, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r0, 0x0) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:35:25 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:25 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 901.874151] 9pnet_fd: Insufficient options for proto=fd 19:35:25 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:25 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:25 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:35:25 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:25 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x48, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 901.980026] 9pnet_fd: Insufficient options for proto=fd 19:35:37 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:37 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:37 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) 19:35:37 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:35:37 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x4c, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:35:37 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:35:37 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:37 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r0, 0x0) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:35:37 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:37 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x4d, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 914.017064] 9pnet_fd: Insufficient options for proto=fd 19:35:37 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:37 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:37 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:35:37 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:35:50 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) 19:35:50 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:50 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:35:50 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x54, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:35:50 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:50 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:35:50 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:50 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 927.390032] 9pnet_fd: Insufficient options for proto=fd 19:35:50 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 927.421173] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 927.422513] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 927.423471] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 927.424327] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 927.425300] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 927.427771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.428547] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.429635] Buffer I/O error on dev sr0, logical block 0, async page read [ 927.432531] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.433274] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.434441] Buffer I/O error on dev sr0, logical block 1, async page read [ 927.436528] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.437305] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.438434] Buffer I/O error on dev sr0, logical block 2, async page read [ 927.440036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.440835] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.441936] Buffer I/O error on dev sr0, logical block 3, async page read [ 927.442525] 9pnet_fd: Insufficient options for proto=fd [ 927.443786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.444553] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.445656] Buffer I/O error on dev sr0, logical block 4, async page read [ 927.446785] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.447568] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.448723] Buffer I/O error on dev sr0, logical block 5, async page read [ 927.449867] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.450758] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.451936] Buffer I/O error on dev sr0, logical block 6, async page read [ 927.453103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.454016] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 927.455149] Buffer I/O error on dev sr0, logical block 7, async page read 19:35:50 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:35:50 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x5c, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:35:50 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:50 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 927.507013] 9pnet_fd: Insufficient options for proto=fd 19:35:50 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 927.583588] 9pnet_fd: Insufficient options for proto=fd 19:35:51 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:35:51 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) [ 927.605138] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 927.606316] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 927.607179] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 927.607999] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 927.608932] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 29 prio class 2 [ 927.610503] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.611199] Buffer I/O error on dev sr0, logical block 0, async page read [ 927.612207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.612990] Buffer I/O error on dev sr0, logical block 1, async page read [ 927.613999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.614877] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.617015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.618851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.619888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.620893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.621882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.622951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.623801] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.624648] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.625519] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.626328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.629511] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.630291] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.631620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.632841] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.634818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.635669] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.636517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.637381] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.638182] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.639271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.640210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.641097] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.641944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.642826] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.643665] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.644526] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.645312] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.646214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.648834] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.649778] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.650704] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.651873] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.652815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.653734] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.654606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.655548] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 927.678498] 9pnet_fd: Insufficient options for proto=fd 19:36:02 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:02 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:02 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) 19:36:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:36:02 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x60, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:02 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:02 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 939.449693] 9pnet_fd: Insufficient options for proto=fd [ 939.454197] 9pnet_fd: Insufficient options for proto=fd [ 939.463008] 9pnet_fd: Insufficient options for proto=fd [ 939.474563] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 939.475995] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 939.478001] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 939.479079] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 939.480095] blk_print_req_error: 40 callbacks suppressed [ 939.480112] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 939.482430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.482935] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.483623] buffer_io_error: 38 callbacks suppressed [ 939.483631] Buffer I/O error on dev sr0, logical block 0, async page read [ 939.484818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.485253] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.485966] Buffer I/O error on dev sr0, logical block 1, async page read [ 939.487265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.487750] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.488450] Buffer I/O error on dev sr0, logical block 2, async page read [ 939.489128] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.489606] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.490292] Buffer I/O error on dev sr0, logical block 3, async page read [ 939.491095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.491581] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.492287] Buffer I/O error on dev sr0, logical block 4, async page read [ 939.493027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.493508] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.494049] Buffer I/O error on dev sr0, logical block 5, async page read [ 939.494794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.495248] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.496003] Buffer I/O error on dev sr0, logical block 6, async page read [ 939.496723] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.497163] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.497879] Buffer I/O error on dev sr0, logical block 7, async page read [ 939.498658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.499112] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 939.499807] Buffer I/O error on dev sr0, logical block 0, async page read [ 939.500533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.500971] Buffer I/O error on dev sr0, logical block 1, async page read [ 939.501695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.502212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.502838] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.503382] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.503954] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.504515] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.505120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.505659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.506089] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.506719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.507157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.507748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.508353] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.508910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.509594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.510165] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.510819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.511988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.512623] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.513247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.513790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.514395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.514979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.515523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.516249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.516898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.517543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.518077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.518747] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.519287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:36:02 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:02 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:03 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) [ 939.629977] 9pnet_fd: Insufficient options for proto=fd 19:36:03 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x61, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:03 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:03 executing program 6: perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 939.680765] 9pnet_fd: Insufficient options for proto=fd 19:36:03 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) 19:36:03 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 939.780235] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 939.781426] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 939.782261] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 939.783128] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 939.791382] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.792120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.792781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.793317] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.793885] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.794554] 9pnet_fd: Insufficient options for proto=fd [ 939.795198] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.797538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.798044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.798869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.799708] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.800297] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.800883] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.801475] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.801992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.802582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.803129] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.803940] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.809039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.811562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.812082] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.812673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.813197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.813781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.818193] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.822246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.822959] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.825978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.832601] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.833137] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.833794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.834320] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.838599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.879824] 9pnet_fd: Insufficient options for proto=fd 19:36:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x64, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:15 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:15 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:15 executing program 6: perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 952.431606] 9pnet_fd: Insufficient options for proto=fd [ 952.451651] 9pnet_fd: Insufficient options for proto=fd 19:36:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:15 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x6c, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 952.554873] 9pnet_fd: Insufficient options for proto=fd 19:36:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 952.570547] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 952.571365] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 952.571925] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 952.572494] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 952.573093] blk_print_req_error: 64 callbacks suppressed [ 952.573102] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 952.576233] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.576717] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.577412] buffer_io_error: 62 callbacks suppressed [ 952.577422] Buffer I/O error on dev sr0, logical block 0, async page read [ 952.579705] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.580050] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.580631] Buffer I/O error on dev sr0, logical block 1, async page read [ 952.582385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.582724] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.583242] Buffer I/O error on dev sr0, logical block 2, async page read [ 952.584588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.584927] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.585452] Buffer I/O error on dev sr0, logical block 3, async page read [ 952.586056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.586409] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.586902] Buffer I/O error on dev sr0, logical block 4, async page read [ 952.587557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.587895] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.588676] Buffer I/O error on dev sr0, logical block 5, async page read [ 952.589302] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.589664] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.590156] Buffer I/O error on dev sr0, logical block 6, async page read [ 952.591913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.592251] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 952.592817] Buffer I/O error on dev sr0, logical block 7, async page read [ 952.601002] 9pnet_fd: Insufficient options for proto=fd 19:36:16 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x74, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:16 executing program 6: perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:16 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:16 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:16 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 952.774654] 9pnet_fd: Insufficient options for proto=fd [ 952.794828] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 952.795422] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 952.795835] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 952.796231] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 952.796705] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 952.800163] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.800531] Buffer I/O error on dev sr0, logical block 0, async page read [ 952.815742] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.816100] Buffer I/O error on dev sr0, logical block 1, async page read [ 952.816942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.822599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.824588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.825108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.826109] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.826668] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 952.865935] 9pnet_fd: Insufficient options for proto=fd 19:36:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:28 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7c, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:28 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:28 executing program 6: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:28 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) [ 964.672946] 9pnet_fd: Insufficient options for proto=fd [ 964.681289] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 964.682490] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 964.683408] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 964.684243] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 964.685209] blk_print_req_error: 8 callbacks suppressed [ 964.685225] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 964.687949] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.688384] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.688955] buffer_io_error: 6 callbacks suppressed [ 964.688962] Buffer I/O error on dev sr0, logical block 0, async page read [ 964.691213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.691626] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.692192] Buffer I/O error on dev sr0, logical block 1, async page read [ 964.692948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.693531] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.694120] Buffer I/O error on dev sr0, logical block 2, async page read [ 964.694854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.695240] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.695866] Buffer I/O error on dev sr0, logical block 3, async page read [ 964.696921] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.697301] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.697935] Buffer I/O error on dev sr0, logical block 4, async page read [ 964.698859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.699217] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.699762] Buffer I/O error on dev sr0, logical block 5, async page read [ 964.700479] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.700824] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.701398] Buffer I/O error on dev sr0, logical block 6, async page read [ 964.702299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.702702] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.703259] Buffer I/O error on dev sr0, logical block 7, async page read [ 964.704533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.704907] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 964.705458] Buffer I/O error on dev sr0, logical block 0, async page read [ 964.706141] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.706544] Buffer I/O error on dev sr0, logical block 1, async page read [ 964.707317] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.708701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.709513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.710072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.710790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 964.711364] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:36:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x84, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:40 executing program 6: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:40 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:40 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:40 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:40 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:40 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) [ 977.095817] 9pnet_fd: Insufficient options for proto=fd 19:36:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:40 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:36:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x87, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 977.188075] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 977.189595] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 977.190483] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 977.191288] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 977.192236] blk_print_req_error: 7 callbacks suppressed [ 977.192252] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 977.193424] 9pnet_fd: Insufficient options for proto=fd [ 977.196541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.196933] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.197699] buffer_io_error: 6 callbacks suppressed [ 977.197707] Buffer I/O error on dev sr0, logical block 0, async page read [ 977.198746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.199128] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.199701] Buffer I/O error on dev sr0, logical block 1, async page read [ 977.200380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.200742] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.201292] Buffer I/O error on dev sr0, logical block 2, async page read [ 977.201959] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.202325] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.202913] Buffer I/O error on dev sr0, logical block 3, async page read [ 977.203712] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.204077] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.204655] Buffer I/O error on dev sr0, logical block 4, async page read [ 977.205302] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.205707] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.206275] Buffer I/O error on dev sr0, logical block 5, async page read [ 977.206969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.207360] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.207930] Buffer I/O error on dev sr0, logical block 6, async page read [ 977.208629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 977.209015] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 977.209604] Buffer I/O error on dev sr0, logical block 7, async page read 19:36:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:40 executing program 6: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:40 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:40 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:40 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:40 executing program 5: perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x94, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:40 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:41 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x9c, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:41 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:41 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:41 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:41 executing program 6: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:41 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:41 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 19:36:41 executing program 5: perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:41 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0xa4, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:41 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:41 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:55 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:55 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:36:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0xac, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:55 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:55 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:55 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:55 executing program 5: perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0xb1, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:55 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}}) 19:36:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x2, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x6, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:55 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r0, 0x0) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:36:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:36:56 executing program 6: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x2, 0xfffff020}, {0x6}]}, 0x10) 19:37:09 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:37:09 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:09 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r0 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r0, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) shmat(r0, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r0, 0x0) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r1, 0xb) shmctl$IPC_RMID(r0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x6, 0xfffff020}, {0x6}]}, 0x10) 19:37:09 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:09 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff000}, {0x6}]}, 0x10) 19:37:09 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:09 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:22 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff004}, {0x6}]}, 0x10) 19:37:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:22 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:37:22 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:22 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:22 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:22 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:37:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1018.875894] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1018.876930] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1018.877407] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1018.877854] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1018.878329] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 9 prio class 2 [ 1018.882310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.882699] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.883231] Buffer I/O error on dev sr0, logical block 0, async page read [ 1018.884113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.884498] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.885067] Buffer I/O error on dev sr0, logical block 1, async page read [ 1018.886242] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.886643] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.887217] Buffer I/O error on dev sr0, logical block 2, async page read [ 1018.887979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.888387] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.888960] Buffer I/O error on dev sr0, logical block 3, async page read [ 1018.889773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.890151] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.890764] Buffer I/O error on dev sr0, logical block 4, async page read [ 1018.891604] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.891990] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.892589] Buffer I/O error on dev sr0, logical block 5, async page read [ 1018.893261] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.893667] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.894242] Buffer I/O error on dev sr0, logical block 6, async page read [ 1018.894939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.895297] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.895886] Buffer I/O error on dev sr0, logical block 7, async page read [ 1018.896563] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.896917] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1018.897472] Buffer I/O error on dev sr0, logical block 0, async page read [ 1018.898122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.898518] Buffer I/O error on dev sr0, logical block 1, async page read [ 1018.899140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.899693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.900212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.900775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.901468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.902014] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.902812] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.903362] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.903936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.904721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.905270] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.905866] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.906621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.907172] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.907958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.908544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.909173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.910389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1018.928919] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1018.929862] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1018.930534] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1018.931135] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 01 00 00 01 00 19:37:34 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:37:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff008}, {0x6}]}, 0x10) 19:37:34 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200000bf) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:37:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:34 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:34 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:34 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:34 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:37:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) 19:37:34 executing program 0: setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:37:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10) 19:37:46 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:37:46 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r0, &(0x7f0000001100)=""/4075, 0xfeb) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:37:46 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:46 executing program 0: setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:37:46 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff014}, {0x6}]}, 0x10) 19:37:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:46 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:46 executing program 0: setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 1043.505084] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1043.505977] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1043.506434] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1043.506846] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1043.507294] blk_print_req_error: 20 callbacks suppressed [ 1043.507302] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 25 prio class 2 [ 1043.511218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.511754] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.512263] buffer_io_error: 22 callbacks suppressed [ 1043.512271] Buffer I/O error on dev sr0, logical block 0, async page read [ 1043.513263] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.514014] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.514547] Buffer I/O error on dev sr0, logical block 1, async page read [ 1043.515964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.516307] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.516851] Buffer I/O error on dev sr0, logical block 2, async page read [ 1043.517501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.517840] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.518368] Buffer I/O error on dev sr0, logical block 3, async page read [ 1043.519025] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.519507] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.520021] Buffer I/O error on dev sr0, logical block 4, async page read [ 1043.520677] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.521012] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.521548] Buffer I/O error on dev sr0, logical block 5, async page read [ 1043.524597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.524939] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.525476] Buffer I/O error on dev sr0, logical block 6, async page read [ 1043.526122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.526487] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.526990] Buffer I/O error on dev sr0, logical block 7, async page read [ 1043.527876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.528216] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1043.528980] Buffer I/O error on dev sr0, logical block 0, async page read [ 1043.529651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.529991] Buffer I/O error on dev sr0, logical block 1, async page read [ 1043.530725] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.531239] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.531897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.533173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.533926] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1043.534580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:37:47 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:37:47 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff018}, {0x6}]}, 0x10) 19:37:47 executing program 0: socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:38:00 executing program 0: socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:38:00 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:00 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:00 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff01c}, {0x6}]}, 0x10) 19:38:00 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:00 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:00 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:00 executing program 0: socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:38:00 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) 19:38:00 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r0, &(0x7f0000001100)=""/4075, 0xfeb) inotify_add_watch(r0, &(0x7f0000000040)='./file1\x00', 0x200000bf) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:00 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10) 19:38:00 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) 19:38:00 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:00 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:01 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) 19:38:01 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1058.048211] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1058.049253] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1058.049971] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1058.050655] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1058.051417] blk_print_req_error: 7 callbacks suppressed [ 1058.051429] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1058.223462] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1058.224248] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1058.225388] buffer_io_error: 6 callbacks suppressed [ 1058.225402] Buffer I/O error on dev sr0, logical block 0, async page read [ 1058.293604] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1058.294190] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1058.294973] Buffer I/O error on dev sr0, logical block 1, async page read [ 1058.302397] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1058.302944] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1058.303732] Buffer I/O error on dev sr0, logical block 2, async page read [ 1058.309558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1058.310320] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1058.311509] Buffer I/O error on dev sr0, logical block 3, async page read [ 1058.356946] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1058.357920] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1058.358626] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1058.359261] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 01 00 00 01 00 [ 1058.360001] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2 [ 1058.360802] Buffer I/O error on dev sr0, logical block 4, async page read [ 1058.361492] Buffer I/O error on dev sr0, logical block 5, async page read [ 1058.362165] Buffer I/O error on dev sr0, logical block 6, async page read [ 1058.363591] Buffer I/O error on dev sr0, logical block 7, async page read 19:38:14 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:14 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) 19:38:14 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:14 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff028}, {0x6}]}, 0x10) 19:38:14 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 1) 19:38:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) read$ptp(r0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:14 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:14 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) 19:38:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff02c}, {0x6}]}, 0x10) 19:38:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 1) 19:38:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff030}, {0x6}]}, 0x10) 19:38:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) 19:38:15 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:15 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff02c}, {0x6}]}, 0x10) 19:38:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 2) 19:38:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) 19:38:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}]}, 0x10) 19:38:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}]}, 0x10) 19:38:15 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) 19:38:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 1) [ 1083.724533] FAULT_INJECTION: forcing a failure. [ 1083.724533] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1083.725307] CPU: 1 PID: 7502 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1083.725802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1083.726293] Call Trace: [ 1083.726462] [ 1083.726611] dump_stack_lvl+0xc1/0xf0 [ 1083.726864] should_fail_ex+0x4b4/0x5b0 [ 1083.727133] _copy_from_user+0x2e/0x180 [ 1083.727396] memdup_user+0x72/0xd0 [ 1083.727629] strndup_user+0x78/0xe0 [ 1083.727868] __x64_sys_mount+0x137/0x310 [ 1083.728139] ? __pfx___x64_sys_mount+0x10/0x10 [ 1083.728447] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1083.728790] do_syscall_64+0x3f/0x90 [ 1083.729039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1083.729369] RIP: 0033:0x7fbf7ca8bb19 [ 1083.729605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1083.730685] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1083.731148] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1083.731580] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1083.732010] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 19:38:27 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:27 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 2) 19:38:27 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:27 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:27 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:27 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 3) [ 1083.732443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1083.733826] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1083.734926] 19:38:27 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff03c}, {0x6}]}, 0x10) 19:38:27 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}]}, 0x10) 19:38:27 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x2}]}, 0x10) [ 1083.812631] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1083.813978] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1083.814981] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1083.815932] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1083.816998] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1083.818692] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.819500] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.820714] Buffer I/O error on dev sr0, logical block 0, async page read [ 1083.821884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.822693] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.824404] Buffer I/O error on dev sr0, logical block 1, async page read [ 1083.825581] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.826297] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.827502] Buffer I/O error on dev sr0, logical block 2, async page read [ 1083.830024] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.830817] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.831964] Buffer I/O error on dev sr0, logical block 3, async page read [ 1083.833137] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.833891] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.835057] Buffer I/O error on dev sr0, logical block 4, async page read [ 1083.836295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.837065] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.838214] Buffer I/O error on dev sr0, logical block 5, async page read [ 1083.839395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.840109] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.841264] Buffer I/O error on dev sr0, logical block 6, async page read [ 1083.842428] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.843143] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.844273] Buffer I/O error on dev sr0, logical block 7, async page read [ 1083.845523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.846240] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1083.847383] Buffer I/O error on dev sr0, logical block 0, async page read [ 1083.848389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.849131] Buffer I/O error on dev sr0, logical block 1, async page read [ 1083.852828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.854802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.855730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.856700] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.857652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.858577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.859514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.861962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.862991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.863952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.865044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.866003] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.866959] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.867890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.868855] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.869800] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.870846] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.872546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.873528] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.874498] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.875517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.876445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.877693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.878690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.879729] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.881530] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.883504] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.903044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.904085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.905723] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.907689] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.908779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.910900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.913368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.915374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.916936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.917913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.919177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.920149] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1083.921153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:38:41 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 4) 19:38:41 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x3}]}, 0x10) 19:38:41 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:41 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 3) 19:38:41 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {}]}, 0x10) 19:38:41 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:41 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:41 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1098.415980] FAULT_INJECTION: forcing a failure. [ 1098.415980] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1098.417482] CPU: 0 PID: 7525 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1098.418499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1098.419496] Call Trace: [ 1098.419824] [ 1098.420126] dump_stack_lvl+0xc1/0xf0 [ 1098.420636] should_fail_ex+0x4b4/0x5b0 [ 1098.421179] _copy_from_user+0x2e/0x180 [ 1098.421706] memdup_user+0x72/0xd0 [ 1098.422173] strndup_user+0x78/0xe0 [ 1098.422657] __x64_sys_mount+0x137/0x310 [ 1098.423198] ? __pfx___x64_sys_mount+0x10/0x10 [ 1098.423811] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1098.424479] do_syscall_64+0x3f/0x90 [ 1098.424986] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1098.425657] RIP: 0033:0x7fb465b78b19 [ 1098.426131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1098.428349] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1098.429305] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1098.430178] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1098.431065] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1098.432017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1098.432977] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1098.433871] [ 1098.454948] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1098.455759] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1098.456269] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1098.456777] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1098.457313] blk_print_req_error: 41 callbacks suppressed [ 1098.457323] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 19:38:41 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1098.459281] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.459734] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.460355] buffer_io_error: 46 callbacks suppressed [ 1098.460363] Buffer I/O error on dev sr0, logical block 0, async page read [ 1098.461750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.462150] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.462812] Buffer I/O error on dev sr0, logical block 1, async page read [ 1098.463432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.463840] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.464515] Buffer I/O error on dev sr0, logical block 2, async page read [ 1098.465121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.465541] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.466153] Buffer I/O error on dev sr0, logical block 3, async page read [ 1098.466805] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.467206] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.467837] Buffer I/O error on dev sr0, logical block 4, async page read [ 1098.468452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.468859] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.469481] Buffer I/O error on dev sr0, logical block 5, async page read [ 1098.470075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.470502] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.471115] Buffer I/O error on dev sr0, logical block 6, async page read [ 1098.471726] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.472122] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.472744] Buffer I/O error on dev sr0, logical block 7, async page read [ 1098.473808] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.474203] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1098.474825] Buffer I/O error on dev sr0, logical block 0, async page read [ 1098.475444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.475843] Buffer I/O error on dev sr0, logical block 1, async page read [ 1098.476445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.476944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.477457] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.477936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.478453] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.478919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.479492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.479978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.480471] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.480993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.481546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.482044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.482549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.483025] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:38:41 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x4}]}, 0x10) [ 1098.484188] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.484733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.485235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.485729] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.486189] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.486735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.487186] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.487672] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.488236] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.488801] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.489304] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.489799] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.490254] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.490799] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.491258] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.491744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.492288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.492809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.493295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.493809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.494262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.494781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.495277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.495769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.496389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.497508] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.498125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.498688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.499199] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.499747] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.500214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.500839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.505315] FAULT_INJECTION: forcing a failure. [ 1098.505315] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.507145] CPU: 0 PID: 7539 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1098.508131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1098.509166] Call Trace: [ 1098.509493] [ 1098.509787] dump_stack_lvl+0xc1/0xf0 [ 1098.510280] should_fail_ex+0x4b4/0x5b0 [ 1098.510807] should_failslab+0x9/0x20 [ 1098.511297] __kmem_cache_alloc_node+0x5b/0x310 [ 1098.511920] ? copy_mount_options+0x55/0x180 [ 1098.512487] kmalloc_trace+0x26/0xc0 [ 1098.512980] copy_mount_options+0x55/0x180 [ 1098.513511] __x64_sys_mount+0x1ac/0x310 [ 1098.514044] ? __pfx___x64_sys_mount+0x10/0x10 [ 1098.514632] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1098.515303] do_syscall_64+0x3f/0x90 [ 1098.515799] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1098.516473] RIP: 0033:0x7fbf7ca8bb19 [ 1098.516960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1098.519153] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1098.520096] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1098.521013] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1098.521882] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1098.522775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1098.523658] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1098.524563] 19:38:42 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 4) 19:38:42 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:42 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {}]}, 0x10) 19:38:42 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1098.692195] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1098.692853] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1098.693301] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1098.693766] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1098.694705] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.695645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.696502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.697299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.698313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.699142] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.700009] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.700862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.701852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.702723] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.703601] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.704459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.705290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.706170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.707018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.707899] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.712037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.712946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.713802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.714546] FAULT_INJECTION: forcing a failure. [ 1098.714546] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.714637] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.715371] CPU: 1 PID: 7556 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1098.716190] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.716598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1098.716609] Call Trace: [ 1098.716614] [ 1098.716619] dump_stack_lvl+0xc1/0xf0 [ 1098.717431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.717834] should_fail_ex+0x4b4/0x5b0 [ 1098.718294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.718329] should_failslab+0x9/0x20 [ 1098.718352] __kmem_cache_alloc_node+0x5b/0x310 [ 1098.718958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.719184] ? copy_mount_options+0x55/0x180 [ 1098.719922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.720039] kmalloc_trace+0x26/0xc0 [ 1098.720677] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.720820] copy_mount_options+0x55/0x180 [ 1098.721631] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.721764] __x64_sys_mount+0x1ac/0x310 [ 1098.722563] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.722662] ? __pfx___x64_sys_mount+0x10/0x10 [ 1098.723459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.723593] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1098.724387] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.724522] do_syscall_64+0x3f/0x90 [ 1098.725296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.725468] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1098.725495] RIP: 0033:0x7fb465b78b19 [ 1098.726246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.726473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1098.726490] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1098.726506] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1098.727366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.727514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.727730] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1098.729678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.730274] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1098.731401] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.731701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1098.732499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.732724] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1098.733755] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.733972] [ 1098.734967] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.740658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.741653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.742843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.743943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.744802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.745733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.747993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.749498] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1098.750871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:38:55 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 5) 19:38:55 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffff020}, {}]}, 0x10) 19:38:55 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:55 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 5) 19:38:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x5}]}, 0x10) 19:38:55 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:38:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:55 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1112.453295] perf: interrupt took too long (2506 > 2500), lowering kernel.perf_event_max_sample_rate to 79000 19:38:55 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:55 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10) 19:38:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x7}]}, 0x10) [ 1112.489847] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1112.490543] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1112.491063] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1112.491664] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1112.492267] blk_print_req_error: 96 callbacks suppressed [ 1112.492276] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1112.496092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.496493] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.497118] buffer_io_error: 94 callbacks suppressed [ 1112.497126] Buffer I/O error on dev sr0, logical block 0, async page read [ 1112.499142] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.499592] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.500391] Buffer I/O error on dev sr0, logical block 1, async page read [ 1112.501358] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.501803] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.502487] Buffer I/O error on dev sr0, logical block 2, async page read [ 1112.504300] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.504759] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.505390] Buffer I/O error on dev sr0, logical block 3, async page read [ 1112.506471] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.506979] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.507727] Buffer I/O error on dev sr0, logical block 4, async page read [ 1112.509451] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.509878] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.510473] Buffer I/O error on dev sr0, logical block 5, async page read [ 1112.513493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.513889] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.514539] Buffer I/O error on dev sr0, logical block 6, async page read [ 1112.515411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.515807] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.516444] Buffer I/O error on dev sr0, logical block 7, async page read [ 1112.518654] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.519050] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1112.519673] Buffer I/O error on dev sr0, logical block 0, async page read [ 1112.521673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.522074] Buffer I/O error on dev sr0, logical block 1, async page read [ 1112.522950] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.523741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.525616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.526330] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.527097] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.527861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.530222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.531078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.531791] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.533438] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.534524] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.535230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.536029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.537068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:38:55 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1112.571893] perf: interrupt took too long (3138 > 3132), lowering kernel.perf_event_max_sample_rate to 63000 19:38:56 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10) 19:38:56 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 6) [ 1112.649653] FAULT_INJECTION: forcing a failure. [ 1112.649653] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1112.650539] CPU: 1 PID: 7592 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1112.651105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1112.651683] Call Trace: [ 1112.651878] [ 1112.652048] dump_stack_lvl+0xc1/0xf0 [ 1112.652327] should_fail_ex+0x4b4/0x5b0 [ 1112.652638] _copy_from_user+0x2e/0x180 [ 1112.652959] copy_mount_options+0x76/0x180 [ 1112.653261] __x64_sys_mount+0x1ac/0x310 [ 1112.653553] ? __pfx___x64_sys_mount+0x10/0x10 [ 1112.653877] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1112.654241] do_syscall_64+0x3f/0x90 [ 1112.654515] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1112.654875] RIP: 0033:0x7fbf7ca8bb19 [ 1112.655136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1112.656320] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1112.656830] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1112.657312] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1112.657779] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1112.658248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1112.658721] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1112.659212] 19:38:56 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0xc}]}, 0x10) 19:38:56 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:38:56 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:38:56 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 6) [ 1112.802837] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1112.803517] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1112.803980] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1112.804434] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1112.805630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.806567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.807242] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.808279] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.808984] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.809690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.810366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.811075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.811882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.812628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.813365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.814035] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.814769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.816050] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.823647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.824882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.826611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.827803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.829015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.830226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.831562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.832764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.833990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.835218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.836564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.837781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.838989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.843382] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.844613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.845825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.849628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.850848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1112.858164] FAULT_INJECTION: forcing a failure. [ 1112.858164] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1112.859652] CPU: 1 PID: 7604 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1112.860665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1112.861840] Call Trace: [ 1112.862175] [ 1112.862476] dump_stack_lvl+0xc1/0xf0 [ 1112.862991] should_fail_ex+0x4b4/0x5b0 [ 1112.863515] _copy_from_user+0x2e/0x180 [ 1112.864028] copy_mount_options+0x76/0x180 [ 1112.864563] __x64_sys_mount+0x1ac/0x310 [ 1112.865111] ? __pfx___x64_sys_mount+0x10/0x10 [ 1112.865711] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1112.866386] do_syscall_64+0x3f/0x90 [ 1112.866881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1112.867559] RIP: 0033:0x7fb465b78b19 [ 1112.868039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1112.870348] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1112.871406] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1112.872329] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1112.873222] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1112.874104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1112.874996] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1112.875898] 19:39:09 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 7) 19:39:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x14}]}, 0x10) 19:39:09 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:09 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 7) 19:39:09 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:09 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:09 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:09 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10) [ 1125.929951] FAULT_INJECTION: forcing a failure. [ 1125.929951] name failslab, interval 1, probability 0, space 0, times 0 [ 1125.931378] CPU: 1 PID: 7613 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1125.932354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1125.933365] Call Trace: [ 1125.933696] [ 1125.933988] dump_stack_lvl+0xc1/0xf0 [ 1125.934487] should_fail_ex+0x4b4/0x5b0 [ 1125.935009] ? getname_flags.part.0+0x50/0x4f0 [ 1125.935607] should_failslab+0x9/0x20 [ 1125.936107] kmem_cache_alloc+0x5a/0x390 [ 1125.936653] getname_flags.part.0+0x50/0x4f0 [ 1125.937275] getname_flags+0x9e/0xf0 [ 1125.937792] user_path_at_empty+0x2f/0x70 [ 1125.938330] __x64_sys_mount+0x1ed/0x310 [ 1125.938870] ? __pfx___x64_sys_mount+0x10/0x10 [ 1125.939469] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1125.940147] do_syscall_64+0x3f/0x90 [ 1125.940647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1125.941331] RIP: 0033:0x7fb465b78b19 [ 1125.941812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1125.944080] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1125.945012] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1125.945914] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1125.946794] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1125.947675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1125.948551] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1125.949464] [ 1125.976692] FAULT_INJECTION: forcing a failure. [ 1125.976692] name failslab, interval 1, probability 0, space 0, times 0 [ 1125.977552] CPU: 0 PID: 7624 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1125.978121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1125.978693] Call Trace: [ 1125.978879] [ 1125.979044] dump_stack_lvl+0xc1/0xf0 [ 1125.979338] should_fail_ex+0x4b4/0x5b0 [ 1125.979636] ? getname_flags.part.0+0x50/0x4f0 [ 1125.979986] should_failslab+0x9/0x20 [ 1125.980279] kmem_cache_alloc+0x5a/0x390 [ 1125.980592] getname_flags.part.0+0x50/0x4f0 [ 1125.980931] getname_flags+0x9e/0xf0 [ 1125.981208] user_path_at_empty+0x2f/0x70 [ 1125.981513] __x64_sys_mount+0x1ed/0x310 [ 1125.981964] ? __pfx___x64_sys_mount+0x10/0x10 [ 1125.982306] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1125.982686] do_syscall_64+0x3f/0x90 [ 1125.982967] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1125.983344] RIP: 0033:0x7fbf7ca8bb19 [ 1125.983621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1125.984897] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1125.985451] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1125.985968] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1125.986477] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1125.986989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1125.987493] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1125.988013] [ 1125.996875] perf: interrupt took too long (3941 > 3922), lowering kernel.perf_event_max_sample_rate to 50000 19:39:09 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xb, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:09 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 8) 19:39:09 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x10, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:09 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:39:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x15}]}, 0x10) 19:39:09 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 8) 19:39:09 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:39:09 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:09 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1126.219413] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1126.219747] syz-executor.1 (7611) used greatest stack depth: 23136 bytes left [ 1126.220604] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1126.220669] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1126.222769] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1126.223688] blk_print_req_error: 48 callbacks suppressed [ 1126.223704] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1126.225697] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.226075] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.226653] buffer_io_error: 46 callbacks suppressed [ 1126.226662] Buffer I/O error on dev sr0, logical block 0, async page read [ 1126.227592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.227954] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.228613] Buffer I/O error on dev sr0, logical block 1, async page read [ 1126.229170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.229558] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.230092] Buffer I/O error on dev sr0, logical block 2, async page read [ 1126.230676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.231039] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.232129] Buffer I/O error on dev sr0, logical block 3, async page read [ 1126.232888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.233268] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.233842] Buffer I/O error on dev sr0, logical block 4, async page read [ 1126.234421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.234781] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.235312] Buffer I/O error on dev sr0, logical block 5, async page read [ 1126.235908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.236269] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.236974] Buffer I/O error on dev sr0, logical block 6, async page read [ 1126.237571] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.237928] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.238520] Buffer I/O error on dev sr0, logical block 7, async page read [ 1126.239139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.239521] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1126.240064] Buffer I/O error on dev sr0, logical block 0, async page read [ 1126.240647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.241011] Buffer I/O error on dev sr0, logical block 1, async page read [ 1126.241590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.242055] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.242534] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.242972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.243485] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.243916] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.244425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.244898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.245381] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.245821] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.246290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.246763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.247199] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.247693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.248168] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.248639] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.249125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.249587] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.250022] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.250538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.250976] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.251467] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.251994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.252477] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.252923] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.253595] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.254964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.255495] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.255963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.256529] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.257058] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.257547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.258016] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.258492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.258938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.260005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.260680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.261199] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.261796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.262249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.262830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.263283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.263796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.264280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.264779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.265251] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.265936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.266492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.266978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.267478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.267938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.268636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.269099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.269662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1126.281335] perf: interrupt took too long (4942 > 4926), lowering kernel.perf_event_max_sample_rate to 40000 [ 1126.407204] perf: interrupt took too long (6203 > 6177), lowering kernel.perf_event_max_sample_rate to 32000 19:39:22 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:22 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x16}]}, 0x10) 19:39:22 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 9) 19:39:22 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 9) 19:39:22 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:22 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:39:22 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1138.611741] FAULT_INJECTION: forcing a failure. [ 1138.611741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1138.613260] CPU: 0 PID: 7656 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1138.614310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.615378] Call Trace: [ 1138.615731] [ 1138.616043] dump_stack_lvl+0xc1/0xf0 [ 1138.616570] should_fail_ex+0x4b4/0x5b0 [ 1138.617124] strncpy_from_user+0x38/0x3f0 [ 1138.617724] getname_flags.part.0+0x95/0x4f0 [ 1138.618339] getname_flags+0x9e/0xf0 [ 1138.618869] user_path_at_empty+0x2f/0x70 [ 1138.619438] __x64_sys_mount+0x1ed/0x310 [ 1138.619993] ? __pfx___x64_sys_mount+0x10/0x10 [ 1138.620624] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1138.621338] do_syscall_64+0x3f/0x90 [ 1138.621857] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1138.622552] RIP: 0033:0x7fb465b78b19 [ 1138.623041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.625344] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1138.626317] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1138.627229] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1138.628141] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1138.629052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1138.629986] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1138.630920] [ 1138.659581] FAULT_INJECTION: forcing a failure. [ 1138.659581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1138.661129] CPU: 1 PID: 7667 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1138.662142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.663141] Call Trace: [ 1138.663468] [ 1138.663757] dump_stack_lvl+0xc1/0xf0 [ 1138.664262] should_fail_ex+0x4b4/0x5b0 [ 1138.664792] strncpy_from_user+0x38/0x3f0 [ 1138.665348] getname_flags.part.0+0x95/0x4f0 [ 1138.665947] getname_flags+0x9e/0xf0 [ 1138.666445] user_path_at_empty+0x2f/0x70 [ 1138.666976] __x64_sys_mount+0x1ed/0x310 [ 1138.667516] ? __pfx___x64_sys_mount+0x10/0x10 [ 1138.668117] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1138.668779] do_syscall_64+0x3f/0x90 [ 1138.669293] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1138.669955] RIP: 0033:0x7fbf7ca8bb19 [ 1138.670456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.672578] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1138.673502] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1138.674343] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1138.675193] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1138.676033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1138.676876] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1138.677754] 19:39:22 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x1c}]}, 0x10) 19:39:22 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:39:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:22 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x107, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:22 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 10) 19:39:22 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 10) [ 1138.893870] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1138.895162] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1138.896038] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1138.896901] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1138.897868] blk_print_req_error: 55 callbacks suppressed [ 1138.897884] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2 [ 1138.901249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.901992] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.903222] buffer_io_error: 54 callbacks suppressed [ 1138.903236] Buffer I/O error on dev sr0, logical block 0, async page read [ 1138.907158] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.907896] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.908956] Buffer I/O error on dev sr0, logical block 1, async page read 19:39:22 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x1d}]}, 0x10) [ 1138.916900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.917623] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.918683] Buffer I/O error on dev sr0, logical block 2, async page read [ 1138.921541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.922244] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.923529] Buffer I/O error on dev sr0, logical block 3, async page read [ 1138.926543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.927248] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.928326] Buffer I/O error on dev sr0, logical block 4, async page read [ 1138.930655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.931637] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.932650] Buffer I/O error on dev sr0, logical block 5, async page read [ 1138.937522] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.938200] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.939255] Buffer I/O error on dev sr0, logical block 6, async page read [ 1138.945307] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.946014] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.947076] Buffer I/O error on dev sr0, logical block 7, async page read [ 1138.948212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.948919] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1138.950057] Buffer I/O error on dev sr0, logical block 0, async page read [ 1138.954739] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.955473] Buffer I/O error on dev sr0, logical block 1, async page read [ 1138.956600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.957492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.958659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.959521] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.960322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.961197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.962197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.963633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.964517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.965461] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.969874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.970739] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.971596] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.972436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.973450] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.974913] FAULT_INJECTION: forcing a failure. [ 1138.974913] name failslab, interval 1, probability 0, space 0, times 0 [ 1138.976328] CPU: 0 PID: 7687 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1138.977325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.978321] Call Trace: [ 1138.978656] [ 1138.978958] dump_stack_lvl+0xc1/0xf0 [ 1138.979465] should_fail_ex+0x4b4/0x5b0 [ 1138.979989] should_failslab+0x9/0x20 [ 1138.980490] __kmem_cache_alloc_node+0x5b/0x310 [ 1138.981087] ? alloc_fs_context+0x58/0x9e0 [ 1138.981654] kmalloc_trace+0x26/0xc0 [ 1138.981850] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.982134] alloc_fs_context+0x58/0x9e0 [ 1138.983298] path_mount+0xa6a/0x1e40 [ 1138.983798] ? kasan_quarantine_put+0x81/0x1d0 [ 1138.984387] ? __pfx_path_mount+0x10/0x10 [ 1138.984919] ? putname+0x102/0x140 [ 1138.985424] ? kmem_cache_free+0xff/0x4a0 [ 1138.985960] ? putname+0x102/0x140 [ 1138.986445] __x64_sys_mount+0x286/0x310 [ 1138.986977] ? __pfx___x64_sys_mount+0x10/0x10 [ 1138.987576] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1138.988229] do_syscall_64+0x3f/0x90 [ 1138.988714] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1138.989379] RIP: 0033:0x7fbf7ca8bb19 [ 1138.989838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.991992] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1138.992800] FAULT_INJECTION: forcing a failure. [ 1138.992800] name failslab, interval 1, probability 0, space 0, times 0 [ 1138.992906] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1138.995070] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1138.995929] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1138.996793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1138.997658] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1138.998534] [ 1138.998832] CPU: 1 PID: 7684 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1138.999830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.000818] Call Trace: [ 1139.001142] [ 1139.001440] dump_stack_lvl+0xc1/0xf0 [ 1139.001942] should_fail_ex+0x4b4/0x5b0 [ 1139.002635] should_failslab+0x9/0x20 [ 1139.003127] __kmem_cache_alloc_node+0x5b/0x310 [ 1139.003715] ? alloc_fs_context+0x58/0x9e0 [ 1139.004367] kmalloc_trace+0x26/0xc0 [ 1139.004846] alloc_fs_context+0x58/0x9e0 [ 1139.005494] path_mount+0xa6a/0x1e40 [ 1139.005989] ? kasan_quarantine_put+0x81/0x1d0 [ 1139.006566] ? __pfx_path_mount+0x10/0x10 [ 1139.007133] ? putname+0x102/0x140 [ 1139.007700] ? kmem_cache_free+0xff/0x4a0 [ 1139.008270] ? putname+0x102/0x140 [ 1139.008753] __x64_sys_mount+0x286/0x310 [ 1139.009326] ? __pfx___x64_sys_mount+0x10/0x10 [ 1139.009913] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1139.010575] do_syscall_64+0x3f/0x90 [ 1139.011056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1139.011744] RIP: 0033:0x7fb465b78b19 [ 1139.012280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1139.014537] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1139.015459] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1139.016463] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1139.017435] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1139.018297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1139.019260] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1139.020140] 19:39:22 executing program 0: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1139.026318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1139.027823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1139.029419] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1139.030459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1139.031640] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1139.034824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x160, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:34 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:34 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:34 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 11) 19:39:34 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 11) 19:39:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x21}]}, 0x10) 19:39:34 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x24}]}, 0x10) 19:39:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x181, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1151.096098] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1151.097303] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1151.098373] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1151.099199] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1151.100160] blk_print_req_error: 23 callbacks suppressed [ 1151.100176] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2 [ 1151.102796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.103197] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.103773] buffer_io_error: 22 callbacks suppressed [ 1151.103781] Buffer I/O error on dev sr0, logical block 0, async page read [ 1151.104826] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.105203] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.105785] Buffer I/O error on dev sr0, logical block 1, async page read [ 1151.106876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.107251] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.107822] Buffer I/O error on dev sr0, logical block 2, async page read [ 1151.108539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.108933] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.109559] Buffer I/O error on dev sr0, logical block 3, async page read [ 1151.110266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.110693] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.111298] Buffer I/O error on dev sr0, logical block 4, async page read [ 1151.112023] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.112440] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.113057] Buffer I/O error on dev sr0, logical block 5, async page read [ 1151.114110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.114540] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.115128] Buffer I/O error on dev sr0, logical block 6, async page read [ 1151.118195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.118590] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.119145] Buffer I/O error on dev sr0, logical block 7, async page read [ 1151.121603] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.122314] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.123373] Buffer I/O error on dev sr0, logical block 0, async page read [ 1151.133905] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.134630] Buffer I/O error on dev sr0, logical block 1, async page read [ 1151.152273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.156119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x193, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1151.178877] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.185579] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:34 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1151.204912] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.213944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x293, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:34 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 12) 19:39:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x25}]}, 0x10) [ 1151.363040] FAULT_INJECTION: forcing a failure. [ 1151.363040] name failslab, interval 1, probability 0, space 0, times 0 [ 1151.364503] CPU: 1 PID: 7734 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1151.365531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1151.366520] Call Trace: [ 1151.366846] [ 1151.367137] dump_stack_lvl+0xc1/0xf0 [ 1151.367640] should_fail_ex+0x4b4/0x5b0 [ 1151.368173] should_failslab+0x9/0x20 [ 1151.368664] __kmem_cache_alloc_node+0x5b/0x310 [ 1151.369261] ? legacy_init_fs_context+0x44/0xe0 [ 1151.369882] kmalloc_trace+0x26/0xc0 [ 1151.370368] legacy_init_fs_context+0x44/0xe0 [ 1151.370946] ? __pfx_legacy_init_fs_context+0x10/0x10 [ 1151.371603] alloc_fs_context+0x571/0x9e0 [ 1151.372160] path_mount+0xa6a/0x1e40 [ 1151.372656] ? kasan_quarantine_put+0x81/0x1d0 [ 1151.373258] ? __pfx_path_mount+0x10/0x10 [ 1151.373827] ? putname+0x102/0x140 [ 1151.374315] ? kmem_cache_free+0xff/0x4a0 [ 1151.374864] ? putname+0x102/0x140 [ 1151.375359] __x64_sys_mount+0x286/0x310 [ 1151.375901] ? __pfx___x64_sys_mount+0x10/0x10 [ 1151.376512] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1151.377194] do_syscall_64+0x3f/0x90 [ 1151.377719] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1151.378392] RIP: 0033:0x7fbf7ca8bb19 [ 1151.378870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1151.381112] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1151.382133] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1151.383047] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1151.383945] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1151.384832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1151.385751] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1151.386660] 19:39:34 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 12) [ 1151.394973] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1151.396166] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1151.397072] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1151.397948] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 19:39:34 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1151.400018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.400682] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.401219] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.402498] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.403043] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.403692] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.404231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.404844] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.405721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.410783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.411374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.413058] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.415883] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.421999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.432659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.436648] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1151.474953] FAULT_INJECTION: forcing a failure. [ 1151.474953] name failslab, interval 1, probability 0, space 0, times 0 [ 1151.476375] CPU: 1 PID: 7743 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1151.477386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1151.478415] Call Trace: [ 1151.478752] [ 1151.479048] dump_stack_lvl+0xc1/0xf0 [ 1151.479553] should_fail_ex+0x4b4/0x5b0 [ 1151.480077] should_failslab+0x9/0x20 [ 1151.480583] __kmem_cache_alloc_node+0x5b/0x310 [ 1151.481178] ? legacy_init_fs_context+0x44/0xe0 [ 1151.481840] kmalloc_trace+0x26/0xc0 [ 1151.482328] legacy_init_fs_context+0x44/0xe0 [ 1151.482912] ? __pfx_legacy_init_fs_context+0x10/0x10 [ 1151.483583] alloc_fs_context+0x571/0x9e0 [ 1151.484142] path_mount+0xa6a/0x1e40 [ 1151.484652] ? kasan_quarantine_put+0x81/0x1d0 [ 1151.485256] ? __pfx_path_mount+0x10/0x10 [ 1151.485827] ? putname+0x102/0x140 [ 1151.486316] ? kmem_cache_free+0xff/0x4a0 [ 1151.486870] ? putname+0x102/0x140 [ 1151.487368] __x64_sys_mount+0x286/0x310 [ 1151.487916] ? __pfx___x64_sys_mount+0x10/0x10 [ 1151.488532] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1151.489219] do_syscall_64+0x3f/0x90 [ 1151.489736] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1151.490412] RIP: 0033:0x7fb465b78b19 [ 1151.490896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1151.493139] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1151.494112] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1151.495009] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1151.495899] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1151.496782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1151.497684] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1151.498590] 19:39:47 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:47 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:39:47 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 13) 19:39:47 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x300, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:39:47 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:47 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x28}]}, 0x10) 19:39:47 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:47 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 13) [ 1163.912550] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1163.914298] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1163.915493] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1163.916596] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1163.917796] blk_print_req_error: 24 callbacks suppressed [ 1163.917813] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2 [ 1163.920138] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.920868] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.921391] buffer_io_error: 22 callbacks suppressed [ 1163.921399] Buffer I/O error on dev sr0, logical block 0, async page read [ 1163.922592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.923005] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 19:39:47 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x2c}]}, 0x10) [ 1163.923794] Buffer I/O error on dev sr0, logical block 1, async page read [ 1163.924744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.925082] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.925637] Buffer I/O error on dev sr0, logical block 2, async page read [ 1163.926296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.927082] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.927609] Buffer I/O error on dev sr0, logical block 3, async page read [ 1163.928257] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.928624] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.929148] Buffer I/O error on dev sr0, logical block 4, async page read [ 1163.930283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.930655] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.931175] Buffer I/O error on dev sr0, logical block 5, async page read [ 1163.931989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.932330] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.932880] Buffer I/O error on dev sr0, logical block 6, async page read [ 1163.933760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.934106] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.934656] Buffer I/O error on dev sr0, logical block 7, async page read [ 1163.936211] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.936593] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1163.937950] Buffer I/O error on dev sr0, logical block 0, async page read [ 1163.942420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.942771] Buffer I/O error on dev sr0, logical block 1, async page read [ 1163.943509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.944070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.944688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.945216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.945827] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.946486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.947179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.947809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.948601] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.951908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.953027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.955195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.955753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.958892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.968970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.975135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.978939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1163.982043] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:47 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x2d}]}, 0x10) [ 1163.995836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:47 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x393, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1163.996767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.071865] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.072562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.073084] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.074052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.074602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.075879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.076534] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.077053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:39:47 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:39:47 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 14) [ 1164.149277] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1164.150493] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1164.151329] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1164.152165] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1164.154132] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.158279] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.159684] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.161153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.161843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.162506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.163087] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.163748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.166769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.167318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.167914] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.168733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.169322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.169904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.170614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.171149] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.171978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.172575] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.173173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.173771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.174389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.175493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.176065] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.176716] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.177564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.179999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.191302] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.193169] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.198227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.202309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.209166] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.210907] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1164.233157] FAULT_INJECTION: forcing a failure. [ 1164.233157] name failslab, interval 1, probability 0, space 0, times 0 [ 1164.234642] CPU: 1 PID: 7782 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1164.235651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.236655] Call Trace: [ 1164.236989] [ 1164.237288] dump_stack_lvl+0xc1/0xf0 [ 1164.237816] should_fail_ex+0x4b4/0x5b0 [ 1164.238341] should_failslab+0x9/0x20 [ 1164.238830] __kmem_cache_alloc_node+0x5b/0x310 [ 1164.239429] ? v9fs_mount+0x9e/0xbc0 [ 1164.239922] kmalloc_trace+0x26/0xc0 [ 1164.240400] v9fs_mount+0x9e/0xbc0 [ 1164.240870] ? legacy_init_fs_context+0x44/0xe0 [ 1164.241470] ? __pfx_v9fs_mount+0x10/0x10 [ 1164.242029] ? cap_capable+0x1be/0x220 [ 1164.242547] ? __pfx_v9fs_mount+0x10/0x10 [ 1164.243084] legacy_get_tree+0x109/0x220 [ 1164.243617] vfs_get_tree+0x92/0x360 [ 1164.244116] path_mount+0x1335/0x1e40 [ 1164.244634] ? kasan_quarantine_put+0x81/0x1d0 [ 1164.245237] ? __pfx_path_mount+0x10/0x10 [ 1164.245789] ? putname+0x102/0x140 [ 1164.246277] ? kmem_cache_free+0xff/0x4a0 [ 1164.246824] ? putname+0x102/0x140 [ 1164.247318] __x64_sys_mount+0x286/0x310 [ 1164.247859] ? __pfx___x64_sys_mount+0x10/0x10 [ 1164.248469] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1164.249140] do_syscall_64+0x3f/0x90 [ 1164.249657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1164.250323] RIP: 0033:0x7fbf7ca8bb19 [ 1164.250793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.252980] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1164.253906] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1164.254778] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1164.255658] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1164.256535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1164.257414] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1164.258335] 19:40:02 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x30}]}, 0x10) 19:40:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 15) 19:40:02 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:02 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:02 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 14) 19:40:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3a0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:02 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:02 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1178.823564] FAULT_INJECTION: forcing a failure. [ 1178.823564] name failslab, interval 1, probability 0, space 0, times 0 [ 1178.825033] CPU: 1 PID: 7794 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1178.826082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1178.827126] Call Trace: [ 1178.827471] [ 1178.827770] dump_stack_lvl+0xc1/0xf0 [ 1178.828295] should_fail_ex+0x4b4/0x5b0 [ 1178.828841] should_failslab+0x9/0x20 [ 1178.829358] __kmem_cache_alloc_node+0x5b/0x310 [ 1178.829981] ? v9fs_mount+0x9e/0xbc0 [ 1178.830497] kmalloc_trace+0x26/0xc0 [ 1178.830994] v9fs_mount+0x9e/0xbc0 [ 1178.831477] ? legacy_init_fs_context+0x44/0xe0 [ 1178.832106] ? __pfx_v9fs_mount+0x10/0x10 [ 1178.832674] ? cap_capable+0x1be/0x220 [ 1178.833189] ? __pfx_v9fs_mount+0x10/0x10 [ 1178.833773] legacy_get_tree+0x109/0x220 [ 1178.834331] vfs_get_tree+0x92/0x360 [ 1178.834841] path_mount+0x1335/0x1e40 [ 1178.835382] ? kasan_quarantine_put+0x81/0x1d0 [ 1178.836078] ? __pfx_path_mount+0x10/0x10 [ 1178.836656] ? putname+0x102/0x140 [ 1178.837147] ? kmem_cache_free+0xff/0x4a0 [ 1178.837705] ? putname+0x102/0x140 [ 1178.838205] __x64_sys_mount+0x286/0x310 [ 1178.838772] ? __pfx___x64_sys_mount+0x10/0x10 [ 1178.839395] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1178.840090] do_syscall_64+0x3f/0x90 [ 1178.840596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1178.841284] RIP: 0033:0x7fb465b78b19 [ 1178.841773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1178.844036] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1178.845010] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1178.845919] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1178.846809] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1178.847725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1178.848632] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1178.849552] [ 1178.892865] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1178.894540] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1178.895636] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1178.896778] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1178.898115] blk_print_req_error: 62 callbacks suppressed [ 1178.898138] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1178.905194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.906196] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.907267] buffer_io_error: 62 callbacks suppressed [ 1178.907282] Buffer I/O error on dev sr0, logical block 0, async page read [ 1178.915875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.916646] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.917731] Buffer I/O error on dev sr0, logical block 1, async page read [ 1178.919147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.919892] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.920967] Buffer I/O error on dev sr0, logical block 2, async page read [ 1178.922818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.923551] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.924605] Buffer I/O error on dev sr0, logical block 3, async page read [ 1178.927214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.927958] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.929017] Buffer I/O error on dev sr0, logical block 4, async page read 19:40:02 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x34}]}, 0x10) [ 1178.941110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.942110] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.943198] Buffer I/O error on dev sr0, logical block 5, async page read 19:40:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3e1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1178.964061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.965023] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.966094] Buffer I/O error on dev sr0, logical block 6, async page read [ 1178.988823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1178.989691] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1178.991875] Buffer I/O error on dev sr0, logical block 7, async page read 19:40:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 16) [ 1179.085142] FAULT_INJECTION: forcing a failure. [ 1179.085142] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.086633] CPU: 1 PID: 7812 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1179.087633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1179.088649] Call Trace: [ 1179.088986] [ 1179.089290] dump_stack_lvl+0xc1/0xf0 [ 1179.089808] should_fail_ex+0x4b4/0x5b0 [ 1179.090348] should_failslab+0x9/0x20 [ 1179.090863] __kmem_cache_alloc_node+0x5b/0x310 [ 1179.091479] ? v9fs_session_init+0xab/0x1760 [ 1179.092121] ? __kasan_kmalloc+0x7f/0x90 [ 1179.092720] ? v9fs_mount+0x9e/0xbc0 [ 1179.093218] ? v9fs_session_init+0xab/0x1760 [ 1179.093795] __kmalloc_node_track_caller+0x4b/0x160 [ 1179.094430] kstrdup+0x3f/0x80 [ 1179.094852] v9fs_session_init+0xab/0x1760 [ 1179.095386] ? __kmem_cache_alloc_node+0x1f8/0x310 [ 1179.096011] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1179.096746] ? __pfx_lock_release+0x10/0x10 [ 1179.097289] ? __pfx_v9fs_session_init+0x10/0x10 [ 1179.097910] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1179.098564] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1179.099190] ? v9fs_mount+0x9e/0xbc0 [ 1179.099703] v9fs_mount+0xbd/0xbc0 [ 1179.100317] ? legacy_init_fs_context+0x44/0xe0 [ 1179.101001] ? __pfx_v9fs_mount+0x10/0x10 [ 1179.101567] ? cap_capable+0x1be/0x220 [ 1179.102148] ? __pfx_v9fs_mount+0x10/0x10 [ 1179.102751] legacy_get_tree+0x109/0x220 [ 1179.103295] vfs_get_tree+0x92/0x360 [ 1179.103808] path_mount+0x1335/0x1e40 [ 1179.104312] ? kasan_quarantine_put+0x81/0x1d0 [ 1179.104913] ? __pfx_path_mount+0x10/0x10 [ 1179.105445] ? putname+0x102/0x140 [ 1179.105946] ? kmem_cache_free+0xff/0x4a0 [ 1179.106483] ? putname+0x102/0x140 [ 1179.106972] __x64_sys_mount+0x286/0x310 [ 1179.107502] ? __pfx___x64_sys_mount+0x10/0x10 [ 1179.108091] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1179.108745] do_syscall_64+0x3f/0x90 [ 1179.109242] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1179.109945] RIP: 0033:0x7fbf7ca8bb19 [ 1179.110420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1179.112616] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1179.113598] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1179.114485] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1179.115371] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1179.116364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1179.117249] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1179.118277] 19:40:02 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:02 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 15) 19:40:02 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x493, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:02 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x35}]}, 0x10) 19:40:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 17) [ 1179.298088] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1179.299391] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1179.300391] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1179.301218] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1179.302186] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 2 [ 1179.305842] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.306843] Buffer I/O error on dev sr0, logical block 0, async page read [ 1179.310813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.312054] Buffer I/O error on dev sr0, logical block 1, async page read [ 1179.332092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.336108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.340277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.341849] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.344233] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1179.346951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:02 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:02 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x3c}]}, 0x10) 19:40:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x500, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1179.512886] syz-executor.0 (7797) used greatest stack depth: 23008 bytes left 19:40:17 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 16) 19:40:17 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:17 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x593, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:17 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:17 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 18) 19:40:17 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x3d}]}, 0x10) 19:40:17 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:17 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1193.677132] FAULT_INJECTION: forcing a failure. [ 1193.677132] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.678010] CPU: 1 PID: 7845 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1193.678676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1193.679277] Call Trace: [ 1193.679501] [ 1193.679691] dump_stack_lvl+0xc1/0xf0 [ 1193.680038] should_fail_ex+0x4b4/0x5b0 [ 1193.680393] should_failslab+0x9/0x20 [ 1193.680736] __kmem_cache_alloc_node+0x5b/0x310 [ 1193.681142] ? v9fs_session_init+0xab/0x1760 [ 1193.681538] ? __kasan_kmalloc+0x7f/0x90 [ 1193.681901] ? v9fs_mount+0x9e/0xbc0 [ 1193.682262] ? v9fs_session_init+0xab/0x1760 [ 1193.682638] __kmalloc_node_track_caller+0x4b/0x160 [ 1193.683073] kstrdup+0x3f/0x80 [ 1193.683365] v9fs_session_init+0xab/0x1760 [ 1193.683686] ? __kmem_cache_alloc_node+0x1f8/0x310 [ 1193.684111] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1193.684621] ? __pfx_lock_release+0x10/0x10 [ 1193.685000] ? __pfx_v9fs_session_init+0x10/0x10 [ 1193.685405] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1193.685859] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1193.686281] ? v9fs_mount+0x9e/0xbc0 [ 1193.686617] v9fs_mount+0xbd/0xbc0 [ 1193.686928] ? legacy_init_fs_context+0x44/0xe0 [ 1193.687342] ? __pfx_v9fs_mount+0x10/0x10 [ 1193.687715] ? cap_capable+0x1be/0x220 [ 1193.688022] ? __pfx_v9fs_mount+0x10/0x10 [ 1193.688384] legacy_get_tree+0x109/0x220 [ 1193.688747] vfs_get_tree+0x92/0x360 [ 1193.689078] path_mount+0x1335/0x1e40 [ 1193.689416] ? kasan_quarantine_put+0x81/0x1d0 [ 1193.689818] ? __pfx_path_mount+0x10/0x10 [ 1193.690146] ? putname+0x102/0x140 [ 1193.690471] ? kmem_cache_free+0xff/0x4a0 [ 1193.690802] ? putname+0x102/0x140 [ 1193.691127] __x64_sys_mount+0x286/0x310 [ 1193.691445] ? __pfx___x64_sys_mount+0x10/0x10 [ 1193.691860] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1193.692250] do_syscall_64+0x3f/0x90 [ 1193.692590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1193.692985] RIP: 0033:0x7fb465b78b19 [ 1193.693315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1193.694607] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1193.695160] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1193.695679] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1193.696208] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1193.696712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1193.697230] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1193.697759] 19:40:17 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x44}]}, 0x10) [ 1193.716508] FAULT_INJECTION: forcing a failure. [ 1193.716508] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.717836] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1193.718104] CPU: 0 PID: 7853 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1193.718727] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1193.719721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1193.719739] Call Trace: [ 1193.720224] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1193.721263] [ 1193.721274] dump_stack_lvl+0xc1/0xf0 [ 1193.721509] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1193.722277] should_fail_ex+0x4b4/0x5b0 [ 1193.722459] blk_print_req_error: 8 callbacks suppressed [ 1193.722470] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 24 prio class 2 [ 1193.722939] should_failslab+0x9/0x20 [ 1193.726453] __kmem_cache_alloc_node+0x5b/0x310 [ 1193.727122] ? v9fs_session_init+0xed/0x1760 [ 1193.727767] ? v9fs_session_init+0xed/0x1760 [ 1193.728404] __kmalloc_node_track_caller+0x4b/0x160 [ 1193.729100] kstrdup+0x3f/0x80 [ 1193.729581] v9fs_session_init+0xed/0x1760 [ 1193.730202] ? __kmem_cache_alloc_node+0x1f8/0x310 [ 1193.730896] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1193.731726] ? __pfx_lock_release+0x10/0x10 [ 1193.732344] ? __pfx_v9fs_session_init+0x10/0x10 [ 1193.733009] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1193.733735] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1193.734449] ? v9fs_mount+0x9e/0xbc0 [ 1193.735011] v9fs_mount+0xbd/0xbc0 [ 1193.735536] ? legacy_init_fs_context+0x44/0xe0 [ 1193.736215] ? __pfx_v9fs_mount+0x10/0x10 [ 1193.736818] ? cap_capable+0x1be/0x220 [ 1193.737397] ? __pfx_v9fs_mount+0x10/0x10 [ 1193.738002] legacy_get_tree+0x109/0x220 [ 1193.738596] vfs_get_tree+0x92/0x360 [ 1193.739146] path_mount+0x1335/0x1e40 [ 1193.739708] ? kasan_quarantine_put+0x81/0x1d0 [ 1193.740368] ? __pfx_path_mount+0x10/0x10 [ 1193.740974] ? putname+0x102/0x140 [ 1193.741501] ? kmem_cache_free+0xff/0x4a0 [ 1193.742102] ? putname+0x102/0x140 [ 1193.742729] __x64_sys_mount+0x286/0x310 19:40:17 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 17) [ 1193.743406] ? __pfx___x64_sys_mount+0x10/0x10 [ 1193.744067] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1193.744806] do_syscall_64+0x3f/0x90 [ 1193.745348] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1193.746094] RIP: 0033:0x7fbf7ca8bb19 [ 1193.746621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1193.749030] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1193.750071] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1193.751050] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1193.751999] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1193.752955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1193.753941] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1193.754941] [ 1193.770086] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.770580] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.771255] buffer_io_error: 6 callbacks suppressed [ 1193.771264] Buffer I/O error on dev sr0, logical block 0, async page read [ 1193.773058] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.773532] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.774242] Buffer I/O error on dev sr0, logical block 1, async page read [ 1193.775079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.775556] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.776221] Buffer I/O error on dev sr0, logical block 2, async page read [ 1193.777530] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.777999] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.778698] Buffer I/O error on dev sr0, logical block 3, async page read [ 1193.780234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.780756] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.781444] Buffer I/O error on dev sr0, logical block 4, async page read [ 1193.782601] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.783047] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.783749] Buffer I/O error on dev sr0, logical block 5, async page read [ 1193.784923] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.785423] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.786112] Buffer I/O error on dev sr0, logical block 6, async page read [ 1193.787941] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1193.788411] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1193.789092] Buffer I/O error on dev sr0, logical block 7, async page read 19:40:17 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x600, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:17 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:17 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:17 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x693, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:30 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x45}]}, 0x10) 19:40:30 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:30 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 19) 19:40:30 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:30 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:30 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 18) 19:40:30 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x700, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1206.800077] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1206.801409] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1206.802396] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1206.803281] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1206.804300] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 2 [ 1206.819829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.820667] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.821782] Buffer I/O error on dev sr0, logical block 0, async page read [ 1206.822847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.823038] FAULT_INJECTION: forcing a failure. [ 1206.823038] name failslab, interval 1, probability 0, space 0, times 0 [ 1206.823593] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 2 [ 1206.824351] CPU: 0 PID: 7889 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1206.825413] Buffer I/O error on dev sr0, logical block 1, async page read [ 1206.825903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1206.826815] Buffer I/O error on dev sr0, logical block 2, async page read [ 1206.827313] Call Trace: [ 1206.827320] [ 1206.828214] Buffer I/O error on dev sr0, logical block 3, async page read [ 1206.828352] dump_stack_lvl+0xc1/0xf0 [ 1206.828681] Buffer I/O error on dev sr0, logical block 4, async page read [ 1206.829108] should_fail_ex+0x4b4/0x5b0 [ 1206.829640] Buffer I/O error on dev sr0, logical block 5, async page read [ 1206.830027] should_failslab+0x9/0x20 [ 1206.830584] Buffer I/O error on dev sr0, logical block 6, async page read [ 1206.830979] __kmem_cache_alloc_node+0x5b/0x310 [ 1206.831502] Buffer I/O error on dev sr0, logical block 7, async page read [ 1206.831906] ? v9fs_session_init+0xed/0x1760 [ 1206.833341] ? v9fs_session_init+0xed/0x1760 [ 1206.833663] __kmalloc_node_track_caller+0x4b/0x160 [ 1206.834003] kstrdup+0x3f/0x80 [ 1206.834255] v9fs_session_init+0xed/0x1760 [ 1206.834545] ? __kmem_cache_alloc_node+0x1f8/0x310 [ 1206.834904] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1206.835307] ? __pfx_lock_release+0x10/0x10 [ 1206.835621] ? __pfx_v9fs_session_init+0x10/0x10 [ 1206.835946] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1206.836329] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1206.836661] ? v9fs_mount+0x9e/0xbc0 [ 1206.836945] v9fs_mount+0xbd/0xbc0 [ 1206.837199] ? legacy_init_fs_context+0x44/0xe0 [ 1206.837549] ? __pfx_v9fs_mount+0x10/0x10 [ 1206.837836] ? cap_capable+0x1be/0x220 [ 1206.838134] ? __pfx_v9fs_mount+0x10/0x10 [ 1206.838423] legacy_get_tree+0x109/0x220 [ 1206.838729] vfs_get_tree+0x92/0x360 [ 1206.838993] path_mount+0x1335/0x1e40 [ 1206.839280] ? kasan_quarantine_put+0x81/0x1d0 [ 1206.839598] ? __pfx_path_mount+0x10/0x10 [ 1206.839901] ? putname+0x102/0x140 [ 1206.840163] ? kmem_cache_free+0xff/0x4a0 [ 1206.840472] ? putname+0x102/0x140 [ 1206.840729] __x64_sys_mount+0x286/0x310 [ 1206.841026] ? __pfx___x64_sys_mount+0x10/0x10 [ 1206.841344] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1206.841725] do_syscall_64+0x3f/0x90 [ 1206.841990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1206.842382] RIP: 0033:0x7fb465b78b19 [ 1206.842641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1206.843891] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1206.844390] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1206.844886] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1206.845381] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1206.845880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1206.846354] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1206.846866] [ 1206.851385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.851786] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.852374] Buffer I/O error on dev sr0, logical block 0, async page read [ 1206.859641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.860026] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.860731] Buffer I/O error on dev sr0, logical block 1, async page read [ 1206.861415] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.861786] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.862560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.862917] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.864072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.864462] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.868117] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.868574] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.869321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.869702] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1206.870691] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.871295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.871906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.872724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.873288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.874002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.874640] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.875198] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.875797] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:30 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x48}]}, 0x10) [ 1206.897048] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1206.898329] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1206.899286] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1206.900154] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 1206.902407] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.903070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.904039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.904665] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.905994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.906637] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.907703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1206.908620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:30 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 19) 19:40:30 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 1) 19:40:30 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x4c}]}, 0x10) 19:40:30 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:30 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x701, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1207.054998] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1207.055674] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1207.056143] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1207.056606] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1207.057946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.058624] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.064112] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.064878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.065472] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.066032] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.066630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.067174] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.067420] FAULT_INJECTION: forcing a failure. [ 1207.067420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1207.068003] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.068314] CPU: 1 PID: 7911 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1207.069204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1207.069774] Call Trace: [ 1207.069962] [ 1207.070148] dump_stack_lvl+0xc1/0xf0 [ 1207.070437] should_fail_ex+0x4b4/0x5b0 [ 1207.070777] _copy_from_user+0x2e/0x180 [ 1207.071098] sk_setsockopt+0xf81/0x3650 [ 1207.071413] ? sock_has_perm+0x1e2/0x270 [ 1207.071704] ? __pfx_sk_setsockopt+0x10/0x10 [ 1207.072019] ? __pfx_lock_release+0x10/0x10 [ 1207.072318] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1207.072702] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1207.073116] ? __fget_files+0x270/0x480 [ 1207.073410] ? selinux_socket_setsockopt+0x6e/0x90 [ 1207.073753] __sys_setsockopt+0x2b9/0x320 [ 1207.074050] ? __pfx___sys_setsockopt+0x10/0x10 [ 1207.074383] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1207.074627] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.074832] ? fput+0x2f/0x1a0 [ 1207.075445] ? ksys_write+0x1a7/0x260 [ 1207.075737] ? __pfx_ksys_write+0x10/0x10 [ 1207.076048] __x64_sys_setsockopt+0xbe/0x160 [ 1207.076380] ? syscall_enter_from_user_mode+0x21/0x50 [ 1207.076777] do_syscall_64+0x3f/0x90 [ 1207.077064] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1207.077447] RIP: 0033:0x7f44cdda8b19 [ 1207.077718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1207.079014] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1207.079544] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1207.079791] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.080050] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1207.080679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.080910] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1207.081527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.081774] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1207.082390] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.082638] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1207.083570] [ 1207.083793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.085937] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.087362] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.088060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.088641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.089290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.089977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.091139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.092171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.092775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.093802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.100512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.101249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.102153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.102772] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.105395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.106611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.111610] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:30 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:30 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 20) 19:40:30 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x4d}]}, 0x10) 19:40:30 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x793, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1207.187886] FAULT_INJECTION: forcing a failure. [ 1207.187886] name failslab, interval 1, probability 0, space 0, times 0 [ 1207.188676] CPU: 1 PID: 7920 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1207.189207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1207.189746] Call Trace: [ 1207.189926] [ 1207.190098] dump_stack_lvl+0xc1/0xf0 [ 1207.190398] should_fail_ex+0x4b4/0x5b0 [ 1207.190712] should_failslab+0x9/0x20 [ 1207.191000] __kmem_cache_alloc_node+0x5b/0x310 [ 1207.191354] ? p9_client_create+0xb3/0x1260 [ 1207.191682] kmalloc_trace+0x26/0xc0 [ 1207.191964] p9_client_create+0xb3/0x1260 [ 1207.192283] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1207.192671] ? __pfx_p9_client_create+0x10/0x10 [ 1207.192991] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1207.193331] ? lockdep_init_map_type+0x21e/0x7e0 [ 1207.193678] ? __kasan_kmalloc+0x7f/0x90 [ 1207.193968] ? __raw_spin_lock_init+0x3a/0x110 [ 1207.194328] v9fs_session_init+0x1e1/0x1760 [ 1207.194653] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1207.195085] ? __pfx_v9fs_session_init+0x10/0x10 [ 1207.195438] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1207.195813] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1207.196174] ? v9fs_mount+0x9e/0xbc0 [ 1207.196463] v9fs_mount+0xbd/0xbc0 [ 1207.196732] ? legacy_init_fs_context+0x44/0xe0 [ 1207.197067] ? __pfx_v9fs_mount+0x10/0x10 [ 1207.197372] ? cap_capable+0x1be/0x220 [ 1207.197672] ? __pfx_v9fs_mount+0x10/0x10 [ 1207.197964] legacy_get_tree+0x109/0x220 [ 1207.198264] vfs_get_tree+0x92/0x360 [ 1207.198532] path_mount+0x1335/0x1e40 [ 1207.198811] ? kasan_quarantine_put+0x81/0x1d0 [ 1207.199133] ? __pfx_path_mount+0x10/0x10 [ 1207.199426] ? putname+0x102/0x140 [ 1207.199689] ? kmem_cache_free+0xff/0x4a0 [ 1207.199978] ? putname+0x102/0x140 [ 1207.200242] __x64_sys_mount+0x286/0x310 [ 1207.200531] ? __pfx___x64_sys_mount+0x10/0x10 [ 1207.200856] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1207.201216] do_syscall_64+0x3f/0x90 [ 1207.201485] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1207.201847] RIP: 0033:0x7fbf7ca8bb19 [ 1207.202115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1207.203293] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1207.203796] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1207.204263] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1207.204736] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1207.205205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1207.205672] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1207.206159] 19:40:30 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1207.324356] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1207.325018] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1207.325513] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1207.325939] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1207.326702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.327141] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.327606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.328038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.328584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.329013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.329470] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.329898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.330559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.330988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.331446] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.331882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.332310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.332810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.333243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.333706] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.334212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.334701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.335140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.335623] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.336095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.336609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.337049] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.337540] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.338043] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.338560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.339027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.339515] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.339956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.340465] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.340915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.341410] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.341902] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.342451] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.342904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.343388] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.343854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.344312] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.344825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.345265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.345790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.346258] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.346773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.347230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.347713] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.348170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.348681] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.349135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.349663] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.350126] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.350645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.351104] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.351584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.352047] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.352558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.353011] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.353548] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.354007] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.354546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.356757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.357224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.357712] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.358178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.358738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.359250] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.359743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.360215] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.360871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.361328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.361819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.362281] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.362789] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.363282] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.365426] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.365886] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.366362] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.366793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.367224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.367720] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1207.368153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:42 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 21) 19:40:42 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 20) 19:40:42 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:42 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x893, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:42 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 2) 19:40:42 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:42 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x50}]}, 0x10) 19:40:42 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1219.389727] FAULT_INJECTION: forcing a failure. [ 1219.389727] name failslab, interval 1, probability 0, space 0, times 0 [ 1219.391402] CPU: 0 PID: 7940 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1219.392513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1219.393644] Call Trace: [ 1219.394000] [ 1219.394346] dump_stack_lvl+0xc1/0xf0 [ 1219.394907] should_fail_ex+0x4b4/0x5b0 [ 1219.395536] should_failslab+0x9/0x20 [ 1219.396138] __kmem_cache_alloc_node+0x5b/0x310 [ 1219.396793] ? p9_client_create+0xb3/0x1260 [ 1219.397404] kmalloc_trace+0x26/0xc0 [ 1219.397937] p9_client_create+0xb3/0x1260 [ 1219.398542] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1219.399268] ? __pfx_p9_client_create+0x10/0x10 [ 1219.399281] FAULT_INJECTION: forcing a failure. [ 1219.399281] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1219.399922] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1219.402095] ? lockdep_init_map_type+0x21e/0x7e0 [ 1219.402743] ? __kasan_kmalloc+0x7f/0x90 [ 1219.403338] ? __raw_spin_lock_init+0x3a/0x110 [ 1219.403975] v9fs_session_init+0x1e1/0x1760 [ 1219.404618] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1219.405419] ? __pfx_v9fs_session_init+0x10/0x10 [ 1219.406063] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1219.406758] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1219.407459] ? v9fs_mount+0x9e/0xbc0 [ 1219.407993] v9fs_mount+0xbd/0xbc0 [ 1219.408520] ? legacy_init_fs_context+0x44/0xe0 [ 1219.409136] ? __pfx_v9fs_mount+0x10/0x10 [ 1219.409688] ? cap_capable+0x1be/0x220 [ 1219.410254] ? __pfx_v9fs_mount+0x10/0x10 [ 1219.410872] legacy_get_tree+0x109/0x220 [ 1219.411447] vfs_get_tree+0x92/0x360 [ 1219.411986] path_mount+0x1335/0x1e40 [ 1219.412486] ? kasan_quarantine_put+0x81/0x1d0 [ 1219.413119] ? __pfx_path_mount+0x10/0x10 [ 1219.413692] ? putname+0x102/0x140 [ 1219.414212] ? kmem_cache_free+0xff/0x4a0 [ 1219.414821] ? putname+0x102/0x140 [ 1219.415356] __x64_sys_mount+0x286/0x310 [ 1219.415941] ? __pfx___x64_sys_mount+0x10/0x10 [ 1219.416547] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1219.417279] do_syscall_64+0x3f/0x90 [ 1219.417824] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1219.418593] RIP: 0033:0x7fb465b78b19 [ 1219.419112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1219.421502] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1219.422540] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1219.423500] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1219.424426] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1219.425368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1219.426367] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1219.427359] [ 1219.427693] CPU: 1 PID: 7948 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1219.428814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1219.429894] Call Trace: [ 1219.430272] [ 1219.430602] dump_stack_lvl+0xc1/0xf0 [ 1219.431149] should_fail_ex+0x4b4/0x5b0 [ 1219.431716] _copy_from_user+0x2e/0x180 [ 1219.432283] copy_bpf_fprog_from_user+0x2df/0x390 [ 1219.432948] ? __pfx_copy_bpf_fprog_from_user+0x10/0x10 [ 1219.433672] ? mark_held_locks+0x9e/0xe0 [ 1219.434243] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1219.434974] sk_setsockopt+0xc5c/0x3650 [ 1219.435533] ? __pfx_sk_setsockopt+0x10/0x10 [ 1219.436154] ? __pfx_lock_release+0x10/0x10 [ 1219.436761] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1219.437546] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1219.438382] ? __fget_files+0x270/0x480 [ 1219.438970] ? selinux_socket_setsockopt+0x6e/0x90 [ 1219.439657] __sys_setsockopt+0x2b9/0x320 [ 1219.440250] ? __pfx___sys_setsockopt+0x10/0x10 [ 1219.440989] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1219.441915] ? fput+0x2f/0x1a0 [ 1219.442487] ? ksys_write+0x1a7/0x260 [ 1219.443097] ? __pfx_ksys_write+0x10/0x10 [ 1219.443770] __x64_sys_setsockopt+0xbe/0x160 [ 1219.444493] ? syscall_enter_from_user_mode+0x21/0x50 [ 1219.445327] do_syscall_64+0x3f/0x90 [ 1219.445937] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1219.446760] RIP: 0033:0x7f44cdda8b19 [ 1219.447368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1219.450149] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1219.451347] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1219.452446] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1219.453550] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1219.454687] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1219.455780] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1219.456894] [ 1219.472192] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1219.473686] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1219.474811] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1219.475843] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1219.477006] blk_print_req_error: 132 callbacks suppressed [ 1219.477025] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1219.480159] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.481081] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.482149] buffer_io_error: 142 callbacks suppressed [ 1219.482163] Buffer I/O error on dev sr0, logical block 0, async page read [ 1219.484289] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.485616] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.486698] Buffer I/O error on dev sr0, logical block 1, async page read [ 1219.488177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.488971] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.490017] Buffer I/O error on dev sr0, logical block 2, async page read [ 1219.492123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.492986] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.494181] Buffer I/O error on dev sr0, logical block 3, async page read [ 1219.495831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.496611] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.497655] Buffer I/O error on dev sr0, logical block 4, async page read [ 1219.524948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.526170] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.527301] Buffer I/O error on dev sr0, logical block 5, async page read [ 1219.532599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.533599] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.534775] Buffer I/O error on dev sr0, logical block 6, async page read [ 1219.537583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1219.538415] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1219.539675] Buffer I/O error on dev sr0, logical block 7, async page read 19:40:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x54}]}, 0x10) 19:40:55 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:55 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:55 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 22) 19:40:55 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, 0x0, 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:55 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 3) 19:40:55 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 21) 19:40:55 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x900, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:55 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x5c}]}, 0x10) [ 1232.532194] FAULT_INJECTION: forcing a failure. [ 1232.532194] name failslab, interval 1, probability 0, space 0, times 0 [ 1232.533202] CPU: 0 PID: 7964 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1232.533740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1232.534272] Call Trace: [ 1232.534467] [ 1232.534627] dump_stack_lvl+0xc1/0xf0 [ 1232.534899] should_fail_ex+0x4b4/0x5b0 [ 1232.535183] should_failslab+0x9/0x20 [ 1232.535457] __kmem_cache_alloc_node+0x5b/0x310 [ 1232.535854] ? __get_vm_area_node+0xea/0x360 [ 1232.536195] kmalloc_node_trace+0x21/0xc0 [ 1232.536487] __get_vm_area_node+0xea/0x360 [ 1232.536781] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.537108] __vmalloc_node_range+0x245/0x1470 [ 1232.537431] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.537759] ? __pfx___lock_acquire+0x10/0x10 [ 1232.538070] ? __lock_acquire+0x1936/0x63b0 [ 1232.538367] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.538716] ? lock_acquire+0x19a/0x4c0 [ 1232.538998] ? __pfx___vmalloc_node_range+0x10/0x10 [ 1232.539347] ? lock_release+0x1e3/0x680 [ 1232.539622] ? __pfx_lock_release+0x10/0x10 [ 1232.539918] ? __pfx_mark_lock.part.0+0x10/0x10 [ 1232.540242] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.540572] __vmalloc_node+0xac/0xf0 [ 1232.540844] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.541175] bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.541492] bpf_prog_alloc+0x39/0x200 [ 1232.541765] __get_filter+0x115/0x2c0 [ 1232.542036] sk_attach_filter+0x24/0x3a0 [ 1232.542321] sk_setsockopt+0x19cf/0x3650 [ 1232.542614] ? __pfx_sk_setsockopt+0x10/0x10 [ 1232.542930] ? __pfx_lock_release+0x10/0x10 [ 1232.543222] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1232.543598] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1232.544011] ? __fget_files+0x270/0x480 [ 1232.544304] ? selinux_socket_setsockopt+0x6e/0x90 [ 1232.544650] __sys_setsockopt+0x2b9/0x320 [ 1232.544945] ? __pfx___sys_setsockopt+0x10/0x10 [ 1232.545266] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1232.545678] ? fput+0x2f/0x1a0 [ 1232.545916] ? ksys_write+0x1a7/0x260 [ 1232.546182] ? __pfx_ksys_write+0x10/0x10 [ 1232.546491] __x64_sys_setsockopt+0xbe/0x160 [ 1232.546800] ? syscall_enter_from_user_mode+0x21/0x50 [ 1232.547154] do_syscall_64+0x3f/0x90 [ 1232.547417] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1232.547773] RIP: 0033:0x7f44cdda8b19 [ 1232.548029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1232.549195] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1232.549698] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1232.550167] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1232.550639] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1232.551105] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1232.551575] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1232.552050] [ 1232.552255] warn_alloc: 1 callbacks suppressed [ 1232.552264] syz-executor.0: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0 [ 1232.553607] CPU: 0 PID: 7964 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1232.554136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1232.554680] Call Trace: [ 1232.554858] [ 1232.555018] dump_stack_lvl+0xc1/0xf0 [ 1232.555285] warn_alloc+0x214/0x370 [ 1232.555554] ? __pfx_warn_alloc+0x10/0x10 [ 1232.555846] ? __get_vm_area_node+0xea/0x360 [ 1232.556164] ? __kasan_kmalloc+0x6f/0x90 [ 1232.556453] ? __get_vm_area_node+0x27a/0x360 [ 1232.556777] __vmalloc_node_range+0xbe1/0x1470 [ 1232.557100] ? __pfx___lock_acquire+0x10/0x10 [ 1232.557407] ? __lock_acquire+0x1936/0x63b0 [ 1232.557704] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.558042] ? lock_acquire+0x19a/0x4c0 [ 1232.558321] ? __pfx___vmalloc_node_range+0x10/0x10 [ 1232.558688] ? lock_release+0x1e3/0x680 [ 1232.558977] ? __pfx_lock_release+0x10/0x10 [ 1232.559270] ? __pfx_mark_lock.part.0+0x10/0x10 [ 1232.559600] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.559934] __vmalloc_node+0xac/0xf0 [ 1232.560206] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.560540] bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.560856] bpf_prog_alloc+0x39/0x200 [ 1232.561126] __get_filter+0x115/0x2c0 [ 1232.561397] sk_attach_filter+0x24/0x3a0 [ 1232.561678] sk_setsockopt+0x19cf/0x3650 [ 1232.561957] ? __pfx_sk_setsockopt+0x10/0x10 [ 1232.562272] ? __pfx_lock_release+0x10/0x10 [ 1232.562580] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1232.562950] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1232.563357] ? __fget_files+0x270/0x480 [ 1232.563647] ? selinux_socket_setsockopt+0x6e/0x90 [ 1232.563975] __sys_setsockopt+0x2b9/0x320 [ 1232.564276] ? __pfx___sys_setsockopt+0x10/0x10 [ 1232.564594] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1232.564989] ? fput+0x2f/0x1a0 [ 1232.565218] ? ksys_write+0x1a7/0x260 [ 1232.565479] ? __pfx_ksys_write+0x10/0x10 [ 1232.565765] __x64_sys_setsockopt+0xbe/0x160 [ 1232.566070] ? syscall_enter_from_user_mode+0x21/0x50 [ 1232.566434] do_syscall_64+0x3f/0x90 [ 1232.566718] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1232.567093] RIP: 0033:0x7f44cdda8b19 [ 1232.567363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1232.568600] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1232.569142] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1232.569643] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1232.570143] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1232.570647] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1232.571154] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1232.571668] [ 1232.571873] Mem-Info: [ 1232.572052] active_anon:90 inactive_anon:46701 isolated_anon:0 [ 1232.572052] active_file:11009 inactive_file:56095 isolated_file:0 [ 1232.572052] unevictable:36 dirty:123 writeback:0 [ 1232.572052] slab_reclaimable:9542 slab_unreclaimable:56308 [ 1232.572052] mapped:81605 shmem:176 pagetables:2650 [ 1232.572052] sec_pagetables:0 bounce:0 [ 1232.572052] kernel_misc_reclaimable:0 [ 1232.572052] free:155850 free_pcp:939 free_cma:0 [ 1232.574613] Node 0 active_anon:360kB inactive_anon:186804kB active_file:44036kB inactive_file:224380kB unevictable:144kB isolated(anon):0kB isolated(file):0kB mapped:326420kB dirty:576kB writeback:0kB shmem:704kB writeback_tmp:0kB kernel_stack:5824kB pagetables:10600kB sec_pagetables:0kB all_unreclaimable? no [ 1232.576329] Node 0 DMA free:15360kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1232.577990] lowmem_reserve[]: 0 1606 1606 1606 [ 1232.578321] Node 0 DMA32 free:608040kB boost:0kB min:5104kB low:6748kB high:8392kB reserved_highatomic:0KB active_anon:360kB inactive_anon:186804kB active_file:44036kB inactive_file:224380kB unevictable:144kB writepending:576kB present:2080640kB managed:1655456kB mlocked:0kB bounce:0kB free_pcp:3700kB local_pcp:452kB free_cma:0kB [ 1232.580214] lowmem_reserve[]: 0 0 0 0 [ 1232.580515] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1232.581387] Node 0 DMA32: 12*4kB (E) 45*8kB (UME) 57*16kB (UME) 108*32kB (UME) 12*64kB (UE) 3*128kB (ME) 2*256kB (UM) 5*512kB (UME) 3*1024kB (UME) 1*2048kB (U) 145*4096kB (UM) = 608040kB [ 1232.582609] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1232.583160] 24805 total pagecache pages [ 1232.583448] 0 pages in swap cache [ 1232.583690] Free swap = 0kB [ 1232.583908] Total swap = 0kB [ 1232.584116] 524158 pages RAM [ 1232.584356] 0 pages HighMem/MovableOnly [ 1232.584622] 106454 pages reserved [ 1232.587263] FAULT_INJECTION: forcing a failure. [ 1232.587263] name failslab, interval 1, probability 0, space 0, times 0 [ 1232.588055] CPU: 0 PID: 7965 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1232.588586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1232.589162] Call Trace: [ 1232.589338] [ 1232.589504] dump_stack_lvl+0xc1/0xf0 [ 1232.589788] should_fail_ex+0x4b4/0x5b0 [ 1232.590082] should_failslab+0x9/0x20 [ 1232.590365] __kmem_cache_alloc_node+0x5b/0x310 [ 1232.590696] ? p9_client_create+0x473/0x1260 [ 1232.591021] ? p9_client_create+0x473/0x1260 [ 1232.591327] __kmalloc_node_track_caller+0x4b/0x160 [ 1232.591696] kstrdup+0x3f/0x80 [ 1232.591935] p9_client_create+0x473/0x1260 [ 1232.592255] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1232.592610] ? __pfx_p9_client_create+0x10/0x10 [ 1232.592960] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1232.593300] ? lockdep_init_map_type+0x21e/0x7e0 [ 1232.593647] ? __kasan_kmalloc+0x7f/0x90 [ 1232.593949] ? __raw_spin_lock_init+0x3a/0x110 [ 1232.594270] v9fs_session_init+0x1e1/0x1760 [ 1232.594593] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1232.595016] ? __pfx_v9fs_session_init+0x10/0x10 [ 1232.595345] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1232.595727] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1232.596080] ? v9fs_mount+0x9e/0xbc0 [ 1232.596359] v9fs_mount+0xbd/0xbc0 [ 1232.596630] ? legacy_init_fs_context+0x44/0xe0 [ 1232.596963] ? __pfx_v9fs_mount+0x10/0x10 [ 1232.597271] ? cap_capable+0x1be/0x220 [ 1232.597553] ? __pfx_v9fs_mount+0x10/0x10 [ 1232.597862] legacy_get_tree+0x109/0x220 [ 1232.598151] vfs_get_tree+0x92/0x360 [ 1232.598448] path_mount+0x1335/0x1e40 [ 1232.598728] ? kasan_quarantine_put+0x81/0x1d0 [ 1232.599062] ? __pfx_path_mount+0x10/0x10 [ 1232.599353] ? putname+0x102/0x140 [ 1232.599628] ? kmem_cache_free+0xff/0x4a0 [ 1232.599921] ? putname+0x102/0x140 [ 1232.600197] __x64_sys_mount+0x286/0x310 [ 1232.600502] ? __pfx___x64_sys_mount+0x10/0x10 [ 1232.600827] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1232.601208] do_syscall_64+0x3f/0x90 [ 1232.601476] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1232.601852] RIP: 0033:0x7fbf7ca8bb19 [ 1232.602105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1232.603373] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1232.603874] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1232.604375] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1232.604871] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1232.605373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1232.605873] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1232.606390] [ 1232.619551] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1232.620807] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1232.621712] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1232.622596] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1232.623601] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 19:40:56 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 23) [ 1232.641192] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.642087] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1232.644250] Buffer I/O error on dev sr0, logical block 0, async page read [ 1232.646235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.647058] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1232.649259] Buffer I/O error on dev sr0, logical block 1, async page read [ 1232.650215] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:56 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x993, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1232.650953] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 6 prio class 2 19:40:56 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 4) [ 1232.652107] Buffer I/O error on dev sr0, logical block 2, async page read [ 1232.653054] Buffer I/O error on dev sr0, logical block 3, async page read [ 1232.653916] Buffer I/O error on dev sr0, logical block 4, async page read [ 1232.654810] Buffer I/O error on dev sr0, logical block 5, async page read [ 1232.655688] Buffer I/O error on dev sr0, logical block 6, async page read [ 1232.656549] Buffer I/O error on dev sr0, logical block 7, async page read 19:40:56 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x60}]}, 0x10) 19:40:56 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:56 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:40:56 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 5) 19:40:56 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x61}]}, 0x10) 19:40:56 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:56 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:40:56 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 22) [ 1232.860122] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1232.861437] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1232.862387] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1232.863279] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1232.864294] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1232.866380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.867145] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1232.868357] Buffer I/O error on dev sr0, logical block 0, async page read [ 1232.869842] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.870681] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1232.871788] Buffer I/O error on dev sr0, logical block 1, async page read [ 1232.875962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.876750] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 19:40:56 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x64}]}, 0x10) [ 1232.881906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.882733] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1232.884819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.885815] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1232.892977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:40:56 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1232.901271] FAULT_INJECTION: forcing a failure. [ 1232.901271] name failslab, interval 1, probability 0, space 0, times 0 [ 1232.902001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.902630] CPU: 0 PID: 7998 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1232.903353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1232.903796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.903927] Call Trace: [ 1232.903934] [ 1232.903940] dump_stack_lvl+0xc1/0xf0 [ 1232.905251] should_fail_ex+0x4b4/0x5b0 [ 1232.905546] ? alloc_vmap_area+0x161/0x1ce0 [ 1232.905861] should_failslab+0x9/0x20 [ 1232.906156] kmem_cache_alloc_node+0x5d/0x3a0 [ 1232.906502] alloc_vmap_area+0x161/0x1ce0 [ 1232.906837] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1232.906892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.907163] ? __get_vm_area_node+0xea/0x360 [ 1232.908162] __get_vm_area_node+0x13e/0x360 [ 1232.908476] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.908821] __vmalloc_node_range+0x245/0x1470 [ 1232.909156] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.909530] ? __pfx___lock_acquire+0x10/0x10 [ 1232.909847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.909862] ? __lock_acquire+0x1936/0x63b0 [ 1232.910850] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.911190] ? lock_acquire+0x19a/0x4c0 [ 1232.911485] ? __pfx___vmalloc_node_range+0x10/0x10 [ 1232.911875] ? lock_release+0x1e3/0x680 [ 1232.912179] ? __pfx_lock_release+0x10/0x10 [ 1232.912274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.912494] ? __pfx_mark_lock.part.0+0x10/0x10 [ 1232.912519] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.913945] __vmalloc_node+0xac/0xf0 [ 1232.914236] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.914613] bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1232.914968] bpf_prog_alloc+0x39/0x200 [ 1232.914982] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.915247] __get_filter+0x115/0x2c0 [ 1232.916210] sk_attach_filter+0x24/0x3a0 [ 1232.916520] sk_setsockopt+0x19cf/0x3650 [ 1232.916810] ? __pfx_sk_setsockopt+0x10/0x10 [ 1232.917144] ? __pfx_lock_release+0x10/0x10 [ 1232.917465] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1232.917861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.918236] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1232.918689] ? __fget_files+0x270/0x480 [ 1232.918997] ? selinux_socket_setsockopt+0x6e/0x90 [ 1232.919372] __sys_setsockopt+0x2b9/0x320 [ 1232.919697] ? __pfx___sys_setsockopt+0x10/0x10 [ 1232.919828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.920041] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1232.921230] ? fput+0x2f/0x1a0 [ 1232.921481] ? ksys_write+0x1a7/0x260 [ 1232.921775] ? __pfx_ksys_write+0x10/0x10 [ 1232.921821] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.922075] __x64_sys_setsockopt+0xbe/0x160 [ 1232.923098] ? syscall_enter_from_user_mode+0x21/0x50 [ 1232.923469] do_syscall_64+0x3f/0x90 [ 1232.923749] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1232.924136] RIP: 0033:0x7f44cdda8b19 [ 1232.924414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1232.924829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.925646] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1232.925665] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1232.925676] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1232.927915] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1232.928400] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1232.928891] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1232.929392] [ 1232.934408] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.938456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.940271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.942858] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.944839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.947837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.950802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.952247] FAULT_INJECTION: forcing a failure. [ 1232.952247] name failslab, interval 1, probability 0, space 0, times 0 [ 1232.952848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.953058] CPU: 0 PID: 8000 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1232.954373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1232.954950] Call Trace: [ 1232.955135] [ 1232.955299] dump_stack_lvl+0xc1/0xf0 [ 1232.955576] should_fail_ex+0x4b4/0x5b0 [ 1232.955866] should_failslab+0x9/0x20 [ 1232.956148] __kmem_cache_alloc_node+0x5b/0x310 [ 1232.956480] ? p9_client_create+0x473/0x1260 [ 1232.956811] ? p9_client_create+0x473/0x1260 [ 1232.957145] __kmalloc_node_track_caller+0x4b/0x160 [ 1232.957518] kstrdup+0x3f/0x80 [ 1232.957777] p9_client_create+0x473/0x1260 [ 1232.958082] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1232.958450] ? __pfx_p9_client_create+0x10/0x10 [ 1232.958805] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1232.959157] ? lockdep_init_map_type+0x21e/0x7e0 [ 1232.959516] ? __kasan_kmalloc+0x7f/0x90 [ 1232.959823] ? __raw_spin_lock_init+0x3a/0x110 [ 1232.960156] v9fs_session_init+0x1e1/0x1760 [ 1232.960473] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1232.960911] ? __pfx_v9fs_session_init+0x10/0x10 [ 1232.961250] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1232.961635] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1232.961988] ? v9fs_mount+0x9e/0xbc0 [ 1232.962269] v9fs_mount+0xbd/0xbc0 [ 1232.962551] ? legacy_init_fs_context+0x44/0xe0 [ 1232.962903] ? __pfx_v9fs_mount+0x10/0x10 [ 1232.963203] ? cap_capable+0x1be/0x220 [ 1232.963506] ? __pfx_v9fs_mount+0x10/0x10 [ 1232.963827] legacy_get_tree+0x109/0x220 [ 1232.964124] vfs_get_tree+0x92/0x360 [ 1232.964396] path_mount+0x1335/0x1e40 [ 1232.964699] ? kasan_quarantine_put+0x81/0x1d0 [ 1232.965033] ? __pfx_path_mount+0x10/0x10 [ 1232.965338] ? putname+0x102/0x140 [ 1232.965625] ? kmem_cache_free+0xff/0x4a0 [ 1232.965929] ? putname+0x102/0x140 [ 1232.966202] __x64_sys_mount+0x286/0x310 [ 1232.966521] ? __pfx___x64_sys_mount+0x10/0x10 [ 1232.966866] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1232.967235] do_syscall_64+0x3f/0x90 [ 1232.967521] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1232.967904] RIP: 0033:0x7fb465b78b19 [ 1232.968169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1232.969407] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1232.969944] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1232.970451] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1232.970967] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1232.971459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1232.971958] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1232.972463] 19:40:56 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:40:56 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 24) 19:41:09 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:09 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:09 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 25) 19:41:09 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 23) 19:41:09 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 6) 19:41:09 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xb00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:09 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x0, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6c}]}, 0x10) [ 1246.305108] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1246.306891] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1246.307834] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1246.308717] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1246.309693] blk_print_req_error: 19 callbacks suppressed [ 1246.309710] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 23 prio class 2 [ 1246.320852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.321711] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.322836] buffer_io_error: 22 callbacks suppressed [ 1246.322851] Buffer I/O error on dev sr0, logical block 0, async page read [ 1246.334278] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.335061] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.336151] Buffer I/O error on dev sr0, logical block 1, async page read [ 1246.341140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.341912] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.342983] Buffer I/O error on dev sr0, logical block 2, async page read [ 1246.347401] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.348561] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.349959] Buffer I/O error on dev sr0, logical block 3, async page read [ 1246.355081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.355891] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.356940] Buffer I/O error on dev sr0, logical block 4, async page read [ 1246.360158] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.360878] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.362044] Buffer I/O error on dev sr0, logical block 5, async page read [ 1246.364815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1246.365607] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.366672] Buffer I/O error on dev sr0, logical block 6, async page read 19:41:09 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1246.382239] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:41:09 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 7) [ 1246.384209] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1246.385257] Buffer I/O error on dev sr0, logical block 7, async page read 19:41:09 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xb93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:09 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x74}]}, 0x10) 19:41:09 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:09 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 26) 19:41:10 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xc93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:10 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 8) 19:41:10 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 24) 19:41:10 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x7c}]}, 0x10) [ 1246.639204] FAULT_INJECTION: forcing a failure. [ 1246.639204] name failslab, interval 1, probability 0, space 0, times 0 [ 1246.640973] CPU: 1 PID: 8048 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1246.642205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1246.643455] Call Trace: [ 1246.643868] [ 1246.644251] dump_stack_lvl+0xc1/0xf0 [ 1246.644878] should_fail_ex+0x4b4/0x5b0 [ 1246.645542] should_failslab+0x9/0x20 [ 1246.646168] __kmem_cache_alloc_node+0x5b/0x310 [ 1246.646928] ? parse_opts.part.0+0x8e/0x340 [ 1246.647616] ? legacy_get_tree+0x109/0x220 [ 1246.648301] ? vfs_get_tree+0x92/0x360 [ 1246.648992] ? parse_opts.part.0+0x8e/0x340 [ 1246.649833] __kmalloc_node_track_caller+0x4b/0x160 [ 1246.650783] kstrdup+0x3f/0x80 [ 1246.651409] parse_opts.part.0+0x8e/0x340 [ 1246.652196] ? __pfx_parse_opts.part.0+0x10/0x10 [ 1246.652970] ? find_held_lock+0x2c/0x110 [ 1246.653636] ? __delete_object+0xb3/0x100 [ 1246.654318] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1246.655284] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1246.656229] ? __pfx_lock_release+0x10/0x10 [ 1246.656932] ? __virt_addr_valid+0x102/0x340 [ 1246.657668] p9_fd_create+0x9c/0x540 [ 1246.658282] ? __pfx_p9_fd_create+0x10/0x10 [ 1246.659005] ? kasan_quarantine_put+0x81/0x1d0 [ 1246.659735] ? p9_client_create+0x81c/0x1260 [ 1246.660485] p9_client_create+0x883/0x1260 [ 1246.661194] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1246.662036] ? __pfx_p9_client_create+0x10/0x10 [ 1246.662811] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1246.663600] ? lockdep_init_map_type+0x21e/0x7e0 [ 1246.664374] ? __kasan_kmalloc+0x7f/0x90 [ 1246.665054] ? __raw_spin_lock_init+0x3a/0x110 [ 1246.665796] v9fs_session_init+0x1e1/0x1760 [ 1246.666499] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1246.667438] ? __pfx_v9fs_session_init+0x10/0x10 [ 1246.668211] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1246.669055] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1246.670045] ? v9fs_mount+0x9e/0xbc0 [ 1246.670732] v9fs_mount+0xbd/0xbc0 [ 1246.671326] ? legacy_init_fs_context+0x44/0xe0 [ 1246.672095] ? __pfx_v9fs_mount+0x10/0x10 [ 1246.672754] ? cap_capable+0x1be/0x220 [ 1246.673435] ? __pfx_v9fs_mount+0x10/0x10 [ 1246.674148] legacy_get_tree+0x109/0x220 [ 1246.674854] vfs_get_tree+0x92/0x360 [ 1246.675455] path_mount+0x1335/0x1e40 [ 1246.676060] ? kasan_quarantine_put+0x81/0x1d0 [ 1246.676773] ? __pfx_path_mount+0x10/0x10 [ 1246.677405] ? putname+0x102/0x140 [ 1246.677990] ? kmem_cache_free+0xff/0x4a0 [ 1246.678607] ? putname+0x102/0x140 [ 1246.679205] __x64_sys_mount+0x286/0x310 [ 1246.679835] ? __pfx___x64_sys_mount+0x10/0x10 [ 1246.680553] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1246.681362] do_syscall_64+0x3f/0x90 [ 1246.681973] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1246.682788] RIP: 0033:0x7fbf7ca8bb19 [ 1246.683422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1246.686094] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1246.687160] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1246.688207] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1246.689255] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1246.690325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1246.691391] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1246.692453] [ 1246.746327] FAULT_INJECTION: forcing a failure. [ 1246.746327] name failslab, interval 1, probability 0, space 0, times 0 [ 1246.747927] CPU: 1 PID: 8057 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1246.749009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1246.750098] Call Trace: [ 1246.750461] [ 1246.750790] dump_stack_lvl+0xc1/0xf0 [ 1246.751340] should_fail_ex+0x4b4/0x5b0 [ 1246.751913] should_failslab+0x9/0x20 [ 1246.752451] __kmem_cache_alloc_node+0x5b/0x310 [ 1246.753112] ? __vmalloc_node_range+0x568/0x1470 [ 1246.753806] ? __vmalloc_node_range+0x568/0x1470 [ 1246.754478] __kmalloc_node+0x4d/0x160 [ 1246.755076] __vmalloc_node_range+0x568/0x1470 [ 1246.755739] ? __pfx___lock_acquire+0x10/0x10 [ 1246.756379] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.757048] ? lock_acquire+0x19a/0x4c0 [ 1246.757637] ? __pfx___vmalloc_node_range+0x10/0x10 [ 1246.758495] ? lock_release+0x1e3/0x680 [ 1246.759083] ? __pfx_lock_release+0x10/0x10 [ 1246.759679] ? __pfx_mark_lock.part.0+0x10/0x10 [ 1246.760333] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.760998] __vmalloc_node+0xac/0xf0 [ 1246.761548] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.762186] bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.762842] bpf_prog_alloc+0x39/0x200 [ 1246.763386] __get_filter+0x115/0x2c0 [ 1246.763935] sk_attach_filter+0x24/0x3a0 [ 1246.764504] sk_setsockopt+0x19cf/0x3650 [ 1246.765075] ? __pfx_sk_setsockopt+0x10/0x10 [ 1246.765732] ? __pfx_lock_release+0x10/0x10 [ 1246.766327] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1246.767103] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1246.767930] ? __fget_files+0x270/0x480 [ 1246.768494] ? selinux_socket_setsockopt+0x6e/0x90 [ 1246.769181] __sys_setsockopt+0x2b9/0x320 [ 1246.769771] ? __pfx___sys_setsockopt+0x10/0x10 [ 1246.770419] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1246.771231] ? fput+0x2f/0x1a0 [ 1246.771702] ? ksys_write+0x1a7/0x260 [ 1246.772239] ? __pfx_ksys_write+0x10/0x10 [ 1246.772827] __x64_sys_setsockopt+0xbe/0x160 [ 1246.773454] ? syscall_enter_from_user_mode+0x21/0x50 [ 1246.774142] do_syscall_64+0x3f/0x90 [ 1246.774701] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1246.775424] RIP: 0033:0x7f44cdda8b19 [ 1246.775940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1246.778307] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1246.779321] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1246.780266] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1246.781210] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1246.782155] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1246.783119] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1246.784085] [ 1246.785747] warn_alloc: 1 callbacks suppressed [ 1246.785767] syz-executor.0: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0 [ 1246.789037] CPU: 1 PID: 8057 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1246.790113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1246.791210] Call Trace: [ 1246.791569] [ 1246.791890] dump_stack_lvl+0xc1/0xf0 [ 1246.792430] warn_alloc+0x214/0x370 [ 1246.792959] ? __pfx_warn_alloc+0x10/0x10 [ 1246.793548] ? should_fail_ex+0x2ed/0x5b0 [ 1246.794136] ? should_failslab+0x9/0x20 [ 1246.794706] ? __kmem_cache_alloc_node+0x5b/0x310 [ 1246.795387] ? __kasan_kmalloc+0x6f/0x90 [ 1246.795979] __vmalloc_node_range+0x1065/0x1470 [ 1246.796641] ? __pfx___lock_acquire+0x10/0x10 [ 1246.797275] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.797951] ? lock_acquire+0x19a/0x4c0 [ 1246.798511] ? __pfx___vmalloc_node_range+0x10/0x10 [ 1246.799217] ? lock_release+0x1e3/0x680 [ 1246.799775] ? __pfx_lock_release+0x10/0x10 [ 1246.800369] ? __pfx_mark_lock.part.0+0x10/0x10 [ 1246.801015] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.801675] __vmalloc_node+0xac/0xf0 [ 1246.802221] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.802895] bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1246.803548] bpf_prog_alloc+0x39/0x200 [ 1246.804096] __get_filter+0x115/0x2c0 [ 1246.804629] sk_attach_filter+0x24/0x3a0 [ 1246.805207] sk_setsockopt+0x19cf/0x3650 [ 1246.805772] ? __pfx_sk_setsockopt+0x10/0x10 [ 1246.806408] ? __pfx_lock_release+0x10/0x10 [ 1246.807012] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1246.807785] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1246.808598] ? __fget_files+0x270/0x480 [ 1246.809173] ? selinux_socket_setsockopt+0x6e/0x90 [ 1246.809861] __sys_setsockopt+0x2b9/0x320 [ 1246.810450] ? __pfx___sys_setsockopt+0x10/0x10 [ 1246.811096] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1246.811896] ? fput+0x2f/0x1a0 [ 1246.812372] ? ksys_write+0x1a7/0x260 [ 1246.812900] ? __pfx_ksys_write+0x10/0x10 [ 1246.813488] __x64_sys_setsockopt+0xbe/0x160 [ 1246.814113] ? syscall_enter_from_user_mode+0x21/0x50 [ 1246.814830] do_syscall_64+0x3f/0x90 [ 1246.815363] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1246.816073] RIP: 0033:0x7f44cdda8b19 [ 1246.816592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1246.818952] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1246.819961] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1246.820903] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1246.821846] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1246.822817] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 1246.823759] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1246.824736] [ 1246.825120] Mem-Info: [ 1246.825495] active_anon:90 inactive_anon:46828 isolated_anon:0 [ 1246.825495] active_file:11077 inactive_file:56151 isolated_file:0 [ 1246.825495] unevictable:40 dirty:151 writeback:0 [ 1246.825495] slab_reclaimable:9632 slab_unreclaimable:55142 [ 1246.825495] mapped:81640 shmem:180 pagetables:2629 [ 1246.825495] sec_pagetables:0 bounce:0 [ 1246.825495] kernel_misc_reclaimable:0 [ 1246.825495] free:156677 free_pcp:874 free_cma:0 [ 1246.830494] Node 0 active_anon:360kB inactive_anon:187312kB active_file:44308kB inactive_file:224604kB unevictable:160kB isolated(anon):0kB isolated(file):0kB mapped:326560kB dirty:604kB writeback:0kB shmem:720kB writeback_tmp:0kB kernel_stack:5856kB pagetables:10516kB sec_pagetables:0kB all_unreclaimable? no [ 1246.834009] Node 0 DMA free:15360kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1246.838275] lowmem_reserve[]: 0 1606 1606 1606 [ 1246.839143] Node 0 DMA32 free:611348kB boost:0kB min:5104kB low:6748kB high:8392kB reserved_highatomic:0KB active_anon:360kB inactive_anon:187312kB active_file:44308kB inactive_file:224604kB unevictable:160kB writepending:604kB present:2080640kB managed:1655456kB mlocked:0kB bounce:0kB free_pcp:3456kB local_pcp:1404kB free_cma:0kB [ 1246.843525] lowmem_reserve[]: 0 0 0 0 [ 1246.844119] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1246.846009] Node 0 DMA32: 15*4kB (UE) 41*8kB (UME) 83*16kB (U) 139*32kB (UE) 62*64kB (UM) 5*128kB (UM) 2*256kB (UE) 4*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 145*4096kB (UM) = 611348kB [ 1246.849311] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1246.850901] 24912 total pagecache pages [ 1246.851518] 0 pages in swap cache [ 1246.852026] Free swap = 0kB [ 1246.852518] Total swap = 0kB [ 1246.852936] 524158 pages RAM [ 1246.853444] 0 pages HighMem/MovableOnly [ 1246.854200] 106454 pages reserved 19:41:22 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 9) 19:41:22 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 27) 19:41:22 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:22 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:22 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 25) 19:41:22 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x84}]}, 0x10) 19:41:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, 0x0, 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:22 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x0, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:22 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 10) 19:41:22 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x87}]}, 0x10) 19:41:22 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 11) 19:41:22 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xe93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, 0x0, 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:34 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 26) 19:41:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, 0x0, 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf93, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:34 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x0, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:34 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 28) 19:41:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x94}]}, 0x10) 19:41:34 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 12) 19:41:34 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1270.920865] FAULT_INJECTION: forcing a failure. [ 1270.920865] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.922324] CPU: 0 PID: 8098 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1270.923348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1270.924343] Call Trace: [ 1270.924677] [ 1270.924968] dump_stack_lvl+0xc1/0xf0 [ 1270.925464] should_fail_ex+0x4b4/0x5b0 [ 1270.925979] should_failslab+0x9/0x20 [ 1270.926478] __kmem_cache_alloc_node+0x5b/0x310 [ 1270.927108] ? bpf_prog_alloc_no_stats+0x112/0x3f0 [ 1270.927725] ? bpf_prog_alloc_no_stats+0x55/0x3f0 [ 1270.928325] kmalloc_trace+0x26/0xc0 [ 1270.928811] bpf_prog_alloc_no_stats+0x112/0x3f0 [ 1270.929408] bpf_prog_alloc+0x39/0x200 [ 1270.929896] __get_filter+0x115/0x2c0 [ 1270.930385] sk_attach_filter+0x24/0x3a0 [ 1270.930901] sk_setsockopt+0x19cf/0x3650 [ 1270.931456] ? __pfx_sk_setsockopt+0x10/0x10 [ 1270.932037] ? __pfx_lock_release+0x10/0x10 [ 1270.932580] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1270.933272] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1270.934025] ? __fget_files+0x270/0x480 [ 1270.934560] ? selinux_socket_setsockopt+0x6e/0x90 [ 1270.935211] __sys_setsockopt+0x2b9/0x320 [ 1270.935755] ? __pfx___sys_setsockopt+0x10/0x10 [ 1270.936343] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1270.937076] ? fput+0x2f/0x1a0 [ 1270.937511] ? ksys_write+0x1a7/0x260 [ 1270.937992] ? __pfx_ksys_write+0x10/0x10 [ 1270.938528] __x64_sys_setsockopt+0xbe/0x160 [ 1270.939150] ? syscall_enter_from_user_mode+0x21/0x50 [ 1270.939800] do_syscall_64+0x3f/0x90 [ 1270.940292] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1270.940957] RIP: 0033:0x7f44cdda8b19 [ 1270.941435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1270.943635] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1270.944559] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1270.945401] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1270.946242] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1270.947127] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000002 [ 1270.947989] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1270.948887] [ 1270.972568] FAULT_INJECTION: forcing a failure. [ 1270.972568] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.974031] CPU: 0 PID: 8099 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1270.975041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1270.976063] Call Trace: [ 1270.976391] [ 1270.976691] dump_stack_lvl+0xc1/0xf0 [ 1270.977182] should_fail_ex+0x4b4/0x5b0 [ 1270.977694] should_failslab+0x9/0x20 [ 1270.978183] __kmem_cache_alloc_node+0x5b/0x310 [ 1270.978771] ? parse_opts.part.0+0x8e/0x340 [ 1270.979391] ? legacy_get_tree+0x109/0x220 [ 1270.979934] ? vfs_get_tree+0x92/0x360 [ 1270.980484] ? parse_opts.part.0+0x8e/0x340 [ 1270.981122] __kmalloc_node_track_caller+0x4b/0x160 [ 1270.981772] kstrdup+0x3f/0x80 [ 1270.982211] parse_opts.part.0+0x8e/0x340 [ 1270.982745] ? __pfx_parse_opts.part.0+0x10/0x10 [ 1270.983428] ? find_held_lock+0x2c/0x110 19:41:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x9c}]}, 0x10) [ 1270.983955] ? __delete_object+0xb3/0x100 [ 1270.984631] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1270.985360] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1270.986083] ? __pfx_lock_release+0x10/0x10 [ 1270.986623] ? __virt_addr_valid+0x102/0x340 [ 1270.987221] p9_fd_create+0x9c/0x540 [ 1270.987709] ? __pfx_p9_fd_create+0x10/0x10 [ 1270.988255] ? kasan_quarantine_put+0x81/0x1d0 [ 1270.988834] ? p9_client_create+0x81c/0x1260 [ 1270.989391] p9_client_create+0x883/0x1260 [ 1270.989928] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1270.990571] ? __pfx_p9_client_create+0x10/0x10 [ 1270.991209] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1270.991828] ? lockdep_init_map_type+0x21e/0x7e0 [ 1270.992428] ? __kasan_kmalloc+0x7f/0x90 [ 1270.992950] ? __raw_spin_lock_init+0x3a/0x110 [ 1270.993526] v9fs_session_init+0x1e1/0x1760 [ 1270.994066] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1270.994802] ? __pfx_v9fs_session_init+0x10/0x10 [ 1270.995419] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1270.996068] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1270.996676] ? v9fs_mount+0x9e/0xbc0 [ 1270.997171] v9fs_mount+0xbd/0xbc0 [ 1270.997635] ? legacy_init_fs_context+0x44/0xe0 [ 1270.998235] ? __pfx_v9fs_mount+0x10/0x10 [ 1270.998767] ? cap_capable+0x1be/0x220 [ 1270.999444] ? __pfx_v9fs_mount+0x10/0x10 [ 1271.000097] legacy_get_tree+0x109/0x220 [ 1271.000756] vfs_get_tree+0x92/0x360 [ 1271.001352] path_mount+0x1335/0x1e40 [ 1271.001966] ? kasan_quarantine_put+0x81/0x1d0 [ 1271.002681] ? __pfx_path_mount+0x10/0x10 [ 1271.003358] ? putname+0x102/0x140 [ 1271.003945] ? kmem_cache_free+0xff/0x4a0 [ 1271.004606] ? putname+0x102/0x140 [ 1271.005198] __x64_sys_mount+0x286/0x310 [ 1271.005849] ? __pfx___x64_sys_mount+0x10/0x10 [ 1271.006571] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1271.007399] do_syscall_64+0x3f/0x90 [ 1271.007993] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1271.008806] RIP: 0033:0x7fb465b78b19 [ 1271.009383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1271.012039] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1271.012570] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1271.013078] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1271.013572] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1271.014081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1271.014582] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1271.015095] 19:41:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1020, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0xa4}]}, 0x10) [ 1271.034635] FAULT_INJECTION: forcing a failure. [ 1271.034635] name failslab, interval 1, probability 0, space 0, times 0 [ 1271.035505] CPU: 0 PID: 8114 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1271.036041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1271.036711] Call Trace: [ 1271.036887] [ 1271.037046] dump_stack_lvl+0xc1/0xf0 [ 1271.037318] should_fail_ex+0x4b4/0x5b0 [ 1271.037597] should_failslab+0x9/0x20 [ 1271.037859] __kmem_cache_alloc_node+0x5b/0x310 [ 1271.038172] ? p9_fd_create+0x17f/0x540 [ 1271.038455] kmalloc_trace+0x26/0xc0 [ 1271.038721] p9_fd_create+0x17f/0x540 [ 1271.039018] ? __pfx_p9_fd_create+0x10/0x10 [ 1271.039328] ? kasan_quarantine_put+0x81/0x1d0 [ 1271.039639] ? p9_client_create+0x81c/0x1260 [ 1271.039940] p9_client_create+0x883/0x1260 [ 1271.040229] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1271.040578] ? __pfx_p9_client_create+0x10/0x10 [ 1271.040902] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1271.041239] ? lockdep_init_map_type+0x21e/0x7e0 [ 1271.041559] ? __kasan_kmalloc+0x7f/0x90 [ 1271.041842] ? __raw_spin_lock_init+0x3a/0x110 [ 1271.042169] v9fs_session_init+0x1e1/0x1760 [ 1271.042468] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1271.042876] ? __pfx_v9fs_session_init+0x10/0x10 [ 1271.043209] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1271.043567] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1271.043904] ? v9fs_mount+0x9e/0xbc0 [ 1271.044182] v9fs_mount+0xbd/0xbc0 [ 1271.044450] ? legacy_init_fs_context+0x44/0xe0 [ 1271.044796] ? __pfx_v9fs_mount+0x10/0x10 [ 1271.045088] ? cap_capable+0x1be/0x220 [ 1271.045378] ? __pfx_v9fs_mount+0x10/0x10 [ 1271.045684] legacy_get_tree+0x109/0x220 19:41:34 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 13) [ 1271.045988] vfs_get_tree+0x92/0x360 [ 1271.046344] path_mount+0x1335/0x1e40 [ 1271.046636] ? kasan_quarantine_put+0x81/0x1d0 [ 1271.047138] ? __pfx_path_mount+0x10/0x10 [ 1271.047805] ? putname+0x102/0x140 [ 1271.048388] ? kmem_cache_free+0xff/0x4a0 [ 1271.049040] ? putname+0x102/0x140 [ 1271.049646] __x64_sys_mount+0x286/0x310 [ 1271.050309] ? __pfx___x64_sys_mount+0x10/0x10 [ 1271.051076] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1271.051895] do_syscall_64+0x3f/0x90 [ 1271.052502] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1271.053305] RIP: 0033:0x7fbf7ca8bb19 [ 1271.053882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1271.056552] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1271.057691] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1271.058753] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1271.059821] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1271.060890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1271.061972] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1271.063088] 19:41:34 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1093, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:47 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:47 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:41:47 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:41:47 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 29) 19:41:47 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0xac}]}, 0x10) 19:41:47 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1193, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:47 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 27) 19:41:47 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 14) 19:41:47 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0xb1}]}, 0x10) 19:41:47 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 15) 19:41:47 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1293, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:41:48 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 28) 19:41:48 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:41:48 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1284.778177] FAULT_INJECTION: forcing a failure. [ 1284.778177] name failslab, interval 1, probability 0, space 0, times 0 [ 1284.779881] CPU: 0 PID: 8163 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1284.780973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1284.781994] Call Trace: [ 1284.782317] [ 1284.782622] dump_stack_lvl+0xc1/0xf0 [ 1284.783143] should_fail_ex+0x4b4/0x5b0 [ 1284.783697] should_failslab+0x9/0x20 [ 1284.784234] __kmem_cache_alloc_node+0x5b/0x310 [ 1284.784907] ? p9_fd_create+0x17f/0x540 [ 1284.785503] kmalloc_trace+0x26/0xc0 [ 1284.786054] p9_fd_create+0x17f/0x540 [ 1284.786622] ? __pfx_p9_fd_create+0x10/0x10 [ 1284.787280] ? kasan_quarantine_put+0x81/0x1d0 [ 1284.787948] ? p9_client_create+0x81c/0x1260 [ 1284.788592] p9_client_create+0x883/0x1260 [ 1284.789216] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1284.789955] ? __pfx_p9_client_create+0x10/0x10 [ 1284.790631] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1284.791355] ? lockdep_init_map_type+0x21e/0x7e0 [ 1284.792034] ? __kasan_kmalloc+0x7f/0x90 [ 1284.792638] ? __raw_spin_lock_init+0x3a/0x110 [ 1284.793311] v9fs_session_init+0x1e1/0x1760 [ 1284.793942] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1284.794800] ? __pfx_v9fs_session_init+0x10/0x10 [ 1284.795496] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1284.796243] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1284.796954] ? v9fs_mount+0x9e/0xbc0 [ 1284.797524] v9fs_mount+0xbd/0xbc0 [ 1284.798055] ? legacy_init_fs_context+0x44/0xe0 [ 1284.798745] ? __pfx_v9fs_mount+0x10/0x10 [ 1284.799381] ? cap_capable+0x1be/0x220 [ 1284.799973] ? __pfx_v9fs_mount+0x10/0x10 [ 1284.800586] legacy_get_tree+0x109/0x220 [ 1284.801203] vfs_get_tree+0x92/0x360 [ 1284.801762] path_mount+0x1335/0x1e40 [ 1284.802340] ? kasan_quarantine_put+0x81/0x1d0 [ 1284.803012] ? __pfx_path_mount+0x10/0x10 [ 1284.803640] ? putname+0x102/0x140 [ 1284.804196] ? kmem_cache_free+0xff/0x4a0 [ 1284.804795] ? putname+0x102/0x140 [ 1284.805350] __x64_sys_mount+0x286/0x310 [ 1284.805952] ? __pfx___x64_sys_mount+0x10/0x10 [ 1284.806653] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1284.807428] do_syscall_64+0x3f/0x90 [ 1284.807984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1284.808722] RIP: 0033:0x7fb465b78b19 [ 1284.809254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1284.811722] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1284.812771] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1284.813751] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1284.814728] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1284.815738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1284.816723] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1284.817727] 19:42:01 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 16) 19:42:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:01 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x2}]}, 0x10) 19:42:01 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 29) 19:42:01 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 30) 19:42:01 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1393, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:01 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:01 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:01 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 17) 19:42:01 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x6}]}, 0x10) [ 1298.118031] FAULT_INJECTION: forcing a failure. [ 1298.118031] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.118848] CPU: 0 PID: 8184 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1298.119418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.119978] Call Trace: [ 1298.120166] [ 1298.120330] dump_stack_lvl+0xc1/0xf0 [ 1298.120617] should_fail_ex+0x4b4/0x5b0 [ 1298.120908] ? p9_tag_alloc+0x9c/0x830 [ 1298.121186] should_failslab+0x9/0x20 [ 1298.121471] kmem_cache_alloc+0x5a/0x390 [ 1298.121765] ? __lock_acquire+0xbd4/0x63b0 [ 1298.122075] p9_tag_alloc+0x9c/0x830 [ 1298.122347] ? __pfx_p9_tag_alloc+0x10/0x10 [ 1298.122657] ? add_wait_queue+0x49/0x290 [ 1298.122958] ? __pfx_lock_acquire+0x10/0x10 [ 1298.123279] ? find_held_lock+0x2c/0x110 [ 1298.123585] p9_client_prepare_req+0x17b/0x420 [ 1298.123908] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 1298.124276] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1298.124650] p9_client_rpc+0x1a1/0xcb0 [ 1298.124935] ? __pfx_p9_client_rpc+0x10/0x10 [ 1298.125246] ? __pfx_p9_pollwait+0x10/0x10 [ 1298.125553] ? __pfx_pipe_poll+0x10/0x10 [ 1298.125845] ? p9_fd_poll+0x1e0/0x2c0 [ 1298.126127] ? p9_fd_create+0x361/0x540 [ 1298.126421] ? __pfx_p9_fd_create+0x10/0x10 [ 1298.126736] ? kasan_quarantine_put+0x81/0x1d0 [ 1298.127079] p9_client_create+0xb5b/0x1260 [ 1298.127397] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1298.127771] ? __pfx_p9_client_create+0x10/0x10 [ 1298.128109] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1298.128462] ? lockdep_init_map_type+0x21e/0x7e0 [ 1298.128802] ? __kasan_kmalloc+0x7f/0x90 [ 1298.129101] ? __raw_spin_lock_init+0x3a/0x110 [ 1298.129432] v9fs_session_init+0x1e1/0x1760 [ 1298.129747] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1298.130162] ? __pfx_v9fs_session_init+0x10/0x10 [ 1298.130509] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1298.130883] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1298.131236] ? v9fs_mount+0x9e/0xbc0 [ 1298.131537] v9fs_mount+0xbd/0xbc0 [ 1298.131804] ? legacy_init_fs_context+0x44/0xe0 [ 1298.132142] ? __pfx_v9fs_mount+0x10/0x10 [ 1298.132449] ? cap_capable+0x1be/0x220 [ 1298.132743] ? __pfx_v9fs_mount+0x10/0x10 [ 1298.133042] legacy_get_tree+0x109/0x220 [ 1298.133342] vfs_get_tree+0x92/0x360 [ 1298.133619] path_mount+0x1335/0x1e40 [ 1298.133904] ? kasan_quarantine_put+0x81/0x1d0 [ 1298.134233] ? __pfx_path_mount+0x10/0x10 [ 1298.134532] ? putname+0x102/0x140 [ 1298.134796] ? kmem_cache_free+0xff/0x4a0 [ 1298.135093] ? putname+0x102/0x140 [ 1298.135375] __x64_sys_mount+0x286/0x310 [ 1298.135675] ? __pfx___x64_sys_mount+0x10/0x10 [ 1298.136010] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1298.136387] do_syscall_64+0x3f/0x90 [ 1298.136661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1298.137038] RIP: 0033:0x7fbf7ca8bb19 [ 1298.137298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.138534] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1298.139054] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1298.139559] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1298.140039] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1298.140531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1298.141022] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1298.141516] 19:42:01 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 18) 19:42:01 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1493, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:01 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 1298.217970] FAULT_INJECTION: forcing a failure. [ 1298.217970] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1298.218832] CPU: 0 PID: 8193 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1298.219476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.220036] Call Trace: [ 1298.220224] [ 1298.220393] dump_stack_lvl+0xc1/0xf0 [ 1298.220675] should_fail_ex+0x4b4/0x5b0 [ 1298.220967] _copy_from_user+0x2e/0x180 [ 1298.221257] __get_filter+0x16f/0x2c0 [ 1298.221535] sk_attach_filter+0x24/0x3a0 [ 1298.221832] sk_setsockopt+0x19cf/0x3650 [ 1298.222122] ? __pfx_sk_setsockopt+0x10/0x10 [ 1298.222448] ? __pfx_lock_release+0x10/0x10 [ 1298.222753] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1298.223145] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1298.223586] ? __fget_files+0x270/0x480 [ 1298.223885] ? selinux_socket_setsockopt+0x6e/0x90 [ 1298.224235] __sys_setsockopt+0x2b9/0x320 [ 1298.224541] ? __pfx___sys_setsockopt+0x10/0x10 [ 1298.224877] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1298.225290] ? fput+0x2f/0x1a0 [ 1298.225533] ? ksys_write+0x1a7/0x260 [ 1298.225804] ? __pfx_ksys_write+0x10/0x10 [ 1298.226100] __x64_sys_setsockopt+0xbe/0x160 [ 1298.226418] ? syscall_enter_from_user_mode+0x21/0x50 [ 1298.226790] do_syscall_64+0x3f/0x90 [ 1298.227061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1298.227435] RIP: 0033:0x7f44cdda8b19 [ 1298.227700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.228906] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1298.229423] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1298.229903] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1298.230392] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1298.230876] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000002 [ 1298.231364] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1298.231866] 19:42:01 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x2}]}, 0x10) [ 1311.457624] FAULT_INJECTION: forcing a failure. [ 1311.457624] name failslab, interval 1, probability 0, space 0, times 0 [ 1311.458431] CPU: 1 PID: 8204 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1311.458959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1311.459507] Call Trace: [ 1311.459686] [ 1311.459852] dump_stack_lvl+0xc1/0xf0 [ 1311.460122] should_fail_ex+0x4b4/0x5b0 [ 1311.460413] ? p9_tag_alloc+0x9c/0x830 [ 1311.460676] should_failslab+0x9/0x20 [ 1311.460944] kmem_cache_alloc+0x5a/0x390 [ 1311.461224] ? __lock_acquire+0xbd4/0x63b0 [ 1311.461513] p9_tag_alloc+0x9c/0x830 [ 1311.461773] ? __pfx_p9_tag_alloc+0x10/0x10 [ 1311.462066] ? add_wait_queue+0x49/0x290 [ 1311.462349] ? __pfx_lock_acquire+0x10/0x10 [ 1311.462642] ? find_held_lock+0x2c/0x110 [ 1311.462925] p9_client_prepare_req+0x17b/0x420 [ 1311.463240] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 1311.463605] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.463960] p9_client_rpc+0x1a1/0xcb0 [ 1311.464232] ? __pfx_p9_client_rpc+0x10/0x10 [ 1311.464530] ? __pfx_p9_pollwait+0x10/0x10 [ 1311.464819] ? __pfx_pipe_poll+0x10/0x10 [ 1311.465098] ? p9_fd_poll+0x1e0/0x2c0 [ 1311.465373] ? p9_fd_create+0x361/0x540 [ 1311.465651] ? __pfx_p9_fd_create+0x10/0x10 [ 1311.465955] ? kasan_quarantine_put+0x81/0x1d0 [ 1311.466285] p9_client_create+0xb5b/0x1260 19:42:14 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:14 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x6}]}, 0x10) 19:42:14 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:14 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 30) 19:42:14 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1593, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:14 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 19) 19:42:14 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:14 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 31) [ 1311.466635] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.467092] ? __pfx_p9_client_create+0x10/0x10 [ 1311.467422] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1311.467779] ? lockdep_init_map_type+0x21e/0x7e0 [ 1311.468119] ? __kasan_kmalloc+0x7f/0x90 [ 1311.468416] ? __raw_spin_lock_init+0x3a/0x110 [ 1311.468749] v9fs_session_init+0x1e1/0x1760 [ 1311.469063] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1311.469486] ? __pfx_v9fs_session_init+0x10/0x10 [ 1311.469828] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.470195] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1311.470538] ? v9fs_mount+0x9e/0xbc0 [ 1311.470811] v9fs_mount+0xbd/0xbc0 [ 1311.471075] ? legacy_init_fs_context+0x44/0xe0 [ 1311.471415] ? __pfx_v9fs_mount+0x10/0x10 [ 1311.471746] ? cap_capable+0x1be/0x220 [ 1311.472033] ? __pfx_v9fs_mount+0x10/0x10 [ 1311.472335] legacy_get_tree+0x109/0x220 [ 1311.472629] vfs_get_tree+0x92/0x360 [ 1311.472903] path_mount+0x1335/0x1e40 [ 1311.473195] ? kasan_quarantine_put+0x81/0x1d0 [ 1311.473524] ? __pfx_path_mount+0x10/0x10 [ 1311.473827] ? putname+0x102/0x140 [ 1311.474095] ? kmem_cache_free+0xff/0x4a0 [ 1311.474401] ? putname+0x102/0x140 [ 1311.474669] __x64_sys_mount+0x286/0x310 [ 1311.474965] ? __pfx___x64_sys_mount+0x10/0x10 [ 1311.475308] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.475674] do_syscall_64+0x3f/0x90 [ 1311.475950] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1311.476315] RIP: 0033:0x7fb465b78b19 [ 1311.476578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1311.477779] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1311.478297] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1311.478773] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1311.479260] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1311.479749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1311.480236] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1311.480729] [ 1311.513160] FAULT_INJECTION: forcing a failure. [ 1311.513160] name failslab, interval 1, probability 0, space 0, times 0 [ 1311.513957] CPU: 1 PID: 8215 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1311.514486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1311.515021] Call Trace: [ 1311.515196] [ 1311.515355] dump_stack_lvl+0xc1/0xf0 [ 1311.515638] should_fail_ex+0x4b4/0x5b0 [ 1311.515919] should_failslab+0x9/0x20 [ 1311.516186] __kmem_cache_alloc_node+0x5b/0x310 [ 1311.516512] ? bpf_prog_store_orig_filter+0x7b/0x1e0 [ 1311.516860] kmalloc_trace+0x26/0xc0 [ 1311.517118] bpf_prog_store_orig_filter+0x7b/0x1e0 [ 1311.517450] __get_filter+0x1ec/0x2c0 [ 1311.517714] sk_attach_filter+0x24/0x3a0 [ 1311.517994] sk_setsockopt+0x19cf/0x3650 [ 1311.518279] ? __pfx_sk_setsockopt+0x10/0x10 [ 1311.518591] ? __pfx_lock_release+0x10/0x10 [ 1311.518883] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1311.519257] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1311.519678] ? __fget_files+0x270/0x480 [ 1311.519965] ? selinux_socket_setsockopt+0x6e/0x90 [ 1311.520299] __sys_setsockopt+0x2b9/0x320 [ 1311.520593] ? __pfx___sys_setsockopt+0x10/0x10 [ 1311.520916] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1311.521314] ? fput+0x2f/0x1a0 [ 1311.521552] ? ksys_write+0x1a7/0x260 [ 1311.521816] ? __pfx_ksys_write+0x10/0x10 [ 1311.522109] __x64_sys_setsockopt+0xbe/0x160 [ 1311.522416] ? syscall_enter_from_user_mode+0x21/0x50 [ 1311.522763] do_syscall_64+0x3f/0x90 [ 1311.523028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1311.523390] RIP: 0033:0x7f44cdda8b19 [ 1311.523649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1311.524833] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1311.525359] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1311.525860] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1311.526348] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1311.526853] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000002 [ 1311.527343] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1311.527860] 19:42:14 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:42:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2010, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x2}]}, 0x10) 19:42:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 31) 19:42:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 20) 19:42:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 32) 19:42:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3f00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1311.846938] FAULT_INJECTION: forcing a failure. [ 1311.846938] name failslab, interval 1, probability 0, space 0, times 0 [ 1311.848636] CPU: 1 PID: 8237 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1311.849653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1311.850686] Call Trace: [ 1311.851017] [ 1311.851399] dump_stack_lvl+0xc1/0xf0 [ 1311.851925] should_fail_ex+0x4b4/0x5b0 [ 1311.852563] should_failslab+0x9/0x20 [ 1311.853070] __kmem_cache_alloc_node+0x5b/0x310 [ 1311.853678] ? p9_fcall_init+0x97/0x210 [ 1311.854210] ? p9_fcall_init+0x97/0x210 [ 1311.854708] __kmalloc+0x4a/0x160 [ 1311.855263] p9_fcall_init+0x97/0x210 [ 1311.855805] p9_tag_alloc+0x16a/0x830 [ 1311.856305] ? __pfx_p9_tag_alloc+0x10/0x10 [ 1311.856981] ? add_wait_queue+0x49/0x290 [ 1311.857587] ? __pfx_lock_acquire+0x10/0x10 [ 1311.858219] ? find_held_lock+0x2c/0x110 [ 1311.858781] p9_client_prepare_req+0x17b/0x420 [ 1311.859537] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 1311.860216] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.860906] p9_client_rpc+0x1a1/0xcb0 [ 1311.861484] ? __pfx_p9_client_rpc+0x10/0x10 [ 1311.862086] ? __pfx_p9_pollwait+0x10/0x10 [ 1311.862721] ? __pfx_pipe_poll+0x10/0x10 [ 1311.863300] ? p9_fd_poll+0x1e0/0x2c0 [ 1311.863898] ? p9_fd_create+0x361/0x540 [ 1311.864502] ? __pfx_p9_fd_create+0x10/0x10 [ 1311.865086] ? kasan_quarantine_put+0x81/0x1d0 [ 1311.865725] p9_client_create+0xb5b/0x1260 [ 1311.866293] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.866974] ? __pfx_p9_client_create+0x10/0x10 [ 1311.867616] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1311.868267] ? lockdep_init_map_type+0x21e/0x7e0 [ 1311.868889] ? __kasan_kmalloc+0x7f/0x90 [ 1311.869441] ? __raw_spin_lock_init+0x3a/0x110 [ 1311.870050] v9fs_session_init+0x1e1/0x1760 [ 1311.870628] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1311.871411] ? __pfx_v9fs_session_init+0x10/0x10 [ 1311.872051] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.872734] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1311.873389] ? v9fs_mount+0x9e/0xbc0 [ 1311.873911] v9fs_mount+0xbd/0xbc0 [ 1311.874401] ? legacy_init_fs_context+0x44/0xe0 [ 1311.875031] ? __pfx_v9fs_mount+0x10/0x10 [ 1311.875609] ? cap_capable+0x1be/0x220 [ 1311.876143] ? __pfx_v9fs_mount+0x10/0x10 [ 1311.876699] legacy_get_tree+0x109/0x220 [ 1311.877252] vfs_get_tree+0x92/0x360 [ 1311.877762] path_mount+0x1335/0x1e40 [ 1311.878284] ? kasan_quarantine_put+0x81/0x1d0 [ 1311.878890] ? __pfx_path_mount+0x10/0x10 [ 1311.879455] ? putname+0x102/0x140 [ 1311.879947] ? kmem_cache_free+0xff/0x4a0 [ 1311.880499] ? putname+0x102/0x140 [ 1311.880998] __x64_sys_mount+0x286/0x310 [ 1311.881552] ? __pfx___x64_sys_mount+0x10/0x10 [ 1311.882169] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1311.882856] do_syscall_64+0x3f/0x90 [ 1311.883360] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1311.884061] RIP: 0033:0x7fbf7ca8bb19 [ 1311.884546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1311.886806] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1311.887778] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1311.888676] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1311.889571] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1311.890472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1311.891370] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1311.892309] 19:42:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 21) 19:42:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x4000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:28 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x6}]}, 0x10) 19:42:28 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 32) 19:42:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 33) [ 1325.321596] FAULT_INJECTION: forcing a failure. [ 1325.321596] name failslab, interval 1, probability 0, space 0, times 0 [ 1325.322323] CPU: 1 PID: 8250 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1325.322879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1325.323372] Call Trace: [ 1325.323538] [ 1325.323694] dump_stack_lvl+0xc1/0xf0 [ 1325.323950] should_fail_ex+0x4b4/0x5b0 [ 1325.324216] should_failslab+0x9/0x20 [ 1325.324471] __kmem_cache_alloc_node+0x5b/0x310 [ 1325.324779] ? p9_fcall_init+0x97/0x210 [ 1325.325037] ? p9_fcall_init+0x97/0x210 [ 1325.325291] __kmalloc+0x4a/0x160 [ 1325.325523] p9_fcall_init+0x97/0x210 [ 1325.325776] p9_tag_alloc+0x16a/0x830 [ 1325.326024] ? __pfx_p9_tag_alloc+0x10/0x10 [ 1325.326294] ? add_wait_queue+0x49/0x290 [ 1325.326564] ? __pfx_lock_acquire+0x10/0x10 [ 1325.326839] ? find_held_lock+0x2c/0x110 [ 1325.327109] p9_client_prepare_req+0x17b/0x420 [ 1325.327403] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 1325.327745] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.328077] p9_client_rpc+0x1a1/0xcb0 [ 1325.328331] ? __pfx_p9_client_rpc+0x10/0x10 [ 1325.328643] ? __pfx_p9_pollwait+0x10/0x10 [ 1325.328949] ? __pfx_pipe_poll+0x10/0x10 [ 1325.329246] ? p9_fd_poll+0x1e0/0x2c0 [ 1325.329506] ? p9_fd_create+0x361/0x540 [ 1325.329770] ? __pfx_p9_fd_create+0x10/0x10 [ 1325.330054] ? kasan_quarantine_put+0x81/0x1d0 [ 1325.330360] p9_client_create+0xb5b/0x1260 [ 1325.330637] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.330969] ? __pfx_p9_client_create+0x10/0x10 [ 1325.331271] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1325.331587] ? lockdep_init_map_type+0x21e/0x7e0 [ 1325.331899] ? __kasan_kmalloc+0x7f/0x90 [ 1325.332171] ? __raw_spin_lock_init+0x3a/0x110 [ 1325.332476] v9fs_session_init+0x1e1/0x1760 [ 1325.332760] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1325.333138] ? __pfx_v9fs_session_init+0x10/0x10 [ 1325.333447] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.333781] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1325.334096] ? v9fs_mount+0x9e/0xbc0 [ 1325.334355] v9fs_mount+0xbd/0xbc0 [ 1325.334599] ? legacy_init_fs_context+0x44/0xe0 [ 1325.334907] ? __pfx_v9fs_mount+0x10/0x10 [ 1325.335180] ? cap_capable+0x1be/0x220 [ 1325.335446] ? __pfx_v9fs_mount+0x10/0x10 [ 1325.335731] legacy_get_tree+0x109/0x220 [ 1325.336002] vfs_get_tree+0x92/0x360 [ 1325.336253] path_mount+0x1335/0x1e40 [ 1325.336514] ? kasan_quarantine_put+0x81/0x1d0 [ 1325.336815] ? __pfx_path_mount+0x10/0x10 [ 1325.337086] ? putname+0x102/0x140 [ 1325.337329] ? kmem_cache_free+0xff/0x4a0 [ 1325.337600] ? putname+0x102/0x140 [ 1325.337848] __x64_sys_mount+0x286/0x310 [ 1325.338118] ? __pfx___x64_sys_mount+0x10/0x10 [ 1325.338425] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.338766] do_syscall_64+0x3f/0x90 [ 1325.339015] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1325.339351] RIP: 0033:0x7fb465b78b19 [ 1325.339588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1325.340670] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1325.341136] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1325.341576] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1325.342009] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1325.342442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1325.342875] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1325.343321] 19:42:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x6001, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 22) 19:42:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x8}]}, 0x10) 19:42:28 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:28 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 34) 19:42:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8084, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 33) 19:42:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x10, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:29 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 23) [ 1325.594301] FAULT_INJECTION: forcing a failure. [ 1325.594301] name failslab, interval 1, probability 0, space 0, times 0 [ 1325.596021] CPU: 0 PID: 8276 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1325.597112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1325.598199] Call Trace: [ 1325.598564] [ 1325.598888] dump_stack_lvl+0xc1/0xf0 [ 1325.599449] should_fail_ex+0x4b4/0x5b0 [ 1325.600049] should_failslab+0x9/0x20 [ 1325.600605] __kmem_cache_alloc_node+0x5b/0x310 [ 1325.601271] ? p9_fcall_init+0x97/0x210 [ 1325.601841] ? p9_fcall_init+0x97/0x210 [ 1325.602402] __kmalloc+0x4a/0x160 [ 1325.602916] p9_fcall_init+0x97/0x210 [ 1325.603461] p9_tag_alloc+0x20c/0x830 [ 1325.604041] ? __pfx_p9_tag_alloc+0x10/0x10 [ 1325.604672] ? add_wait_queue+0x49/0x290 [ 1325.605282] ? __pfx_lock_acquire+0x10/0x10 [ 1325.605902] ? find_held_lock+0x2c/0x110 [ 1325.606518] p9_client_prepare_req+0x17b/0x420 19:42:29 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8101, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1325.607224] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 1325.607966] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.608739] p9_client_rpc+0x1a1/0xcb0 [ 1325.609304] ? __pfx_p9_client_rpc+0x10/0x10 [ 1325.609951] ? __pfx_p9_pollwait+0x10/0x10 [ 1325.610557] ? __pfx_pipe_poll+0x10/0x10 [ 1325.611155] ? p9_fd_poll+0x1e0/0x2c0 [ 1325.611765] ? p9_fd_create+0x361/0x540 [ 1325.612361] ? __pfx_p9_fd_create+0x10/0x10 [ 1325.613012] ? kasan_quarantine_put+0x81/0x1d0 [ 1325.613698] p9_client_create+0xb5b/0x1260 [ 1325.614332] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.615078] ? __pfx_p9_client_create+0x10/0x10 [ 1325.615780] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1325.616506] ? lockdep_init_map_type+0x21e/0x7e0 [ 1325.617201] ? __kasan_kmalloc+0x7f/0x90 [ 1325.617809] ? __raw_spin_lock_init+0x3a/0x110 [ 1325.618487] v9fs_session_init+0x1e1/0x1760 [ 1325.619138] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1325.620012] ? __pfx_v9fs_session_init+0x10/0x10 [ 1325.620701] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.621468] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1325.622186] ? v9fs_mount+0x9e/0xbc0 [ 1325.622770] v9fs_mount+0xbd/0xbc0 [ 1325.623312] ? legacy_init_fs_context+0x44/0xe0 [ 1325.624027] ? __pfx_v9fs_mount+0x10/0x10 [ 1325.624655] ? cap_capable+0x1be/0x220 [ 1325.625256] ? __pfx_v9fs_mount+0x10/0x10 [ 1325.625876] legacy_get_tree+0x109/0x220 [ 1325.626483] vfs_get_tree+0x92/0x360 [ 1325.627045] path_mount+0x1335/0x1e40 [ 1325.627645] ? kasan_quarantine_put+0x81/0x1d0 [ 1325.628319] ? __pfx_path_mount+0x10/0x10 [ 1325.628944] ? putname+0x102/0x140 [ 1325.629499] ? kmem_cache_free+0xff/0x4a0 [ 1325.630117] ? putname+0x102/0x140 [ 1325.630676] __x64_sys_mount+0x286/0x310 [ 1325.631279] ? __pfx___x64_sys_mount+0x10/0x10 [ 1325.631977] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.632747] do_syscall_64+0x3f/0x90 [ 1325.633314] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1325.634071] RIP: 0033:0x7fbf7ca8bb19 [ 1325.634598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1325.637117] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1325.638184] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1325.639177] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1325.640172] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1325.641167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1325.642159] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1325.643172] 19:42:29 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92e4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x10}]}, 0x10) 19:42:29 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x10, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:29 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:29 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 34) 19:42:29 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92e5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:29 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x1a9}]}, 0x10) 19:42:29 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x10, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1325.885105] FAULT_INJECTION: forcing a failure. [ 1325.885105] name failslab, interval 1, probability 0, space 0, times 0 [ 1325.885960] CPU: 1 PID: 8306 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1325.886456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1325.886949] Call Trace: [ 1325.887115] [ 1325.887261] dump_stack_lvl+0xc1/0xf0 [ 1325.887524] should_fail_ex+0x4b4/0x5b0 [ 1325.887799] should_failslab+0x9/0x20 [ 1325.888050] __kmem_cache_alloc_node+0x5b/0x310 [ 1325.888351] ? p9_fcall_init+0x97/0x210 [ 1325.888609] ? p9_fcall_init+0x97/0x210 [ 1325.888862] __kmalloc+0x4a/0x160 [ 1325.889096] p9_fcall_init+0x97/0x210 [ 1325.889347] p9_tag_alloc+0x20c/0x830 [ 1325.889595] ? __pfx_p9_tag_alloc+0x10/0x10 [ 1325.889867] ? add_wait_queue+0x49/0x290 [ 1325.890137] ? __pfx_lock_acquire+0x10/0x10 [ 1325.890437] ? find_held_lock+0x2c/0x110 [ 1325.890709] p9_client_prepare_req+0x17b/0x420 [ 1325.890999] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 1325.891322] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.891664] p9_client_rpc+0x1a1/0xcb0 [ 1325.891920] ? __pfx_p9_client_rpc+0x10/0x10 [ 1325.892201] ? __pfx_p9_pollwait+0x10/0x10 [ 1325.892475] ? __pfx_pipe_poll+0x10/0x10 [ 1325.892739] ? p9_fd_poll+0x1e0/0x2c0 [ 1325.892992] ? p9_fd_create+0x361/0x540 [ 1325.893257] ? __pfx_p9_fd_create+0x10/0x10 [ 1325.893538] ? kasan_quarantine_put+0x81/0x1d0 [ 1325.893843] p9_client_create+0xb5b/0x1260 [ 1325.894121] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.894451] ? __pfx_p9_client_create+0x10/0x10 [ 1325.894762] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1325.895077] ? lockdep_init_map_type+0x21e/0x7e0 [ 1325.895381] ? __kasan_kmalloc+0x7f/0x90 [ 1325.895667] ? __raw_spin_lock_init+0x3a/0x110 [ 1325.895968] v9fs_session_init+0x1e1/0x1760 [ 1325.896249] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1325.896630] ? __pfx_v9fs_session_init+0x10/0x10 [ 1325.896932] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.897262] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1325.897583] ? v9fs_mount+0x9e/0xbc0 [ 1325.897836] v9fs_mount+0xbd/0xbc0 [ 1325.898075] ? legacy_init_fs_context+0x44/0xe0 [ 1325.898382] ? __pfx_v9fs_mount+0x10/0x10 [ 1325.898650] ? cap_capable+0x1be/0x220 [ 1325.898911] ? __pfx_v9fs_mount+0x10/0x10 [ 1325.899180] legacy_get_tree+0x109/0x220 [ 1325.899449] vfs_get_tree+0x92/0x360 [ 1325.899703] path_mount+0x1335/0x1e40 [ 1325.899966] ? kasan_quarantine_put+0x81/0x1d0 [ 1325.900260] ? __pfx_path_mount+0x10/0x10 [ 1325.900532] ? putname+0x102/0x140 [ 1325.900778] ? kmem_cache_free+0xff/0x4a0 [ 1325.901043] ? putname+0x102/0x140 [ 1325.901284] __x64_sys_mount+0x286/0x310 [ 1325.901554] ? __pfx___x64_sys_mount+0x10/0x10 [ 1325.901868] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1325.902202] do_syscall_64+0x3f/0x90 [ 1325.902459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1325.902802] RIP: 0033:0x7fb465b78b19 [ 1325.903038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1325.904143] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1325.904614] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1325.905062] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1325.905495] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1325.905930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1325.906362] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1325.906803] 19:42:29 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:41 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:41 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 35) 19:42:41 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:41 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 35) 19:42:41 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x257}]}, 0x10) 19:42:41 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92e6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:41 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:41 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 24) 19:42:41 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x600}]}, 0x10) 19:42:41 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 25) 19:42:41 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92e7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:41 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 36) 19:42:54 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:54 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 37) 19:42:54 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 26) 19:42:54 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:42:54 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92e8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:42:54 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x2000}]}, 0x10) 19:42:54 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 36) 19:42:54 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:42:54 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 27) 19:42:54 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x3f00}]}, 0x10) 19:43:08 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:08 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92e9, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:08 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x5702}]}, 0x10) 19:43:08 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 38) 19:43:08 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 37) 19:43:08 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 28) 19:43:08 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:43:08 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:08 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 29) 19:43:08 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0xa901}]}, 0x10) 19:43:08 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92ea, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1364.888937] FAULT_INJECTION: forcing a failure. [ 1364.888937] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.889785] CPU: 0 PID: 8396 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1364.890334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1364.890878] Call Trace: [ 1364.891053] [ 1364.891218] dump_stack_lvl+0xc1/0xf0 [ 1364.891496] should_fail_ex+0x4b4/0x5b0 [ 1364.891776] should_failslab+0x9/0x20 [ 1364.892059] __kmem_cache_alloc_node+0x5b/0x310 [ 1364.892409] ? sk_attach_filter+0x7d/0x3a0 [ 1364.892711] kmalloc_trace+0x26/0xc0 [ 1364.892978] sk_attach_filter+0x7d/0x3a0 [ 1364.893282] sk_setsockopt+0x19cf/0x3650 [ 1364.893574] ? __pfx_sk_setsockopt+0x10/0x10 [ 1364.893889] ? __pfx_lock_release+0x10/0x10 [ 1364.894192] ? selinux_netlbl_socket_setsockopt+0xa2/0x420 [ 1364.894740] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 1364.895167] ? __fget_files+0x270/0x480 [ 1364.895471] ? selinux_socket_setsockopt+0x6e/0x90 [ 1364.895816] __sys_setsockopt+0x2b9/0x320 [ 1364.896123] ? __pfx___sys_setsockopt+0x10/0x10 [ 1364.896469] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1364.896869] ? fput+0x2f/0x1a0 [ 1364.897119] ? ksys_write+0x1a7/0x260 [ 1364.897395] ? __pfx_ksys_write+0x10/0x10 [ 1364.897689] __x64_sys_setsockopt+0xbe/0x160 [ 1364.898004] ? syscall_enter_from_user_mode+0x21/0x50 [ 1364.898384] do_syscall_64+0x3f/0x90 [ 1364.898669] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1364.899051] RIP: 0033:0x7f44cdda8b19 [ 1364.899320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1364.900600] RSP: 002b:00007f44cb31e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1364.901139] RAX: ffffffffffffffda RBX: 00007f44cdebbf60 RCX: 00007f44cdda8b19 [ 1364.901641] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003 [ 1364.902145] RBP: 00007f44cb31e1d0 R08: 0000000000000010 R09: 0000000000000000 [ 1364.902651] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000002 [ 1364.903147] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1364.903660] 19:43:08 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(0x0, 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:43:08 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 38) 19:43:08 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x10176}]}, 0x10) 19:43:08 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1365.070027] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1365.071546] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1365.072466] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1365.073254] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1365.074188] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 2 [ 1365.076050] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.077047] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.078102] Buffer I/O error on dev sr0, logical block 0, async page read [ 1365.084812] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.085632] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.086763] Buffer I/O error on dev sr0, logical block 1, async page read [ 1365.103891] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.104675] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.105723] Buffer I/O error on dev sr0, logical block 2, async page read [ 1365.110971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.111407] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.111967] Buffer I/O error on dev sr0, logical block 3, async page read [ 1365.113865] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.114245] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.114900] Buffer I/O error on dev sr0, logical block 4, async page read [ 1365.115568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.115935] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.116523] Buffer I/O error on dev sr0, logical block 5, async page read [ 1365.117780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.118174] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.118765] Buffer I/O error on dev sr0, logical block 6, async page read [ 1365.122022] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1365.122431] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1365.123010] Buffer I/O error on dev sr0, logical block 7, async page read [ 1365.142161] perf: interrupt took too long (7764 > 7753), lowering kernel.perf_event_max_sample_rate to 25000 19:43:23 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:23 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92eb, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:23 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 30) 19:43:23 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 39) 19:43:23 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x34000}]}, 0x10) 19:43:23 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(0x0, 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:43:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 39) 19:43:23 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:23 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x54000}]}, 0x10) [ 1380.295944] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s 19:43:23 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x80000}]}, 0x10) 19:43:23 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 40) [ 1380.296633] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1380.297256] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1380.297767] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1380.298278] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 29 prio class 2 [ 1380.322392] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.323209] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.324307] Buffer I/O error on dev sr0, logical block 0, async page read [ 1380.326888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.327839] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.329027] Buffer I/O error on dev sr0, logical block 1, async page read [ 1380.331252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.332264] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.333478] Buffer I/O error on dev sr0, logical block 2, async page read [ 1380.337389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.337812] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.338400] Buffer I/O error on dev sr0, logical block 3, async page read [ 1380.347187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.348072] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.348671] Buffer I/O error on dev sr0, logical block 4, async page read [ 1380.349384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.349767] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.350575] Buffer I/O error on dev sr0, logical block 5, async page read [ 1380.351270] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.351672] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.352272] Buffer I/O error on dev sr0, logical block 6, async page read [ 1380.353151] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.353557] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.354148] Buffer I/O error on dev sr0, logical block 7, async page read [ 1380.355204] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.355627] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1380.356211] Buffer I/O error on dev sr0, logical block 0, async page read [ 1380.361227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.361657] Buffer I/O error on dev sr0, logical block 1, async page read [ 1380.368192] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.369748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.370590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.374323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.379121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1380.380029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:43:23 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) (fail_nth: 31) [ 1380.400469] FAULT_INJECTION: forcing a failure. [ 1380.400469] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1380.401952] CPU: 1 PID: 8441 Comm: syz-executor.0 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1380.402519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1380.403088] Call Trace: [ 1380.403273] [ 1380.403443] dump_stack_lvl+0xc1/0xf0 [ 1380.403726] should_fail_ex+0x4b4/0x5b0 [ 1380.404029] _copy_to_user+0x2e/0x150 [ 1380.404316] simple_read_from_buffer+0xd0/0x170 [ 1380.404673] proc_fail_nth_read+0x19c/0x230 [ 1380.404995] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1380.405353] ? security_file_permission+0xb5/0xe0 [ 1380.405717] vfs_read+0x260/0x940 [ 1380.405977] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1380.406335] ? __pfx_vfs_read+0x10/0x10 [ 1380.406628] ? __fget_files+0x270/0x480 [ 1380.406943] ksys_read+0x12b/0x260 [ 1380.407206] ? __pfx_ksys_read+0x10/0x10 [ 1380.407511] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1380.407896] do_syscall_64+0x3f/0x90 [ 1380.408177] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1380.408572] RIP: 0033:0x7f44cdd5b69c 19:43:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 40) [ 1380.408842] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1380.410237] RSP: 002b:00007f44cb31e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1380.410798] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f44cdd5b69c [ 1380.411290] RDX: 000000000000000f RSI: 00007f44cb31e1e0 RDI: 0000000000000004 [ 1380.411793] RBP: 00007f44cb31e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1380.412287] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000002 [ 1380.412792] R13: 00007ffc7d1ac7bf R14: 00007f44cb31e300 R15: 0000000000022000 [ 1380.413297] 19:43:23 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:23 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92ec, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:39 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:43:39 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:39 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92ed, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:39 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 41) 19:43:39 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:39 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x100000}]}, 0x10) 19:43:39 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 41) 19:43:39 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(0x0, 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:43:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x200000}]}, 0x10) 19:43:40 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92ee, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1396.609247] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1396.610505] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1396.611517] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1396.612407] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1396.613386] blk_print_req_error: 7 callbacks suppressed [ 1396.613403] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1396.615758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.616158] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.616736] buffer_io_error: 6 callbacks suppressed [ 1396.616744] Buffer I/O error on dev sr0, logical block 0, async page read [ 1396.618009] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.618767] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.619461] Buffer I/O error on dev sr0, logical block 1, async page read [ 1396.620281] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.621216] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.621823] Buffer I/O error on dev sr0, logical block 2, async page read [ 1396.622820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.623217] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.623839] Buffer I/O error on dev sr0, logical block 3, async page read [ 1396.624606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.624993] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.625700] Buffer I/O error on dev sr0, logical block 4, async page read [ 1396.626489] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.626867] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.627454] Buffer I/O error on dev sr0, logical block 5, async page read [ 1396.628312] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.628747] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.629356] Buffer I/O error on dev sr0, logical block 6, async page read [ 1396.630378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.630770] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.631359] Buffer I/O error on dev sr0, logical block 7, async page read [ 1396.633655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.634055] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1396.634653] Buffer I/O error on dev sr0, logical block 0, async page read [ 1396.636597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.636996] Buffer I/O error on dev sr0, logical block 1, async page read [ 1396.638974] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.639578] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.640709] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.643947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.644555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.645144] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.646235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.655758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.659993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.667736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.674003] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.698315] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:43:40 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x2, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1396.708799] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.710253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:43:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x400300}]}, 0x10) 19:43:40 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92ef, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:40 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:40 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x3, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:43:40 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:43:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x400500}]}, 0x10) 19:43:40 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 42) 19:43:40 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1396.966028] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1396.967306] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1396.968868] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1396.969756] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1396.972312] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.982846] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.984102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:43:40 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 42) [ 1396.988432] FAULT_INJECTION: forcing a failure. [ 1396.988432] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.990025] CPU: 0 PID: 8494 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1396.990303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.990988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.991006] Call Trace: [ 1396.991015] [ 1396.991025] dump_stack_lvl+0xc1/0xf0 [ 1396.993735] should_fail_ex+0x4b4/0x5b0 [ 1396.994268] should_failslab+0x9/0x20 [ 1396.994776] __kmem_cache_alloc_node+0x5b/0x310 [ 1396.995388] ? p9pdu_readf+0xb51/0x1ce0 [ 1396.995928] ? p9pdu_readf+0xb51/0x1ce0 [ 1396.996454] __kmalloc+0x4a/0x160 [ 1396.996982] p9pdu_readf+0xb51/0x1ce0 [ 1396.997555] ? __pfx_p9_client_rpc+0x10/0x10 [ 1396.997753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.998113] ? __pfx_p9pdu_readf+0x10/0x10 [ 1396.999330] ? p9_fd_poll+0x1e0/0x2c0 [ 1396.999848] ? p9_fd_create+0x361/0x540 [ 1397.000370] ? __pfx_p9_fd_create+0x10/0x10 [ 1397.000939] ? kasan_quarantine_put+0x81/0x1d0 [ 1397.001550] p9_client_create+0xbd4/0x1260 [ 1397.001841] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.002102] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1397.003288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.003409] ? __pfx_p9_client_create+0x10/0x10 [ 1397.004753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.004747] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1397.006061] ? lockdep_init_map_type+0x21e/0x7e0 [ 1397.006694] ? __kasan_kmalloc+0x7f/0x90 [ 1397.007240] ? __raw_spin_lock_init+0x3a/0x110 [ 1397.007834] v9fs_session_init+0x1e1/0x1760 [ 1397.008406] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1397.009179] ? __pfx_v9fs_session_init+0x10/0x10 [ 1397.009799] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1397.010454] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1397.011092] ? v9fs_mount+0x9e/0xbc0 [ 1397.011593] v9fs_mount+0xbd/0xbc0 [ 1397.012069] ? legacy_init_fs_context+0x44/0xe0 [ 1397.012695] ? __pfx_v9fs_mount+0x10/0x10 [ 1397.012893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.013237] ? cap_capable+0x1be/0x220 [ 1397.014445] ? __pfx_v9fs_mount+0x10/0x10 [ 1397.014746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.014975] legacy_get_tree+0x109/0x220 [ 1397.016168] vfs_get_tree+0x92/0x360 [ 1397.016225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.016677] path_mount+0x1335/0x1e40 [ 1397.017856] ? kasan_quarantine_put+0x81/0x1d0 [ 1397.018445] ? __pfx_path_mount+0x10/0x10 [ 1397.019026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.019015] ? putname+0x102/0x140 [ 1397.020157] ? kmem_cache_free+0xff/0x4a0 [ 1397.020690] ? putname+0x102/0x140 [ 1397.021195] __x64_sys_mount+0x286/0x310 [ 1397.021375] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.021708] ? __pfx___x64_sys_mount+0x10/0x10 [ 1397.022933] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.023605] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1397.024052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.024263] do_syscall_64+0x3f/0x90 [ 1397.025436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1397.026091] RIP: 0033:0x7fb465b78b19 [ 1397.026585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1397.026732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.028744] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1397.028777] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1397.031226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.031297] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1397.032773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.032907] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1397.034538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1397.035432] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1397.036362] [ 1397.036384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.045002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.048086] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.051005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.052195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.056211] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1397.101387] FAULT_INJECTION: forcing a failure. [ 1397.101387] name failslab, interval 1, probability 0, space 0, times 0 [ 1397.104066] CPU: 1 PID: 8502 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1397.105153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1397.106208] Call Trace: [ 1397.106562] [ 1397.106879] dump_stack_lvl+0xc1/0xf0 [ 1397.107420] should_fail_ex+0x4b4/0x5b0 [ 1397.107983] should_failslab+0x9/0x20 [ 1397.108517] __kmem_cache_alloc_node+0x5b/0x310 [ 1397.109156] ? p9pdu_readf+0xb51/0x1ce0 [ 1397.109709] ? p9pdu_readf+0xb51/0x1ce0 [ 1397.110259] __kmalloc+0x4a/0x160 [ 1397.110755] p9pdu_readf+0xb51/0x1ce0 [ 1397.111304] ? __pfx_p9_client_rpc+0x10/0x10 [ 1397.111918] ? __pfx_p9pdu_readf+0x10/0x10 [ 1397.112500] ? p9_fd_poll+0x1e0/0x2c0 [ 1397.113069] ? p9_fd_create+0x361/0x540 [ 1397.113630] ? __pfx_p9_fd_create+0x10/0x10 [ 1397.114240] ? kasan_quarantine_put+0x81/0x1d0 [ 1397.114874] p9_client_create+0xbd4/0x1260 [ 1397.115480] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1397.116180] ? __pfx_p9_client_create+0x10/0x10 [ 1397.116860] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1397.117523] ? lockdep_init_map_type+0x21e/0x7e0 [ 1397.118183] ? __kasan_kmalloc+0x7f/0x90 [ 1397.118749] ? __raw_spin_lock_init+0x3a/0x110 [ 1397.119398] v9fs_session_init+0x1e1/0x1760 [ 1397.119987] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1397.120817] ? __pfx_v9fs_session_init+0x10/0x10 [ 1397.121455] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1397.122178] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1397.122842] ? v9fs_mount+0x9e/0xbc0 [ 1397.123395] v9fs_mount+0xbd/0xbc0 [ 1397.123893] ? legacy_init_fs_context+0x44/0xe0 [ 1397.124584] ? __pfx_v9fs_mount+0x10/0x10 [ 1397.125170] ? cap_capable+0x1be/0x220 [ 1397.125739] ? __pfx_v9fs_mount+0x10/0x10 [ 1397.126332] legacy_get_tree+0x109/0x220 [ 1397.126923] vfs_get_tree+0x92/0x360 [ 1397.127473] path_mount+0x1335/0x1e40 [ 1397.128038] ? kasan_quarantine_put+0x81/0x1d0 [ 1397.128683] ? __pfx_path_mount+0x10/0x10 [ 1397.129270] ? putname+0x102/0x140 [ 1397.129790] ? kmem_cache_free+0xff/0x4a0 [ 1397.130377] ? putname+0x102/0x140 [ 1397.130903] __x64_sys_mount+0x286/0x310 [ 1397.131494] ? __pfx___x64_sys_mount+0x10/0x10 [ 1397.132151] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1397.132893] do_syscall_64+0x3f/0x90 [ 1397.133431] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1397.134156] RIP: 0033:0x7fbf7ca8bb19 [ 1397.134670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1397.137054] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1397.138068] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1397.139017] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1397.139970] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1397.140941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1397.141888] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1397.142867] 19:43:52 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 43) 19:43:52 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:52 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:52 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:52 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x5, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:43:52 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x800000}]}, 0x10) 19:43:52 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 43) 19:43:52 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:43:52 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:43:52 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:43:52 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x1000000}]}, 0x10) [ 1409.243945] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1409.244683] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1409.245432] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1409.245898] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1409.246433] blk_print_req_error: 40 callbacks suppressed [ 1409.246442] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1409.247930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.248322] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.248962] buffer_io_error: 38 callbacks suppressed [ 1409.248971] Buffer I/O error on dev sr0, logical block 0, async page read [ 1409.250081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.250494] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.251038] Buffer I/O error on dev sr0, logical block 1, async page read [ 1409.251863] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.252226] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.253011] Buffer I/O error on dev sr0, logical block 2, async page read [ 1409.253878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.254242] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.254802] Buffer I/O error on dev sr0, logical block 3, async page read [ 1409.255449] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.255813] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.256391] Buffer I/O error on dev sr0, logical block 4, async page read [ 1409.257036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.257421] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.257975] Buffer I/O error on dev sr0, logical block 5, async page read [ 1409.258650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.259012] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.259589] Buffer I/O error on dev sr0, logical block 6, async page read [ 1409.260252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.260658] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.261248] Buffer I/O error on dev sr0, logical block 7, async page read [ 1409.262078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.262524] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1409.263264] Buffer I/O error on dev sr0, logical block 0, async page read [ 1409.269754] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.270154] Buffer I/O error on dev sr0, logical block 1, async page read [ 1409.270848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.273026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.274107] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.278497] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.279058] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.279735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.280376] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.281001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.281595] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.283221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.283802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.284630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.285514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.286075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.286839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.288203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.288816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.289859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.290641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.292289] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.292897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1409.293557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:43:52 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x14, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:05 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 44) 19:44:05 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:05 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x2000000}]}, 0x10) 19:44:05 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x29, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:05 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 44) 19:44:05 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:05 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:05 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:05 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1422.101907] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1422.103099] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1422.104001] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1422.104890] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1422.105862] blk_print_req_error: 23 callbacks suppressed [ 1422.105877] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1422.108753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.109513] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.110560] buffer_io_error: 22 callbacks suppressed [ 1422.110574] Buffer I/O error on dev sr0, logical block 0, async page read [ 1422.115780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.116519] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.117578] Buffer I/O error on dev sr0, logical block 1, async page read [ 1422.118864] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.119568] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.120577] Buffer I/O error on dev sr0, logical block 2, async page read [ 1422.121855] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.122585] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.123593] Buffer I/O error on dev sr0, logical block 3, async page read [ 1422.124918] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.125971] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.126973] Buffer I/O error on dev sr0, logical block 4, async page read [ 1422.128241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.129034] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.130058] Buffer I/O error on dev sr0, logical block 5, async page read [ 1422.131579] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.132266] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.133310] Buffer I/O error on dev sr0, logical block 6, async page read [ 1422.135832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.136606] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.137633] Buffer I/O error on dev sr0, logical block 7, async page read [ 1422.139120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.139846] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1422.140897] Buffer I/O error on dev sr0, logical block 0, async page read [ 1422.142269] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.143123] Buffer I/O error on dev sr0, logical block 1, async page read [ 1422.144796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.146143] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.147322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.148729] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.149910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.151052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.152380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.153712] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.154849] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.156389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.157717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.159002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.160942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.162132] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:44:05 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x6000000}]}, 0x10) 19:44:05 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x66, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:05 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:05 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:05 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:05 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(0x0, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:05 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 45) 19:44:05 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x3f000000}]}, 0x10) 19:44:05 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x300, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1422.496313] FAULT_INJECTION: forcing a failure. [ 1422.496313] name failslab, interval 1, probability 0, space 0, times 0 [ 1422.499888] CPU: 0 PID: 8576 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1422.500891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1422.501894] Call Trace: [ 1422.502234] [ 1422.502529] dump_stack_lvl+0xc1/0xf0 [ 1422.503038] should_fail_ex+0x4b4/0x5b0 [ 1422.503559] ? __kmem_cache_create+0x25b/0x610 [ 1422.504161] should_failslab+0x9/0x20 [ 1422.504664] kmem_cache_alloc_node+0x5d/0x3a0 [ 1422.505294] __kmem_cache_create+0x25b/0x610 [ 1422.505886] kmem_cache_create_usercopy+0x218/0x340 [ 1422.506536] p9_client_create+0xd0b/0x1260 [ 1422.507107] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1422.507784] ? __pfx_p9_client_create+0x10/0x10 [ 1422.508378] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1422.509024] ? lockdep_init_map_type+0x21e/0x7e0 [ 1422.509626] ? __kasan_kmalloc+0x7f/0x90 [ 1422.510170] ? __raw_spin_lock_init+0x3a/0x110 [ 1422.510769] v9fs_session_init+0x1e1/0x1760 [ 1422.511345] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1422.512111] ? __pfx_v9fs_session_init+0x10/0x10 [ 1422.512732] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1422.513404] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1422.514036] ? v9fs_mount+0x9e/0xbc0 [ 1422.514542] v9fs_mount+0xbd/0xbc0 [ 1422.515021] ? legacy_init_fs_context+0x44/0xe0 [ 1422.515631] ? __pfx_v9fs_mount+0x10/0x10 [ 1422.516177] ? cap_capable+0x1be/0x220 [ 1422.516701] ? __pfx_v9fs_mount+0x10/0x10 [ 1422.517269] legacy_get_tree+0x109/0x220 [ 1422.517815] vfs_get_tree+0x92/0x360 [ 1422.518317] path_mount+0x1335/0x1e40 [ 1422.518838] ? kasan_quarantine_put+0x81/0x1d0 [ 1422.519434] ? __pfx_path_mount+0x10/0x10 [ 1422.519979] ? putname+0x102/0x140 [ 1422.520465] ? kmem_cache_free+0xff/0x4a0 [ 1422.521093] ? putname+0x102/0x140 [ 1422.521690] __x64_sys_mount+0x286/0x310 [ 1422.522341] ? __pfx___x64_sys_mount+0x10/0x10 [ 1422.523088] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1422.523916] do_syscall_64+0x3f/0x90 [ 1422.524524] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1422.525323] RIP: 0033:0x7fbf7ca8bb19 [ 1422.525896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1422.528464] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1422.529596] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1422.530625] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1422.531636] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1422.532668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1422.533710] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1422.534775] [ 1422.535526] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -22 [ 1422.536626] CPU: 0 PID: 8576 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1422.537859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1422.539087] Call Trace: [ 1422.539488] [ 1422.539844] dump_stack_lvl+0xc1/0xf0 [ 1422.540454] kmem_cache_create_usercopy+0x12b/0x340 [ 1422.541251] p9_client_create+0xd0b/0x1260 [ 1422.541931] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1422.542735] ? __pfx_p9_client_create+0x10/0x10 [ 1422.543425] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1422.544189] ? lockdep_init_map_type+0x21e/0x7e0 [ 1422.544912] ? __kasan_kmalloc+0x7f/0x90 [ 1422.545562] ? __raw_spin_lock_init+0x3a/0x110 [ 1422.546257] v9fs_session_init+0x1e1/0x1760 [ 1422.546936] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1422.547811] ? __pfx_v9fs_session_init+0x10/0x10 [ 1422.548562] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1422.549350] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1422.550110] ? v9fs_mount+0x9e/0xbc0 [ 1422.550703] v9fs_mount+0xbd/0xbc0 [ 1422.551266] ? legacy_init_fs_context+0x44/0xe0 [ 1422.551994] ? __pfx_v9fs_mount+0x10/0x10 [ 1422.552654] ? cap_capable+0x1be/0x220 [ 1422.553261] ? __pfx_v9fs_mount+0x10/0x10 [ 1422.553917] legacy_get_tree+0x109/0x220 [ 1422.554537] vfs_get_tree+0x92/0x360 [ 1422.555123] path_mount+0x1335/0x1e40 [ 1422.555723] ? kasan_quarantine_put+0x81/0x1d0 [ 1422.556437] ? __pfx_path_mount+0x10/0x10 [ 1422.557098] ? putname+0x102/0x140 [ 1422.557681] ? kmem_cache_free+0xff/0x4a0 [ 1422.558316] ? putname+0x102/0x140 [ 1422.558912] __x64_sys_mount+0x286/0x310 [ 1422.559531] ? __pfx___x64_sys_mount+0x10/0x10 [ 1422.560261] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1422.561086] do_syscall_64+0x3f/0x90 [ 1422.561685] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1422.562485] RIP: 0033:0x7fbf7ca8bb19 [ 1422.563061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1422.565597] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1422.566726] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1422.567771] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1422.568821] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1422.569899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1422.570950] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1422.572019] [ 1422.574058] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1422.575207] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1422.576058] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1422.576888] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1422.583048] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.584930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.586062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.588024] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.589172] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.591093] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.593198] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1422.594829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:44:20 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:20 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:20 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(0x0, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:20 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 46) 19:44:20 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:20 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x2b000, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:20 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x57020000}]}, 0x10) 19:44:20 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 45) 19:44:20 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1437.081909] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1437.082675] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1437.083130] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1437.083592] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1437.084090] blk_print_req_error: 24 callbacks suppressed [ 1437.084099] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1437.086712] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.087081] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.087671] buffer_io_error: 22 callbacks suppressed [ 1437.087680] Buffer I/O error on dev sr0, logical block 0, async page read [ 1437.087806] FAULT_INJECTION: forcing a failure. [ 1437.087806] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.088303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.089078] CPU: 0 PID: 8597 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1437.089746] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.090373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.090897] Buffer I/O error on dev sr0, logical block 1, async page read [ 1437.091865] Call Trace: [ 1437.091875] [ 1437.091886] dump_stack_lvl+0xc1/0xf0 [ 1437.092728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.093328] should_fail_ex+0x4b4/0x5b0 [ 1437.093551] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.093816] ? __kmem_cache_create+0x25b/0x610 [ 1437.094070] Buffer I/O error on dev sr0, logical block 2, async page read [ 1437.094727] should_failslab+0x9/0x20 [ 1437.095290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.096031] kmem_cache_alloc_node+0x5d/0x3a0 [ 1437.096401] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.097232] __kmem_cache_create+0x25b/0x610 [ 1437.097487] Buffer I/O error on dev sr0, logical block 3, async page read [ 1437.098127] kmem_cache_create_usercopy+0x218/0x340 [ 1437.099801] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.100003] p9_client_create+0xd0b/0x1260 [ 1437.100485] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.101102] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1437.101491] Buffer I/O error on dev sr0, logical block 4, async page read [ 1437.102003] ? __pfx_p9_client_create+0x10/0x10 [ 1437.103979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.104054] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1437.104395] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.105019] ? lockdep_init_map_type+0x21e/0x7e0 [ 1437.105401] Buffer I/O error on dev sr0, logical block 5, async page read [ 1437.106390] ? __kasan_kmalloc+0x7f/0x90 [ 1437.108074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.108094] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.108726] ? __raw_spin_lock_init+0x3a/0x110 [ 1437.109295] Buffer I/O error on dev sr0, logical block 6, async page read [ 1437.109856] v9fs_session_init+0x1e1/0x1760 [ 1437.110612] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.110865] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1437.111226] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.111945] ? __pfx_v9fs_session_init+0x10/0x10 [ 1437.112520] Buffer I/O error on dev sr0, logical block 7, async page read [ 1437.113102] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1437.113977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.114227] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1437.114610] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1437.115176] ? v9fs_mount+0x9e/0xbc0 [ 1437.115755] Buffer I/O error on dev sr0, logical block 0, async page read [ 1437.116214] v9fs_mount+0xbd/0xbc0 [ 1437.116966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.117261] ? legacy_init_fs_context+0x44/0xe0 [ 1437.117639] Buffer I/O error on dev sr0, logical block 1, async page read [ 1437.118329] ? __pfx_v9fs_mount+0x10/0x10 [ 1437.119954] ? cap_capable+0x1be/0x220 [ 1437.120617] ? __pfx_v9fs_mount+0x10/0x10 [ 1437.121339] legacy_get_tree+0x109/0x220 [ 1437.122010] vfs_get_tree+0x92/0x360 [ 1437.122655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.122640] path_mount+0x1335/0x1e40 [ 1437.123632] ? kasan_quarantine_put+0x81/0x1d0 [ 1437.124391] ? __pfx_path_mount+0x10/0x10 [ 1437.124571] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.125064] ? putname+0x102/0x140 19:44:20 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0x76010100}]}, 0x10) [ 1437.126028] ? kmem_cache_free+0xff/0x4a0 [ 1437.126699] ? putname+0x102/0x140 [ 1437.127311] __x64_sys_mount+0x286/0x310 [ 1437.127933] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.127966] ? __pfx___x64_sys_mount+0x10/0x10 [ 1437.128609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.129023] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1437.129714] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.130058] do_syscall_64+0x3f/0x90 [ 1437.130934] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1437.131607] RIP: 0033:0x7fb465b78b19 [ 1437.131894] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.132101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.134187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.134732] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1437.136079] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1437.136632] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.136981] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1437.137668] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.138232] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1437.139524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1437.140001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.140423] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1437.140467] [ 1437.141954] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -22 [ 1437.143775] CPU: 0 PID: 8597 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1437.144804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.145852] Call Trace: [ 1437.146187] [ 1437.146490] dump_stack_lvl+0xc1/0xf0 [ 1437.147000] kmem_cache_create_usercopy+0x12b/0x340 [ 1437.147674] p9_client_create+0xd0b/0x1260 [ 1437.148240] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1437.148925] ? __pfx_p9_client_create+0x10/0x10 19:44:20 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1437.149558] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1437.150288] ? lockdep_init_map_type+0x21e/0x7e0 [ 1437.150913] ? __kasan_kmalloc+0x7f/0x90 [ 1437.151466] ? __raw_spin_lock_init+0x3a/0x110 [ 1437.152083] v9fs_session_init+0x1e1/0x1760 [ 1437.152662] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1437.153417] ? __pfx_v9fs_session_init+0x10/0x10 [ 1437.154050] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1437.154706] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1437.155357] ? v9fs_mount+0x9e/0xbc0 [ 1437.155868] v9fs_mount+0xbd/0xbc0 [ 1437.156351] ? legacy_init_fs_context+0x44/0xe0 [ 1437.156954] ? __pfx_v9fs_mount+0x10/0x10 [ 1437.157519] ? cap_capable+0x1be/0x220 [ 1437.158056] ? __pfx_v9fs_mount+0x10/0x10 [ 1437.158616] legacy_get_tree+0x109/0x220 [ 1437.159177] vfs_get_tree+0x92/0x360 [ 1437.159675] path_mount+0x1335/0x1e40 [ 1437.160197] ? kasan_quarantine_put+0x81/0x1d0 [ 1437.160802] ? __pfx_path_mount+0x10/0x10 [ 1437.161385] ? putname+0x102/0x140 [ 1437.161878] ? kmem_cache_free+0xff/0x4a0 [ 1437.162411] ? putname+0x102/0x140 [ 1437.162911] __x64_sys_mount+0x286/0x310 [ 1437.163463] ? __pfx___x64_sys_mount+0x10/0x10 [ 1437.164084] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1437.164771] do_syscall_64+0x3f/0x90 [ 1437.165285] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1437.165968] RIP: 0033:0x7fb465b78b19 [ 1437.166462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.168761] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1437.169098] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.169747] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1437.169770] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1437.169790] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1437.169809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1437.170520] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.171087] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1437.172500] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.173395] [ 1437.175163] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:44:20 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x65fa8, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:20 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(0x0, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1437.274507] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1437.275155] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1437.275897] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1437.276363] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1437.277409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.278048] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.278654] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.279321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.279964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.280631] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.281205] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.283639] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.284250] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.284978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.285579] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.286240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.287526] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.288678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.289229] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.289985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.295133] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.295730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.296561] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.297486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.298588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.299855] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.300410] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.302855] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.304709] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.305664] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.306291] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.306895] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.308017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.308648] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.309212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.310203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.311037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.311635] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.312179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.312804] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.313394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.313963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.314521] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.315118] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.315856] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.316487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.317058] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.317676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.318216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.318849] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.319585] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.320801] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.322912] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.324322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.325837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.327218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.328778] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.330148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.331315] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1437.332746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:44:32 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:32 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:32 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 46) 19:44:32 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 47) 19:44:32 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x0, 0x0, 0xa9010000}]}, 0x10) 19:44:32 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x80000, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:32 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:32 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(0x0, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1449.399939] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s 19:44:32 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1449.400605] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1449.401306] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1449.401778] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1449.402270] blk_print_req_error: 72 callbacks suppressed [ 1449.402279] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1449.420803] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1449.421464] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1449.421920] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1449.422402] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 1449.422900] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 8 prio class 2 [ 1449.423446] buffer_io_error: 70 callbacks suppressed [ 1449.423453] Buffer I/O error on dev sr0, logical block 0, async page read [ 1449.424243] Buffer I/O error on dev sr0, logical block 1, async page read [ 1449.424716] Buffer I/O error on dev sr0, logical block 2, async page read [ 1449.425205] Buffer I/O error on dev sr0, logical block 3, async page read [ 1449.425729] Buffer I/O error on dev sr0, logical block 4, async page read [ 1449.426185] Buffer I/O error on dev sr0, logical block 5, async page read [ 1449.426665] Buffer I/O error on dev sr0, logical block 6, async page read [ 1449.427123] Buffer I/O error on dev sr0, logical block 7, async page read [ 1449.427962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.429100] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.429677] Buffer I/O error on dev sr0, logical block 0, async page read [ 1449.430407] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.430792] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.431408] Buffer I/O error on dev sr0, logical block 1, async page read [ 1449.432092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.432521] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.433334] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.433835] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.434683] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.435247] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.436046] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.436471] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.437265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.437683] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.438620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.439012] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1449.439812] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.440466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.441036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.441624] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.442232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.443541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.444110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.444738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.445656] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.449073] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.449937] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.450754] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.451373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.451977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.452570] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.453146] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.454134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.454767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.455668] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.456224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.456825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.457373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.457944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.458542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.459296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.459845] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.460448] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.460993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.461614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.462194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.463393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.464007] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.482995] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1449.483819] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1449.484328] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1449.484829] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 19:44:32 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x3) 19:44:32 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:32 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x10, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:33 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 47) 19:44:33 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:33 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x14) 19:44:33 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 48) 19:44:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x5, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:33 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x1fb8) [ 1449.699091] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1449.700043] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1449.700668] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1449.701310] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1449.702299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.702912] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.703843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.704839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.705458] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.715312] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.716301] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.716896] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.717493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.718039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.718661] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.719197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.719810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.720445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.721170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.721781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.722393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.722953] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.723532] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.724116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.724714] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.725313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.726045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.726645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.727208] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.727802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.728614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.729793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.736255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.737025] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.737799] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.738366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.738989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.739566] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.740134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.740685] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.741254] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.741796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.742555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.743067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.743646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.744465] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.745056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.746084] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.746694] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.747738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:44:33 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:33 executing program 7: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x6, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:33 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x7ffffffff000) 19:44:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:33 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 49) [ 1449.982768] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1449.983434] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1449.983885] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1449.984316] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1449.985508] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.986135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.986740] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.987309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.988101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.990128] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.993734] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1449.999771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.001057] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.002586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.003957] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.010400] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.015913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.018102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.019248] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.020756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.022091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.023283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.024741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.025893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.027059] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.028195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.029386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1450.030744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:44:46 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 50) 19:44:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:46 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x7, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:44:46 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:44:46 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92f9, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:44:46 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 48) 19:44:46 executing program 4: ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000002100)=0x3f) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_open_dev$ttys(0xc, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000001240)={'ip6gre0\x00', &(0x7f00000011c0)={'ip6gre0\x00', 0x0, 0x29, 0x7, 0x6, 0x2, 0x58, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @loopback, 0x7, 0x40, 0x8, 0x2}}) open(&(0x7f0000002380)='./file0\x00', 0x30d000, 0x13) sendmsg$inet(r1, &(0x7f0000001400)={&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, &(0x7f0000001180)=[{&(0x7f00000000c0)="a0b29998a883e6bdca2d05ae147596c199a2daa9f6990e3cba2a2a110787dcbc9031775a59dba1b0a85c54d6a564d56cc32e5b9704375cd9c864b732821411bb436147822ac15697cca4b90b4fa964fbbfa5a843a122c8c6ae4f958fb1900d8a01036f9b2245f79284b9d21c269042ddbece7efdc4898480731c99122650132bd2e2ec402b9c4d34b30de32ae679416cec83882d04237c5be7d4dd2319b8768ba348a601844894e5f4a2706e4cdd2a91f42508159c1343b792504bc9c58ba0c50f32bdb9be3b2ba25c22d786ebfbfd6776134ede489a9d7e1b65a3667e1ec898ee1d0f7ad9140ddf95ace72158313e1f3a08e7b1e623b345622f0d7d7510a8c793800cf9431accf608740d0a0b2722b6949663571c54111646330b52d7f1ab0dad1b57e0f98877508476e532e410ca10bcabc5ab7941500d948440f60b2ffd9b41ca92b92fb3f79e10cd5a7fca1f32ccff8ffe6bf9c8d9d8e91c70e49fa6f53b3f4ccfcd0b33e69bc7030129e2da3b9ae45fdabc16a36652575b1c576bb124eecd330206483e7b7a781475e747837559bb1d617bd5d6e0522295f9379c327ae74ea703c6c3a77422299421bb8c4956d10da43c52dc28ab463fcbc09cfdc5cbf5a16d8c3ae53060234f3df3e03aead4c53f33b537f77f6ac426a6d658233d939ae195c1340ca19d4d33f13160e415f7136cd46a5c9ac5def6647403a57a2d7c4b73ff8bd676e0be78af84c8693c974a390e5b11e3ee85da6a570f56eca63356650508977dc26d55f7cf0b7e6a3163c55889774bbd3ed8cef9a68194dc5638b41c157ec520bb3db3567f1cbaad988c9edc9bf6d9987d2212dbcaa4a7550c169dd27f9828a6efe086a406eecb855935688ede19f5c5661970a1c5f21409b1bf97cbcc5bba3397b8540fafab31c2bc401de71c29cb063da41743de2f47f7fb593fb8ba039f8c3d2c6dacf6dba148e1002e398df6eaa5e88b6d2371be24d34b9ad358d47c3f5f98d4bb2f0012e7e72d40a389c31f6b51c369b1d43fe84f1a314e15a7a72b73e1d444b31ed209d1bdd265aa801d69c2c65888fd842210154b195aa19b5c12d6eea42faad299d5e34f82a4bf70717b1428eab99751c9fb4d8df5dd5c5a6bcc14cf1e1a27368c2e9641e7a49acd7953e6df1760ec705c7272fc88fafbb37698f125d14cb864a68ea3ed0d9557ef25fc2fab436f8216858d9a2fbd4054325ca8ef1cb349181b50d8aeb37c2fcd3269e3f044fa00f6ccd71141a377044315aa36f9ef4ede6af517ab25f8197cd0537791073475e8c6e993efa23df1badb5eb2afe2faba3543281139af12172e263e48b86f9955170556c967bf40eed63c6d865cc4f6d8cf27352672e807ad8735b8b8af385602fe27128b1d6a5298522e70bdc525b38f3fe429e8b5cf979ea6a7d1c409a749b7b497d6b3cb416df04c4cf9272030866dcdab261944cba294702bae3f9865b3175076ea9d5a72e0154e9a60defdb6fa584adde68ebcdb8878caa39c8e20040c4f89df4ddd6387ba7f7b3e7c633a87f381b5ae20628ed35612800d6788e0f58cebaf431dd9a9331e1a8ae0cbeeb1d3a68b02e8329a4df6d6c70879628d6d8bdea18db46f2aa6c455e6d394d23a0160b2b24ff7c6d8567c73063d5dcd8df5f338c81cd71076ab877b31ce98e5d23cb2c271283e45054e9c3aca909677548b47601dcd110dccb88fbc28b401a5d7705f5f7adcbb0b4595ed197656651a867c222b0f4970ed273a7b9ac74452011472e3d00e560dd6bebcdf2693b53a4a9a88cc6357a782c3592fadcbf0dd5f62d56495e57524618eb25414236e1e86d9ef12c61812dbf01ce53e17173d68c8002a7ff7fd87d37f76fc85419f20b8d75d7f494e7a63091e1ccfded70cd78e714ac80201d85103a7b257ae215a1f29fb5ce62600e07c7e3ad03078d9ecb1b31c697a5fcf99bb9582dcf3bcf9b6c2dafb524703d9bd602354b12de8dbecb42362e42fa13daaf8c9c4419ec1e7acf981a00d2521e178139ec054394a53056d02f0d3657f1bc48481817d9e1a99951089bdbee201e7f632f43fc3d39f7d597b1ec2f21f43a8faaa35e861e67b6c0bebf5e76a88c7b55a5f70a8931d8639651db96c0f507f6b70097a3e88984d3395169798c9931ba659b8d43fa1c560f9d1e06e14ecf97d8386989acf94fd0841c4f9171ba71a44feebfc7b7b2bf6729502f9aa8b0d35b4089ee83910178ecd45c59e722080b063d5f9fbaee60a9366d8d9f24f299423a5fcdeb9483307d19e7575b37f5f36546f4cb88ce8d95b7e991c11a66b22237d16ac6ead27a45314fc1a6e5cdd615b01df12e6ea31801f36659c0f045d3bd950fdfd31083d09e36e097054b657c0f10533ae8d33d817a1a4257b672837fe0448ad14622ec1be23e30ca166857b6a79b35b0b0673c79f5a27d238b41ff154ac6fb6a873f81b26da11c9764462f4814f60ab224a885ea41308abd053df80c7216be97a67a9573781ea99f940a27a86f90543b7348ce18bb53420c86563af7c6a0645de1782f71a45ef629ac36176e5697841dda054a9a89c4c8cc56a79fabcf31879a378c7b886c1c1e48b0b595fc5118957df18e7592638510a670c09f17334f29433e4500884a4c7728d6b8f2c99c31df00853853c0b8c377f6a665212e1349be955c1ddee778bb092bc8b2f2d451236432fbe4a9e4389912c1457d624de8cdaf9dd9ab969a87ca57805bdc7dcbabb229f77613b275ad8c1451648e227a288f3060bff90da8a6f50c57f9a902393e52a498d90e06891ef9bbdf9531aa2e4e4d982f5c79cf5a492162188fb8e1b439baf487309964dcc54c2edb62a68c4d9b0f19e551a134c9f42d4f057c9d4808ded424c618d056aac70cb3d9e6743934eec7820073cb50e5f2acfcdb5d8ee206d5f6ced3b100bc1bbede56cbc15e2246905ad203c87d53c0b8e17b998b05f606545bacdd303e9704ca448fa49a9c5c56e1691f5c8e99326e1bf85859f7ea3a2bb074f98edecb890a94a04c1446ddaa4189341a076a1ee55d009957843647d6ebafb7999d4513d591a6efe4594b536bb3a7bc73fe118f75bb5d257d7f1b3c9f7a58ef0b0f3d8489f743be37d52f70cf170de601e7d31aa6e2e2c7736bbc9c7425ef6f83fbf98e8693508086dd72606b34711fcd6b83bb885bca6ebb52b56317cfde6c4ec69dff91c15dbf7b3308d58caf49399ad7a7c46a0303b5d33426c8229b6dfe39f2b89f32bee44684f577f01d384d69a57af904ec48e8f7d6ca424e2ad0c014784267b04546986fc0781d5ca43cddc151561342c329bcdb75bb11e0a6473cab1cf6ac4e67a4f1439e80c77312781d12e35357d5a20f1363d413beb244bbf7359492954ca1edb15df4eea022d200dc24c2eb06fe3d3d599ad9f84a5e4c00d90d51f40cb4b96f11d955ae3bc5e3a62d3751d129c0ac31adb528950ed14fbcdc3d3a657c9711e9307dcbfe3fba53d2c9722239443e1cd443bae70e9e223a6b58dce6971036db6fb66abe29c0edca876f9e04d019d865ff5e59ac4f807544bc67d542b9502d9fb0f4dd2ff0d027b0f08d8e0a1862348a199bb53fd71f76913851632110fb6a3a179f181737b249424b2aae6ef9fbb647d9a3e0ae8eae8a395b8ae1f28e790f8e0b3294c77c0bec6c792e6843c4bc371a8e780a7850310f00dde7d24891ef881f9865dba6e861ae3e415656907ea7e1186bd240491b2e1f7bf14c41e90c23be80691bc74dca97e7e723838946186df632948aae39527d9239a8079b0883fbb309fc1bb0669b467c94ec6bbb111a61607562509d62d0b421cc47f1ca14920fb0c566762d69b3216b383115fb99b90ebef53dd198c7b3d879d61447c3010104dd48b1748fcf2dec3863c3af62e450a5f593dbf90deef46197c97a4f093b59f3ef6a1cdf32b2f7a2fc28ec78dbc36448d5d8ecd6725c4b3d6f9209ef889d37acec3bddd7c38a6f47ee9daf1e534b042b925d2cef1273c3d4266f31aaae9a58787259986a3ace10ef09ceba6b585d7639f15b4879fdf77cdf13ac4ae56d2ee1c45df8784df33d7125bdae5a1782a9f056598b134e490fcda084399c3f8059490ddaaffca25735c11b4b47c95af1bcd2011ff76960f2918018b2b8b747fbcbbdd8a34ccb045b2656bf11cf176958f11bc6beecc6c7916b788bfcb3d18778a1cd68d90576b5ff2e3a53c6a9d95ae51d6c77b1cfd8ca5a41187566172f76ba8e3f05a09ca69bd68777e6aa8aa2391aae07ff420aa24c5e88198c38394cd0f156e1055f64a5a55ebc2aba553de6a1a0da551a902117c207d7c1c8f2b90529a341400b6abf096a92608bf581426b8c11c1d175b9c07f98bed218818259e68c04fa6b4af6f20387ad3c34a19eaddecfaf8eb430ee71b7f2067a5e8623c6268fbe01bd93d9b25025a9fec7a4900439d8ef8581264e67842d7dca5cf7c6f60fbd4893a55a90612a2b5570b216f2cf543a9e8a450f45b443ed40e5e44b5496d2ab4d8035d19f2b3a0e287e9d6c853bd71f8bc087e4e331b4d58cbb5755cfffb6e9b1fad093d64742a27e79dd26ca3e0a2817e759ae8134d7b6ff0a4c49dfb7f62b33e1411b082adba00824d8f06c999aa8bcd2fc2538452754c528f50a1052824d319e99cb093e2652a2f9ce96111494f7e21bc8417ac1b543182f605c769d3fb0c642ea05dff6a7452bcaf92cf123cef0b35c4ffef09890a232563905cb958a2e8d12c6aebe6b450f67ecce50f545f94960559060dec2eb1176919ddc7b18fcd7faf982a39afb50eab4fe2d4abf103f0253125a836cc688c271e52c373699f3b26617227d522c4f47a7ed023b95660453084cbf37a7bd503c9f2954e886247a02d4e702c768ee1e7eab51d4ee1a0f022b08c3ca373ce7a52805a54da118d011443e7d84d5dd6b7fa8130de115041a073993b2412a2ef9859ba23c2a6160666d9a8160e5244e7dd73efcc01597919912f7d815f26112718bde31984d9bb913d196747aab9f620359828b1bd816c927bbeb3e4d6558a7cff5b7ce2b75bb59f29c1da9af849156f177a461428336f65ff814de22ba9bc5a8c1018644306f4410aa898ee251e09ba7246729aa3ce3807dcea4dc950208b960a793878168f69a4226faa0515affd5847839cd915bf30a61ba9db2400412d4b2cd58c276c71ff3b449d243a31db54276212b230deaad79a2260584479cec3dd1b4fe29c07e94857bf2194d7397a629bb44fd78d3dae38654f419919927e14910e014f8f9e808a4408eb03cc66793e98d0d4f16cd49edb542b900d9cf93d34d6188fd726005a80b03c75fcd390cd19b4924eb0c64531d30c4a0fc24c6703ad8926b2814d11b6a2e644450781de7818c5c7fb44cdef4d2c790335d66fc6f9ec126d8d63de271980670117dd61ee14b9ffa626421ab423ff9642ab3f4f35e15d63ea876bebd8c52eefc8b2bf61f4db2b6a148c9366f449cf8dec9675c7b179a35c30be9802eb45d3612caf04366501b46efb35a8d56178a0b3f4a091668a2d5b18ac790693dedc2804a2280d09c55e4197bf7f913bb93c843c2b4fd3e83921e4dd32853716c03b63303c0a3285af64b4772e11ceae82173da8ec5626eede4667914ccbb9f16a045fc733cff13143cb2ec9a0b951326449718e342e1d29749d46a725f8f3433048077b8f52f17fc3ce5ff8ca930da74ab9b1e1f66df9c8c60b49efb85b414614cd941aac775e3279dd918f7110679f9bf2579309f4d2442452469217475599a800da2e8e471dafbd23cfa30deebe41ef775a21db9a52", 0x1000}, {&(0x7f00000010c0)="035258614a04c0ca2a656feac14ea27ac93bd6d9536d4451debf1e45331f8706024427f8a5173fafdb0ca753dd1f80a79ad9f45870568357d84f1fe094da8cf07db3c9781760311717ca74ce3b8ab09f9c7393f28d2fc64e422885ef0b39b282b8cda7d8e3d541ad7e8fe4c33ef90743db5723a520dbe5f942401a8ad483a63bfabff0678ae53decbb6018965b3c9ddb", 0x90}], 0x2, &(0x7f0000002140)=ANY=[@ANYBLOB="11000000000000000000000001000000030000000000000014000000000000000000000002000000000200000000000044000000000000000000000007ac1414aaac1414aa00000000000000007f0000014414d4f37f000001000000077f00000100000004000000000014000000000000000000000001000000800000000000000000005dcbad83ebd464b006e3df740055f8c3567b7b4217d86aeb64df32e31295046d963f9ab6265f2d81c7e711c7f62599260eca259a74b9feb513f298498624105296ae961c443702c0eb3448da614d6b22b8d3b55c500e64d906172314c500527e86fa0000be027a0b970d84946586122b63f908794f84f94d00"/266, @ANYRES32=r2, @ANYBLOB="ac1414430a01010100000000a8000000000000000000000007000000890f59ac1414bbac1414bb0a010102444cec21ac1414bbffffffb4ac141425000008d9ac1e0101000000040000000000000001ac1414aa00000100ac14143b00000001e000000100000006e000000100000a0bac141427000000090100863b00000001020db408d6d931689af929a0b0000ef72ef2eeea0c52381f350e6d07055bb22c050d79aabbf3c9f880548254150206571059e20702"], 0x158}, 0x800) open(&(0x7f0000002340)='./file0\x00', 0x4ac80, 0xb2) 19:44:46 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:44:46 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x8, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1462.803021] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1462.804265] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1462.805187] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1462.806100] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1462.807070] blk_print_req_error: 105 callbacks suppressed [ 1462.807087] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1462.814122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.815118] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.816216] buffer_io_error: 118 callbacks suppressed [ 1462.816231] Buffer I/O error on dev sr0, logical block 0, async page read [ 1462.822148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.823186] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.824327] Buffer I/O error on dev sr0, logical block 1, async page read [ 1462.826041] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.827128] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.828247] Buffer I/O error on dev sr0, logical block 2, async page read [ 1462.829930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.830869] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.831963] Buffer I/O error on dev sr0, logical block 3, async page read [ 1462.840309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.841141] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.842287] Buffer I/O error on dev sr0, logical block 4, async page read 19:44:46 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) signalfd4(r0, &(0x7f0000000000)={[0xffffffffffffff60]}, 0x8, 0x80000) [ 1462.858568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.858963] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.859633] Buffer I/O error on dev sr0, logical block 5, async page read [ 1462.860582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.860945] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.861545] Buffer I/O error on dev sr0, logical block 6, async page read [ 1462.862210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1462.862607] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1462.863142] Buffer I/O error on dev sr0, logical block 7, async page read 19:45:00 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x9, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:00 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:00 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92fa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:00 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 51) 19:45:00 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:00 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 49) 19:45:00 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, 0x0, 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:00 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000000c0)={'security\x00', 0x0, [0xff800000, 0xba, 0x4ed7af4b, 0x8, 0xffff]}, &(0x7f0000000040)=0x54) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 1477.537620] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1477.538631] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1477.539212] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1477.539693] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1477.540183] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2 [ 1477.543009] FAULT_INJECTION: forcing a failure. [ 1477.543009] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.543860] CPU: 1 PID: 8720 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1477.544408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.544954] Call Trace: [ 1477.545153] [ 1477.545313] dump_stack_lvl+0xc1/0xf0 [ 1477.545587] should_fail_ex+0x4b4/0x5b0 [ 1477.545879] ? __kernfs_new_node+0xd4/0x870 [ 1477.546186] should_failslab+0x9/0x20 [ 1477.546474] kmem_cache_alloc+0x5a/0x390 [ 1477.546770] ? __lock_acquire+0x1936/0x63b0 [ 1477.547073] __kernfs_new_node+0xd4/0x870 [ 1477.547370] ? __pfx___kernfs_new_node+0x10/0x10 [ 1477.547704] ? legacy_get_tree+0x109/0x220 [ 1477.548013] ? __pfx___lock_acquire+0x10/0x10 [ 1477.548326] ? lock_acquire+0x19a/0x4c0 [ 1477.548606] ? find_held_lock+0x2c/0x110 [ 1477.548902] kernfs_create_dir_ns+0xa0/0x230 [ 1477.549217] sysfs_create_dir_ns+0x12b/0x2a0 [ 1477.549540] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1477.549921] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1477.550267] ? do_raw_spin_unlock+0x53/0x220 [ 1477.550585] kobject_add_internal+0x24c/0x9b0 [ 1477.550910] kobject_init_and_add+0x101/0x170 [ 1477.551220] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1477.551564] ? up_write+0x196/0x510 [ 1477.551838] sysfs_slab_add+0x178/0x220 [ 1477.552120] __kmem_cache_create+0x1fe/0x610 [ 1477.552437] kmem_cache_create_usercopy+0x218/0x340 [ 1477.552797] p9_client_create+0xd0b/0x1260 [ 1477.553099] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.553456] ? __pfx_p9_client_create+0x10/0x10 [ 1477.553792] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1477.554136] ? lockdep_init_map_type+0x21e/0x7e0 [ 1477.554472] ? __kasan_kmalloc+0x7f/0x90 [ 1477.554768] ? __raw_spin_lock_init+0x3a/0x110 [ 1477.555090] v9fs_session_init+0x1e1/0x1760 [ 1477.555394] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1477.555816] ? __pfx_v9fs_session_init+0x10/0x10 [ 1477.556148] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.556516] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1477.556856] ? v9fs_mount+0x9e/0xbc0 [ 1477.557132] v9fs_mount+0xbd/0xbc0 [ 1477.557388] ? legacy_init_fs_context+0x44/0xe0 [ 1477.557738] ? __pfx_v9fs_mount+0x10/0x10 [ 1477.558035] ? cap_capable+0x1be/0x220 [ 1477.558327] ? __pfx_v9fs_mount+0x10/0x10 [ 1477.558621] legacy_get_tree+0x109/0x220 [ 1477.558914] vfs_get_tree+0x92/0x360 [ 1477.559186] path_mount+0x1335/0x1e40 [ 1477.559466] ? kasan_quarantine_put+0x81/0x1d0 [ 1477.559793] ? __pfx_path_mount+0x10/0x10 [ 1477.560089] ? putname+0x102/0x140 [ 1477.560363] ? kmem_cache_free+0xff/0x4a0 [ 1477.560671] ? putname+0x102/0x140 [ 1477.560941] __x64_sys_mount+0x286/0x310 [ 1477.561230] ? __pfx___x64_sys_mount+0x10/0x10 [ 1477.561557] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.561934] do_syscall_64+0x3f/0x90 [ 1477.562201] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1477.562566] RIP: 0033:0x7fb465b78b19 [ 1477.562824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.564001] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1477.564504] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1477.564971] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1477.565442] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1477.565939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.566414] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1477.566895] [ 1477.567097] kobject: kobject_add_internal failed for 9p-fcall-cache (error: -12 parent: slab) [ 1477.567743] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1477.568210] CPU: 1 PID: 8720 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1477.568754] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.569290] Call Trace: [ 1477.569469] [ 1477.569642] dump_stack_lvl+0xc1/0xf0 [ 1477.569913] kmem_cache_create_usercopy+0x12b/0x340 [ 1477.570274] p9_client_create+0xd0b/0x1260 [ 1477.570590] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.570954] ? __pfx_p9_client_create+0x10/0x10 [ 1477.571278] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1477.571621] ? lockdep_init_map_type+0x21e/0x7e0 [ 1477.571946] ? __kasan_kmalloc+0x7f/0x90 [ 1477.572240] ? __raw_spin_lock_init+0x3a/0x110 [ 1477.572568] v9fs_session_init+0x1e1/0x1760 [ 1477.572875] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1477.573278] ? __pfx_v9fs_session_init+0x10/0x10 [ 1477.573622] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.573982] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1477.574240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.574320] ? v9fs_mount+0x9e/0xbc0 [ 1477.574353] v9fs_mount+0xbd/0xbc0 [ 1477.574375] ? legacy_init_fs_context+0x44/0xe0 [ 1477.575047] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.575266] ? __pfx_v9fs_mount+0x10/0x10 [ 1477.575747] Buffer I/O error on dev sr0, logical block 0, async page read [ 1477.576002] ? cap_capable+0x1be/0x220 [ 1477.577958] ? __pfx_v9fs_mount+0x10/0x10 [ 1477.578272] legacy_get_tree+0x109/0x220 [ 1477.578586] vfs_get_tree+0x92/0x360 [ 1477.578874] path_mount+0x1335/0x1e40 [ 1477.579148] ? kasan_quarantine_put+0x81/0x1d0 [ 1477.579483] ? __pfx_path_mount+0x10/0x10 [ 1477.579774] ? putname+0x102/0x140 [ 1477.580046] ? kmem_cache_free+0xff/0x4a0 [ 1477.580338] ? putname+0x102/0x140 [ 1477.580616] __x64_sys_mount+0x286/0x310 [ 1477.580905] ? __pfx___x64_sys_mount+0x10/0x10 [ 1477.581258] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.581632] do_syscall_64+0x3f/0x90 [ 1477.581917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1477.582273] RIP: 0033:0x7fb465b78b19 [ 1477.582545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.583730] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1477.584268] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1477.584742] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1477.585251] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1477.585755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.586263] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1477.586797] [ 1477.587953] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.590157] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.591259] Buffer I/O error on dev sr0, logical block 1, async page read [ 1477.594403] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.595159] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.596279] Buffer I/O error on dev sr0, logical block 2, async page read [ 1477.597740] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.598831] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.599979] Buffer I/O error on dev sr0, logical block 3, async page read [ 1477.601756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.602527] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.603598] Buffer I/O error on dev sr0, logical block 4, async page read [ 1477.605030] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.605821] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.607776] Buffer I/O error on dev sr0, logical block 5, async page read [ 1477.610731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.611761] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.612860] Buffer I/O error on dev sr0, logical block 6, async page read [ 1477.614285] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.615086] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1477.616303] Buffer I/O error on dev sr0, logical block 7, async page read 19:45:01 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0xa, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:01 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 1) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:01 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92fb, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:01 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$nl_audit(0x10, 0x3, 0x9) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:45:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1477.763008] FAULT_INJECTION: forcing a failure. [ 1477.763008] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.763850] CPU: 1 PID: 8736 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1477.764606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.765348] Call Trace: [ 1477.765533] [ 1477.765706] dump_stack_lvl+0xc1/0xf0 [ 1477.765988] should_fail_ex+0x4b4/0x5b0 [ 1477.766272] should_failslab+0x9/0x20 [ 1477.766550] __kmem_cache_alloc_node+0x5b/0x310 [ 1477.766886] ? alloc_pipe_info+0x10e/0x590 [ 1477.767196] kmalloc_trace+0x26/0xc0 [ 1477.767458] alloc_pipe_info+0x10e/0x590 [ 1477.767742] splice_direct_to_actor+0x6e6/0x8c0 [ 1477.768071] ? __pfx_direct_splice_actor+0x10/0x10 [ 1477.768408] ? inode_security+0x105/0x140 [ 1477.768684] ? selinux_file_permission+0x96/0x510 [ 1477.769025] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1477.769388] ? security_file_permission+0xb5/0xe0 [ 1477.769733] do_splice_direct+0x1bc/0x290 [ 1477.770027] ? __pfx_do_splice_direct+0x10/0x10 [ 1477.770363] ? lock_is_held_type+0x9f/0x120 [ 1477.770665] do_sendfile+0xb1d/0x12b0 [ 1477.770938] ? __pfx_do_sendfile+0x10/0x10 [ 1477.771224] __x64_sys_sendfile64+0x1d5/0x210 [ 1477.771546] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1477.771871] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1477.772243] do_syscall_64+0x3f/0x90 [ 1477.772497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1477.772861] RIP: 0033:0x7fa70ac2ab19 [ 1477.773100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.774300] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1477.774807] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1477.775283] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1477.775753] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.776260] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000001 [ 1477.776734] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1477.777227] 19:45:01 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0xb, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:01 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 50) [ 1477.838860] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s 19:45:01 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 52) [ 1477.839860] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1477.840413] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1477.840837] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1477.841287] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1477.842326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.842734] Buffer I/O error on dev sr0, logical block 0, async page read [ 1477.843413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.843757] Buffer I/O error on dev sr0, logical block 1, async page read [ 1477.844724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.845267] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.845868] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.846551] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.847864] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.848588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.849155] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.850922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.852005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.852584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.854613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.855282] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.856418] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.857755] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.859290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.860536] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.861102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.861695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.862255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.863055] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.864079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.864642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.865252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.866306] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.866862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.867432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.867939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.868568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.874468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.874991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.875730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.876597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.877142] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.879113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.880166] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.881288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.881969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.883055] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.883878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.886263] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.887741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.888965] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.891725] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.899027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.906101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.916092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1477.992921] FAULT_INJECTION: forcing a failure. [ 1477.992921] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.994031] CPU: 0 PID: 8751 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1477.994728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.995430] Call Trace: [ 1477.995663] [ 1477.995871] dump_stack_lvl+0xc1/0xf0 [ 1477.996232] should_fail_ex+0x4b4/0x5b0 [ 1477.996601] ? __kernfs_new_node+0xd4/0x870 [ 1477.996987] should_failslab+0x9/0x20 [ 1477.997339] kmem_cache_alloc+0x5a/0x390 [ 1477.997718] ? __lock_acquire+0x1936/0x63b0 [ 1477.998108] __kernfs_new_node+0xd4/0x870 [ 1477.998482] ? __pfx___kernfs_new_node+0x10/0x10 [ 1477.998898] ? __lock_acquire+0x1936/0x63b0 [ 1477.999304] kernfs_create_dir_ns+0xa0/0x230 [ 1477.999710] sysfs_create_dir_ns+0x12b/0x2a0 [ 1478.000115] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1478.000560] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1478.000983] ? do_raw_spin_unlock+0x53/0x220 [ 1478.001388] kobject_add_internal+0x24c/0x9b0 [ 1478.001825] kobject_init_and_add+0x101/0x170 [ 1478.002224] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1478.002672] ? up_write+0x196/0x510 [ 1478.003002] ? kernfs_find_ns+0x2d9/0x3e0 [ 1478.003375] sysfs_slab_add+0x178/0x220 [ 1478.003733] __kmem_cache_create+0x1fe/0x610 [ 1478.004139] kmem_cache_create_usercopy+0x218/0x340 [ 1478.004592] p9_client_create+0xd0b/0x1260 [ 1478.004977] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1478.005438] ? __pfx_p9_client_create+0x10/0x10 [ 1478.005869] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1478.006305] ? lockdep_init_map_type+0x21e/0x7e0 [ 1478.006726] ? __kasan_kmalloc+0x7f/0x90 [ 1478.007092] ? __raw_spin_lock_init+0x3a/0x110 [ 1478.007514] v9fs_session_init+0x1e1/0x1760 [ 1478.007904] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1478.008390] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1478.008878] ? __pfx_v9fs_session_init+0x10/0x10 [ 1478.009298] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 1478.009762] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1478.010201] ? v9fs_mount+0x9e/0xbc0 [ 1478.010560] v9fs_mount+0xbd/0xbc0 [ 1478.010888] ? legacy_init_fs_context+0x44/0xe0 [ 1478.011305] ? __pfx_v9fs_mount+0x10/0x10 [ 1478.011679] ? cap_capable+0x1be/0x220 [ 1478.012035] ? __pfx_v9fs_mount+0x10/0x10 [ 1478.012418] legacy_get_tree+0x109/0x220 [ 1478.012787] vfs_get_tree+0x92/0x360 [ 1478.013131] path_mount+0x1335/0x1e40 [ 1478.013481] ? kasan_quarantine_put+0x81/0x1d0 [ 1478.013900] ? __pfx_path_mount+0x10/0x10 [ 1478.014273] ? putname+0x102/0x140 [ 1478.014611] ? kmem_cache_free+0xff/0x4a0 [ 1478.014985] ? putname+0x102/0x140 [ 1478.015324] __x64_sys_mount+0x286/0x310 [ 1478.015692] ? __pfx___x64_sys_mount+0x10/0x10 [ 1478.016113] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1478.016579] do_syscall_64+0x3f/0x90 [ 1478.016922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1478.017372] RIP: 0033:0x7fbf7ca8bb19 [ 1478.017726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1478.019242] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1478.019897] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1478.020505] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1478.021113] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1478.021724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1478.022330] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1478.022958] [ 1478.023216] kobject: kobject_add_internal failed for 9p-fcall-cache (error: -12 parent: slab) [ 1478.023996] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1478.024617] CPU: 0 PID: 8751 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1478.025313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1478.026025] Call Trace: [ 1478.026253] [ 1478.026458] dump_stack_lvl+0xc1/0xf0 [ 1478.026806] kmem_cache_create_usercopy+0x12b/0x340 [ 1478.027247] p9_client_create+0xd0b/0x1260 [ 1478.027638] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1478.028098] ? __pfx_p9_client_create+0x10/0x10 [ 1478.028520] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1478.028962] ? lockdep_init_map_type+0x21e/0x7e0 [ 1478.029386] ? __kasan_kmalloc+0x7f/0x90 [ 1478.029764] ? __raw_spin_lock_init+0x3a/0x110 [ 1478.030190] v9fs_session_init+0x1e1/0x1760 [ 1478.030583] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1478.031056] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1478.031543] ? __pfx_v9fs_session_init+0x10/0x10 [ 1478.031964] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 1478.032419] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1478.032855] ? v9fs_mount+0x9e/0xbc0 [ 1478.033205] v9fs_mount+0xbd/0xbc0 [ 1478.033537] ? legacy_init_fs_context+0x44/0xe0 [ 1478.033971] ? __pfx_v9fs_mount+0x10/0x10 [ 1478.034349] ? cap_capable+0x1be/0x220 [ 1478.034711] ? __pfx_v9fs_mount+0x10/0x10 [ 1478.035082] legacy_get_tree+0x109/0x220 [ 1478.035456] vfs_get_tree+0x92/0x360 [ 1478.035801] path_mount+0x1335/0x1e40 [ 1478.036154] ? kasan_quarantine_put+0x81/0x1d0 [ 1478.036564] ? __pfx_path_mount+0x10/0x10 [ 1478.036943] ? putname+0x102/0x140 [ 1478.037275] ? kmem_cache_free+0xff/0x4a0 [ 1478.037666] ? putname+0x102/0x140 [ 1478.038010] __x64_sys_mount+0x286/0x310 [ 1478.038382] ? __pfx___x64_sys_mount+0x10/0x10 [ 1478.038851] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1478.039317] do_syscall_64+0x3f/0x90 [ 1478.039655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1478.040113] RIP: 0033:0x7fbf7ca8bb19 [ 1478.040439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1478.041960] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1478.042611] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1478.043218] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1478.043825] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1478.044437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1478.045042] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1478.045674] 19:45:15 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92fc, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 53) 19:45:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 51) 19:45:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0xc, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:15 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 2) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:15 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x0, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0xb02, 0x1f8, 0x1c}, 0x18) pread64(r1, &(0x7f0000000100)=""/214, 0xd6, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x0) pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000000)="db", 0x1}], 0x1, 0x8001, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x100000b, 0x10, r2, 0x0) r4 = socket$inet6(0xa, 0x3, 0x7fffffff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000380)={{0x1, 0x1, 0x18, r4, {0xfffffffd}}, './file2\x00'}) syz_io_uring_submit(r3, 0x0, 0x0, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, &(0x7f00000003c0)={'raw\x00', 0xf9, "097485de53d689f28c0de9d591f2047fc866449df591a336cac4f3be9a783b303de22addcb73786bd9ffcce793d699aaa25e19b009ae98d05f615502a24d87eafd3fb5a7fd771ddfb95151d4c8040ef07a75cb40ae87f777dce33521767463b3b2e694ca5b1d4290003e9056fa9e27b641ab16daabd22021293d217e6a0ededb09c239a9f3bcf56976504a64a9211f93d9a27d5ec74a1feebd38fc3dfabeb7a01a99dfac9c171b6c58422293ade9e4ad26a9d4c5440b815f10a595fa51873b8a9aacbe586027b2a6de593d8c3088140b72bc40303cf603db59230e0592533fa6b5f9ca09398af82453e4dff93c0b446a33ca5742aaaa109b5d"}, &(0x7f0000000500)=0x11d) openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r5, &(0x7f0000001100)=""/4075, 0xfeb) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000540)={@mcast2, 0x1, 0x1, 0x0, 0xc, 0x8, 0x85b4}, 0x20) syz_io_uring_setup(0x56ba, &(0x7f0000000240)={0x0, 0x54f1, 0x1, 0x3, 0x95}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000300)=0x0, &(0x7f0000000340)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000d00)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffffff, &(0x7f0000000c80)={0x40043, 0x2, 0x1}, 0x0, 0x18, 0x0, 0xe220eb1c330c247b, {0x0, r7}}, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x4, 0x2007, @fd_index=0x3, 0x0, &(0x7f0000000200)="6d699f293555bfdbf96311290f731db5403bd61f5403e0e149f9eb8eb1c2c2c007d857f73b6aee", 0x27, 0x3, 0x0, {0x0, r7}}, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 1491.846209] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1491.847569] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1491.848486] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1491.849395] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1491.850379] blk_print_req_error: 48 callbacks suppressed [ 1491.850397] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1491.861164] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.861959] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.863575] buffer_io_error: 46 callbacks suppressed [ 1491.863592] Buffer I/O error on dev sr0, logical block 0, async page read [ 1491.863908] FAULT_INJECTION: forcing a failure. [ 1491.863908] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.866199] CPU: 0 PID: 8766 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1491.866966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.867217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.867951] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.868748] Call Trace: [ 1491.868757] [ 1491.868766] dump_stack_lvl+0xc1/0xf0 [ 1491.869815] Buffer I/O error on dev sr0, logical block 1, async page read [ 1491.870062] should_fail_ex+0x4b4/0x5b0 [ 1491.871936] ? __kernfs_new_node+0xd4/0x870 [ 1491.872060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.872402] should_failslab+0x9/0x20 [ 1491.872437] kmem_cache_alloc+0x5a/0x390 [ 1491.873124] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.873511] __kernfs_new_node+0xd4/0x870 [ 1491.873544] ? __pfx___kernfs_new_node+0x10/0x10 [ 1491.874065] Buffer I/O error on dev sr0, logical block 2, async page read [ 1491.874914] ? down_write+0x11a/0x1f0 [ 1491.876809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.877030] ? up_write+0x196/0x510 [ 1491.877765] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.878112] kernfs_new_node+0x97/0x120 [ 1491.879165] Buffer I/O error on dev sr0, logical block 3, async page read [ 1491.879542] __kernfs_create_file+0x55/0x350 [ 1491.881010] sysfs_add_file_mode_ns+0x21c/0x440 [ 1491.881076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.881547] ? __pfx_slab_attr_store+0x10/0x10 [ 1491.882309] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.882741] internal_create_group+0x322/0xb90 [ 1491.883828] Buffer I/O error on dev sr0, logical block 4, async page read [ 1491.884280] ? __pfx_internal_create_group+0x10/0x10 [ 1491.885772] ? up_write+0x196/0x510 [ 1491.885905] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.886222] sysfs_slab_add+0x18e/0x220 [ 1491.886961] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.887302] __kmem_cache_create+0x1fe/0x610 [ 1491.888373] Buffer I/O error on dev sr0, logical block 5, async page read [ 1491.888793] kmem_cache_create_usercopy+0x218/0x340 [ 1491.890252] p9_client_create+0xd0b/0x1260 [ 1491.890375] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.890733] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1491.891462] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.891938] ? __pfx_p9_client_create+0x10/0x10 [ 1491.892992] Buffer I/O error on dev sr0, logical block 6, async page read [ 1491.893449] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1491.894896] ? lockdep_init_map_type+0x21e/0x7e0 [ 1491.894989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.895407] ? __kasan_kmalloc+0x7f/0x90 [ 1491.895449] ? __raw_spin_lock_init+0x3a/0x110 [ 1491.896169] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.896541] v9fs_session_init+0x1e1/0x1760 [ 1491.897152] Buffer I/O error on dev sr0, logical block 7, async page read [ 1491.898163] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1491.900329] ? __pfx_v9fs_session_init+0x10/0x10 [ 1491.900940] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1491.901635] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1491.901850] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.902275] ? v9fs_mount+0x9e/0xbc0 [ 1491.903055] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1491.903465] v9fs_mount+0xbd/0xbc0 [ 1491.904564] Buffer I/O error on dev sr0, logical block 0, async page read [ 1491.904960] ? legacy_init_fs_context+0x44/0xe0 [ 1491.906480] ? __pfx_v9fs_mount+0x10/0x10 [ 1491.906813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.907015] ? cap_capable+0x1be/0x220 [ 1491.907711] Buffer I/O error on dev sr0, logical block 1, async page read [ 1491.908113] ? __pfx_v9fs_mount+0x10/0x10 [ 1491.909436] legacy_get_tree+0x109/0x220 [ 1491.909973] vfs_get_tree+0x92/0x360 [ 1491.910488] path_mount+0x1335/0x1e40 [ 1491.911013] ? kasan_quarantine_put+0x81/0x1d0 [ 1491.911033] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.911057] ? __pfx_path_mount+0x10/0x10 [ 1491.912743] ? putname+0x102/0x140 [ 1491.913221] ? kmem_cache_free+0xff/0x4a0 [ 1491.913760] ? putname+0x102/0x140 [ 1491.914285] __x64_sys_mount+0x286/0x310 [ 1491.914389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.914801] ? __pfx___x64_sys_mount+0x10/0x10 [ 1491.915952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.915984] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1491.917319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.917306] do_syscall_64+0x3f/0x90 [ 1491.917979] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1491.919090] RIP: 0033:0x7fbf7ca8bb19 [ 1491.919572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.921380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.921762] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1491.922930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.923327] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1491.923351] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1491.923372] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1491.926531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.926882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.927397] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1491.927442] [ 1491.929153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.936800] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.939937] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1491.940902] CPU: 1 PID: 8766 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1491.941970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.942946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.943602] Call Trace: [ 1491.943943] [ 1491.944043] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.944225] dump_stack_lvl+0xc1/0xf0 [ 1491.945356] kmem_cache_create_usercopy+0x12b/0x340 [ 1491.946011] p9_client_create+0xd0b/0x1260 [ 1491.946561] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1491.947220] ? __pfx_p9_client_create+0x10/0x10 [ 1491.947729] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.947811] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1491.949041] ? lockdep_init_map_type+0x21e/0x7e0 [ 1491.949647] ? __kasan_kmalloc+0x7f/0x90 [ 1491.950204] ? __raw_spin_lock_init+0x3a/0x110 [ 1491.950799] v9fs_session_init+0x1e1/0x1760 [ 1491.951185] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.951355] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1491.952759] ? __pfx_v9fs_session_init+0x10/0x10 [ 1491.953382] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1491.953744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.954070] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1491.955304] ? v9fs_mount+0x9e/0xbc0 [ 1491.955814] v9fs_mount+0xbd/0xbc0 [ 1491.956293] ? legacy_init_fs_context+0x44/0xe0 [ 1491.956917] ? __pfx_v9fs_mount+0x10/0x10 [ 1491.957466] ? cap_capable+0x1be/0x220 [ 1491.958012] ? __pfx_v9fs_mount+0x10/0x10 [ 1491.958559] legacy_get_tree+0x109/0x220 [ 1491.959116] vfs_get_tree+0x92/0x360 [ 1491.959624] path_mount+0x1335/0x1e40 [ 1491.960150] ? kasan_quarantine_put+0x81/0x1d0 [ 1491.960755] ? __pfx_path_mount+0x10/0x10 [ 1491.961303] ? putname+0x102/0x140 [ 1491.961809] ? kmem_cache_free+0xff/0x4a0 [ 1491.962362] ? putname+0x102/0x140 [ 1491.962865] __x64_sys_mount+0x286/0x310 [ 1491.963098] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.963396] ? __pfx___x64_sys_mount+0x10/0x10 [ 1491.964664] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1491.965337] do_syscall_64+0x3f/0x90 [ 1491.965848] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1491.966529] RIP: 0033:0x7fbf7ca8bb19 [ 1491.966824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.967009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.970071] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1491.971032] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1491.971933] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1491.972824] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1491.973202] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1491.973707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.973729] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1491.973770] 19:45:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0xd, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1492.005421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.009934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.015436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.030000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.032154] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:45:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92fd, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:15 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto(r0, &(0x7f00000000c0)="0d28daa58c0e11bb1082bab4585f9bd1aa78c4b26ce27947b888340b5c7fe707be4cbfb51212a4fec849af629261802d212edaf8fffdfe2d27d9836fc88e5c42041cca2a27c03602e495f7b4bf4f1840a9fca2af3a79b93863a2fd731ab823c970d83e9203828bf2293c3d", 0x6b, 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') sendmmsg$sock(r1, &(0x7f0000000540)=[{{&(0x7f0000000240)=@qipcrtr={0x2a, 0x2, 0x4000}, 0x80, &(0x7f0000000480)=[{&(0x7f00000002c0)="116ed9192dc98ece4fb5bb24b7eb61f46f9ef5dd4a80b9c9ec4b8764579d583a14271dbcb12a925bda2cee75673695e3a2da0d883e9b702968784d023f22ea2409bf55a1b8ea69c1e3054ef9eaee1027b2b98d927120deedc9cd6c764aa1765f1ccd351e0b96646f58f478f8eb15d73504dd2ac160a3f035a4dc6267df3a608593fb535ede4e4b62e8845b0ff596ccebdcc4d117b09a969f5c77eee85b73cfbbb7c5facd66bec3ca87cfdbe6823f93283c010a7eef7e22c8e7775b21be0a54566c99a9d84aa4842e0ed53b8e41b64ab833f37309804469", 0xd7}, {&(0x7f0000000180)="b8aa7ec52f72fcc1ccc797ddcfb873909a39fa4294fd679fd22d42c8f6da781617c6fb2419acd846cd87dd", 0x2b}, {&(0x7f00000003c0)="82d6e853a5803547a112f00da07db97e1f70f7cd11687913a1499dadf3ab1d4c016623fc908bf758f90746c367211a4c662fa5df9e2d1a3b1dadb6dc03f7f2c441db059b023a2c5ac648b303e055822756f6ed230ea4f6224d0716ea2e24701eee0240727c4067f2b9049725662db13da8ff8c8b9c37c6b2459347412c1c069bd95cea80c17ead55608995dbbbf5007da7b00598f271719ab5803e289fcba07b9ab5d8dc46", 0xa5}], 0x3, &(0x7f00000004c0)=[@txtime={{0x18, 0x1, 0x3d, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}], 0x48}}], 0x1, 0x20040004) read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000040)={@broadcast, @multicast2}, &(0x7f0000000140)=0xc) recvfrom(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)=@ieee802154={0x24, @short={0x2, 0xffff, 0xaaa0}}, 0x80) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:45:15 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 54) 19:45:15 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 52) 19:45:15 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x0, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0xe, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1492.235746] FAULT_INJECTION: forcing a failure. [ 1492.235746] name failslab, interval 1, probability 0, space 0, times 0 [ 1492.237134] CPU: 1 PID: 8782 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1492.238136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1492.239121] Call Trace: [ 1492.239447] [ 1492.239738] dump_stack_lvl+0xc1/0xf0 [ 1492.240240] should_fail_ex+0x4b4/0x5b0 [ 1492.240768] ? __kernfs_new_node+0xd4/0x870 [ 1492.241307] should_failslab+0x9/0x20 [ 1492.241823] kmem_cache_alloc+0x5a/0x390 [ 1492.242350] ? __pfx_lock_release+0x10/0x10 [ 1492.242907] __kernfs_new_node+0xd4/0x870 [ 1492.243445] ? __pfx___kernfs_new_node+0x10/0x10 [ 1492.244047] ? kernfs_add_one+0x17f/0x530 [ 1492.244594] kernfs_new_node+0x97/0x120 [ 1492.245123] __kernfs_create_file+0x55/0x350 [ 1492.245701] sysfs_add_file_mode_ns+0x21c/0x440 [ 1492.246318] ? __pfx_slab_attr_store+0x10/0x10 [ 1492.246920] internal_create_group+0x322/0xb90 [ 1492.247524] ? __pfx_internal_create_group+0x10/0x10 [ 1492.248178] ? up_write+0x196/0x510 [ 1492.248684] sysfs_slab_add+0x18e/0x220 [ 1492.249197] __kmem_cache_create+0x1fe/0x610 [ 1492.249804] kmem_cache_create_usercopy+0x218/0x340 [ 1492.250449] p9_client_create+0xd0b/0x1260 [ 1492.251000] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.251649] ? __pfx_p9_client_create+0x10/0x10 [ 1492.252239] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1492.252868] ? lockdep_init_map_type+0x21e/0x7e0 [ 1492.253482] ? __kasan_kmalloc+0x7f/0x90 [ 1492.254017] ? __raw_spin_lock_init+0x3a/0x110 [ 1492.254608] v9fs_session_init+0x1e1/0x1760 [ 1492.255160] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1492.255898] ? __pfx_v9fs_session_init+0x10/0x10 [ 1492.256512] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.257165] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1492.257793] ? v9fs_mount+0x9e/0xbc0 [ 1492.258307] v9fs_mount+0xbd/0xbc0 [ 1492.258780] ? legacy_init_fs_context+0x44/0xe0 [ 1492.259384] ? __pfx_v9fs_mount+0x10/0x10 [ 1492.259918] ? cap_capable+0x1be/0x220 [ 1492.260448] ? __pfx_v9fs_mount+0x10/0x10 [ 1492.260981] legacy_get_tree+0x109/0x220 [ 1492.261510] vfs_get_tree+0x92/0x360 [ 1492.262027] path_mount+0x1335/0x1e40 [ 1492.262533] ? kasan_quarantine_put+0x81/0x1d0 [ 1492.263119] ? __pfx_path_mount+0x10/0x10 [ 1492.263659] ? putname+0x102/0x140 [ 1492.264131] ? kmem_cache_free+0xff/0x4a0 [ 1492.264667] ? putname+0x102/0x140 [ 1492.265150] __x64_sys_mount+0x286/0x310 [ 1492.265684] ? __pfx___x64_sys_mount+0x10/0x10 [ 1492.266288] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.266942] do_syscall_64+0x3f/0x90 [ 1492.267431] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1492.268089] RIP: 0033:0x7fbf7ca8bb19 [ 1492.268549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1492.270699] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1492.271615] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1492.272469] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1492.273326] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1492.274181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1492.275039] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1492.275914] 19:45:15 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92fe, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1492.325438] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1492.326866] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1492.327723] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present 19:45:15 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1492.328560] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1492.330286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.331921] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.333103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.337296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.339094] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.340313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.341949] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.343120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.345303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.347053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.348247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.350051] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.352066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.353268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.355001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.356711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.359226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.360780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.364746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.367084] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.370304] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.372755] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.373999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1492.387802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:45:15 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 3) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1492.467713] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1492.468713] CPU: 0 PID: 8782 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1492.469717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1492.470732] Call Trace: [ 1492.471061] [ 1492.471354] dump_stack_lvl+0xc1/0xf0 [ 1492.471852] kmem_cache_create_usercopy+0x12b/0x340 [ 1492.472496] p9_client_create+0xd0b/0x1260 [ 1492.473056] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.473721] ? __pfx_p9_client_create+0x10/0x10 [ 1492.474336] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1492.474958] ? lockdep_init_map_type+0x21e/0x7e0 [ 1492.475564] ? __kasan_kmalloc+0x7f/0x90 [ 1492.476096] ? __raw_spin_lock_init+0x3a/0x110 [ 1492.476697] v9fs_session_init+0x1e1/0x1760 [ 1492.477259] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1492.478014] ? __pfx_v9fs_session_init+0x10/0x10 [ 1492.478614] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.479270] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1492.479884] ? v9fs_mount+0x9e/0xbc0 [ 1492.480377] v9fs_mount+0xbd/0xbc0 [ 1492.480838] ? legacy_init_fs_context+0x44/0xe0 [ 1492.481439] ? __pfx_v9fs_mount+0x10/0x10 [ 1492.481989] ? cap_capable+0x1be/0x220 [ 1492.482499] ? __pfx_v9fs_mount+0x10/0x10 [ 1492.483048] legacy_get_tree+0x109/0x220 [ 1492.483574] vfs_get_tree+0x92/0x360 [ 1492.484066] path_mount+0x1335/0x1e40 [ 1492.484561] ? kasan_quarantine_put+0x81/0x1d0 [ 1492.485142] ? __pfx_path_mount+0x10/0x10 [ 1492.485679] ? putname+0x102/0x140 [ 1492.486168] ? kmem_cache_free+0xff/0x4a0 [ 1492.486696] ? putname+0x102/0x140 [ 1492.487173] __x64_sys_mount+0x286/0x310 [ 1492.487697] ? __pfx___x64_sys_mount+0x10/0x10 [ 1492.488283] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.488931] do_syscall_64+0x3f/0x90 [ 1492.489413] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1492.490057] RIP: 0033:0x7fbf7ca8bb19 [ 1492.490518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1492.492632] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1492.493542] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1492.494411] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1492.495256] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1492.496101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1492.496945] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1492.497819] [ 1492.503303] FAULT_INJECTION: forcing a failure. [ 1492.503303] name failslab, interval 1, probability 0, space 0, times 0 [ 1492.505662] CPU: 0 PID: 8801 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1492.506647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1492.507617] Call Trace: [ 1492.507938] [ 1492.508228] dump_stack_lvl+0xc1/0xf0 [ 1492.508723] should_fail_ex+0x4b4/0x5b0 [ 1492.509240] should_failslab+0x9/0x20 [ 1492.509733] __kmem_cache_alloc_node+0x5b/0x310 [ 1492.510338] ? alloc_pipe_info+0x1e9/0x590 [ 1492.510867] ? alloc_pipe_info+0x10e/0x590 [ 1492.511405] ? alloc_pipe_info+0x1e9/0x590 [ 1492.511928] __kmalloc+0x4a/0x160 [ 1492.512385] alloc_pipe_info+0x1e9/0x590 [ 1492.512911] splice_direct_to_actor+0x6e6/0x8c0 [ 1492.513505] ? __pfx_direct_splice_actor+0x10/0x10 [ 1492.514144] ? inode_security+0x105/0x140 [ 1492.514680] ? selinux_file_permission+0x96/0x510 [ 1492.515291] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1492.515935] ? security_file_permission+0xb5/0xe0 [ 1492.516565] do_splice_direct+0x1bc/0x290 [ 1492.517098] ? __pfx_do_splice_direct+0x10/0x10 [ 1492.517700] ? lock_is_held_type+0x9f/0x120 [ 1492.518267] do_sendfile+0xb1d/0x12b0 [ 1492.518770] ? __pfx_do_sendfile+0x10/0x10 [ 1492.519312] __x64_sys_sendfile64+0x1d5/0x210 [ 1492.519887] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1492.520518] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1492.521169] do_syscall_64+0x3f/0x90 [ 1492.521654] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1492.522328] RIP: 0033:0x7fa70ac2ab19 [ 1492.522796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1492.524919] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1492.525841] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1492.526693] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1492.527547] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1492.528410] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000001 [ 1492.529276] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1492.530160] 19:45:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 55) 19:45:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 53) 19:45:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x92ff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x0, 0x3f, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0xf, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:28 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:28 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 4) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') r2 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r2, &(0x7f0000001100)=""/4075, 0xfeb) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000002100)={0x1}, 0x4) read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) getsockopt$sock_buf(r1, 0x1, 0x1c, &(0x7f00000000c0)=""/4096, &(0x7f0000000040)=0x1000) [ 1505.095589] FAULT_INJECTION: forcing a failure. [ 1505.095589] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.096592] CPU: 1 PID: 8822 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1505.097350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.097943] Call Trace: [ 1505.098170] [ 1505.098361] dump_stack_lvl+0xc1/0xf0 [ 1505.098665] should_fail_ex+0x4b4/0x5b0 [ 1505.098977] ? __kernfs_new_node+0xd4/0x870 [ 1505.099310] should_failslab+0x9/0x20 [ 1505.099616] kmem_cache_alloc+0x5a/0x390 [ 1505.099988] ? __pfx_lock_release+0x10/0x10 [ 1505.100409] __kernfs_new_node+0xd4/0x870 [ 1505.100730] ? __pfx___kernfs_new_node+0x10/0x10 [ 1505.101103] ? kernfs_add_one+0x17f/0x530 [ 1505.101436] kernfs_new_node+0x97/0x120 [ 1505.101750] __kernfs_create_file+0x55/0x350 [ 1505.102110] sysfs_add_file_mode_ns+0x21c/0x440 [ 1505.102482] ? __pfx_slab_attr_store+0x10/0x10 [ 1505.102846] internal_create_group+0x322/0xb90 [ 1505.103205] ? __pfx_internal_create_group+0x10/0x10 [ 1505.103585] ? up_write+0x196/0x510 [ 1505.103895] sysfs_slab_add+0x18e/0x220 [ 1505.104212] __kmem_cache_create+0x1fe/0x610 [ 1505.104567] kmem_cache_create_usercopy+0x218/0x340 [ 1505.104951] p9_client_create+0xd0b/0x1260 [ 1505.105283] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.105683] ? __pfx_p9_client_create+0x10/0x10 [ 1505.106051] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.106444] ? lockdep_init_map_type+0x21e/0x7e0 [ 1505.106807] ? __kasan_kmalloc+0x7f/0x90 [ 1505.107123] ? __raw_spin_lock_init+0x3a/0x110 [ 1505.107489] v9fs_session_init+0x1e1/0x1760 [ 1505.107828] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1505.108294] ? __pfx_v9fs_session_init+0x10/0x10 [ 1505.108666] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.109062] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.109438] ? v9fs_mount+0x9e/0xbc0 [ 1505.109742] v9fs_mount+0xbd/0xbc0 [ 1505.110030] ? legacy_init_fs_context+0x44/0xe0 [ 1505.110399] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.110717] ? cap_capable+0x1be/0x220 [ 1505.111019] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.111352] legacy_get_tree+0x109/0x220 [ 1505.111672] vfs_get_tree+0x92/0x360 [ 1505.111969] path_mount+0x1335/0x1e40 [ 1505.112297] ? kasan_quarantine_put+0x81/0x1d0 [ 1505.112647] ? __pfx_path_mount+0x10/0x10 [ 1505.112967] ? putname+0x102/0x140 [ 1505.113259] ? kmem_cache_free+0xff/0x4a0 [ 1505.113575] ? putname+0x102/0x140 [ 1505.113862] __x64_sys_mount+0x286/0x310 [ 1505.114199] ? __pfx___x64_sys_mount+0x10/0x10 [ 1505.114560] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.114948] do_syscall_64+0x3f/0x90 [ 1505.115246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1505.115631] RIP: 0033:0x7fbf7ca8bb19 [ 1505.115911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.117230] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1505.117778] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1505.118377] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 19:45:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 54) [ 1505.119027] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1505.119847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 19:45:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9300, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1505.120496] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1505.121286] 19:45:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x10, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1505.146099] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1505.147094] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1505.147763] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1505.148395] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1505.149063] blk_print_req_error: 48 callbacks suppressed [ 1505.149075] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 2 [ 1505.152002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.152434] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.153008] buffer_io_error: 46 callbacks suppressed [ 1505.153016] Buffer I/O error on dev sr0, logical block 0, async page read [ 1505.155266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.155726] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.156312] Buffer I/O error on dev sr0, logical block 1, async page read [ 1505.157735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.158170] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.158781] Buffer I/O error on dev sr0, logical block 2, async page read [ 1505.159897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.160278] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.160897] Buffer I/O error on dev sr0, logical block 3, async page read [ 1505.161611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.162010] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.162674] Buffer I/O error on dev sr0, logical block 4, async page read [ 1505.163372] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.163766] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.164366] Buffer I/O error on dev sr0, logical block 5, async page read [ 1505.165089] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.165525] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.166112] Buffer I/O error on dev sr0, logical block 6, async page read [ 1505.167262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.167680] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.168276] Buffer I/O error on dev sr0, logical block 7, async page read [ 1505.169192] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.169702] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1505.170290] Buffer I/O error on dev sr0, logical block 0, async page read [ 1505.171000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.171409] Buffer I/O error on dev sr0, logical block 1, async page read [ 1505.172116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.172735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.173590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.174160] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.174923] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.175866] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.176803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.177577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.178273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.178943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.179650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.180260] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.183999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.186077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.187037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.189180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.189917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.191000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.193040] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.193714] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.194280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.195221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.198212] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1505.198763] CPU: 1 PID: 8822 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1505.199338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.199915] Call Trace: [ 1505.200162] [ 1505.200403] dump_stack_lvl+0xc1/0xf0 [ 1505.200702] kmem_cache_create_usercopy+0x12b/0x340 [ 1505.201073] p9_client_create+0xd0b/0x1260 [ 1505.201389] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.201771] ? __pfx_p9_client_create+0x10/0x10 [ 1505.202237] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.202594] ? lockdep_init_map_type+0x21e/0x7e0 [ 1505.202935] ? __kasan_kmalloc+0x7f/0x90 [ 1505.203235] ? __raw_spin_lock_init+0x3a/0x110 [ 1505.203566] v9fs_session_init+0x1e1/0x1760 [ 1505.203884] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1505.204313] ? __pfx_v9fs_session_init+0x10/0x10 [ 1505.204658] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.205027] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.205380] ? v9fs_mount+0x9e/0xbc0 [ 1505.205666] v9fs_mount+0xbd/0xbc0 [ 1505.205931] ? legacy_init_fs_context+0x44/0xe0 [ 1505.206295] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.206603] ? cap_capable+0x1be/0x220 [ 1505.206895] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.207195] legacy_get_tree+0x109/0x220 [ 1505.207496] vfs_get_tree+0x92/0x360 [ 1505.207771] path_mount+0x1335/0x1e40 [ 1505.208057] ? kasan_quarantine_put+0x81/0x1d0 [ 1505.208394] ? __pfx_path_mount+0x10/0x10 [ 1505.208708] ? putname+0x102/0x140 [ 1505.209010] ? kmem_cache_free+0xff/0x4a0 [ 1505.209375] ? putname+0x102/0x140 [ 1505.209648] __x64_sys_mount+0x286/0x310 [ 1505.209969] ? __pfx___x64_sys_mount+0x10/0x10 [ 1505.210419] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.210797] do_syscall_64+0x3f/0x90 [ 1505.211072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1505.211448] RIP: 0033:0x7fbf7ca8bb19 [ 1505.211718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.212945] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1505.213493] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1505.214006] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1505.214506] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1505.214996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.215483] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1505.215982] 19:45:28 executing program 4: setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x9, 0x7, 0x6, 0x9}, {0xff36, 0x80, 0xf7, 0x7fffffff}, {0x0, 0x1f, 0x4, 0x2}]}, 0x10) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000040)={0x0, 'wg2\x00', {0x1}, 0x800}) 19:45:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) r1 = syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000000)) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000004, 0x40010, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6, 0x8010, r1, 0x10000000) shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ff9000/0x4000)=nil) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x1, 0x2004, @fd_index=0x7, 0x7, 0x0, 0x0, 0x0, 0x1, {0x1}}, 0x0) syz_io_uring_setup(0xfa7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r6, 0x0) quotactl(0x100000001, &(0x7f0000000140)='./file0\x00', r6, &(0x7f0000000180)="b4965201a760b77af9") r7 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r7, 0x80, &(0x7f0000000280)=@l2tp={0x2, 0x0, @loopback}}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x2, 0x1, &(0x7f00000003c0)="9eecec808760d12aa5f4c72286697189d005b1dbaefb4e7fd2564e0c7b5dd599ef5993ad4613396048b90bf7b7526c08279d8222c6dac3d81125bd6a44c0792a919cc4eaab7665d5cf202c3e7d5509d6ebca89858401bbfbf804f7bdb2197aa2aa81b6f0f0f586e25747df239bbb9f1d76e92ed46df5d5a62762af3bbd43826e1e6b6a54737efd897d835eb7ffd6b1df69d36743e155b1a441b516b3c5b6878c6b422f91a17082f16733ff618fe5ff4b1b56991ddc25dd27d7053714cb35ac95c41435e58755b0b71e1042f878e06aaa7265e60a2a510a38ee1a0441c09240827431c359d6fcf2829a6065f7ad", 0x7fff, 0x0, 0x1, {0x2}}, 0xa6b6) syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, {}, 0x1}, 0x1) 19:45:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x0, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x12, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9301, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 56) [ 1505.405013] FAULT_INJECTION: forcing a failure. [ 1505.405013] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.405826] CPU: 1 PID: 8847 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1505.406434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.406991] Call Trace: [ 1505.407184] [ 1505.407352] dump_stack_lvl+0xc1/0xf0 [ 1505.407644] should_fail_ex+0x4b4/0x5b0 [ 1505.407940] ? __kernfs_new_node+0xd4/0x870 [ 1505.408255] should_failslab+0x9/0x20 [ 1505.408551] kmem_cache_alloc+0x5a/0x390 [ 1505.408853] ? __pfx_lock_release+0x10/0x10 [ 1505.409210] __kernfs_new_node+0xd4/0x870 [ 1505.409529] ? __pfx___kernfs_new_node+0x10/0x10 [ 1505.409875] ? kernfs_add_one+0x17f/0x530 [ 1505.410194] kernfs_new_node+0x97/0x120 [ 1505.410487] __kernfs_create_file+0x55/0x350 [ 1505.410817] sysfs_add_file_mode_ns+0x21c/0x440 [ 1505.411161] ? __pfx_slab_attr_store+0x10/0x10 [ 1505.411501] internal_create_group+0x322/0xb90 [ 1505.411834] ? __pfx_internal_create_group+0x10/0x10 [ 1505.412192] ? up_write+0x196/0x510 [ 1505.412468] sysfs_slab_add+0x18e/0x220 [ 1505.412757] __kmem_cache_create+0x1fe/0x610 [ 1505.413086] kmem_cache_create_usercopy+0x218/0x340 [ 1505.413458] p9_client_create+0xd0b/0x1260 [ 1505.413773] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.414174] ? __pfx_p9_client_create+0x10/0x10 [ 1505.414522] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.414876] ? lockdep_init_map_type+0x21e/0x7e0 [ 1505.415217] ? __kasan_kmalloc+0x7f/0x90 [ 1505.415515] ? __raw_spin_lock_init+0x3a/0x110 [ 1505.415854] v9fs_session_init+0x1e1/0x1760 [ 1505.416173] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1505.416601] ? __pfx_v9fs_session_init+0x10/0x10 [ 1505.416950] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.417324] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.417677] ? v9fs_mount+0x9e/0xbc0 [ 1505.417981] v9fs_mount+0xbd/0xbc0 [ 1505.418237] ? legacy_init_fs_context+0x44/0xe0 [ 1505.418583] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.418889] ? cap_capable+0x1be/0x220 [ 1505.419180] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.419481] legacy_get_tree+0x109/0x220 [ 1505.419784] vfs_get_tree+0x92/0x360 [ 1505.420062] path_mount+0x1335/0x1e40 [ 1505.420350] ? kasan_quarantine_put+0x81/0x1d0 [ 1505.420689] ? __pfx_path_mount+0x10/0x10 [ 1505.420981] ? putname+0x102/0x140 [ 1505.421249] ? kmem_cache_free+0xff/0x4a0 [ 1505.421553] ? putname+0x102/0x140 [ 1505.421826] __x64_sys_mount+0x286/0x310 [ 1505.422134] ? __pfx___x64_sys_mount+0x10/0x10 [ 1505.422474] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.422850] do_syscall_64+0x3f/0x90 19:45:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x5, 0x20, 0x0, 0xfffffeff}, {0x7, 0x7, 0x7f, 0xa42e}]}) [ 1505.423127] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1505.423622] RIP: 0033:0x7fbf7ca8bb19 [ 1505.423885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.425113] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1505.425633] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1505.426143] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1505.426639] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 19:45:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x14, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1505.427123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.427685] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1505.428190] [ 1505.436217] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1505.437053] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1505.437538] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1505.438006] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1505.439091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.440069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.440846] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.443644] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.444326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.445329] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.446106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.446958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.448049] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.449124] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.450699] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.451464] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.452142] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.452908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.453725] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1505.454285] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:45:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9302, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:28 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 5) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:28 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x0, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1505.516274] FAULT_INJECTION: forcing a failure. [ 1505.516274] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.517188] CPU: 1 PID: 8857 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1505.517720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.518307] Call Trace: [ 1505.518493] [ 1505.518660] dump_stack_lvl+0xc1/0xf0 [ 1505.518948] should_fail_ex+0x4b4/0x5b0 [ 1505.519244] should_failslab+0x9/0x20 [ 1505.519535] __kmem_cache_alloc_node+0x5b/0x310 [ 1505.519870] ? direct_splice_read+0x15b/0x990 [ 1505.520207] ? direct_splice_read+0x15b/0x990 [ 1505.520535] __kmalloc+0x4a/0x160 [ 1505.520797] direct_splice_read+0x15b/0x990 [ 1505.521113] ? percpu_ref_put_many.constprop.0+0x4c/0x110 [ 1505.521507] ? lock_is_held_type+0x9f/0x120 [ 1505.521824] ? __pfx_direct_splice_read+0x10/0x10 [ 1505.522193] ? inode_security+0x105/0x140 [ 1505.522504] ? fsnotify_perm.part.0+0x221/0x610 [ 1505.522848] ? security_file_permission+0xb5/0xe0 [ 1505.523209] ? __pfx_direct_splice_read+0x10/0x10 [ 1505.523560] vfs_splice_read+0x1c0/0x240 [ 1505.523865] splice_direct_to_actor+0x2b0/0x8c0 [ 1505.524202] ? __pfx_direct_splice_actor+0x10/0x10 [ 1505.524564] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1505.524933] ? security_file_permission+0xb5/0xe0 [ 1505.525272] do_splice_direct+0x1bc/0x290 [ 1505.525562] ? __pfx_do_splice_direct+0x10/0x10 [ 1505.525891] ? lock_is_held_type+0x9f/0x120 [ 1505.526194] do_sendfile+0xb1d/0x12b0 [ 1505.526465] ? __pfx_do_sendfile+0x10/0x10 [ 1505.526759] __x64_sys_sendfile64+0x1d5/0x210 [ 1505.527072] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1505.527416] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.527780] do_syscall_64+0x3f/0x90 [ 1505.528045] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1505.528404] RIP: 0033:0x7fa70ac2ab19 [ 1505.528656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.529814] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1505.530322] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1505.530787] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1505.531252] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1505.531715] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000001 [ 1505.532176] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1505.532659] [ 1505.570195] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1505.570761] CPU: 1 PID: 8847 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1505.571290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.571844] Call Trace: [ 1505.572022] [ 1505.572183] dump_stack_lvl+0xc1/0xf0 [ 1505.572461] kmem_cache_create_usercopy+0x12b/0x340 [ 1505.572806] p9_client_create+0xd0b/0x1260 [ 1505.573104] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.573457] ? __pfx_p9_client_create+0x10/0x10 [ 1505.573777] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.574118] ? lockdep_init_map_type+0x21e/0x7e0 [ 1505.574440] ? __kasan_kmalloc+0x7f/0x90 [ 1505.574724] ? __raw_spin_lock_init+0x3a/0x110 [ 1505.575051] v9fs_session_init+0x1e1/0x1760 [ 1505.575359] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1505.575763] ? __pfx_v9fs_session_init+0x10/0x10 [ 1505.576085] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.576441] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1505.576776] ? v9fs_mount+0x9e/0xbc0 [ 1505.577046] v9fs_mount+0xbd/0xbc0 [ 1505.577299] ? legacy_init_fs_context+0x44/0xe0 [ 1505.577625] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.577919] ? cap_capable+0x1be/0x220 [ 1505.578205] ? __pfx_v9fs_mount+0x10/0x10 [ 1505.578491] legacy_get_tree+0x109/0x220 [ 1505.578776] vfs_get_tree+0x92/0x360 [ 1505.579040] path_mount+0x1335/0x1e40 [ 1505.579311] ? kasan_quarantine_put+0x81/0x1d0 [ 1505.579628] ? __pfx_path_mount+0x10/0x10 [ 1505.579915] ? putname+0x102/0x140 [ 1505.580174] ? kmem_cache_free+0xff/0x4a0 [ 1505.580463] ? putname+0x102/0x140 [ 1505.580724] __x64_sys_mount+0x286/0x310 [ 1505.581022] ? __pfx___x64_sys_mount+0x10/0x10 [ 1505.581344] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1505.581700] do_syscall_64+0x3f/0x90 [ 1505.581993] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1505.582346] RIP: 0033:0x7fbf7ca8bb19 [ 1505.582598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.583750] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1505.584242] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1505.584704] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1505.585167] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1505.585631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.586108] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1505.586579] [ 1516.934073] FAULT_INJECTION: forcing a failure. [ 1516.934073] name failslab, interval 1, probability 0, space 0, times 0 [ 1516.934969] CPU: 1 PID: 8868 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1516.935520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1516.936065] Call Trace: [ 1516.936244] [ 1516.936404] dump_stack_lvl+0xc1/0xf0 [ 1516.936681] should_fail_ex+0x4b4/0x5b0 [ 1516.936970] ? __kernfs_new_node+0xd4/0x870 [ 1516.937267] should_failslab+0x9/0x20 [ 1516.937539] kmem_cache_alloc+0x5a/0x390 [ 1516.937831] __kernfs_new_node+0xd4/0x870 [ 1516.938130] ? __pfx___kernfs_new_node+0x10/0x10 [ 1516.938466] ? down_write+0x11a/0x1f0 [ 1516.938740] ? up_write+0x196/0x510 [ 1516.939012] kernfs_new_node+0x97/0x120 [ 1516.939297] __kernfs_create_file+0x55/0x350 [ 1516.939614] sysfs_add_file_mode_ns+0x21c/0x440 [ 1516.939958] ? __pfx_slab_attr_store+0x10/0x10 [ 1516.940288] internal_create_group+0x322/0xb90 [ 1516.940609] ? __pfx_internal_create_group+0x10/0x10 [ 1516.940962] ? up_write+0x196/0x510 [ 1516.941228] sysfs_slab_add+0x18e/0x220 [ 1516.941509] __kmem_cache_create+0x1fe/0x610 [ 1516.941827] kmem_cache_create_usercopy+0x218/0x340 [ 1516.942180] p9_client_create+0xd0b/0x1260 [ 1516.942481] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1516.942837] ? __pfx_p9_client_create+0x10/0x10 [ 1516.943162] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1516.943504] ? lockdep_init_map_type+0x21e/0x7e0 [ 1516.943828] ? __kasan_kmalloc+0x7f/0x90 [ 1516.944129] ? __raw_spin_lock_init+0x3a/0x110 [ 1516.944458] v9fs_session_init+0x1e1/0x1760 [ 1516.944774] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1516.945186] ? __pfx_v9fs_session_init+0x10/0x10 [ 1516.945536] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1516.945899] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1516.946278] ? v9fs_mount+0x9e/0xbc0 [ 1516.946563] v9fs_mount+0xbd/0xbc0 [ 1516.946820] ? legacy_init_fs_context+0x44/0xe0 [ 1516.947151] ? __pfx_v9fs_mount+0x10/0x10 [ 1516.947444] ? cap_capable+0x1be/0x220 [ 1516.947727] ? __pfx_v9fs_mount+0x10/0x10 [ 1516.948021] legacy_get_tree+0x109/0x220 [ 1516.948313] vfs_get_tree+0x92/0x360 [ 1516.948582] path_mount+0x1335/0x1e40 [ 1516.949159] ? kasan_quarantine_put+0x81/0x1d0 19:45:40 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 55) 19:45:40 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x0, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:40 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 57) 19:45:40 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9303, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:40 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x0, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:40 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x15, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)=@abs, 0x6e, 0xfffffffffffffffd, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000fdbff9181dc7b565d0100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00'], 0x120}, 0x40016170) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000002c0)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_audit(0x10, 0x3, 0x9) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000000)=0x3) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x9, 0x0, 0x0, 0x3f}, {0x1000, 0x3d, 0xe4, 0x4000000}, {0x0, 0x0, 0x6, 0xc6d}]}, 0x10) 19:45:40 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 6) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1516.949495] ? __pfx_path_mount+0x10/0x10 [ 1516.949874] ? putname+0x102/0x140 [ 1516.950142] ? kmem_cache_free+0xff/0x4a0 [ 1516.950432] ? putname+0x102/0x140 [ 1516.950696] __x64_sys_mount+0x286/0x310 [ 1516.950985] ? __pfx___x64_sys_mount+0x10/0x10 [ 1516.951332] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1516.951694] do_syscall_64+0x3f/0x90 [ 1516.951972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1516.952329] RIP: 0033:0x7fbf7ca8bb19 [ 1516.952598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1516.953767] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1516.954295] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1516.954783] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1516.955276] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1516.955768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1516.956265] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1516.956776] 19:45:40 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8050) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_macvtap\x00', 0x10) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000240)) 19:45:40 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x19, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1516.986034] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1516.986813] CPU: 1 PID: 8868 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1516.987390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1516.987996] Call Trace: [ 1516.988197] [ 1516.988363] dump_stack_lvl+0xc1/0xf0 [ 1516.988654] kmem_cache_create_usercopy+0x12b/0x340 [ 1516.989006] p9_client_create+0xd0b/0x1260 [ 1516.989469] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1516.989914] ? __pfx_p9_client_create+0x10/0x10 [ 1516.990250] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1516.990612] ? lockdep_init_map_type+0x21e/0x7e0 [ 1516.990962] ? __kasan_kmalloc+0x7f/0x90 [ 1516.991256] ? __raw_spin_lock_init+0x3a/0x110 [ 1516.991581] v9fs_session_init+0x1e1/0x1760 [ 1516.991898] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1516.992314] ? __pfx_v9fs_session_init+0x10/0x10 [ 1516.992656] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1516.993034] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1516.993388] ? v9fs_mount+0x9e/0xbc0 [ 1516.993661] v9fs_mount+0xbd/0xbc0 [ 1516.993926] ? legacy_init_fs_context+0x44/0xe0 [ 1516.994258] ? __pfx_v9fs_mount+0x10/0x10 [ 1516.994551] ? cap_capable+0x1be/0x220 [ 1516.994832] ? __pfx_v9fs_mount+0x10/0x10 [ 1516.995136] legacy_get_tree+0x109/0x220 [ 1516.995427] vfs_get_tree+0x92/0x360 [ 1516.995703] path_mount+0x1335/0x1e40 [ 1516.995978] ? kasan_quarantine_put+0x81/0x1d0 [ 1516.996311] ? __pfx_path_mount+0x10/0x10 [ 1516.996602] ? putname+0x102/0x140 [ 1516.996873] ? kmem_cache_free+0xff/0x4a0 [ 1516.997170] ? putname+0x102/0x140 [ 1516.997432] __x64_sys_mount+0x286/0x310 [ 1516.997730] ? __pfx___x64_sys_mount+0x10/0x10 [ 1516.998053] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1516.998437] do_syscall_64+0x3f/0x90 [ 1516.998718] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1516.999074] RIP: 0033:0x7fbf7ca8bb19 [ 1516.999333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.000493] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1517.001021] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1517.001485] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1517.001976] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1517.002460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.002925] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1517.003414] [ 1517.030698] FAULT_INJECTION: forcing a failure. [ 1517.030698] name failslab, interval 1, probability 0, space 0, times 0 [ 1517.031538] CPU: 1 PID: 8882 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1517.032118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1517.032682] Call Trace: [ 1517.032860] [ 1517.033032] dump_stack_lvl+0xc1/0xf0 [ 1517.033309] should_fail_ex+0x4b4/0x5b0 [ 1517.033602] ? __kernfs_new_node+0xd4/0x870 [ 1517.033899] should_failslab+0x9/0x20 [ 1517.034182] kmem_cache_alloc+0x5a/0x390 [ 1517.034506] __kernfs_new_node+0xd4/0x870 [ 1517.034824] ? __pfx___kernfs_new_node+0x10/0x10 [ 1517.035153] ? down_write+0x11a/0x1f0 [ 1517.035426] ? up_write+0x196/0x510 [ 1517.035689] kernfs_new_node+0x97/0x120 [ 1517.035973] __kernfs_create_file+0x55/0x350 [ 1517.036297] sysfs_add_file_mode_ns+0x21c/0x440 [ 1517.036636] ? __pfx_slab_attr_store+0x10/0x10 [ 1517.036961] internal_create_group+0x322/0xb90 [ 1517.037281] ? __pfx_internal_create_group+0x10/0x10 [ 1517.037632] ? up_write+0x196/0x510 [ 1517.037899] sysfs_slab_add+0x18e/0x220 [ 1517.038190] __kmem_cache_create+0x1fe/0x610 [ 1517.038500] kmem_cache_create_usercopy+0x218/0x340 [ 1517.038848] p9_client_create+0xd0b/0x1260 [ 1517.039144] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.039503] ? __pfx_p9_client_create+0x10/0x10 [ 1517.039832] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1517.040173] ? lockdep_init_map_type+0x21e/0x7e0 [ 1517.040498] ? __kasan_kmalloc+0x7f/0x90 [ 1517.040789] ? __raw_spin_lock_init+0x3a/0x110 [ 1517.041108] v9fs_session_init+0x1e1/0x1760 [ 1517.041413] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1517.041819] ? __pfx_v9fs_session_init+0x10/0x10 [ 1517.042152] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.042512] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1517.042852] ? v9fs_mount+0x9e/0xbc0 [ 1517.043127] v9fs_mount+0xbd/0xbc0 [ 1517.043387] ? legacy_init_fs_context+0x44/0xe0 [ 1517.043714] ? __pfx_v9fs_mount+0x10/0x10 [ 1517.044016] ? cap_capable+0x1be/0x220 [ 1517.044304] ? __pfx_v9fs_mount+0x10/0x10 [ 1517.044604] legacy_get_tree+0x109/0x220 [ 1517.044899] vfs_get_tree+0x92/0x360 [ 1517.045168] path_mount+0x1335/0x1e40 [ 1517.045445] ? kasan_quarantine_put+0x81/0x1d0 [ 1517.045767] ? __pfx_path_mount+0x10/0x10 [ 1517.046057] ? putname+0x102/0x140 [ 1517.046331] ? kmem_cache_free+0xff/0x4a0 [ 1517.046625] ? putname+0x102/0x140 [ 1517.046888] __x64_sys_mount+0x286/0x310 [ 1517.047175] ? __pfx___x64_sys_mount+0x10/0x10 [ 1517.047503] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.047862] do_syscall_64+0x3f/0x90 [ 1517.048127] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1517.048487] RIP: 0033:0x7fb465b78b19 [ 1517.048745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.049913] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1517.050415] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1517.050886] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1517.051356] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1517.051822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.052284] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1517.052764] [ 1517.061946] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1517.062605] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1517.063056] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1517.063588] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1517.064076] blk_print_req_error: 40 callbacks suppressed [ 1517.064085] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1517.065998] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.066759] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.068026] buffer_io_error: 38 callbacks suppressed [ 1517.068042] Buffer I/O error on dev sr0, logical block 0, async page read [ 1517.070232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.071145] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.072416] Buffer I/O error on dev sr0, logical block 1, async page read [ 1517.073858] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.074780] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.075754] Buffer I/O error on dev sr0, logical block 2, async page read [ 1517.078071] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.078798] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.079778] Buffer I/O error on dev sr0, logical block 3, async page read [ 1517.082719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.083610] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.084585] Buffer I/O error on dev sr0, logical block 4, async page read [ 1517.086786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.087669] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.088631] Buffer I/O error on dev sr0, logical block 5, async page read [ 1517.098869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.100183] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.101498] Buffer I/O error on dev sr0, logical block 6, async page read [ 1517.107243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1517.108223] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1517.109217] Buffer I/O error on dev sr0, logical block 7, async page read [ 1517.225873] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1517.227336] CPU: 0 PID: 8882 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1517.228263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1517.229533] Call Trace: [ 1517.229860] [ 1517.230221] dump_stack_lvl+0xc1/0xf0 [ 1517.230705] kmem_cache_create_usercopy+0x12b/0x340 [ 1517.231491] p9_client_create+0xd0b/0x1260 [ 1517.232020] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.232847] ? __pfx_p9_client_create+0x10/0x10 [ 1517.233424] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1517.234214] ? lockdep_init_map_type+0x21e/0x7e0 [ 1517.234788] ? __kasan_kmalloc+0x7f/0x90 [ 1517.235449] ? __raw_spin_lock_init+0x3a/0x110 [ 1517.236010] v9fs_session_init+0x1e1/0x1760 [ 1517.236709] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1517.237422] ? __pfx_v9fs_session_init+0x10/0x10 [ 1517.238176] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.238808] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1517.239571] ? v9fs_mount+0x9e/0xbc0 [ 1517.240052] v9fs_mount+0xbd/0xbc0 [ 1517.240634] ? legacy_init_fs_context+0x44/0xe0 [ 1517.241213] ? __pfx_v9fs_mount+0x10/0x10 [ 1517.241876] ? cap_capable+0x1be/0x220 [ 1517.242385] ? __pfx_v9fs_mount+0x10/0x10 [ 1517.243051] legacy_get_tree+0x109/0x220 [ 1517.243565] vfs_get_tree+0x92/0x360 [ 1517.244175] path_mount+0x1335/0x1e40 [ 1517.244667] ? kasan_quarantine_put+0x81/0x1d0 [ 1517.245388] ? __pfx_path_mount+0x10/0x10 [ 1517.245901] ? putname+0x102/0x140 [ 1517.246529] ? kmem_cache_free+0xff/0x4a0 [ 1517.247040] ? putname+0x102/0x140 [ 1517.247635] __x64_sys_mount+0x286/0x310 [ 1517.248143] ? __pfx___x64_sys_mount+0x10/0x10 [ 1517.248869] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1517.249497] do_syscall_64+0x3f/0x90 [ 1517.250103] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1517.250740] RIP: 0033:0x7fb465b78b19 [ 1517.251319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.253322] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1517.254476] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1517.255575] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1517.256671] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1517.257734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.258853] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1517.259990] 19:45:51 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 58) 19:45:51 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x0, 0x5, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:45:51 executing program 4: r0 = syz_io_uring_complete(0x0) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f0000000040)=0x3) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) 19:45:51 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 56) 19:45:51 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9304, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:45:51 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1b, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:51 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 7) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:51 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x0, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1528.131162] FAULT_INJECTION: forcing a failure. [ 1528.131162] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1528.132247] CPU: 1 PID: 8912 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1528.132813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1528.133391] Call Trace: [ 1528.133580] [ 1528.133750] dump_stack_lvl+0xc1/0xf0 [ 1528.134036] should_fail_ex+0x4b4/0x5b0 [ 1528.134354] prepare_alloc_pages+0x178/0x500 [ 1528.134684] __alloc_pages_bulk+0x156/0x10e0 [ 1528.135006] ? __kmem_cache_alloc_node+0x1f8/0x310 [ 1528.135363] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1528.135789] ? mark_held_locks+0x9e/0xe0 [ 1528.136088] ? __pfx___alloc_pages_bulk+0x10/0x10 [ 1528.136443] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.136822] ? kasan_set_track+0x25/0x30 [ 1528.137117] ? __kasan_kmalloc+0x7f/0x90 [ 1528.137422] direct_splice_read+0x190/0x990 [ 1528.137737] ? lock_is_held_type+0x9f/0x120 [ 1528.138052] ? __pfx_direct_splice_read+0x10/0x10 [ 1528.138411] ? inode_security+0x105/0x140 [ 1528.138720] ? fsnotify_perm.part.0+0x221/0x610 [ 1528.139063] ? security_file_permission+0xb5/0xe0 [ 1528.139425] ? __pfx_direct_splice_read+0x10/0x10 [ 1528.139781] vfs_splice_read+0x1c0/0x240 [ 1528.140078] splice_direct_to_actor+0x2b0/0x8c0 [ 1528.140421] ? __pfx_direct_splice_actor+0x10/0x10 [ 1528.140770] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1528.141140] ? security_file_permission+0xb5/0xe0 [ 1528.141503] do_splice_direct+0x1bc/0x290 [ 1528.141806] ? __pfx_do_splice_direct+0x10/0x10 [ 1528.142155] ? lock_is_held_type+0x9f/0x120 [ 1528.142489] do_sendfile+0xb1d/0x12b0 [ 1528.142770] ? __pfx_do_sendfile+0x10/0x10 [ 1528.143083] __x64_sys_sendfile64+0x1d5/0x210 [ 1528.143414] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1528.143809] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.144201] do_syscall_64+0x3f/0x90 [ 1528.144467] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1528.144840] RIP: 0033:0x7fa70ac2ab19 [ 1528.145103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.146353] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1528.146883] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1528.147377] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1528.147870] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1528.148349] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000001 [ 1528.148844] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1528.149351] 19:45:51 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1d, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:45:51 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9305, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1528.201202] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1528.202111] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1528.202615] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1528.203086] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1528.203613] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1528.205117] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.206146] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.207275] Buffer I/O error on dev sr0, logical block 0, async page read [ 1528.209924] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.210726] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.211811] Buffer I/O error on dev sr0, logical block 1, async page read [ 1528.212825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.213593] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 6 prio class 2 [ 1528.214689] Buffer I/O error on dev sr0, logical block 2, async page read [ 1528.215650] Buffer I/O error on dev sr0, logical block 3, async page read [ 1528.216596] Buffer I/O error on dev sr0, logical block 4, async page read [ 1528.217542] Buffer I/O error on dev sr0, logical block 5, async page read [ 1528.218483] Buffer I/O error on dev sr0, logical block 6, async page read [ 1528.219414] Buffer I/O error on dev sr0, logical block 7, async page read [ 1528.220968] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.221391] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 19:45:51 executing program 4: ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="8c000000a391cda62947f2a27993381b12b618fef5764d6cc62f7706f3df356a4803106b476b418bec68a02858ad1dbe144cfb6c177653234fbb506199c5bcb80c592d335a783f0d36ae6be4302c83fa3cc617319cd3fc84f7a3d77ed3beb6ce329cadeb8d2431397ed7acb4bec2cbdf1728804b95b0c386784f3f", @ANYRES16=r0, @ANYBLOB="10002abd7000fedbdf25180000000a001a0008021100000100000a001a0008021100000100000a000603ffffffffffff00000a00060008021100000000000a000600ffffffffffff00000a001a00081a00ffffffffffff00000a000600ffffffffffff00000a000600ffffffffffff00000a000600ffffffffffff0000"], 0x8c}, 0x1, 0x0, 0x0, 0x41080}, 0x240000c0) [ 1528.221951] Buffer I/O error on dev sr0, logical block 0, async page read [ 1528.227724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.228112] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.228799] Buffer I/O error on dev sr0, logical block 1, async page read [ 1528.229539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.229926] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.232228] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.232631] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.233434] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.233815] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.234621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.235000] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1528.235786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.236375] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.237128] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.237710] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.239005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.242233] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.247836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.249403] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.251004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.256843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.266170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.274088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.299727] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.308900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.311045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.318810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.332178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.337807] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:45:51 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 8) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:51 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 59) 19:45:51 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x0, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1528.406231] FAULT_INJECTION: forcing a failure. [ 1528.406231] name failslab, interval 1, probability 0, space 0, times 0 [ 1528.407689] CPU: 0 PID: 8930 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1528.408694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1528.409675] Call Trace: [ 1528.410000] [ 1528.410296] dump_stack_lvl+0xc1/0xf0 [ 1528.410801] should_fail_ex+0x4b4/0x5b0 [ 1528.411318] ? __kernfs_new_node+0xd4/0x870 [ 1528.411864] should_failslab+0x9/0x20 [ 1528.412360] kmem_cache_alloc+0x5a/0x390 [ 1528.412890] __kernfs_new_node+0xd4/0x870 [ 1528.413428] ? __pfx___kernfs_new_node+0x10/0x10 [ 1528.414050] ? down_write+0x11a/0x1f0 [ 1528.414576] ? up_write+0x196/0x510 [ 1528.415072] kernfs_new_node+0x97/0x120 [ 1528.415602] __kernfs_create_file+0x55/0x350 [ 1528.416196] sysfs_add_file_mode_ns+0x21c/0x440 [ 1528.416826] ? __pfx_slab_attr_store+0x10/0x10 [ 1528.417446] internal_create_group+0x322/0xb90 [ 1528.418045] ? __pfx_internal_create_group+0x10/0x10 [ 1528.418710] ? up_write+0x196/0x510 [ 1528.419208] sysfs_slab_add+0x18e/0x220 [ 1528.419728] __kmem_cache_create+0x1fe/0x610 [ 1528.420313] kmem_cache_create_usercopy+0x218/0x340 [ 1528.420967] p9_client_create+0xd0b/0x1260 [ 1528.421529] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.422204] ? __pfx_p9_client_create+0x10/0x10 [ 1528.422862] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.423503] ? lockdep_init_map_type+0x21e/0x7e0 [ 1528.424119] ? __kasan_kmalloc+0x7f/0x90 [ 1528.424663] ? __raw_spin_lock_init+0x3a/0x110 [ 1528.425265] v9fs_session_init+0x1e1/0x1760 [ 1528.425841] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1528.426616] ? __pfx_v9fs_session_init+0x10/0x10 [ 1528.427230] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.427911] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.428549] ? v9fs_mount+0x9e/0xbc0 [ 1528.429056] v9fs_mount+0xbd/0xbc0 [ 1528.429541] ? legacy_init_fs_context+0x44/0xe0 [ 1528.430168] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.430714] ? cap_capable+0x1be/0x220 [ 1528.431241] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.431787] legacy_get_tree+0x109/0x220 [ 1528.432146] FAULT_INJECTION: forcing a failure. [ 1528.432146] name failslab, interval 1, probability 0, space 0, times 0 [ 1528.432305] vfs_get_tree+0x92/0x360 [ 1528.432354] path_mount+0x1335/0x1e40 [ 1528.432405] ? kasan_quarantine_put+0x81/0x1d0 [ 1528.432448] ? __pfx_path_mount+0x10/0x10 [ 1528.432490] ? putname+0x102/0x140 [ 1528.432536] ? kmem_cache_free+0xff/0x4a0 [ 1528.432579] ? putname+0x102/0x140 [ 1528.432634] __x64_sys_mount+0x286/0x310 [ 1528.432681] ? __pfx___x64_sys_mount+0x10/0x10 [ 1528.439052] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.439726] do_syscall_64+0x3f/0x90 [ 1528.440213] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1528.440889] RIP: 0033:0x7fbf7ca8bb19 [ 1528.441367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.443556] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1528.444509] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1528.445379] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1528.446278] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1528.447173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1528.448052] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1528.448936] [ 1528.449234] CPU: 1 PID: 8931 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1528.450248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1528.451249] Call Trace: [ 1528.451576] [ 1528.451871] dump_stack_lvl+0xc1/0xf0 [ 1528.452376] should_fail_ex+0x4b4/0x5b0 [ 1528.452902] should_failslab+0x9/0x20 [ 1528.453406] __kmem_cache_alloc_node+0x5b/0x310 [ 1528.454005] ? kvmalloc_node+0xaa/0x200 [ 1528.454533] ? __alloc_pages_bulk+0xa29/0x10e0 [ 1528.455123] ? kvmalloc_node+0xaa/0x200 [ 1528.455632] __kmalloc_node+0x4d/0x160 [ 1528.456150] kvmalloc_node+0xaa/0x200 [ 1528.456650] seq_read_iter+0x820/0x1300 [ 1528.457187] proc_reg_read_iter+0x20e/0x2e0 [ 1528.457750] direct_splice_read+0x3c4/0x990 [ 1528.458334] ? __pfx_direct_splice_read+0x10/0x10 [ 1528.458976] ? inode_security+0x105/0x140 [ 1528.459520] ? security_file_permission+0xb5/0xe0 [ 1528.460149] ? __pfx_direct_splice_read+0x10/0x10 [ 1528.460763] vfs_splice_read+0x1c0/0x240 [ 1528.461288] splice_direct_to_actor+0x2b0/0x8c0 [ 1528.461900] ? __pfx_direct_splice_actor+0x10/0x10 [ 1528.462560] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1528.463207] ? security_file_permission+0xb5/0xe0 [ 1528.463836] do_splice_direct+0x1bc/0x290 [ 1528.464369] ? __pfx_do_splice_direct+0x10/0x10 [ 1528.464978] ? lock_is_held_type+0x9f/0x120 [ 1528.465527] do_sendfile+0xb1d/0x12b0 [ 1528.466033] ? __pfx_do_sendfile+0x10/0x10 [ 1528.466603] __x64_sys_sendfile64+0x1d5/0x210 [ 1528.467184] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1528.467816] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.468483] do_syscall_64+0x3f/0x90 [ 1528.468969] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1528.469643] RIP: 0033:0x7fa70ac2ab19 [ 1528.470116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.472284] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1528.473207] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1528.474072] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1528.474928] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1528.475801] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000001 [ 1528.476676] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1528.477568] 19:45:51 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:45:51 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth1_to_batadv\x00'}) 19:45:51 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 57) [ 1528.533117] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1528.534371] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1528.535219] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1528.536093] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1528.538380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.540014] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.541255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.542841] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.544106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.545419] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.546728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.549427] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.550825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.552038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.553274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.555201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.556680] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1528.556842] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.557593] CPU: 1 PID: 8930 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1528.558769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.559200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1528.560392] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.560787] Call Trace: [ 1528.560799] [ 1528.561940] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.562005] dump_stack_lvl+0xc1/0xf0 [ 1528.563193] kmem_cache_create_usercopy+0x12b/0x340 [ 1528.563306] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.563819] p9_client_create+0xd0b/0x1260 [ 1528.564992] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.565648] ? __pfx_p9_client_create+0x10/0x10 [ 1528.566078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.566240] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.567498] ? lockdep_init_map_type+0x21e/0x7e0 [ 1528.568059] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.568736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.568746] ? __kasan_kmalloc+0x7f/0x90 [ 1528.569887] ? __raw_spin_lock_init+0x3a/0x110 [ 1528.569935] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.570480] v9fs_session_init+0x1e1/0x1760 [ 1528.571667] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1528.571717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.572410] ? __pfx_v9fs_session_init+0x10/0x10 [ 1528.572455] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.573739] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.574290] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.575583] ? v9fs_mount+0x9e/0xbc0 [ 1528.575707] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.576071] v9fs_mount+0xbd/0xbc0 [ 1528.577176] ? legacy_init_fs_context+0x44/0xe0 [ 1528.577326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.577774] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.578953] ? cap_capable+0x1be/0x220 [ 1528.578985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.580101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.580112] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.581271] legacy_get_tree+0x109/0x220 [ 1528.581301] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.581766] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.581802] vfs_get_tree+0x92/0x360 [ 1528.583027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.583096] path_mount+0x1335/0x1e40 [ 1528.584701] ? kasan_quarantine_put+0x81/0x1d0 [ 1528.585300] ? __pfx_path_mount+0x10/0x10 [ 1528.585853] ? putname+0x102/0x140 [ 1528.586362] ? kmem_cache_free+0xff/0x4a0 [ 1528.586373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.586840] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.586911] ? putname+0x102/0x140 [ 1528.588235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.588649] __x64_sys_mount+0x286/0x310 [ 1528.589849] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.589857] ? __pfx___x64_sys_mount+0x10/0x10 [ 1528.591097] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.591756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.591775] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.592971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.593058] do_syscall_64+0x3f/0x90 [ 1528.594199] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1528.594248] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.594873] RIP: 0033:0x7fbf7ca8bb19 [ 1528.594899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.596080] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.598182] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1528.598215] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1528.599715] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.599813] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1528.601329] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.602180] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1528.602202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1528.603741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.604326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.604627] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1528.605823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.605937] [ 1528.607374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.609957] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.613223] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.619053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.668818] FAULT_INJECTION: forcing a failure. [ 1528.668818] name failslab, interval 1, probability 0, space 0, times 0 [ 1528.670653] CPU: 1 PID: 8941 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1528.671639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1528.672620] Call Trace: [ 1528.672945] [ 1528.673237] dump_stack_lvl+0xc1/0xf0 [ 1528.673732] should_fail_ex+0x4b4/0x5b0 [ 1528.674245] ? __kernfs_new_node+0xd4/0x870 [ 1528.674793] should_failslab+0x9/0x20 [ 1528.675280] kmem_cache_alloc+0x5a/0x390 [ 1528.675817] __kernfs_new_node+0xd4/0x870 [ 1528.676344] ? __pfx___kernfs_new_node+0x10/0x10 [ 1528.676954] ? down_write+0x11a/0x1f0 [ 1528.677457] ? up_write+0x196/0x510 [ 1528.677945] kernfs_new_node+0x97/0x120 [ 1528.678488] __kernfs_create_file+0x55/0x350 [ 1528.679080] sysfs_add_file_mode_ns+0x21c/0x440 [ 1528.679702] ? __pfx_slab_attr_store+0x10/0x10 [ 1528.680312] internal_create_group+0x322/0xb90 [ 1528.680907] ? __pfx_internal_create_group+0x10/0x10 [ 1528.681556] ? up_write+0x196/0x510 [ 1528.682057] sysfs_slab_add+0x18e/0x220 [ 1528.682594] __kmem_cache_create+0x1fe/0x610 [ 1528.683179] kmem_cache_create_usercopy+0x218/0x340 [ 1528.683832] p9_client_create+0xd0b/0x1260 [ 1528.684401] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.685072] ? __pfx_p9_client_create+0x10/0x10 [ 1528.685686] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.686336] ? lockdep_init_map_type+0x21e/0x7e0 [ 1528.686953] ? __kasan_kmalloc+0x7f/0x90 [ 1528.687495] ? __raw_spin_lock_init+0x3a/0x110 [ 1528.688099] v9fs_session_init+0x1e1/0x1760 [ 1528.688669] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1528.689432] ? __pfx_v9fs_session_init+0x10/0x10 [ 1528.690054] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.690746] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.691381] ? v9fs_mount+0x9e/0xbc0 [ 1528.691896] v9fs_mount+0xbd/0xbc0 [ 1528.692379] ? legacy_init_fs_context+0x44/0xe0 [ 1528.692999] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.693552] ? cap_capable+0x1be/0x220 [ 1528.694082] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.694650] legacy_get_tree+0x109/0x220 [ 1528.695197] vfs_get_tree+0x92/0x360 [ 1528.695701] path_mount+0x1335/0x1e40 [ 1528.696222] ? kasan_quarantine_put+0x81/0x1d0 [ 1528.696825] ? __pfx_path_mount+0x10/0x10 [ 1528.697374] ? putname+0x102/0x140 [ 1528.697865] ? kmem_cache_free+0xff/0x4a0 [ 1528.698432] ? putname+0x102/0x140 [ 1528.698927] __x64_sys_mount+0x286/0x310 [ 1528.699479] ? __pfx___x64_sys_mount+0x10/0x10 [ 1528.700090] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.700763] do_syscall_64+0x3f/0x90 [ 1528.701265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1528.701941] RIP: 0033:0x7fb465b78b19 [ 1528.702429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.704626] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1528.705565] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1528.706464] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1528.707345] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1528.708223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1528.709104] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1528.710011] [ 1528.832145] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1528.833293] CPU: 1 PID: 8941 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1528.834304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1528.835275] Call Trace: [ 1528.835597] [ 1528.835890] dump_stack_lvl+0xc1/0xf0 [ 1528.836386] kmem_cache_create_usercopy+0x12b/0x340 [ 1528.837024] p9_client_create+0xd0b/0x1260 [ 1528.837565] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.838224] ? __pfx_p9_client_create+0x10/0x10 [ 1528.838830] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.839459] ? lockdep_init_map_type+0x21e/0x7e0 [ 1528.840046] ? __kasan_kmalloc+0x7f/0x90 [ 1528.840588] ? __raw_spin_lock_init+0x3a/0x110 [ 1528.841169] v9fs_session_init+0x1e1/0x1760 [ 1528.841739] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1528.842528] ? __pfx_v9fs_session_init+0x10/0x10 [ 1528.843154] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.843850] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1528.844488] ? v9fs_mount+0x9e/0xbc0 [ 1528.845000] v9fs_mount+0xbd/0xbc0 [ 1528.845479] ? legacy_init_fs_context+0x44/0xe0 [ 1528.846303] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.847046] ? cap_capable+0x1be/0x220 [ 1528.847740] ? __pfx_v9fs_mount+0x10/0x10 [ 1528.848469] legacy_get_tree+0x109/0x220 [ 1528.849181] vfs_get_tree+0x92/0x360 [ 1528.849848] path_mount+0x1335/0x1e40 [ 1528.850493] ? kasan_quarantine_put+0x81/0x1d0 [ 1528.851091] ? __pfx_path_mount+0x10/0x10 [ 1528.851670] ? putname+0x102/0x140 [ 1528.852180] ? kmem_cache_free+0xff/0x4a0 [ 1528.852832] ? putname+0x102/0x140 [ 1528.853361] __x64_sys_mount+0x286/0x310 [ 1528.853903] ? __pfx___x64_sys_mount+0x10/0x10 [ 1528.854583] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1528.855277] do_syscall_64+0x3f/0x90 [ 1528.855777] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1528.856467] RIP: 0033:0x7fb465b78b19 [ 1528.856969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.859286] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1528.860242] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1528.861144] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1528.862067] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1528.862972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1528.863896] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1528.864853] 19:46:04 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x21, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:04 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 9) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:04 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 58) 19:46:04 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:04 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x0, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:46:04 executing program 4: ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, &(0x7f0000000140)=0x6) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x8, 0x0, 0x16, 0x3c, 0x0, 0x1dd8, 0x4484, 0xa, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x50000, 0x4, 0x6, 0x8, 0x2, 0xd6102, 0x800, 0x0, 0x10001, 0x0, 0x10001}, 0x0, 0x1, r1, 0x8) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x4, &(0x7f0000000040)=[{0x62, 0x20, 0x3, 0xffffffff}, {0x8, 0x2, 0x7, 0x200}, {0x1, 0x7f, 0x7}, {0x3c, 0x2, 0x5, 0x5a9}]}, 0x10) 19:46:04 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 60) 19:46:04 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9306, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) [ 1541.658056] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1541.658779] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1541.659250] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1541.659765] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1541.660286] blk_print_req_error: 67 callbacks suppressed [ 1541.660296] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 19 prio class 2 19:46:05 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 61) [ 1541.663232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.664019] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.665124] buffer_io_error: 70 callbacks suppressed [ 1541.665139] Buffer I/O error on dev sr0, logical block 0, async page read [ 1541.667757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.668926] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.669965] Buffer I/O error on dev sr0, logical block 1, async page read [ 1541.671709] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.672494] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.673545] Buffer I/O error on dev sr0, logical block 2, async page read [ 1541.677078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.677979] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.679375] Buffer I/O error on dev sr0, logical block 3, async page read [ 1541.681746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.682208] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.683158] Buffer I/O error on dev sr0, logical block 4, async page read [ 1541.690088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.690523] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.691718] Buffer I/O error on dev sr0, logical block 5, async page read [ 1541.693824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.694218] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.694838] Buffer I/O error on dev sr0, logical block 6, async page read [ 1541.696967] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.697553] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.698134] Buffer I/O error on dev sr0, logical block 7, async page read [ 1541.699029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.699771] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1541.700365] Buffer I/O error on dev sr0, logical block 0, async page read [ 1541.701074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.701491] Buffer I/O error on dev sr0, logical block 1, async page read [ 1541.702161] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.702760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.703458] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.704018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.706794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.707722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.708696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.709456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.710960] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.711571] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.712328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.712976] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.714148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.714998] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1541.748984] FAULT_INJECTION: forcing a failure. [ 1541.748984] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.749824] CPU: 1 PID: 8971 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1541.750366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1541.751187] Call Trace: [ 1541.751413] [ 1541.751604] dump_stack_lvl+0xc1/0xf0 [ 1541.751892] should_fail_ex+0x4b4/0x5b0 [ 1541.752204] ? __kernfs_new_node+0xd4/0x870 [ 1541.752531] should_failslab+0x9/0x20 [ 1541.752826] kmem_cache_alloc+0x5a/0x390 [ 1541.753142] __kernfs_new_node+0xd4/0x870 [ 1541.753439] ? __pfx___kernfs_new_node+0x10/0x10 [ 1541.753772] ? down_write+0x11a/0x1f0 [ 1541.754061] ? up_write+0x196/0x510 [ 1541.754331] kernfs_new_node+0x97/0x120 [ 1541.754631] __kernfs_create_file+0x55/0x350 [ 1541.754956] sysfs_add_file_mode_ns+0x21c/0x440 [ 1541.755302] ? __pfx_slab_attr_store+0x10/0x10 [ 1541.755634] internal_create_group+0x322/0xb90 [ 1541.755958] ? __pfx_internal_create_group+0x10/0x10 [ 1541.756323] ? up_write+0x196/0x510 [ 1541.756597] sysfs_slab_add+0x18e/0x220 [ 1541.756896] __kmem_cache_create+0x1fe/0x610 [ 1541.757208] kmem_cache_create_usercopy+0x218/0x340 [ 1541.757572] p9_client_create+0xd0b/0x1260 [ 1541.757893] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1541.758270] ? __pfx_p9_client_create+0x10/0x10 [ 1541.758600] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1541.758956] ? lockdep_init_map_type+0x21e/0x7e0 [ 1541.759298] ? __kasan_kmalloc+0x7f/0x90 [ 1541.759602] ? __raw_spin_lock_init+0x3a/0x110 [ 1541.759940] v9fs_session_init+0x1e1/0x1760 [ 1541.760258] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1541.760682] ? __pfx_v9fs_session_init+0x10/0x10 [ 1541.761023] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1541.761386] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1541.761744] ? v9fs_mount+0x9e/0xbc0 [ 1541.762024] v9fs_mount+0xbd/0xbc0 [ 1541.762291] ? legacy_init_fs_context+0x44/0xe0 [ 1541.762634] ? __pfx_v9fs_mount+0x10/0x10 [ 1541.762937] ? cap_capable+0x1be/0x220 [ 1541.763225] ? __pfx_v9fs_mount+0x10/0x10 [ 1541.763541] legacy_get_tree+0x109/0x220 [ 1541.763838] vfs_get_tree+0x92/0x360 [ 1541.764120] path_mount+0x1335/0x1e40 [ 1541.764405] ? kasan_quarantine_put+0x81/0x1d0 [ 1541.764743] ? __pfx_path_mount+0x10/0x10 [ 1541.765039] ? putname+0x102/0x140 [ 1541.765307] ? kmem_cache_free+0xff/0x4a0 [ 1541.765597] ? putname+0x102/0x140 [ 1541.765876] __x64_sys_mount+0x286/0x310 [ 1541.766178] ? __pfx___x64_sys_mount+0x10/0x10 [ 1541.766513] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1541.766888] do_syscall_64+0x3f/0x90 [ 1541.767169] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1541.767537] RIP: 0033:0x7fbf7ca8bb19 [ 1541.767815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.769030] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1541.769571] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1541.770081] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1541.770610] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1541.771108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1541.771604] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1541.772120] [ 1541.788880] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1541.789443] CPU: 1 PID: 8971 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1541.789983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1541.790534] Call Trace: [ 1541.790707] [ 1541.790871] dump_stack_lvl+0xc1/0xf0 [ 1541.791146] kmem_cache_create_usercopy+0x12b/0x340 [ 1541.791496] p9_client_create+0xd0b/0x1260 [ 1541.791798] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1541.792148] ? __pfx_p9_client_create+0x10/0x10 [ 1541.792491] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1541.792835] ? lockdep_init_map_type+0x21e/0x7e0 [ 1541.793172] ? __kasan_kmalloc+0x7f/0x90 [ 1541.793464] ? __raw_spin_lock_init+0x3a/0x110 [ 1541.793805] v9fs_session_init+0x1e1/0x1760 [ 1541.794109] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1541.794543] ? __pfx_v9fs_session_init+0x10/0x10 [ 1541.794881] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1541.795259] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1541.795598] ? v9fs_mount+0x9e/0xbc0 [ 1541.795887] v9fs_mount+0xbd/0xbc0 [ 1541.796144] ? legacy_init_fs_context+0x44/0xe0 [ 1541.796499] ? __pfx_v9fs_mount+0x10/0x10 [ 1541.796803] ? cap_capable+0x1be/0x220 [ 1541.797108] ? __pfx_v9fs_mount+0x10/0x10 [ 1541.797402] legacy_get_tree+0x109/0x220 [ 1541.797709] vfs_get_tree+0x92/0x360 [ 1541.797973] path_mount+0x1335/0x1e40 [ 1541.798263] ? kasan_quarantine_put+0x81/0x1d0 [ 1541.798598] ? __pfx_path_mount+0x10/0x10 [ 1541.798909] ? putname+0x102/0x140 [ 1541.799164] ? kmem_cache_free+0xff/0x4a0 [ 1541.799468] ? putname+0x102/0x140 [ 1541.799744] __x64_sys_mount+0x286/0x310 [ 1541.800028] ? __pfx___x64_sys_mount+0x10/0x10 [ 1541.800369] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1541.800729] do_syscall_64+0x3f/0x90 [ 1541.801004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1541.801377] RIP: 0033:0x7fbf7ca8bb19 [ 1541.801648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.802916] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1541.803451] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1541.803958] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1541.804463] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1541.804966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1541.805481] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1541.805996] 19:46:16 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 10) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:16 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 62) 19:46:16 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9307, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:46:16 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:16 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) openat$hpet(0xffffffffffffff9c, &(0x7f00000000c0), 0xd0c02, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0xff, 0x0, 0xfffff020}, {0x6}]}, 0x10) setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000040)=0x9, 0x4) 19:46:16 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x22, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:16 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x0, 0x0, 0x800, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:46:16 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 59) 19:46:16 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x23, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1552.921642] FAULT_INJECTION: forcing a failure. [ 1552.921642] name failslab, interval 1, probability 0, space 0, times 0 [ 1552.922482] CPU: 1 PID: 8986 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1552.923053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1552.923609] Call Trace: [ 1552.923794] [ 1552.923988] dump_stack_lvl+0xc1/0xf0 [ 1552.924286] should_fail_ex+0x4b4/0x5b0 [ 1552.924574] ? __kernfs_new_node+0xd4/0x870 [ 1552.924875] should_failslab+0x9/0x20 [ 1552.925143] kmem_cache_alloc+0x5a/0x390 [ 1552.925431] __kernfs_new_node+0xd4/0x870 [ 1552.925725] ? __pfx___kernfs_new_node+0x10/0x10 [ 1552.926054] ? down_write+0x11a/0x1f0 [ 1552.926327] ? up_write+0x196/0x510 [ 1552.926603] kernfs_new_node+0x97/0x120 [ 1552.926886] __kernfs_create_file+0x55/0x350 [ 1552.927200] sysfs_add_file_mode_ns+0x21c/0x440 [ 1552.927539] ? __pfx_slab_attr_store+0x10/0x10 [ 1552.927861] internal_create_group+0x322/0xb90 [ 1552.928180] ? __pfx_internal_create_group+0x10/0x10 [ 1552.928525] ? up_write+0x196/0x510 [ 1552.928794] sysfs_slab_add+0x18e/0x220 [ 1552.929074] __kmem_cache_create+0x1fe/0x610 [ 1552.929390] kmem_cache_create_usercopy+0x218/0x340 [ 1552.929736] p9_client_create+0xd0b/0x1260 [ 1552.930060] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1552.930419] ? __pfx_p9_client_create+0x10/0x10 [ 1552.930763] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1552.931107] ? lockdep_init_map_type+0x21e/0x7e0 [ 1552.931444] ? __kasan_kmalloc+0x7f/0x90 [ 1552.931742] ? __raw_spin_lock_init+0x3a/0x110 [ 1552.932082] v9fs_session_init+0x1e1/0x1760 [ 1552.932396] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1552.932818] ? __pfx_v9fs_session_init+0x10/0x10 [ 1552.933163] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1552.933540] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1552.933893] ? v9fs_mount+0x9e/0xbc0 [ 1552.934185] v9fs_mount+0xbd/0xbc0 [ 1552.934449] ? legacy_init_fs_context+0x44/0xe0 [ 1552.934810] ? __pfx_v9fs_mount+0x10/0x10 [ 1552.935115] ? cap_capable+0x1be/0x220 [ 1552.935418] ? __pfx_v9fs_mount+0x10/0x10 [ 1552.935728] legacy_get_tree+0x109/0x220 [ 1552.936034] vfs_get_tree+0x92/0x360 [ 1552.936312] path_mount+0x1335/0x1e40 [ 1552.936605] ? kasan_quarantine_put+0x81/0x1d0 [ 1552.936943] ? __pfx_path_mount+0x10/0x10 [ 1552.937248] ? putname+0x102/0x140 [ 1552.937524] ? kmem_cache_free+0xff/0x4a0 [ 1552.937834] ? putname+0x102/0x140 [ 1552.938113] __x64_sys_mount+0x286/0x310 [ 1552.938421] ? __pfx___x64_sys_mount+0x10/0x10 [ 1552.938778] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1552.939161] do_syscall_64+0x3f/0x90 [ 1552.939431] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1552.939815] RIP: 0033:0x7fb465b78b19 [ 1552.940087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1552.941347] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1552.941880] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1552.942381] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1552.942892] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1552.943391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1552.943895] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1552.944405] 19:46:16 executing program 4: readv(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000000c0)=""/114, 0x72}, {&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000140)=""/242, 0xf2}, {&(0x7f0000000240)=""/173, 0xad}, {&(0x7f0000000300)=""/171, 0xab}, {&(0x7f00000003c0)=""/114, 0x72}, {&(0x7f0000000440)=""/204, 0xcc}, {&(0x7f0000000540)=""/4096, 0x1000}], 0x8) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000002100)={{0x1, 0x1, 0x18, r0, {0x9f9}}, './file0\x00'}) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0xfc, 0x0, 0xfffff020}, {0x6}]}, 0x10) socket$nl_audit(0x10, 0x3, 0x9) r2 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r2, &(0x7f0000001100)=""/4075, 0xfeb) r3 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r3, &(0x7f0000002140)=""/4075, 0xfeb) dup2(r2, r3) [ 1552.950296] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1552.951060] CPU: 1 PID: 8986 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1552.951652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1552.952191] Call Trace: [ 1552.952366] [ 1552.952525] dump_stack_lvl+0xc1/0xf0 [ 1552.952801] kmem_cache_create_usercopy+0x12b/0x340 [ 1552.953167] p9_client_create+0xd0b/0x1260 [ 1552.953466] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1552.953848] ? __pfx_p9_client_create+0x10/0x10 [ 1552.954168] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1552.954537] ? lockdep_init_map_type+0x21e/0x7e0 [ 1552.954871] ? __kasan_kmalloc+0x7f/0x90 [ 1552.955176] ? __raw_spin_lock_init+0x3a/0x110 [ 1552.955497] v9fs_session_init+0x1e1/0x1760 [ 1552.955819] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1552.956219] ? __pfx_v9fs_session_init+0x10/0x10 [ 1552.956566] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1552.956918] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1552.957274] ? v9fs_mount+0x9e/0xbc0 [ 1552.957544] v9fs_mount+0xbd/0xbc0 [ 1552.957810] ? legacy_init_fs_context+0x44/0xe0 [ 1552.958137] ? __pfx_v9fs_mount+0x10/0x10 [ 1552.958446] ? cap_capable+0x1be/0x220 [ 1552.958729] ? __pfx_v9fs_mount+0x10/0x10 [ 1552.959037] legacy_get_tree+0x109/0x220 [ 1552.959322] vfs_get_tree+0x92/0x360 [ 1552.959603] path_mount+0x1335/0x1e40 [ 1552.959875] ? kasan_quarantine_put+0x81/0x1d0 [ 1552.960208] ? __pfx_path_mount+0x10/0x10 [ 1552.960496] ? putname+0x102/0x140 [ 1552.960764] ? kmem_cache_free+0xff/0x4a0 [ 1552.961051] ? putname+0x102/0x140 [ 1552.961319] __x64_sys_mount+0x286/0x310 [ 1552.961604] ? __pfx___x64_sys_mount+0x10/0x10 [ 1552.961945] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1552.962302] do_syscall_64+0x3f/0x90 [ 1552.962590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1552.962964] RIP: 0033:0x7fb465b78b19 [ 1552.963231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1552.964494] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1552.965025] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1552.965515] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1552.966014] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1552.966512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1552.967024] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1552.967526] 19:46:16 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 63) [ 1553.039358] FAULT_INJECTION: forcing a failure. [ 1553.039358] name failslab, interval 1, probability 0, space 0, times 0 [ 1553.040242] CPU: 1 PID: 8990 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1553.040788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1553.041328] Call Trace: [ 1553.041514] [ 1553.041674] dump_stack_lvl+0xc1/0xf0 [ 1553.041945] should_fail_ex+0x4b4/0x5b0 [ 1553.042198] FAULT_INJECTION: forcing a failure. [ 1553.042198] name failslab, interval 1, probability 0, space 0, times 0 [ 1553.042233] should_failslab+0x9/0x20 [ 1553.042964] __kmem_cache_alloc_node+0x5b/0x310 [ 1553.043002] ? iter_file_splice_write+0x169/0xcb0 [ 1553.043034] ? iter_file_splice_write+0x169/0xcb0 [ 1553.044655] __kmalloc+0x4a/0x160 [ 1553.044916] iter_file_splice_write+0x169/0xcb0 [ 1553.045257] ? direct_splice_read+0x6ff/0x990 [ 1553.045586] ? __kmem_cache_free+0xd1/0x2f0 [ 1553.045901] ? direct_splice_read+0x704/0x990 [ 1553.046238] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1553.046621] ? __pfx_direct_splice_read+0x10/0x10 [ 1553.046978] ? inode_security+0x105/0x140 [ 1553.047289] ? security_file_permission+0xb5/0xe0 [ 1553.047651] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1553.048029] direct_splice_actor+0x113/0x180 [ 1553.048358] splice_direct_to_actor+0x33a/0x8c0 [ 1553.048700] ? __pfx_direct_splice_actor+0x10/0x10 [ 1553.049059] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1553.049436] ? security_file_permission+0xb5/0xe0 [ 1553.049799] do_splice_direct+0x1bc/0x290 [ 1553.050105] ? __pfx_do_splice_direct+0x10/0x10 [ 1553.050458] ? lock_is_held_type+0x9f/0x120 [ 1553.050783] do_sendfile+0xb1d/0x12b0 [ 1553.051070] ? __pfx_do_sendfile+0x10/0x10 [ 1553.051381] __x64_sys_sendfile64+0x1d5/0x210 [ 1553.051717] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1553.052083] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.052464] do_syscall_64+0x3f/0x90 [ 1553.052744] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1553.053118] RIP: 0033:0x7fa70ac2ab19 [ 1553.053391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1553.054644] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1553.055174] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1553.055663] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1553.056163] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1553.056663] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000002 [ 1553.057159] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1553.057667] [ 1553.058640] CPU: 0 PID: 8999 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1553.059886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1553.061097] Call Trace: [ 1553.061513] [ 1553.061863] dump_stack_lvl+0xc1/0xf0 [ 1553.062477] should_fail_ex+0x4b4/0x5b0 [ 1553.063212] ? __kernfs_new_node+0xd4/0x870 [ 1553.063943] should_failslab+0x9/0x20 [ 1553.064578] kmem_cache_alloc+0x5a/0x390 [ 1553.065212] __kernfs_new_node+0xd4/0x870 [ 1553.065856] ? __pfx___kernfs_new_node+0x10/0x10 [ 1553.066599] ? down_write+0x11a/0x1f0 [ 1553.067201] ? up_write+0x196/0x510 [ 1553.067793] kernfs_new_node+0x97/0x120 19:46:16 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x0, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1553.068437] __kernfs_create_file+0x55/0x350 [ 1553.069294] sysfs_add_file_mode_ns+0x21c/0x440 [ 1553.070011] ? __pfx_slab_attr_store+0x10/0x10 [ 1553.070739] internal_create_group+0x322/0xb90 [ 1553.071460] ? __pfx_internal_create_group+0x10/0x10 [ 1553.072199] ? up_write+0x196/0x510 [ 1553.072797] sysfs_slab_add+0x18e/0x220 [ 1553.073409] __kmem_cache_create+0x1fe/0x610 [ 1553.074081] kmem_cache_create_usercopy+0x218/0x340 [ 1553.074864] p9_client_create+0xd0b/0x1260 [ 1553.075527] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.076329] ? __pfx_p9_client_create+0x10/0x10 [ 1553.077028] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1553.077772] ? lockdep_init_map_type+0x21e/0x7e0 [ 1553.078491] ? __kasan_kmalloc+0x7f/0x90 [ 1553.079121] ? __raw_spin_lock_init+0x3a/0x110 [ 1553.079830] v9fs_session_init+0x1e1/0x1760 [ 1553.080521] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1553.081413] ? __pfx_v9fs_session_init+0x10/0x10 [ 1553.082115] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.082907] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1553.083645] ? v9fs_mount+0x9e/0xbc0 [ 1553.084250] v9fs_mount+0xbd/0xbc0 [ 1553.084822] ? legacy_init_fs_context+0x44/0xe0 [ 1553.085556] ? __pfx_v9fs_mount+0x10/0x10 [ 1553.086183] ? cap_capable+0x1be/0x220 [ 1553.086817] ? __pfx_v9fs_mount+0x10/0x10 [ 1553.087463] legacy_get_tree+0x109/0x220 [ 1553.088078] vfs_get_tree+0x92/0x360 [ 1553.088683] path_mount+0x1335/0x1e40 [ 1553.089283] ? kasan_quarantine_put+0x81/0x1d0 [ 1553.089970] ? __pfx_path_mount+0x10/0x10 [ 1553.090628] ? putname+0x102/0x140 [ 1553.091179] ? kmem_cache_free+0xff/0x4a0 [ 1553.091816] ? putname+0x102/0x140 [ 1553.092410] __x64_sys_mount+0x286/0x310 [ 1553.093030] ? __pfx___x64_sys_mount+0x10/0x10 [ 1553.093742] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.094701] do_syscall_64+0x3f/0x90 [ 1553.095298] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1553.096115] RIP: 0033:0x7fbf7ca8bb19 [ 1553.096687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1553.099201] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1553.100304] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1553.101316] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1553.102334] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1553.103357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1553.104375] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1553.105411] 19:46:16 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x24, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1553.123865] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1553.124916] CPU: 1 PID: 8999 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1553.126004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1553.127130] Call Trace: [ 1553.127491] [ 1553.127812] dump_stack_lvl+0xc1/0xf0 [ 1553.128364] kmem_cache_create_usercopy+0x12b/0x340 [ 1553.129073] p9_client_create+0xd0b/0x1260 [ 1553.129650] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.130350] ? __pfx_p9_client_create+0x10/0x10 [ 1553.131017] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1553.131706] ? lockdep_init_map_type+0x21e/0x7e0 [ 1553.132362] ? __kasan_kmalloc+0x7f/0x90 [ 1553.132907] ? __raw_spin_lock_init+0x3a/0x110 [ 1553.133551] v9fs_session_init+0x1e1/0x1760 [ 1553.134159] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1553.135000] ? __pfx_v9fs_session_init+0x10/0x10 [ 1553.135674] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.136406] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1553.137104] ? v9fs_mount+0x9e/0xbc0 [ 1553.137631] v9fs_mount+0xbd/0xbc0 [ 1553.138136] ? legacy_init_fs_context+0x44/0xe0 [ 1553.138809] ? __pfx_v9fs_mount+0x10/0x10 [ 1553.139410] ? cap_capable+0x1be/0x220 [ 1553.139980] ? __pfx_v9fs_mount+0x10/0x10 [ 1553.140551] legacy_get_tree+0x109/0x220 [ 1553.141116] vfs_get_tree+0x92/0x360 [ 1553.141657] path_mount+0x1335/0x1e40 [ 1553.142218] ? kasan_quarantine_put+0x81/0x1d0 [ 1553.142877] ? __pfx_path_mount+0x10/0x10 [ 1553.143450] ? putname+0x102/0x140 [ 1553.143941] ? kmem_cache_free+0xff/0x4a0 [ 1553.144525] ? putname+0x102/0x140 [ 1553.145055] __x64_sys_mount+0x286/0x310 [ 1553.145647] ? __pfx___x64_sys_mount+0x10/0x10 [ 1553.146301] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1553.147000] do_syscall_64+0x3f/0x90 [ 1553.147546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1553.148269] RIP: 0033:0x7fbf7ca8bb19 [ 1553.148786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1553.151108] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1553.152132] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1553.153008] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1553.153974] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1553.154954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1553.156081] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1553.157073] 19:46:16 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x25, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:16 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9308, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:46:16 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 60) 19:46:16 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 11) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:16 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000640)={'syztnl2\x00', &(0x7f00000005c0)={'sit0\x00', 0x0, 0x2f, 0xff, 0x7, 0x0, 0x1, @remote, @ipv4={'\x00', '\xff\xff', @empty}, 0x20, 0x40, 0x1, 0x3ff}}) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendto(r3, &(0x7f0000000000)="f1d1fd0000000000000000008100", 0x36, 0x0, &(0x7f0000000040)=@xdp={0x2c, 0x0, r5}, 0x80) r6 = socket$packet(0x11, 0x3, 0x300) r7 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r9 = open(&(0x7f00000000c0)='./file0\x00', 0x206600, 0x173) sendmsg$NFT_MSG_GETRULE(r9, &(0x7f0000000940)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x1c, 0x7, 0xa, 0x307, 0x0, 0x0, {0x5}, [@NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x800) sendto(r6, &(0x7f0000000000)="f1d1fd0000000000000000008100", 0x36, 0x0, &(0x7f0000000040)=@xdp={0x2c, 0x0, r8}, 0x80) sendmsg$inet(r1, &(0x7f0000000840)={&(0x7f0000000080)={0x2, 0x2, @loopback}, 0x10, &(0x7f0000000500)=[{&(0x7f00000000c0)}, {&(0x7f0000000100)="c3328b5edd895f62c83ff974ee952750df0089a1fd1295e3b09be733c7e959cef4bda2821d4c3e75085665d10d62cf4d41fe323c", 0x34}, {&(0x7f0000000140)="b923f9684243bba2aaea430df608611e20907201c3f89f45ff027b0d4e5754189cae23e93390d27901764bf2807eb64198214f53b24b4da300ef0de145258a0b2a6cbbd3d467eb3e78bd6884d38fb2cd0234b8aac01f7511aa1863536f356e507f71140b7988dde031538263bc", 0x6d}, {&(0x7f00000001c0)="e2c28cfb9bce7adb6dd738897f2c186186d65675ccc550a7b5223b8f243e7ac3c783b15d6c2895fccba2a7", 0x2b}, {&(0x7f0000000200)="274ea3287c4c0b91926201d9cb9a623cdd955161db32230d346c6bc9d6a8c77520c94076e7c4ed669765d630c65454ee9b6e8a2ba5031aad310c3c7e40d39e90bb5c528eb6400b420674be32e358b8e2a1a9c74d79b66b1c685c0d00c7ac697742afcf4f83f0ded429aee47234c129a4148a12e0ce023c808decea840207b1a6780528782f631c57ac43995de796b02047b17d24b6a98592265b7ea332d6c6c9c995a8e02b6dff59249ff17bdcb7", 0xae}, {&(0x7f00000002c0)="a6b84951c53a2ab166e56d97a379962c40ddef78fc9b32c0e3f8e666103046a001ee64ff6f46aa92fbf64097", 0x2c}, {&(0x7f0000000300)="8f63d7fb520f5193ca18543f0bdf9bab12874eba077b927e9254037c5e0d2230a682d3df36e1d5bfd72bff7ada7cf36bf120aed42da82daddeea18b08fd8b6359e786f42063921e6fd5eaae097f1f014a7cda5b76d709b8572959493c684fda9acf59399666967bd7c55cb2784088b3bf412e03fd326eafc255a1a46ee7b8d8d18470af0975e2ecbd8e8fe2e69862a1be478a75f87ad9966fbf6c27d1351ed05b93440ee199229d7a3c2af1c1060e43a05dace6772a351b27ffd2299e78993c3b52b62190bea716eebf54f3c45b4f313083f9dfe46fc7b612972e1efad19f073cce5ca", 0xe3}, {&(0x7f0000000400)="09f6cd5c51297a8dabdab54dd14ff03cf53a77bfe574f3b568845f3cb0124e3200182394714233187fb4242785274e045a9f36ca076121500426b73cf3098edbe27dbd0a116c00329cd5fda9b78b89f6004bd0814363ce4ab162bc7191c3e0a7300b8e0f3d9a134cbbdb61803afc3da2079bc26a35e26a161e08752ea3fb2c3936eb2d28b7cf23ebc2776c747844f6d391fdb948", 0x94}, {&(0x7f00000004c0)="d9b6b28a983b5c8bdfb87d5e2733e6e150b86b2269a9e523bb6c633744b2d4d631fc4be424ef8e24741330cbd12689d16740", 0x32}], 0x9, &(0x7f0000000680)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @broadcast}}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@timestamp_addr={0x44, 0x54, 0xea, 0x1, 0x8, [{@dev={0xac, 0x14, 0x14, 0x40}, 0x7ff}, {@empty, 0x2}, {@empty, 0x14}, {@broadcast, 0x3ff}, {@multicast2, 0x97}, {@loopback}, {@multicast2, 0x80000000}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3f}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x1}, {@broadcast, 0x1}]}, @end, @noop, @ra={0x94, 0x4}]}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x32}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_retopts={{0x7c, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x7, 0xa6, [@local]}, @timestamp_prespec={0x44, 0x1c, 0x50, 0x3, 0x8, [{@rand_addr=0x64010101, 0xb6}, {@broadcast, 0x6}, {@loopback, 0x1000}]}, @noop, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x13, 0x8f, [@loopback, @private=0xa010102, @rand_addr=0x64010101, @loopback]}, @lsrr={0x83, 0xf, 0xa7, [@loopback, @multicast1, @multicast2]}, @timestamp={0x44, 0x14, 0x4f, 0x0, 0x9, [0x6427, 0x2, 0x800, 0xffffffff]}, @ra={0x94, 0x4}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xc0}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x37}, @multicast1}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}], 0x1b0}, 0x4000800) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 19:46:16 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x28, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 61) 19:46:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x9309, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:46:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x0, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:46:28 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 12) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 64) 19:46:28 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) sendmmsg$sock(r1, &(0x7f0000000340)=[{{&(0x7f00000000c0)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000040)="718f6b8aaa9b983b56b69cea572b68198ea84ab2cf919f8cbac9d9aba47665edb62680ba0a364466", 0x28}, {&(0x7f0000000140)="7e51ccd16333ee8e4ee649e5da09d1a8c8f9da9a63cbc7c3048139c12b614cfb55f7b08d7d0445dd36da6bfefb8c905d347cc37cd0e638a41f967df439067ce894c424d0db676e3c8bb9319023848d8f78055b33a0708cdcfe342400ae6576ce7669283c", 0x64}, {&(0x7f00000001c0)="7888d109d0c8a1b1eae69e003f5d0d4c890a3171ee80ecab010347446db768c22d3d1ee41b06ba6aa35398244ff32db18d25180a0ed4d8fc309f697a6101bd022548", 0x42}], 0x3, &(0x7f0000000280)=[@timestamping={{0x14, 0x1, 0x25, 0xffffff44}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @mark={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x6f}}], 0xc0}}], 0x1, 0x4004084) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) r3 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r3, &(0x7f0000001100)=""/4075, 0xfeb) ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r3, 0x8983, &(0x7f0000000400)) 19:46:28 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x29, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1565.273004] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1565.274235] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1565.275177] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1565.276043] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1565.277021] blk_print_req_error: 15 callbacks suppressed [ 1565.277039] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 1565.279870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.280249] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.280803] buffer_io_error: 14 callbacks suppressed [ 1565.280811] Buffer I/O error on dev sr0, logical block 0, async page read [ 1565.283077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.283478] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.284019] Buffer I/O error on dev sr0, logical block 1, async page read [ 1565.284722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.285110] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.285856] Buffer I/O error on dev sr0, logical block 2, async page read [ 1565.286627] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.287020] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.287694] Buffer I/O error on dev sr0, logical block 3, async page read [ 1565.288377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.288761] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.289300] Buffer I/O error on dev sr0, logical block 4, async page read [ 1565.289982] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.290385] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.290988] Buffer I/O error on dev sr0, logical block 5, async page read [ 1565.291702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.292088] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.292708] Buffer I/O error on dev sr0, logical block 6, async page read [ 1565.293662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.294057] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.294646] Buffer I/O error on dev sr0, logical block 7, async page read [ 1565.295647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.296031] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1565.296636] Buffer I/O error on dev sr0, logical block 0, async page read [ 1565.297328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.297750] Buffer I/O error on dev sr0, logical block 1, async page read [ 1565.298506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.299094] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.299736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.300303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.300917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.301555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.302214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.302832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.303563] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.305626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.306194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.307435] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.308131] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.309168] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.310743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.313791] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.315075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.318102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.318699] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.319301] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.319888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.321227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.323421] FAULT_INJECTION: forcing a failure. [ 1565.323421] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.324182] CPU: 0 PID: 9034 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.324792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.325371] Call Trace: [ 1565.325562] [ 1565.325726] dump_stack_lvl+0xc1/0xf0 [ 1565.326003] should_fail_ex+0x4b4/0x5b0 [ 1565.326298] ? __kernfs_new_node+0xd4/0x870 [ 1565.326601] should_failslab+0x9/0x20 [ 1565.326881] kmem_cache_alloc+0x5a/0x390 [ 1565.327182] __kernfs_new_node+0xd4/0x870 [ 1565.327480] ? __pfx___kernfs_new_node+0x10/0x10 [ 1565.327836] ? down_write+0x11a/0x1f0 [ 1565.328129] ? up_write+0x196/0x510 [ 1565.328410] kernfs_new_node+0x97/0x120 [ 1565.328693] __kernfs_create_file+0x55/0x350 [ 1565.329016] sysfs_add_file_mode_ns+0x21c/0x440 [ 1565.329351] ? __pfx_slab_attr_store+0x10/0x10 [ 1565.329680] internal_create_group+0x322/0xb90 [ 1565.330000] ? __pfx_internal_create_group+0x10/0x10 [ 1565.330351] ? up_write+0x196/0x510 [ 1565.330618] sysfs_slab_add+0x18e/0x220 [ 1565.330906] __kmem_cache_create+0x1fe/0x610 [ 1565.331223] kmem_cache_create_usercopy+0x218/0x340 [ 1565.331575] p9_client_create+0xd0b/0x1260 [ 1565.331887] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.332242] ? __pfx_p9_client_create+0x10/0x10 [ 1565.332572] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.332924] ? lockdep_init_map_type+0x21e/0x7e0 [ 1565.333266] ? __kasan_kmalloc+0x7f/0x90 [ 1565.333567] ? __raw_spin_lock_init+0x3a/0x110 [ 1565.333902] v9fs_session_init+0x1e1/0x1760 [ 1565.334221] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1565.334619] ? __pfx_v9fs_session_init+0x10/0x10 [ 1565.334984] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.335365] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.335730] ? v9fs_mount+0x9e/0xbc0 [ 1565.336027] v9fs_mount+0xbd/0xbc0 [ 1565.336295] ? legacy_init_fs_context+0x44/0xe0 [ 1565.336653] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.336966] ? cap_capable+0x1be/0x220 [ 1565.337262] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.337554] legacy_get_tree+0x109/0x220 [ 1565.337865] vfs_get_tree+0x92/0x360 [ 1565.338158] path_mount+0x1335/0x1e40 [ 1565.338452] ? kasan_quarantine_put+0x81/0x1d0 [ 1565.338780] ? __pfx_path_mount+0x10/0x10 [ 1565.339096] ? putname+0x102/0x140 [ 1565.339368] ? kmem_cache_free+0xff/0x4a0 [ 1565.339686] ? putname+0x102/0x140 [ 1565.339969] __x64_sys_mount+0x286/0x310 [ 1565.340284] ? __pfx___x64_sys_mount+0x10/0x10 [ 1565.340605] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.340984] do_syscall_64+0x3f/0x90 [ 1565.341267] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.341650] RIP: 0033:0x7fb465b78b19 [ 1565.341910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.343169] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1565.343717] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1565.344234] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1565.344735] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1565.345242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.345738] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1565.346256] [ 1565.348895] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1565.349462] CPU: 0 PID: 9034 Comm: syz-executor.5 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.350034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.350612] Call Trace: [ 1565.350807] [ 1565.350978] dump_stack_lvl+0xc1/0xf0 [ 1565.351258] kmem_cache_create_usercopy+0x12b/0x340 [ 1565.351640] p9_client_create+0xd0b/0x1260 [ 1565.351964] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.352343] ? __pfx_p9_client_create+0x10/0x10 [ 1565.352692] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.353061] ? lockdep_init_map_type+0x21e/0x7e0 [ 1565.353407] ? __kasan_kmalloc+0x7f/0x90 [ 1565.353711] ? __raw_spin_lock_init+0x3a/0x110 [ 1565.354063] v9fs_session_init+0x1e1/0x1760 [ 1565.354386] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1565.354806] ? __pfx_v9fs_session_init+0x10/0x10 [ 1565.355164] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.355547] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.355896] ? v9fs_mount+0x9e/0xbc0 [ 1565.356172] v9fs_mount+0xbd/0xbc0 [ 1565.356450] ? legacy_init_fs_context+0x44/0xe0 [ 1565.356772] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.357086] ? cap_capable+0x1be/0x220 [ 1565.357365] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.357680] legacy_get_tree+0x109/0x220 [ 1565.357970] vfs_get_tree+0x92/0x360 [ 1565.358246] path_mount+0x1335/0x1e40 [ 1565.358521] ? kasan_quarantine_put+0x81/0x1d0 [ 1565.358880] ? __pfx_path_mount+0x10/0x10 [ 1565.359168] ? putname+0x102/0x140 [ 1565.359439] ? kmem_cache_free+0xff/0x4a0 [ 1565.359727] ? putname+0x102/0x140 [ 1565.359990] __x64_sys_mount+0x286/0x310 [ 1565.360299] ? __pfx___x64_sys_mount+0x10/0x10 [ 1565.360625] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.361014] do_syscall_64+0x3f/0x90 [ 1565.361288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.361638] RIP: 0033:0x7fb465b78b19 [ 1565.361905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.363150] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1565.363687] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1565.364199] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1565.364696] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1565.365209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.365724] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1565.366243] [ 1565.370949] FAULT_INJECTION: forcing a failure. [ 1565.370949] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.372415] CPU: 0 PID: 9044 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.373001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.373587] Call Trace: [ 1565.373775] [ 1565.373948] dump_stack_lvl+0xc1/0xf0 [ 1565.374234] should_fail_ex+0x4b4/0x5b0 [ 1565.374542] ? jbd2__journal_start+0x194/0x810 [ 1565.374913] should_failslab+0x9/0x20 [ 1565.375191] kmem_cache_alloc+0x5a/0x390 [ 1565.375505] jbd2__journal_start+0x194/0x810 [ 1565.375844] __ext4_journal_start_sb+0x3d7/0x560 [ 1565.376198] ? ext4_dirty_inode+0xa5/0x130 [ 1565.376498] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 1565.376859] ext4_dirty_inode+0xa5/0x130 [ 1565.377149] __mark_inode_dirty+0x1aa/0xc10 [ 1565.377471] generic_update_time+0x21b/0x2b0 [ 1565.377797] file_modified_flags+0x2d4/0x330 [ 1565.378123] ? __pfx_file_modified_flags+0x10/0x10 [ 1565.378480] ext4_buffered_write_iter+0xf9/0x460 [ 1565.378836] ? stack_trace_save+0x90/0xd0 [ 1565.379135] ext4_file_write_iter+0x3ff/0x1950 [ 1565.379470] ? iter_file_splice_write+0x169/0xcb0 [ 1565.379804] ? kasan_save_stack+0x32/0x50 [ 1565.380123] ? kasan_save_stack+0x22/0x50 [ 1565.380416] ? kasan_set_track+0x25/0x30 [ 1565.380718] ? __kasan_kmalloc+0x7f/0x90 [ 1565.381000] ? __kmalloc+0x5a/0x160 [ 1565.381281] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 1565.381628] ? do_splice_direct+0x1bc/0x290 [ 1565.381952] ? do_sendfile+0xb1d/0x12b0 [ 1565.382226] ? __x64_sys_sendfile64+0x1d5/0x210 [ 1565.382572] ? do_syscall_64+0x3f/0x90 [ 1565.382855] ? entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.383255] ? lock_is_held_type+0x9f/0x120 [ 1565.383582] do_iter_readv_writev+0x211/0x3c0 [ 1565.383902] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1565.384286] ? avc_policy_seqno+0x9/0x20 [ 1565.384586] ? security_file_permission+0xb5/0xe0 [ 1565.384965] do_iter_write+0x189/0x7e0 [ 1565.385241] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.385602] ? kasan_set_track+0x25/0x30 [ 1565.385897] vfs_iter_write+0x74/0xb0 [ 1565.386178] iter_file_splice_write+0x73f/0xcb0 [ 1565.386519] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1565.386909] ? __pfx_direct_splice_read+0x10/0x10 [ 1565.387244] ? inode_security+0x105/0x140 [ 1565.387556] ? security_file_permission+0xb5/0xe0 [ 1565.387900] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1565.388278] direct_splice_actor+0x113/0x180 [ 1565.388611] splice_direct_to_actor+0x33a/0x8c0 [ 1565.388960] ? __pfx_direct_splice_actor+0x10/0x10 [ 1565.389335] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1565.389714] ? security_file_permission+0xb5/0xe0 [ 1565.390087] do_splice_direct+0x1bc/0x290 [ 1565.390391] ? __pfx_do_splice_direct+0x10/0x10 [ 1565.390751] ? lock_is_held_type+0x9f/0x120 [ 1565.391079] do_sendfile+0xb1d/0x12b0 [ 1565.391363] ? __pfx_do_sendfile+0x10/0x10 [ 1565.391684] __x64_sys_sendfile64+0x1d5/0x210 [ 1565.392018] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1565.392388] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.392765] do_syscall_64+0x3f/0x90 [ 1565.393043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.393430] RIP: 0033:0x7fa70ac2ab19 [ 1565.393704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.394985] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1565.395504] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1565.396000] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1565.396487] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1565.396985] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000002 [ 1565.397474] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1565.397986] 19:46:28 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x2a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x930a, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:46:28 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 65) [ 1565.468482] FAULT_INJECTION: forcing a failure. [ 1565.468482] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.469302] CPU: 0 PID: 9053 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.469825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.470361] Call Trace: [ 1565.470542] [ 1565.470700] dump_stack_lvl+0xc1/0xf0 [ 1565.470980] should_fail_ex+0x4b4/0x5b0 [ 1565.471262] ? __kernfs_new_node+0xd4/0x870 [ 1565.471556] should_failslab+0x9/0x20 [ 1565.471820] kmem_cache_alloc+0x5a/0x390 [ 1565.472105] __kernfs_new_node+0xd4/0x870 [ 1565.472399] ? __pfx___kernfs_new_node+0x10/0x10 [ 1565.472736] ? down_write+0x11a/0x1f0 [ 1565.473013] ? up_write+0x196/0x510 [ 1565.473283] kernfs_new_node+0x97/0x120 [ 1565.473560] __kernfs_create_file+0x55/0x350 [ 1565.473873] sysfs_add_file_mode_ns+0x21c/0x440 [ 1565.474200] ? __pfx_slab_attr_store+0x10/0x10 [ 1565.474523] internal_create_group+0x322/0xb90 [ 1565.474863] ? __pfx_internal_create_group+0x10/0x10 [ 1565.475209] ? up_write+0x196/0x510 [ 1565.475475] sysfs_slab_add+0x18e/0x220 [ 1565.475754] __kmem_cache_create+0x1fe/0x610 [ 1565.476064] kmem_cache_create_usercopy+0x218/0x340 [ 1565.476411] p9_client_create+0xd0b/0x1260 [ 1565.476713] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.477065] ? __pfx_p9_client_create+0x10/0x10 [ 1565.477388] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.477716] ? lockdep_init_map_type+0x21e/0x7e0 [ 1565.478046] ? __kasan_kmalloc+0x7f/0x90 [ 1565.478337] ? __raw_spin_lock_init+0x3a/0x110 [ 1565.478664] v9fs_session_init+0x1e1/0x1760 [ 1565.478983] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1565.479394] ? __pfx_v9fs_session_init+0x10/0x10 [ 1565.479728] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.480093] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.480430] ? v9fs_mount+0x9e/0xbc0 [ 1565.480710] v9fs_mount+0xbd/0xbc0 [ 1565.480970] ? legacy_init_fs_context+0x44/0xe0 [ 1565.481297] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.481586] ? cap_capable+0x1be/0x220 [ 1565.481865] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.482160] legacy_get_tree+0x109/0x220 [ 1565.482451] vfs_get_tree+0x92/0x360 [ 1565.482716] path_mount+0x1335/0x1e40 [ 1565.483008] ? kasan_quarantine_put+0x81/0x1d0 [ 1565.483333] ? __pfx_path_mount+0x10/0x10 [ 1565.483627] ? putname+0x102/0x140 [ 1565.483885] ? kmem_cache_free+0xff/0x4a0 [ 1565.484170] ? putname+0x102/0x140 [ 1565.484434] __x64_sys_mount+0x286/0x310 [ 1565.484724] ? __pfx___x64_sys_mount+0x10/0x10 [ 1565.485046] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.485443] do_syscall_64+0x3f/0x90 [ 1565.485745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.486100] RIP: 0033:0x7fbf7ca8bb19 [ 1565.486357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.487560] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1565.488078] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1565.488560] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1565.489051] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1565.489542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.490032] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1565.490526] 19:46:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x0, 0x18018, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) [ 1565.521857] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1565.523143] CPU: 0 PID: 9053 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.524151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.525143] Call Trace: [ 1565.525470] [ 1565.525768] dump_stack_lvl+0xc1/0xf0 [ 1565.526264] kmem_cache_create_usercopy+0x12b/0x340 [ 1565.526922] p9_client_create+0xd0b/0x1260 [ 1565.527477] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.528129] ? __pfx_p9_client_create+0x10/0x10 [ 1565.528729] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.529363] ? lockdep_init_map_type+0x21e/0x7e0 [ 1565.529963] ? __kasan_kmalloc+0x7f/0x90 [ 1565.530502] ? __raw_spin_lock_init+0x3a/0x110 [ 1565.531100] v9fs_session_init+0x1e1/0x1760 [ 1565.531656] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1565.532406] ? __pfx_v9fs_session_init+0x10/0x10 [ 1565.533014] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.533669] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.534284] ? v9fs_mount+0x9e/0xbc0 [ 1565.534807] v9fs_mount+0xbd/0xbc0 [ 1565.535274] ? legacy_init_fs_context+0x44/0xe0 [ 1565.535876] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.536403] ? cap_capable+0x1be/0x220 [ 1565.536918] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.537448] legacy_get_tree+0x109/0x220 [ 1565.537978] vfs_get_tree+0x92/0x360 [ 1565.538478] path_mount+0x1335/0x1e40 [ 1565.539003] ? kasan_quarantine_put+0x81/0x1d0 [ 1565.539586] ? __pfx_path_mount+0x10/0x10 [ 1565.540118] ? putname+0x102/0x140 [ 1565.540594] ? kmem_cache_free+0xff/0x4a0 [ 1565.541179] ? putname+0x102/0x140 [ 1565.541666] __x64_sys_mount+0x286/0x310 [ 1565.542187] ? __pfx___x64_sys_mount+0x10/0x10 [ 1565.542794] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.543445] do_syscall_64+0x3f/0x90 [ 1565.543928] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.544580] RIP: 0033:0x7fbf7ca8bb19 [ 1565.545040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.547158] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1565.548086] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1565.548949] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1565.549835] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1565.550704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.551576] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1565.552439] 19:46:29 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 62) 19:46:29 executing program 4: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r0, &(0x7f0000001100)=""/4075, 0xfeb) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6, 0x5}]}, 0x10) 19:46:29 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x2b, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:29 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x930b, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:46:29 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) [ 1565.698846] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1565.699542] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1565.700061] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1565.700647] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 1565.704036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.711842] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.714197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.721862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.724870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1565.726925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:46:29 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 66) [ 1565.731838] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:46:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x1f, 0x3, 0x7f, 0x5}, {0x0, 0x1f, 0x7f, 0x3ff}, {0x5, 0x7, 0x7, 0x6}]}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x67, 0x0, 0xfffff020}, {0x6}]}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r1, &(0x7f0000001100)=""/4075, 0xfeb) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f00000002c0)={'wg1\x00'}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendto(r2, &(0x7f0000000000)="f1d1fd0000000000000000008100", 0x36, 0x0, &(0x7f0000000040)=@xdp={0x2c, 0x0, r4}, 0x80) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000140)={'ip6gre0\x00', 0x0, 0x4, 0x0, 0x1, 0x101, 0x4, @empty, @dev={0xfe, 0x80, '\x00', 0xd}, 0x8000, 0x8, 0x5, 0x3}}) r6 = syz_open_procfs(0x0, &(0x7f00000010c0)='maps\x00') read$hiddev(r6, &(0x7f0000001100)=""/4075, 0xfeb) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'veth1\x00'}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4880}, 0x40000) [ 1565.735860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 19:46:29 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 13) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:29 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x2c, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) [ 1565.815145] FAULT_INJECTION: forcing a failure. [ 1565.815145] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.815916] CPU: 1 PID: 9079 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.816417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.816967] Call Trace: [ 1565.817139] [ 1565.817292] dump_stack_lvl+0xc1/0xf0 [ 1565.817551] should_fail_ex+0x4b4/0x5b0 [ 1565.817821] ? __kernfs_new_node+0xd4/0x870 [ 1565.818097] should_failslab+0x9/0x20 [ 1565.818353] kmem_cache_alloc+0x5a/0x390 [ 1565.818625] __kernfs_new_node+0xd4/0x870 [ 1565.818935] ? __pfx___kernfs_new_node+0x10/0x10 [ 1565.819250] ? down_write+0x11a/0x1f0 [ 1565.819532] ? up_write+0x196/0x510 [ 1565.819786] kernfs_new_node+0x97/0x120 [ 1565.820077] __kernfs_create_file+0x55/0x350 [ 1565.820383] sysfs_add_file_mode_ns+0x21c/0x440 [ 1565.820725] ? __pfx_slab_attr_store+0x10/0x10 [ 1565.821037] internal_create_group+0x322/0xb90 [ 1565.821365] ? __pfx_internal_create_group+0x10/0x10 [ 1565.821703] ? up_write+0x196/0x510 [ 1565.821978] sysfs_slab_add+0x18e/0x220 [ 1565.822275] __kmem_cache_create+0x1fe/0x610 [ 1565.822705] kmem_cache_create_usercopy+0x218/0x340 [ 1565.823052] p9_client_create+0xd0b/0x1260 [ 1565.823409] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.823872] ? __pfx_p9_client_create+0x10/0x10 [ 1565.824293] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.824668] ? lockdep_init_map_type+0x21e/0x7e0 [ 1565.825047] ? __kasan_kmalloc+0x7f/0x90 [ 1565.825359] ? __raw_spin_lock_init+0x3a/0x110 [ 1565.825677] v9fs_session_init+0x1e1/0x1760 [ 1565.826005] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1565.826392] ? __pfx_v9fs_session_init+0x10/0x10 [ 1565.826767] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.827106] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.827474] ? v9fs_mount+0x9e/0xbc0 [ 1565.827743] v9fs_mount+0xbd/0xbc0 [ 1565.828031] ? legacy_init_fs_context+0x44/0xe0 [ 1565.828345] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.828665] ? cap_capable+0x1be/0x220 [ 1565.828937] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.829259] legacy_get_tree+0x109/0x220 [ 1565.829616] vfs_get_tree+0x92/0x360 [ 1565.829945] path_mount+0x1335/0x1e40 [ 1565.830219] ? kasan_quarantine_put+0x81/0x1d0 [ 1565.830556] ? __pfx_path_mount+0x10/0x10 [ 1565.830838] ? putname+0x102/0x140 [ 1565.831118] ? kmem_cache_free+0xff/0x4a0 [ 1565.831394] ? putname+0x102/0x140 [ 1565.831680] __x64_sys_mount+0x286/0x310 [ 1565.831982] ? __pfx___x64_sys_mount+0x10/0x10 [ 1565.832294] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.832679] do_syscall_64+0x3f/0x90 [ 1565.832932] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.833318] RIP: 0033:0x7fbf7ca8bb19 [ 1565.833565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.835033] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1565.835609] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1565.836307] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1565.836820] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1565.837326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.837835] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1565.838358] [ 1565.898070] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1565.899081] CPU: 0 PID: 9079 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1565.900068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.901071] Call Trace: [ 1565.901405] [ 1565.901703] dump_stack_lvl+0xc1/0xf0 [ 1565.902201] kmem_cache_create_usercopy+0x12b/0x340 [ 1565.902852] p9_client_create+0xd0b/0x1260 [ 1565.903399] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.904078] ? __pfx_p9_client_create+0x10/0x10 [ 1565.904680] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.905311] ? lockdep_init_map_type+0x21e/0x7e0 [ 1565.905912] ? __kasan_kmalloc+0x7f/0x90 [ 1565.906453] ? __raw_spin_lock_init+0x3a/0x110 [ 1565.907042] v9fs_session_init+0x1e1/0x1760 [ 1565.907600] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1565.908365] ? __pfx_v9fs_session_init+0x10/0x10 [ 1565.908978] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.909641] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1565.910273] ? v9fs_mount+0x9e/0xbc0 [ 1565.910794] v9fs_mount+0xbd/0xbc0 [ 1565.911267] ? legacy_init_fs_context+0x44/0xe0 [ 1565.911875] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.912419] ? cap_capable+0x1be/0x220 [ 1565.912933] ? __pfx_v9fs_mount+0x10/0x10 [ 1565.913497] legacy_get_tree+0x109/0x220 [ 1565.914022] vfs_get_tree+0x92/0x360 [ 1565.914548] path_mount+0x1335/0x1e40 [ 1565.915088] ? kasan_quarantine_put+0x81/0x1d0 [ 1565.915712] ? __pfx_path_mount+0x10/0x10 [ 1565.916274] ? putname+0x102/0x140 [ 1565.916768] ? kmem_cache_free+0xff/0x4a0 [ 1565.917325] ? putname+0x102/0x140 [ 1565.917835] __x64_sys_mount+0x286/0x310 [ 1565.918393] ? __pfx___x64_sys_mount+0x10/0x10 [ 1565.919040] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1565.919720] do_syscall_64+0x3f/0x90 [ 1565.920238] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1565.920934] RIP: 0033:0x7fbf7ca8bb19 [ 1565.921426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.923725] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1565.924705] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1565.925624] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1565.926541] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1565.927471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.928383] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1565.929307] 19:46:42 executing program 7: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x7, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) (fail_nth: 14) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:42 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x20, 0x0, 0x0, 0x6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x185842, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) pipe2(&(0x7f0000000300), 0x0) close(r0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x4, 0x1, 0x3f, 0x5, 0x0, 0x800, 0x0, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000100), 0x5}, 0x40000, 0x6, 0x7, 0x4, 0x7, 0x81, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r1, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r1, 0xb) shmat(r1, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$IPC_RMID(r1, 0x0) r2 = shmget$private(0x0, 0x14000, 0x0, &(0x7f0000fe7000/0x14000)=nil) shmat(r2, &(0x7f0000ff0000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ff6000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r2, 0xb) shmctl$IPC_RMID(r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7709008e9f3d36a7ad95c5e3282fe441f39af8826cfa38b3fe20061ac13710c13112e0b74f931fa5236177b36fe1ffb52e24d097fa235b8198d209a77e5b6f99952bb854ef9bc625cfe709617522f088187285ee0fea7a1d4a6c", @ANYRESHEX, @ANYBLOB="2c00ad4012a4cbb21213477d85f7a7e7635b6e14d960258678c3ab07773abbec515a1902191bf01a6a2b2386f0ce6823747a81a69f387c326085a38f2d53c7b3e19974321313fd9e14ffa3d9d3f1a11ad8fdfda97c14cb936e169339ff1ee1ea09571b0eced16e8c7c2915100676b7c5d84e3810d88cf47895"]) 19:46:42 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 67) 19:46:42 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x930c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) 19:46:42 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}]}}) (fail_nth: 63) 19:46:42 executing program 1: read$ptp(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) io_setup(0x6, &(0x7f0000000040)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x7f}, 0x1a60b, 0x0, 0x0, 0x9, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) 19:46:42 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x2d, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x7}, {0x6}]}, 0x10) 19:46:42 executing program 4: setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000040)={0x1}, 0x4) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x6}]}, 0x10) [ 1578.737923] FAULT_INJECTION: forcing a failure. [ 1578.737923] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.739636] CPU: 1 PID: 9098 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1578.741077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.742300] Call Trace: [ 1578.742782] [ 1578.743188] dump_stack_lvl+0xc1/0xf0 [ 1578.743917] should_fail_ex+0x4b4/0x5b0 [ 1578.744592] ? __kernfs_new_node+0xd4/0x870 [ 1578.745381] should_failslab+0x9/0x20 [ 1578.745933] kmem_cache_alloc+0x5a/0x390 [ 1578.746704] __kernfs_new_node+0xd4/0x870 [ 1578.747417] ? __pfx___kernfs_new_node+0x10/0x10 [ 1578.748292] ? down_write+0x11a/0x1f0 [ 1578.748894] ? up_write+0x196/0x510 [ 1578.749600] kernfs_new_node+0x97/0x120 [ 1578.750306] __kernfs_create_file+0x55/0x350 [ 1578.751148] sysfs_add_file_mode_ns+0x21c/0x440 [ 1578.752049] ? __pfx_slab_attr_store+0x10/0x10 [ 1578.752145] FAULT_INJECTION: forcing a failure. [ 1578.752145] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1578.752902] internal_create_group+0x322/0xb90 [ 1578.752961] ? __pfx_internal_create_group+0x10/0x10 [ 1578.755321] ? up_write+0x196/0x510 [ 1578.755939] sysfs_slab_add+0x18e/0x220 [ 1578.756626] __kmem_cache_create+0x1fe/0x610 [ 1578.757332] kmem_cache_create_usercopy+0x218/0x340 [ 1578.758182] p9_client_create+0xd0b/0x1260 [ 1578.758866] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.759769] ? __pfx_p9_client_create+0x10/0x10 [ 1578.760528] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.761355] ? lockdep_init_map_type+0x21e/0x7e0 [ 1578.762104] ? __kasan_kmalloc+0x7f/0x90 [ 1578.762813] ? __raw_spin_lock_init+0x3a/0x110 [ 1578.763543] v9fs_session_init+0x1e1/0x1760 [ 1578.764282] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1578.765219] ? __pfx_v9fs_session_init+0x10/0x10 [ 1578.766024] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.766946] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.767783] ? v9fs_mount+0x9e/0xbc0 [ 1578.768464] v9fs_mount+0xbd/0xbc0 [ 1578.769082] ? legacy_init_fs_context+0x44/0xe0 [ 1578.769895] ? __pfx_v9fs_mount+0x10/0x10 [ 1578.770607] ? cap_capable+0x1be/0x220 [ 1578.771326] ? __pfx_v9fs_mount+0x10/0x10 [ 1578.772034] legacy_get_tree+0x109/0x220 [ 1578.772748] vfs_get_tree+0x92/0x360 [ 1578.773395] path_mount+0x1335/0x1e40 [ 1578.774069] ? kasan_quarantine_put+0x81/0x1d0 [ 1578.774847] ? __pfx_path_mount+0x10/0x10 [ 1578.775562] ? putname+0x102/0x140 [ 1578.776191] ? kmem_cache_free+0xff/0x4a0 [ 1578.776845] ? putname+0x102/0x140 [ 1578.777478] __x64_sys_mount+0x286/0x310 [ 1578.778123] ? __pfx___x64_sys_mount+0x10/0x10 [ 1578.778936] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.779762] do_syscall_64+0x3f/0x90 [ 1578.780393] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.781187] RIP: 0033:0x7fbf7ca8bb19 [ 1578.781806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.784414] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1578.785627] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1578.786784] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1578.787942] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1578.789094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1578.790235] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1578.791450] [ 1578.791855] CPU: 0 PID: 9101 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1578.792441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.793000] Call Trace: [ 1578.793183] [ 1578.793348] dump_stack_lvl+0xc1/0xf0 [ 1578.793630] should_fail_ex+0x4b4/0x5b0 [ 1578.793924] prepare_alloc_pages+0x178/0x500 [ 1578.794253] __alloc_pages+0x149/0x480 [ 1578.794541] ? lock_acquire+0x19a/0x4c0 [ 1578.794828] ? __pfx___alloc_pages+0x10/0x10 [ 1578.795159] ? lock_release+0x1e3/0x680 [ 1578.795450] ? xas_start+0x14e/0x710 [ 1578.795731] alloc_pages+0x1a0/0x260 [ 1578.796002] filemap_alloc_folio+0x374/0x410 [ 1578.796322] ? __pfx_filemap_alloc_folio+0x10/0x10 [ 1578.796668] ? __mark_inode_dirty+0x625/0xc10 [ 1578.796991] ? reacquire_held_locks+0x22b/0x4e0 [ 1578.797319] ? __mark_inode_dirty+0x625/0xc10 [ 1578.797642] __filemap_get_folio+0x285/0x8d0 [ 1578.797962] ? find_held_lock+0x2c/0x110 [ 1578.798261] ext4_da_write_begin+0x374/0x830 [ 1578.798596] ? __pfx_ext4_da_write_begin+0x10/0x10 [ 1578.798957] ? do_raw_spin_unlock+0x53/0x220 [ 1578.799276] generic_perform_write+0x25a/0x580 [ 1578.799608] ? __pfx_generic_perform_write+0x10/0x10 [ 1578.799961] ? __pfx_file_modified_flags+0x10/0x10 [ 1578.800319] ext4_buffered_write_iter+0x164/0x460 [ 1578.800660] ? stack_trace_save+0x90/0xd0 [ 1578.800959] ext4_file_write_iter+0x3ff/0x1950 [ 1578.801289] ? iter_file_splice_write+0x169/0xcb0 [ 1578.801643] ? kasan_save_stack+0x32/0x50 [ 1578.801943] ? kasan_save_stack+0x22/0x50 [ 1578.802242] ? kasan_set_track+0x25/0x30 [ 1578.802545] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 1578.802918] ? mark_held_locks+0x9e/0xe0 [ 1578.803216] do_iter_readv_writev+0x211/0x3c0 [ 1578.803548] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1578.803910] ? rw_verify_area+0xba/0x1b0 [ 1578.804209] ? __sanitizer_cov_trace_pc+0x60/0x70 [ 1578.804555] do_iter_write+0x189/0x7e0 [ 1578.804832] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.805183] ? kasan_set_track+0x25/0x30 [ 1578.805486] vfs_iter_write+0x74/0xb0 [ 1578.805755] iter_file_splice_write+0x73f/0xcb0 [ 1578.806101] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1578.806471] ? __pfx_direct_splice_read+0x10/0x10 [ 1578.806822] ? inode_security+0x105/0x140 [ 1578.807138] ? security_file_permission+0xb5/0xe0 [ 1578.807488] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1578.807856] direct_splice_actor+0x113/0x180 [ 1578.808174] splice_direct_to_actor+0x33a/0x8c0 [ 1578.808509] ? __pfx_direct_splice_actor+0x10/0x10 [ 1578.808872] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1578.809233] ? security_file_permission+0xb5/0xe0 [ 1578.809588] do_splice_direct+0x1bc/0x290 [ 1578.809886] ? __pfx_do_splice_direct+0x10/0x10 [ 1578.810226] ? lock_is_held_type+0x9f/0x120 [ 1578.810535] do_sendfile+0xb1d/0x12b0 [ 1578.810811] ? __pfx_do_sendfile+0x10/0x10 [ 1578.811125] __x64_sys_sendfile64+0x1d5/0x210 [ 1578.811452] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1578.811804] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.812173] do_syscall_64+0x3f/0x90 [ 1578.812446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.812817] RIP: 0033:0x7fa70ac2ab19 [ 1578.813081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.814304] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1578.814827] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1578.815329] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1578.815824] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1578.816305] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000002 [ 1578.816793] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1578.817292] [ 1578.817623] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 1578.818384] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 1578.818890] CPU: 0 PID: 9101 Comm: syz-executor.7 Not tainted 6.3.0-rc7-next-20230418 #1 [ 1578.819451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.820003] RIP: 0010:folio_wait_stable+0x23/0xe0 [ 1578.820344] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 fd 53 e8 32 58 e7 ff 48 8d 7d 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 a4 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b [ 1578.821546] RSP: 0018:ffff8880446cf488 EFLAGS: 00010213 [ 1578.821920] RAX: dffffc0000000000 RBX: ffff88801bad02b0 RCX: ffffc900013cd000 [ 1578.822408] RDX: 0000000000000001 RSI: ffffffff81647cce RDI: 000000000000000c [ 1578.822887] RBP: fffffffffffffff4 R08: 0000000000000001 R09: ffffffff856c1693 [ 1578.823381] R10: fffffbfff0ad82d2 R11: 0000000000000001 R12: 0000000000000000 [ 1578.823861] R13: ffff88801bad04d8 R14: 0000000000000000 R15: 0000000000000000 [ 1578.825273] FS: 00007fa7081a0700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 1578.827020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1578.828093] CR2: 00007fa70819ff78 CR3: 000000004228e000 CR4: 0000000000350ef0 [ 1578.828818] Call Trace: [ 1578.829008] [ 1578.829174] ext4_da_write_begin+0x38d/0x830 [ 1578.829496] ? __pfx_ext4_da_write_begin+0x10/0x10 [ 1578.829852] ? do_raw_spin_unlock+0x53/0x220 [ 1578.830167] generic_perform_write+0x25a/0x580 [ 1578.830496] ? __pfx_generic_perform_write+0x10/0x10 [ 1578.830857] ? __pfx_file_modified_flags+0x10/0x10 [ 1578.831230] ext4_buffered_write_iter+0x164/0x460 [ 1578.831628] ? stack_trace_save+0x90/0xd0 [ 1578.832037] ext4_file_write_iter+0x3ff/0x1950 [ 1578.832486] ? iter_file_splice_write+0x169/0xcb0 [ 1578.832953] ? kasan_save_stack+0x32/0x50 [ 1578.833360] ? kasan_save_stack+0x22/0x50 [ 1578.833773] ? kasan_set_track+0x25/0x30 [ 1578.834183] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 1578.834666] ? mark_held_locks+0x9e/0xe0 [ 1578.835065] do_iter_readv_writev+0x211/0x3c0 [ 1578.835506] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1578.836000] ? rw_verify_area+0xba/0x1b0 [ 1578.836406] ? __sanitizer_cov_trace_pc+0x60/0x70 [ 1578.836873] do_iter_write+0x189/0x7e0 [ 1578.837245] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.837716] ? kasan_set_track+0x25/0x30 [ 1578.838122] vfs_iter_write+0x74/0xb0 [ 1578.838488] iter_file_splice_write+0x73f/0xcb0 [ 1578.838958] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1578.839470] ? __pfx_direct_splice_read+0x10/0x10 [ 1578.839938] ? inode_security+0x105/0x140 [ 1578.840343] ? security_file_permission+0xb5/0xe0 [ 1578.840823] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1578.841331] direct_splice_actor+0x113/0x180 [ 1578.841771] splice_direct_to_actor+0x33a/0x8c0 [ 1578.842227] ? __pfx_direct_splice_actor+0x10/0x10 [ 1578.842708] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1578.843229] ? security_file_permission+0xb5/0xe0 [ 1578.843721] do_splice_direct+0x1bc/0x290 [ 1578.844020] ? __pfx_do_splice_direct+0x10/0x10 [ 1578.844366] ? lock_is_held_type+0x9f/0x120 [ 1578.844683] do_sendfile+0xb1d/0x12b0 [ 1578.844967] ? __pfx_do_sendfile+0x10/0x10 [ 1578.845276] __x64_sys_sendfile64+0x1d5/0x210 [ 1578.845608] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1578.845966] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.846346] do_syscall_64+0x3f/0x90 [ 1578.846633] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.847019] RIP: 0033:0x7fa70ac2ab19 [ 1578.847288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.848573] RSP: 002b:00007fa7081a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1578.849104] RAX: ffffffffffffffda RBX: 00007fa70ad3df60 RCX: 00007fa70ac2ab19 [ 1578.849607] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1578.850115] RBP: 00007fa7081a01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1578.850618] R10: 000000010000027f R11: 0000000000000246 R12: 0000000000000002 [ 1578.851125] R13: 00007fff0289a56f R14: 00007fa7081a0300 R15: 0000000000022000 [ 1578.851640] [ 1578.851812] Modules linked in: [ 1578.852079] ---[ end trace 0000000000000000 ]--- [ 1578.852468] RIP: 0010:folio_wait_stable+0x23/0xe0 [ 1578.852868] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 fd 53 e8 32 58 e7 ff 48 8d 7d 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 a4 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b [ 1578.854189] RSP: 0018:ffff8880446cf488 EFLAGS: 00010213 [ 1578.854618] RAX: dffffc0000000000 RBX: ffff88801bad02b0 RCX: ffffc900013cd000 [ 1578.855178] RDX: 0000000000000001 RSI: ffffffff81647cce RDI: 000000000000000c [ 1578.855740] RBP: fffffffffffffff4 R08: 0000000000000001 R09: ffffffff856c1693 [ 1578.856290] R10: fffffbfff0ad82d2 R11: 0000000000000001 R12: 0000000000000000 [ 1578.856948] R13: ffff88801bad04d8 R14: 0000000000000000 R15: 0000000000000000 [ 1578.857568] FS: 00007fa7081a0700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 1578.858179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1578.858639] CR2: 00007fa70819ff78 CR3: 000000004228e000 CR4: 0000000000350ef0 [ 1578.865366] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1578.865893] CPU: 0 PID: 9098 Comm: syz-executor.2 Tainted: G D 6.3.0-rc7-next-20230418 #1 [ 1578.866567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.866674] FAULT_INJECTION: forcing a failure. [ 1578.866674] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.867153] Call Trace: [ 1578.867159] [ 1578.867165] dump_stack_lvl+0xc1/0xf0 [ 1578.869185] kmem_cache_create_usercopy+0x12b/0x340 [ 1578.869562] p9_client_create+0xd0b/0x1260 [ 1578.869878] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.870258] ? __pfx_p9_client_create+0x10/0x10 [ 1578.870599] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.870975] ? lockdep_init_map_type+0x21e/0x7e0 [ 1578.871321] ? __kasan_kmalloc+0x7f/0x90 [ 1578.871623] ? __raw_spin_lock_init+0x3a/0x110 [ 1578.871963] v9fs_session_init+0x1e1/0x1760 [ 1578.872282] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1578.872715] ? __pfx_v9fs_session_init+0x10/0x10 [ 1578.873058] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.873440] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.873798] ? v9fs_mount+0x9e/0xbc0 [ 1578.874082] v9fs_mount+0xbd/0xbc0 [ 1578.874351] ? legacy_init_fs_context+0x44/0xe0 [ 1578.874701] ? __pfx_v9fs_mount+0x10/0x10 [ 1578.875030] ? cap_capable+0x1be/0x220 [ 1578.875326] ? __pfx_v9fs_mount+0x10/0x10 [ 1578.875629] legacy_get_tree+0x109/0x220 [ 1578.875939] vfs_get_tree+0x92/0x360 [ 1578.876223] path_mount+0x1335/0x1e40 [ 1578.876515] ? kasan_quarantine_put+0x81/0x1d0 [ 1578.876851] ? __pfx_path_mount+0x10/0x10 [ 1578.877162] ? putname+0x102/0x140 [ 1578.877432] ? kmem_cache_free+0xff/0x4a0 [ 1578.877744] ? putname+0x102/0x140 [ 1578.878015] __x64_sys_mount+0x286/0x310 [ 1578.878319] ? __pfx___x64_sys_mount+0x10/0x10 [ 1578.878658] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 1578.879049] do_syscall_64+0x3f/0x90 [ 1578.879324] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.879691] RIP: 0033:0x7fbf7ca8bb19 [ 1578.879958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.881241] RSP: 002b:00007fbf7a001188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1578.881779] RAX: ffffffffffffffda RBX: 00007fbf7cb9ef60 RCX: 00007fbf7ca8bb19 [ 1578.882289] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1578.882799] RBP: 00007fbf7a0011d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1578.883315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1578.883824] R13: 00007ffcc10680ff R14: 00007fbf7a001300 R15: 0000000000022000 [ 1578.884336] [ 1578.884513] CPU: 1 PID: 9104 Comm: syz-executor.5 Tainted: G D 6.3.0-rc7-next-20230418 #1 [ 1578.885763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.886823] Call Trace: [ 1578.887181] [ 1578.887490] dump_stack_lvl+0xc1/0xf0 [ 1578.888023] should_fail_ex+0x4b4/0x5b0 [ 1578.888581] ? __kernfs_new_node+0xd4/0x870 [ 1578.889147] should_failslab+0x9/0x20 [ 1578.889668] kmem_cache_alloc+0x5a/0x390 [ 1578.890225] __kernfs_new_node+0xd4/0x870 [ 1578.890772] ? __pfx___kernfs_new_node+0x10/0x10 [ 1578.891425] ? down_write+0x11a/0x1f0 [ 1578.891951] ? up_write+0x196/0x510 [ 1578.892457] kernfs_new_node+0x97/0x120 [ 1578.892992] __kernfs_create_file+0x55/0x350 [ 1578.893593] sysfs_add_file_mode_ns+0x21c/0x440 [ 1578.894229] ? __pfx_slab_attr_store+0x10/0x10 [ 1578.894850] internal_create_group+0x322/0xb90 [ 1578.895478] ? __pfx_internal_create_group+0x10/0x10 [ 1578.896147] ? up_write+0x196/0x510 [ 1578.896651] sysfs_slab_add+0x18e/0x220 [ 1578.897173] __kmem_cache_create+0x1fe/0x610 [ 1578.897777] kmem_cache_create_usercopy+0x218/0x340 [ 1578.898434] p9_client_create+0xd0b/0x1260 [ 1578.899010] ? __pfx_p9_client_create+0x10/0x10 [ 1578.899629] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.900294] ? lockdep_init_map_type+0x21e/0x7e0 [ 1578.900930] ? __kasan_kmalloc+0x7f/0x90 [ 1578.901473] ? __raw_spin_lock_init+0x3a/0x110 [ 1578.902087] v9fs_session_init+0x1e1/0x1760 [ 1578.902654] ? do_raw_spin_lock+0x125/0x270 [ 1578.903248] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1578.904032] ? __pfx_v9fs_session_init+0x10/0x10 [ 1578.904666] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1578.905314] ? v9fs_mount+0x9e/0xbc0 [ 1578.905831] v9fs_mount+0xbd/0xbc0 [ 1578.906319] ? legacy_init_fs_context+0x44/0xe0 [ 1578.906951] ? __pfx_v9fs_mount+0x10/0x10 [ 1578.907511] ? cap_capable+0x1be/0x220 [ 1578.908049] ? __pfx_v9fs_mount+0x10/0x10 [ 1578.908605] legacy_get_tree+0x109/0x220 [ 1578.909157] vfs_get_tree+0x92/0x360 [ 1578.909669] path_mount+0x1335/0x1e40 [ 1578.910193] ? trace_hardirqs_on+0x16/0x100 [ 1578.910776] ? kasan_quarantine_put+0x81/0x1d0 [ 1578.911397] ? __pfx_path_mount+0x10/0x10 [ 1578.911952] ? putname+0x102/0x140 [ 1578.912446] ? kmem_cache_free+0xff/0x4a0 [ 1578.912993] ? putname+0x102/0x140 [ 1578.913487] __x64_sys_mount+0x286/0x310 [ 1578.914031] ? __pfx___x64_sys_mount+0x10/0x10 [ 1578.914650] do_syscall_64+0x3f/0x90 [ 1578.915162] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1578.915843] RIP: 0033:0x7fb465b78b19 [ 1578.916326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.918585] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1578.919558] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1578.920470] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1578.921367] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1578.922261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1578.923149] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1578.924047] [ 1579.028568] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12 [ 1579.030474] CPU: 1 PID: 9104 Comm: syz-executor.5 Tainted: G D 6.3.0-rc7-next-20230418 #1 [ 1579.031996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.033422] Call Trace: [ 1579.033854] [ 1579.034233] dump_stack_lvl+0xc1/0xf0 [ 1579.034945] kmem_cache_create_usercopy+0x12b/0x340 [ 1579.035833] p9_client_create+0xd0b/0x1260 [ 1579.036672] ? __pfx_p9_client_create+0x10/0x10 [ 1579.037588] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1579.038451] ? lockdep_init_map_type+0x21e/0x7e0 [ 1579.039349] ? __kasan_kmalloc+0x7f/0x90 [ 1579.040090] ? __raw_spin_lock_init+0x3a/0x110 [ 1579.040891] v9fs_session_init+0x1e1/0x1760 [ 1579.041672] ? do_raw_spin_lock+0x125/0x270 [ 1579.042468] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1579.043508] ? __pfx_v9fs_session_init+0x10/0x10 [ 1579.044350] ? __kmem_cache_alloc_node+0x1bc/0x310 [ 1579.045237] ? v9fs_mount+0x9e/0xbc0 [ 1579.045984] v9fs_mount+0xbd/0xbc0 [ 1579.046629] ? legacy_init_fs_context+0x44/0xe0 [ 1579.047520] ? __pfx_v9fs_mount+0x10/0x10 [ 1579.048318] ? cap_capable+0x1be/0x220 [ 1579.049056] ? __pfx_v9fs_mount+0x10/0x10 [ 1579.049874] legacy_get_tree+0x109/0x220 [ 1579.050606] vfs_get_tree+0x92/0x360 [ 1579.051312] path_mount+0x1335/0x1e40 [ 1579.052064] ? trace_hardirqs_on+0x16/0x100 [ 1579.052760] ? kasan_quarantine_put+0x81/0x1d0 [ 1579.053556] ? __pfx_path_mount+0x10/0x10 [ 1579.054230] ? putname+0x102/0x140 [ 1579.054854] ? kmem_cache_free+0xff/0x4a0 [ 1579.055577] ? putname+0x102/0x140 [ 1579.056244] __x64_sys_mount+0x286/0x310 [ 1579.056978] ? __pfx___x64_sys_mount+0x10/0x10 [ 1579.057837] do_syscall_64+0x3f/0x90 [ 1579.058548] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1579.059489] RIP: 0033:0x7fb465b78b19 [ 1579.060153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.063311] RSP: 002b:00007fb4630ee188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1579.064665] RAX: ffffffffffffffda RBX: 00007fb465c8bf60 RCX: 00007fb465b78b19 [ 1579.065955] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000 [ 1579.067147] RBP: 00007fb4630ee1d0 R08: 00000000200001c0 R09: 0000000000000000 [ 1579.068317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.069549] R13: 00007ffe21ba06cf R14: 00007fb4630ee300 R15: 0000000000022000 [ 1579.070825] [ 1579.586505] ================================================================== [ 1579.587628] BUG: KASAN: slab-use-after-free in rwsem_down_write_slowpath+0x13a6/0x14a0 [ 1579.588768] Read of size 4 at addr ffff888016ca8034 by task syz-executor.7/270 [ 1579.589788] [ 1579.590052] CPU: 1 PID: 270 Comm: syz-executor.7 Tainted: G D 6.3.0-rc7-next-20230418 #1 [ 1579.591384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.592545] Call Trace: [ 1579.592925] [ 1579.593263] dump_stack_lvl+0x91/0xf0 [ 1579.593835] print_report+0xcc/0x620 [ 1579.594404] ? __virt_addr_valid+0x102/0x340 [ 1579.595092] ? rwsem_down_write_slowpath+0x13a6/0x14a0 [ 1579.595864] kasan_report+0xc0/0xf0 [ 1579.596379] ? rwsem_down_write_slowpath+0x13a6/0x14a0 [ 1579.597086] rwsem_down_write_slowpath+0x13a6/0x14a0 [ 1579.597762] ? avc_has_perm_noaudit+0x148/0x3a0 [ 1579.598405] ? selinux_inode_permission+0x3de/0x5e0 [ 1579.599079] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 1579.599802] ? lock_acquire+0x434/0x4c0 [ 1579.600337] ? __pfx_lock_acquire+0x10/0x10 [ 1579.600906] ? make_vfsgid+0x113/0x170 [ 1579.601432] ? make_vfsgid+0x113/0x170 [ 1579.601945] ? __pfx_make_vfsgid+0x10/0x10 [ 1579.602509] down_write+0x1c3/0x1f0 [ 1579.603021] ? __pfx_down_write+0x10/0x10 [ 1579.603584] ? may_delete+0x388/0x910 [ 1579.604114] vfs_unlink+0xd9/0x930 [ 1579.604610] ? __lookup_hash+0x36/0x190 [ 1579.605141] do_unlinkat+0x3b9/0x650 [ 1579.605643] ? __pfx_do_unlinkat+0x10/0x10 [ 1579.606205] ? __check_object_size+0x3d4/0x8c0 [ 1579.606825] ? getname_flags.part.0+0x1dd/0x4f0 [ 1579.607475] __x64_sys_unlink+0xca/0x110 [ 1579.608019] do_syscall_64+0x3f/0x90 [ 1579.608535] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1579.609223] RIP: 0033:0x7fa70ac2a457 [ 1579.609713] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.611990] RSP: 002b:00007fff028996b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 1579.612959] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa70ac2a457 [ 1579.613919] RDX: 00007fff028996f0 RSI: 00007fff028996f0 RDI: 00007fff02899780 [ 1579.614834] RBP: 00007fff02899780 R08: 0000000000000001 R09: 00007fff02899550 [ 1579.615747] R10: 0000555555816d13 R11: 0000000000000206 R12: 00007fa70ac84105 [ 1579.616667] R13: 00007fff0289a840 R14: 0000555555816c20 R15: 00007fff0289a880 [ 1579.617585] [ 1579.617893] [ 1579.618120] Allocated by task 9096: [ 1579.618593] kasan_save_stack+0x22/0x50 [ 1579.619143] kasan_set_track+0x25/0x30 [ 1579.619685] __kasan_slab_alloc+0x59/0x70 [ 1579.620245] kmem_cache_alloc_node+0x189/0x3a0 [ 1579.620866] copy_process+0x3c2/0x7330 [ 1579.621396] kernel_clone+0xeb/0x7d0 [ 1579.621893] __do_sys_clone+0xba/0x100 [ 1579.622419] do_syscall_64+0x3f/0x90 [ 1579.622931] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1579.623617] [ 1579.623849] Freed by task 9096: [ 1579.624278] kasan_save_stack+0x22/0x50 [ 1579.624823] kasan_set_track+0x25/0x30 [ 1579.625362] kasan_save_free_info+0x2e/0x50 [ 1579.625931] __kasan_slab_free+0x10a/0x190 [ 1579.626515] kmem_cache_free+0xff/0x4a0 [ 1579.627063] _free_event+0xab4/0x1150 [ 1579.627572] perf_event_release_kernel+0x5b8/0x7a0 [ 1579.628229] perf_release+0x37/0x50 [ 1579.628716] __fput+0x263/0xa40 [ 1579.629165] task_work_run+0x174/0x280 [ 1579.629700] exit_to_user_mode_prepare+0x17d/0x180 [ 1579.630339] syscall_exit_to_user_mode+0x1d/0x50 [ 1579.630976] do_syscall_64+0x4c/0x90 [ 1579.631478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1579.632162] [ 1579.632393] Last potentially related work creation: [ 1579.633023] kasan_save_stack+0x22/0x50 [ 1579.633566] __kasan_record_aux_stack+0x95/0xb0 [ 1579.634190] __call_rcu_common.constprop.0+0x6a/0xb90 [ 1579.634889] put_task_struct_rcu_user+0x87/0xd0 [ 1579.635540] __schedule+0x995/0x2a00 [ 1579.636044] __cond_resched+0x46/0x70 [ 1579.636550] down_write+0x73/0x1f0 [ 1579.637039] kernfs_remove_by_name_ns+0x89/0x130 [ 1579.637671] remove_files+0x96/0x1c0 [ 1579.638168] internal_create_group+0x824/0xb90 [ 1579.638775] sysfs_slab_add+0x18e/0x220 [ 1579.639318] __kmem_cache_create+0x1fe/0x610 [ 1579.639919] kmem_cache_create_usercopy+0x218/0x340 [ 1579.640569] p9_client_create+0xd0b/0x1260 [ 1579.641137] v9fs_session_init+0x1e1/0x1760 [ 1579.641710] v9fs_mount+0xbd/0xbc0 [ 1579.642208] legacy_get_tree+0x109/0x220 [ 1579.642758] vfs_get_tree+0x92/0x360 [ 1579.643281] path_mount+0x1335/0x1e40 [ 1579.643812] __x64_sys_mount+0x286/0x310 [ 1579.644372] do_syscall_64+0x3f/0x90 [ 1579.644878] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1579.645570] [ 1579.645804] Second to last potentially related work creation: [ 1579.646539] kasan_save_stack+0x22/0x50 [ 1579.647095] __kasan_record_aux_stack+0x95/0xb0 [ 1579.647709] __call_rcu_common.constprop.0+0x6a/0xb90 [ 1579.648398] put_task_struct_rcu_user+0x87/0xd0 [ 1579.649021] __schedule+0x995/0x2a00 [ 1579.649523] __cond_resched+0x46/0x70 [ 1579.650031] copy_page_range+0x1435/0x3610 [ 1579.650594] dup_mmap+0xed2/0x1780 [ 1579.651084] copy_process+0x6916/0x7330 [ 1579.651617] kernel_clone+0xeb/0x7d0 [ 1579.652118] __do_sys_clone+0xba/0x100 [ 1579.652639] do_syscall_64+0x3f/0x90 [ 1579.653147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 1579.653831] [ 1579.654066] The buggy address belongs to the object at ffff888016ca8000 [ 1579.654066] which belongs to the cache task_struct of size 6592 [ 1579.655657] The buggy address is located 52 bytes inside of [ 1579.655657] freed 6592-byte region [ffff888016ca8000, ffff888016ca99c0) [ 1579.657189] [ 1579.657419] The buggy address belongs to the physical page: [ 1579.658119] page:00000000d4b62717 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x16ca8 [ 1579.659299] head:00000000d4b62717 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1579.660311] memcg:ffff88800dfb6a41 [ 1579.660769] flags: 0x100000000010200(slab|head|node=0|zone=1) [ 1579.661522] page_type: 0xffffffff() [ 1579.662007] raw: 0100000000010200 ffff888008797640 ffffea0001120a00 dead000000000002 [ 1579.663010] raw: 0000000000000000 0000000000040004 00000001ffffffff ffff88800dfb6a41 [ 1579.663975] page dumped because: kasan: bad access detected [ 1579.664683] [ 1579.664914] Memory state around the buggy address: [ 1579.665536] ffff888016ca7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1579.666451] ffff888016ca7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1579.667375] >ffff888016ca8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1579.668277] ^ [ 1579.668902] ffff888016ca8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1579.669813] ffff888016ca8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1579.670720] ================================================================== VM DIAGNOSIS: 19:46:42 Registers: info registers vcpu 0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff824fe585 RDI=ffffffff87f0fbc0 RBP=ffffffff87f0fb80 RSP=ffff8880446cee70 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000030 R11=0000000000000001 R12=0000000000000030 R13=ffffffff87f0fb80 R14=0000000000000010 R15=ffffffff824fe570 RIP=ffffffff824fe5dd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa7081a0700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa70819ff78 CR3=000000004228e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000001058a RBX=ffff88806ce41540 RCX=ffffc900041e4000 RDX=0000000000040000 RSI=ffffffff8140e385 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888044ccf670 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffed100d9c82a9 R13=ffff88806ce41548 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff8140e387 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fcd30c15700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcd337af000 CR3=000000001da3c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fcd337867c000007fcd337867c8 XMM02=00007fcd337867e000007fcd337867c0 XMM03=00007fcd337867c800007fcd337867c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000