) sync() ioctl$KVM_ASSIGN_PCI_DEVICE(r2, 0x8040ae69, &(0x7f00000000c0)={0x0, 0x2, 0x8, 0x2, 0xffffffff80000000}) 02:30:29 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x101100, 0x0) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x200002, 0x0) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x8000, 0x0) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f00000000c0)={0x3, r3, 0x1}) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) bind$alg(r4, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0xb5) accept4$inet6(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x80000) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) 02:30:29 executing program 6 (fault-call:6 fault-nth:59): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:29 executing program 2 (fault-call:9 fault-nth:0): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:29 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x180, &(0x7f00000003c0), 0x0, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) io_setup(0x8001, &(0x7f0000000000)=0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/dsp\x00', 0x20000, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x280000) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r1, 0x118, 0x1, &(0x7f0000000400)=0x6, 0x4) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x800, 0x0) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000040)=0x0) capset(&(0x7f0000000500)={0x20071026, r5}, &(0x7f0000000540)={0x0, 0x1, 0x40, 0x9, 0x0, 0x100}) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)=0xffffffffffffffff, 0x4) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ppp\x00', 0x4f4002, 0x0) io_submit(r0, 0x3, &(0x7f0000000480)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x3, 0x9dce, r1, &(0x7f0000000100)="1a3787417bac00b91b48ca0ed0373f2f782ccbf5985fc6297d3e6eb56f8d77776d1d5aef", 0x24, 0xbb57, 0x0, 0x0, r2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0x0, r3, &(0x7f00000001c0)="dc7612c6243932b3f3e20acf361ec310703cd906e8a825b25a51ddd4d20a8d575feda71f291da7503eccf7b008934cc202332102a8bba77d1ecad7c16c05a42359e6fc92ea3e962d569632f49bef41b41156ed598e2ff4a5f0080638251a544698ee0f89f5aacebacb8806e3c9349df365843d2660fefde5de4cb82d2a94b3275443b209be7a4e441e3e3fbb76c918d5ef3fad426858cc85957aad08502ada16b27b51e70c07186ddec3e68d480dc4a13c78ce5e", 0xb4, 0x6b, 0x0, 0x0, r4}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xb, 0x1a0, r6, &(0x7f0000000340)="d65b23e701c18bc7640e0f66d8e913e9c3cd39b8291190eb3c504f29467d6d083f4caa7a0ec19cf7037783f8f3c1a21d09522f331eba5dda8a917e71475822ff2f7815990157ddbf07d0e763d73b85b1d45cfd466d011302f248ca8bf092e30b9fae68f830f716d729ad2221b61439bfcfc1598cd608b8b7173c46afd81f9957598216da148e2eb96bba2714fbaa6add88d01c79b0e40ea59d261db71135d563ac811530277ece", 0xa7, 0x82e, 0x0, 0x1, r7}]) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r8 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r8, 0x0) [ 258.971262] QAT: Invalid ioctl [ 258.989988] FAT-fs (loop3): bogus number of reserved sectors [ 258.995915] FAT-fs (loop3): Can't find a valid FAT filesystem [ 259.013460] QAT: Invalid ioctl [ 259.046278] FAULT_INJECTION: forcing a failure. [ 259.046278] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 259.058268] CPU: 1 PID: 14659 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 259.065641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.074999] Call Trace: [ 259.077603] dump_stack+0x1c9/0x2b4 [ 259.081253] ? dump_stack_print_info.cold.2+0x52/0x52 [ 259.086462] ? preempt_notifier_register+0x200/0x200 [ 259.091601] should_fail.cold.4+0xa/0x1a [ 259.095685] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 259.100819] ? graph_lock+0x170/0x170 [ 259.104722] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 259.109507] ? find_held_lock+0x36/0x1c0 [ 259.113590] ? __lock_is_held+0xb5/0x140 [ 259.117676] ? check_same_owner+0x340/0x340 [ 259.122010] ? rcu_note_context_switch+0x730/0x730 [ 259.126986] __alloc_pages_nodemask+0x36e/0xdb0 [ 259.131670] ? lock_downgrade+0x8f0/0x8f0 [ 259.135839] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 259.140905] ? graph_lock+0x170/0x170 [ 259.144717] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 259.149136] ? lock_downgrade+0x8f0/0x8f0 [ 259.153303] ? __lock_is_held+0xb5/0x140 [ 259.157478] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 259.163031] alloc_pages_current+0x10c/0x210 [ 259.167452] __get_free_pages+0xf/0x40 [ 259.171360] mmu_topup_memory_caches+0x1f8/0x3a0 [ 259.176135] kvm_mmu_load+0x21/0x10e0 [ 259.179961] vcpu_enter_guest+0x3aa6/0x6090 [ 259.184296] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 259.188549] ? kvm_set_msr_common+0x26a0/0x26a0 [ 259.193231] ? vmx_vcpu_load+0xadf/0xff0 [ 259.197307] ? __lock_acquire+0x7fc/0x5020 [ 259.201550] ? vmx_vcpu_reset+0x1040/0x1040 [ 259.205880] ? graph_lock+0x170/0x170 [ 259.209693] ? __lock_acquire+0x7fc/0x5020 [ 259.213956] ? __lock_is_held+0xb5/0x140 [ 259.218032] ? lock_acquire+0x1e4/0x540 [ 259.222037] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 259.227074] ? lock_release+0xa30/0xa30 [ 259.231054] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 259.236325] ? kvm_arch_dev_ioctl+0x610/0x610 [ 259.240826] ? preempt_notifier_dec+0x20/0x20 [ 259.245314] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 259.250140] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 259.255261] kvm_vcpu_ioctl+0x7b8/0x1300 [ 259.259313] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 259.265011] ? find_held_lock+0x36/0x1c0 [ 259.269079] ? find_held_lock+0x36/0x1c0 [ 259.273131] ? lock_downgrade+0x8f0/0x8f0 [ 259.277269] ? kasan_check_read+0x11/0x20 [ 259.281406] ? rcu_is_watching+0x8c/0x150 [ 259.285539] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 259.289937] ? __fget+0x414/0x670 [ 259.293390] ? match_held_lock+0x821/0x8d0 [ 259.297609] ? expand_files.part.8+0x9c0/0x9c0 [ 259.302178] ? kasan_check_write+0x14/0x20 [ 259.306411] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 259.312087] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 259.317783] do_vfs_ioctl+0x1de/0x1720 [ 259.321658] ? __lock_is_held+0xb5/0x140 [ 259.325706] ? ioctl_preallocate+0x300/0x300 [ 259.330099] ? __fget_light+0x2f7/0x440 [ 259.334060] ? fget_raw+0x20/0x20 [ 259.337500] ? __sb_end_write+0xac/0xe0 [ 259.341477] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 259.347008] ? fput+0x130/0x1a0 [ 259.350296] ? ksys_write+0x1ae/0x260 [ 259.354098] ? security_file_ioctl+0x94/0xc0 [ 259.358496] ksys_ioctl+0xa9/0xd0 [ 259.361939] __x64_sys_ioctl+0x73/0xb0 [ 259.365830] do_syscall_64+0x1b9/0x820 [ 259.369703] ? finish_task_switch+0x1d3/0x870 [ 259.374184] ? syscall_return_slowpath+0x5e0/0x5e0 [ 259.379117] ? syscall_return_slowpath+0x31d/0x5e0 [ 259.384042] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 259.389410] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 259.394266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.399439] RIP: 0033:0x455ab9 [ 259.402616] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 259.421848] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.429545] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 259.436800] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 259.444144] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 259.451399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 259.458653] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003b [ 259.542329] capability: warning: `syz-executor3' uses deprecated v2 capabilities in a way that may be insecure 02:30:30 executing program 6 (fault-call:6 fault-nth:60): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:30:30 executing program 7: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x0, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000180)={{0xa, 0x4e24, 0x9, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x2}, {0xa, 0x4e21, 0x5, @loopback={0x0, 0x1}, 0x400}, 0x7, [0x0, 0x3, 0x3ff, 0x3, 0x2, 0x8, 0x4, 0x400000000000000]}, 0x5c) r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0) write$P9_RFLUSH(r2, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0xfff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r3, 0x4c00, r1) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x80045700, &(0x7f0000000240)) 02:30:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x40000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:30 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) r1 = memfd_create(&(0x7f0000000000)='%ppp0self,%ppp1+md5sumbdevcgroup)vmnet0Z\x00', 0x3) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000040)={0x4, 0x2, 0xffff, 0x0, 0x17}) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000000c0)={0x29, 0x20, 0x8, 0x11, 0x3, 0x6, 0x0, 0xe8}) 02:30:30 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f00000000c0)={{0x2, 0x3, 0x4, 0x1}, 0x3800000, 0x2, 'id0\x00', 'timer1\x00', 0x0, 0x71cb, 0xfffffffffffffff7, 0x4, 0x6c5}) sync() [ 259.740471] FAULT_INJECTION: forcing a failure. [ 259.740471] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 259.752558] CPU: 0 PID: 14684 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #149 [ 259.759933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.769292] Call Trace: [ 259.771892] dump_stack+0x1c9/0x2b4 [ 259.775543] ? dump_stack_print_info.cold.2+0x52/0x52 [ 259.780745] ? lock_downgrade+0x8f0/0x8f0 [ 259.784915] should_fail.cold.4+0xa/0x1a [ 259.788997] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 259.794123] ? graph_lock+0x170/0x170 [ 259.797943] ? is_bpf_text_address+0xd7/0x170 [ 259.802543] ? find_held_lock+0x36/0x1c0 [ 259.806613] ? __lock_is_held+0xb5/0x140 [ 259.810692] ? check_same_owner+0x340/0x340 [ 259.815017] ? rcu_note_context_switch+0x730/0x730 [ 259.819950] __alloc_pages_nodemask+0x36e/0xdb0 [ 259.824615] ? lock_downgrade+0x8f0/0x8f0 [ 259.828768] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 259.833804] ? graph_lock+0x170/0x170 [ 259.837590] ? __lock_is_held+0xb5/0x140 [ 259.841647] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 259.846069] ? __lock_is_held+0xb5/0x140 [ 259.850128] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 259.855657] alloc_pages_current+0x10c/0x210 [ 259.860056] __get_free_pages+0xf/0x40 [ 259.864367] mmu_topup_memory_caches+0x1f8/0x3a0 [ 259.869125] kvm_mmu_load+0x21/0x10e0 [ 259.872973] vcpu_enter_guest+0x3aa6/0x6090 [ 259.877296] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 259.881529] ? kvm_set_msr_common+0x26a0/0x26a0 [ 259.886202] ? vmx_vcpu_load+0xadf/0xff0 [ 259.890263] ? __lock_acquire+0x7fc/0x5020 [ 259.894661] ? vmx_vcpu_reset+0x1040/0x1040 [ 259.898983] ? graph_lock+0x170/0x170 [ 259.902789] ? __lock_acquire+0x7fc/0x5020 [ 259.907038] ? __lock_is_held+0xb5/0x140 [ 259.911097] ? lock_acquire+0x1e4/0x540 [ 259.915070] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 259.920089] ? lock_release+0xa30/0xa30 [ 259.924064] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 259.929334] ? kvm_arch_dev_ioctl+0x610/0x610 [ 259.933816] ? preempt_notifier_dec+0x20/0x20 [ 259.938312] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 259.943152] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 259.948172] kvm_vcpu_ioctl+0x7b8/0x1300 [ 259.952232] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 259.957937] ? find_held_lock+0x36/0x1c0 [ 259.962008] ? find_held_lock+0x36/0x1c0 [ 259.966070] ? lock_downgrade+0x8f0/0x8f0 [ 259.970211] ? kasan_check_read+0x11/0x20 [ 259.974350] ? rcu_is_watching+0x8c/0x150 [ 259.978495] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 259.982911] ? __fget+0x414/0x670 [ 259.986354] ? match_held_lock+0x821/0x8d0 [ 259.990588] ? expand_files.part.8+0x9c0/0x9c0 [ 259.995157] ? kasan_check_write+0x14/0x20 [ 259.999387] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 260.004398] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 260.010098] do_vfs_ioctl+0x1de/0x1720 [ 260.013978] ? __lock_is_held+0xb5/0x140 [ 260.018200] ? ioctl_preallocate+0x300/0x300 [ 260.022599] ? __fget_light+0x2f7/0x440 [ 260.026573] ? fget_raw+0x20/0x20 [ 260.030025] ? __sb_end_write+0xac/0xe0 [ 260.034011] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 260.039543] ? fput+0x130/0x1a0 [ 260.042811] ? ksys_write+0x1ae/0x260 [ 260.046600] ? security_file_ioctl+0x94/0xc0 [ 260.051004] ksys_ioctl+0xa9/0xd0 [ 260.054460] __x64_sys_ioctl+0x73/0xb0 [ 260.058352] do_syscall_64+0x1b9/0x820 [ 260.062226] ? finish_task_switch+0x1d3/0x870 [ 260.066729] ? syscall_return_slowpath+0x5e0/0x5e0 [ 260.071837] ? syscall_return_slowpath+0x31d/0x5e0 [ 260.076764] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 260.082129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 260.086970] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.092151] RIP: 0033:0x455ab9 [ 260.095327] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 260.114563] RSP: 002b:00007f41a6892c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.122259] RAX: ffffffffffffffda RBX: 00007f41a68936d4 RCX: 0000000000455ab9 [ 260.129517] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 02:30:30 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) prctl$setfpexc(0xc, 0x100003) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x511240, 0x0) write$9p(r1, &(0x7f00000000c0)="b825c26377e4d814217f10bd8a3a8fd8eedeaad2f866d77bf293a715cc5308974b39a60865223917ed2793f5fad3af84917bb3127d88afca39cc2f5d7b82b35e76e38fab6e7843a33e9e9caf372312f229fc84cd8ff8a40361eba86f5bd9cb86ea99b7cff17e7750ab5fe16538242ae2a730b8d33362e65fb0e4e5", 0x7b) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000002600)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}}}, &(0x7f0000000440)=0xe8) recvfrom$packet(r1, &(0x7f0000001600)=""/4096, 0x1000, 0x2, &(0x7f0000000480)={0x11, 0x1f, r2, 0x1, 0x1, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) ioctl$TIOCCBRK(r1, 0x5428) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) ioctl$TCSBRKP(r1, 0x5425, 0xffffffff) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) times(&(0x7f0000000140)) r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x800, 0x2) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@rand_addr}}, &(0x7f0000000040)=0xe8) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_CREATE_OPEN(r1, &(0x7f0000001540)={0xa0, 0x0, 0x4, {{0x2, 0x1, 0x6, 0x5afe, 0x4, 0xfffffffffffffff9, {0x3, 0xffffffffffffc626, 0x2, 0xfffffffffffffff7, 0x81, 0xfffffffffffff001, 0x3289, 0x0, 0x401, 0x4, 0x3, r4, r5, 0x0, 0x8000}}, {0x0, 0x2}}}, 0xa0) connect$nfc_llcp(r1, &(0x7f0000002700)={0x27, 0x0, 0x0, 0x7, 0x6, 0x4, "0945172ebc53c55dba94170150fa9f017fb53efe243d08d6f91e0ff3951579a078bf7f09fc3c5a93432f2984a1785d44da46d7d1ad3c9a4327849f234b8b9a", 0x3d}, 0x60) socket$inet6(0xa, 0x800, 0xdbd) read$FUSE(r3, &(0x7f0000002780), 0x1000) 02:30:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0x7000000, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) [ 260.136786] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 260.144045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 260.151315] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003c 02:30:30 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0/bus\x00', 0x400000, 0x0, &(0x7f00000003c0), 0x2000000, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac177) r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1ff, 0x40000) getpeername(r0, &(0x7f0000000100)=@alg, &(0x7f0000000040)=0x80) creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x1000005, 0x11, r0, 0x8000) 02:30:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="72fcae4af5434fa2762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr, @multicast2=0xe0000002}, 0xc) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) close(r3) dup3(r1, r2, 0x0) 02:30:30 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x20100, 0x0) ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000000)) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d}, 0x7) r2 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x7ff, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r2, &(0x7f00000000c0), 0x0, 0xd) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) poll(&(0x7f0000000140)=[{r1}], 0x1, 0x4) 02:30:30 executing program 6 (fault-call:6 fault-nth:61): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 260.430904] kasan: CONFIG_KASAN_INLINE enabled [ 260.435894] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 260.443349] general protection fault: 0000 [#1] SMP KASAN [ 260.448898] CPU: 0 PID: 14722 Comm: syz-executor7 Not tainted 4.18.0-rc5+ #149 [ 260.456345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.465723] RIP: 0010:loop_validate_file+0x247/0x470 [ 260.470817] Code: 00 00 48 89 f8 48 c1 e8 03 80 3c 18 00 0f 85 2e 02 00 00 4d 8b a4 24 f0 00 00 00 49 8d bc 24 b8 01 00 00 48 89 f8 48 c1 e8 03 <80> 3c 18 00 0f 85 03 02 00 00 4d 8b a4 24 b8 01 00 00 4c 89 e0 48 [ 260.491322] RSP: 0018:ffff880197f078f8 EFLAGS: 00010202 [ 260.496696] RAX: 0000000000000037 RBX: dffffc0000000000 RCX: ffffc90006a4a000 [ 260.503970] RDX: 0000000000000047 RSI: ffffffff84c254c7 RDI: 00000000000001b8 [ 260.511243] RBP: ffff880197f07918 R08: ffff8801d6f22440 R09: ffffed003b5c46d6 [ 260.518510] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 260.525773] R13: ffff8801b61106c0 R14: 0000000000000002 R15: ffff8801ca818cc0 [ 260.533040] FS: 00007f087990f700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 260.541261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 260.547124] CR2: 0000000000625208 CR3: 00000001bc881000 CR4: 00000000001426f0 [ 260.554380] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 260.561635] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 260.568887] Call Trace: [ 260.571467] lo_ioctl+0x54d/0x1d10 [ 260.574994] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 260.579996] ? lo_rw_aio_complete+0x450/0x450 [ 260.584479] blkdev_ioctl+0x9cd/0x2030 [ 260.588364] ? blkpg_ioctl+0xc40/0xc40 [ 260.592238] ? lock_downgrade+0x8f0/0x8f0 [ 260.596378] ? kasan_check_read+0x11/0x20 [ 260.600509] ? rcu_is_watching+0x8c/0x150 [ 260.604648] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 260.609041] ? __fget+0x414/0x670 [ 260.612480] ? expand_files.part.8+0x9c0/0x9c0 [ 260.617050] block_ioctl+0xee/0x130 [ 260.620660] ? blkdev_fallocate+0x400/0x400 [ 260.624962] do_vfs_ioctl+0x1de/0x1720 [ 260.628839] ? ioctl_preallocate+0x300/0x300 [ 260.633238] ? __fget_light+0x2f7/0x440 [ 260.637196] ? __schedule+0x1ed0/0x1ed0 [ 260.641153] ? fget_raw+0x20/0x20 [ 260.644598] ? putname+0xf2/0x130 [ 260.648037] ? rcu_read_lock_sched_held+0x108/0x120 [ 260.653038] ? kmem_cache_free+0x25c/0x2d0 [ 260.657261] ? exit_to_usermode_loop+0x8c/0x370 [ 260.661918] ? security_file_ioctl+0x94/0xc0 [ 260.666310] ksys_ioctl+0xa9/0xd0 [ 260.669759] __x64_sys_ioctl+0x73/0xb0 [ 260.673632] do_syscall_64+0x1b9/0x820 [ 260.677501] ? finish_task_switch+0x1d3/0x870 [ 260.681988] ? syscall_return_slowpath+0x5e0/0x5e0 [ 260.686910] ? syscall_return_slowpath+0x31d/0x5e0 [ 260.692101] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 260.697451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 260.702290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.707463] RIP: 0033:0x455ab9 [ 260.710629] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 260.729890] RSP: 002b:00007f087990ec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.737585] RAX: ffffffffffffffda RBX: 00007f087990f6d4 RCX: 0000000000455ab9 [ 260.744847] RDX: 0000000000000013 RSI: 0000000000004c00 RDI: 0000000000000015 [ 260.752099] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 260.759359] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 260.766619] R13: 00000000004be0ab R14: 00000000004ccbb0 R15: 0000000000000000 [ 260.773873] Modules linked in: [ 260.777050] Dumping ftrace buffer: [ 260.780567] (ftrace buffer empty) [ 260.784426] ---[ end trace 3aad4ddd254030e8 ]--- [ 260.789244] RIP: 0010:loop_validate_file+0x247/0x470 [ 260.794370] Code: 00 00 48 89 f8 48 c1 e8 03 80 3c 18 00 0f 85 2e 02 00 00 4d 8b a4 24 f0 00 00 00 49 8d bc 24 b8 01 00 00 48 89 f8 48 c1 e8 03 <80> 3c 18 00 0f 85 03 02 00 00 4d 8b a4 24 b8 01 00 00 4c 89 e0 48 [ 260.813652] RSP: 0018:ffff880197f078f8 EFLAGS: 00010202 [ 260.819059] RAX: 0000000000000037 RBX: dffffc0000000000 RCX: ffffc90006a4a000 02:30:31 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x100, 0x0) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f00000000c0)={0x5, 0x1, 0x6, 0x2}, 0x10) r2 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r3 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r2, r2, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r2, 0x4c01) sync() 02:30:31 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1000082) r2 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f00000000c0)={{0x2, 0x3, 0x4, 0x1}, 0x3800000, 0x2, 'id0\x00', 'timer1\x00', 0x0, 0x71cb, 0xfffffffffffffff7, 0x4, 0x6c5}) sync() 02:30:31 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) truncate(&(0x7f0000000080)='./bus\x00', 0x4a00) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, &(0x7f0000000040)=0xeffdffff, 0x8000fffffffe) truncate(&(0x7f0000000140)='./bus\x00', 0x0) 02:30:31 executing program 4: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x2000, 0x0) write$tun(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="000047170300000004009e050900000000000001abfd3cbb0e001517cb83731605a22980652e76a00fdc7743ebc631c205785dda834eb7366076d12511f3e77ffd03645c927072a1ee6937638cc60da395193242c7595344a24232857af514d79bd1c7a3ad788e7a79b91f7309ea62edf947cd81bd83207ccdf5cca138b5d014e83bea7b7fe3b4dab87b56d9e0821be8ff010000000000004e0cc1b3f16c9a8ff30e5d775cca78a798f66e44807e21967517d79a3a8bc58c54dceec5a741eb24633857a72594223ae0571e231cde22af00"], 0xd9) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000300)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x39c9ff6aa360bbd6) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(echainiv(ccm(cast6-generic)))\x00'}, 0x58) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000080), &(0x7f00000000c0)=0xc) gettid() syz_open_dev$sndctrl(&(0x7f00000005c0)='/dev/snd/controlC#\x00', 0x2, 0x10000) openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2000, 0x101) write$FUSE_WRITE(r0, &(0x7f0000000280)={0xe, 0x0, 0x3, {0x3ff}}, 0x18) r2 = dup2(r1, r1) r3 = gettid() timerfd_create(0x5, 0x80800) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000380)={{0x2, 0x4, 0xfff, 0x1, '\x00', 0x9}, 0x1, 0x10, 0x0, r3, 0x0, 0x0, 'syz1\x00', &(0x7f0000000280), 0x0, [], [0x3, 0x100000000, 0x2, 0x9]}) ioctl$RTC_VL_CLR(r2, 0x7014) fcntl$lock(r0, 0x7, &(0x7f00000002c0)={0x1, 0x3, 0x100000001, 0x8001, r3}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000a40), 0x0) write$FUSE_LSEEK(r2, &(0x7f0000000240)={0x18, 0x0, 0x7, {0x40}}, 0x18) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000004c0)={0xffffffffffffffff}, 0x13f, 0x5}}, 0x20) syz_mount_image$xfs(&(0x7f0000000600)='xfs\x00', &(0x7f0000000640)='./file0\x00', 0x80000001, 0x5, &(0x7f0000000980)=[{&(0x7f0000000680)="1075c9298e87088f5e52b57e19cf0eca7f4abe9c3f8d3e5c37591597ef659a96978b3009a27c3b429731fbab2a4be4f3580f35aecff8da3f240def385d7b000736455f644bf9d7882e5e5f671df900846dd24d120aa9681c4db078785bf983e246f17d178fc8e36442cea80486fd1fa81ffb9703bb10f44b2b7262d0b060faa7baed30245f094f70c3128f03bfc77b8a91c163e1ff7656ad77e78a07d418bc67e759ae2b88220830118bfec781bf623e21031027e4f7fee1fe71aa624f25ced89606a80e3267b9b48092acf40e36c6d367ebcc79fc3a561deb1911a533eeba288752c1c74ee4", 0xe6, 0x4c}, {&(0x7f0000000780)="e5ce727346b9a1db88a1c8e2a29939192eccea30a6d3905dcac14bba21ba5c5b28b5e7dc965d2cbc47348ab5f20fb0baa22c2d4dc76da56be6dff0520400b24bd10365169101942af711833e0460a28bfbae7892ff862fbf054f4f5f4206f56c0ea7fb7803d70210cdeb2fd76668a1f350b1851ad5a7326893f07a8754dc9848", 0x80, 0xa95e}, {&(0x7f0000000800)="5119ad03a9c63f64595ab58b3cd0b49c0ced2fcef44153543fec7624848a5c2b8173f9288d720f3be5bb4d0f47b76774b47da295217efa211ef045e2f6ba220f7fc2cd59a4f759e3e011e7854a697fc3cb41a790a3d76bb21e", 0x59, 0x7}, {&(0x7f0000000880)="0e2f9b1689f419e3d45c916fecf6c93023bf24cee2037e34da7465ce231c8c8995c4d637e95c72d7701084567de96c94bda3923c5823913113df834a36f30a5297e1ebec55bb8881285efe9f7a0c24133d0c4f92c3a6bc63d23e5fa38c46eeb347a948f35a52ed9f050c3fea245afe90c96c4cfcc08b3649d7c1e4934134de0ba16aff4a662941521e1cc4a1915f0ba02c3ee5557f38b0bdcffc43b7153471c5cb49901f434232de17", 0xa9, 0x8}, {&(0x7f0000000940)="c8bb8b4cc4d74f8db998738e088584160fd9a9fc268c4af5498a9a9f", 0x1c, 0xff}], 0x0, &(0x7f0000000a00)={[{@logbsize={'logbsize', 0x3d, [0x67, 0x78]}, 0x2c}, {@noalign='noalign', 0x2c}, {@quota='quota', 0x2c}]}) write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f0000000540)={0xa, 0x4, 0xfa00, {r4}}, 0xc) 02:30:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x8, &(0x7f0000000500)=ANY=[]) personality(0x1bb2baf3005ac137) r0 = creat(&(0x7f0000000000)='./file0/bus\x00', 0x0) r1 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x11, r1, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r0, 0xc0385720, &(0x7f0000000040)={0x1, {}, 0x6, 0x8}) [ 260.826374] RDX: 0000000000000047 RSI: ffffffff84c254c7 RDI: 00000000000001b8 [ 260.833677] RBP: ffff880197f07918 R08: ffff8801d6f22440 R09: ffffed003b5c46d6 [ 260.840991] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 260.848296] R13: ffff8801b61106c0 R14: 0000000000000002 R15: ffff8801ca818cc0 [ 260.855608] FS: 00007f087990f700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 260.863881] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 260.869814] CR2: 0000000000625208 CR3: 00000001bc881000 CR4: 00000000001426f0 [ 260.877123] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 260.884533] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 260.891841] Kernel panic - not syncing: Fatal exception [ 260.897683] Dumping ftrace buffer: [ 260.901208] (ftrace buffer empty) [ 260.904901] Kernel Offset: disabled [ 260.908509] Rebooting in 86400 seconds..