fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000e2f4655fe2f4655fe2f4655f00"/8224, 0x2020, 0x2000}, {&(0x7f0000012500)="ed41000000100000e2f4655fe2f4655fe2f4655f00000000000004008000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x4100}, {&(0x7f0000012600)="2000000088b35c7188b35c7100000000e2f4655f00"/32, 0x20, 0x4180}, {&(0x7f0000012700)="8081000000c04000e2f4655fe2f4655fe2f4655f00000000000001008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000010000000000000000000000000000000000000020000000000000000000000000000000e2f4655f00"/160, 0xa0, 0x4600}, {&(0x7f0000012800)="c041000000300000e2f4655fe2f4655fe2f4655f00000000000002008000000000000800000000000af301000400000000000000000000000300000020000000", 0x40, 0x4a00}, {&(0x7f0000012900)="20000000000000000000000000000000e2f4655f000000000000000000000000000002ea00"/64, 0x40, 0x4a80}, {&(0x7f0000012a00)="ed4100003c000000e2f4655fe2f4655fe2f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000008c0e26bc0000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4b00}, {&(0x7f0000012b00)="ed8100001a040000e2f4655fe2f4655fe2f4655f00000000000001008000000000000800010000000af3010004000000000000000000000001000000500000000000000000000000000000000000000000000000000000000000000000000000000000007a837ae20000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000", 0xa0, 0x4c00}, {&(0x7f0000012c00)="ffa1000026000000e2f4655fe2f4655fe2f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3131303730353331302f66696c65302f66696c6530000000000000000000000000000000000000000000002e5c7f160000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000", 0xa0, 0x4d00}, {&(0x7f0000012d00)="ed8100000a000000e2f4655fe2f4655fe2f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005c91e3450000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000e2f4655fe2f4655fe2f4655f00000000000002008000000000000800010000000af301000400000000000000000000000300000060000000020000000100000062000000020000000180000062000000000000000000000000000000347eabae0000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000", 0x1a0, 0x4e00}, {&(0x7f0000012f00)="ed81000064000000e2f4655fe2f4655fe2f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cd1ec0e270000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x5000}, {&(0x7f0000013000)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000013100)="0b0000000c0001022e000000020000000c0002022e2e000000000000e80f0000", 0x20, 0x20000}, {&(0x7f0000013200)="00000000001000"/32, 0x20, 0x21000}, {&(0x7f0000013300)="00000000001000"/32, 0x20, 0x22000}, {&(0x7f0000013400)="504d4d00504d4dffe2f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7032390075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x40000}, {&(0x7f0000013500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x50000}], 0x0, &(0x7f0000013a00)) name_to_handle_at(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x3, 0x2, 0x7a32}}, &(0x7f00000000c0), 0x1400) 23:55:04 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 20) 23:55:04 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x600, @empty}, 0x1c) 23:55:04 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, 0x0, 0x8000, 0x103) 23:55:04 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x4b70, &(0x7f00000000c0)) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) ioctl$KDGKBLED(r2, 0x4b64, &(0x7f0000000000)) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) ioctl$PIO_SCRNMAP(r4, 0x4b41, &(0x7f0000000100)="30964bf44bf27c213c4477645690ba06ad34301b6f4ce61eea3f4957c280a523eebd125123fdddd8c4b79cd3ea9ef468a52a2a663314a53732b325c8cdced4951c451022421238eaf43140d80e5d55181b719eee2cdd589eb8d4956d90997ae587e85981e5fdb17b3997f744a4219c1f1dad5f7fb709e52e6db4e2a35612afba3ffa967992b6f853935899f1ad6e6ef7d7fb0f71e09de41f9ccd888f78ff365fd2d6cedc058d85a1ea19296b6635a4851a197ad18d61f78350c80615767dbe1e1c3a6313fb479e3ee462dfe430005336e8b81f4d865982c00be33650") fchmod(r0, 0x80) [ 1404.727626] ? trace_hardirqs_on+0x5b/0x180 [ 1404.727644] ? kasan_unpoison_shadow+0x33/0x50 [ 1404.727661] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1404.727680] v9fs_mount+0x79/0x8f0 [ 1404.727697] ? v9fs_write_inode+0x60/0x60 [ 1404.727719] legacy_get_tree+0x105/0x220 [ 1404.727738] vfs_get_tree+0x8e/0x300 23:55:04 executing program 0: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0xbe}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mount$9p_unix(&(0x7f00000002c0)='./file1\x00', &(0x7f00000004c0)='./file1\x00', &(0x7f0000000940), 0x2021, &(0x7f0000000980)={'trans=unix,', {[{@privport}, {@version_L}, {@version_L}], [{@permit_directio}]}}) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(r0, &(0x7f0000000140)='./file0\x00', 0x181000, 0x145) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={0x28, 0x18, 0xc21, 0x3, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0xc, 0x12, 0x0, 0x0, @u64=0x2}]}, 0x28}}, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0xa000, 0x40) mount$9p_fd(0x0, &(0x7f0000000340)='./file1\x00', &(0x7f0000000380), 0x8, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}], [{@smackfstransmute}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@smackfshat}, {@smackfsfloor={'smackfsfloor', 0x3d, '-@\x00'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}]}}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') poll(&(0x7f0000000040)=[{r2}], 0x1, 0x5) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cpuinfo\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x8000000) mq_timedsend(r5, &(0x7f0000000140), 0x0, 0x20, &(0x7f0000000a00)={r3, r4+60000000}) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) renameat2(r6, &(0x7f00000000c0)='./file0\x00', r6, &(0x7f0000000280)='./file1\x00', 0x2) [ 1404.727754] path_mount+0x1429/0x2120 [ 1404.727777] ? strncpy_from_user+0x9e/0x470 [ 1404.727794] ? finish_automount+0xa90/0xa90 [ 1404.727812] ? getname_flags.part.0+0x1dd/0x4f0 [ 1404.727831] ? _copy_from_user+0xfb/0x1b0 [ 1404.727855] __x64_sys_mount+0x282/0x300 [ 1404.727871] ? copy_mnt_ns+0xa00/0xa00 [ 1404.727899] do_syscall_64+0x33/0x40 [ 1404.727917] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1404.727929] RIP: 0033:0x7fe2d9a8eb19 [ 1404.727946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1404.727956] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1404.727976] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1404.727986] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1404.727997] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1404.728008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1404.728019] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1404.728871] loop3: detected capacity change from 0 to 262144 23:55:04 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x700, @empty}, 0x1c) 23:55:04 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 21) [ 1404.732808] FAULT_INJECTION: forcing a failure. [ 1404.732808] name failslab, interval 1, probability 0, space 0, times 0 [ 1404.732832] CPU: 1 PID: 9670 Comm: syz-executor.1 Not tainted 5.10.235 #1 23:55:04 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)={'filter\x00', 0x3, [{}, {}, {}]}, 0x58) getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x8, 0x10000000000, 0x0, 0x8000, 0x7fffffff]}, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x8bb1, 0xffffffee, 0x0, 0xb6dca0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/mipi-dsi', 0x103000, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300)=[{0x0}, {0x0}, {&(0x7f0000000280)="bf8bc1a972052bc55d1a6f4eb75f29f0bf1ff2f3e4293b6db4ed318205", 0x1d}], 0x3, &(0x7f0000000240)=ANY=[@ANYRESHEX], 0x18}, 0x4000) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10) syz_io_uring_submit(0x0, 0x0, 0x0, 0x7580753a) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, 0x0, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000800)=""/46, &(0x7f0000000840)=0x2e) symlinkat(&(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000340)='./file0\x00') sendmmsg$inet6(r2, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000140)="a2223e4a73611961e36a2b62a91e7521d1fb7ccd29283a56e6f46733cbfe8fb30c1cd53476779f75f586bf1fdaffd9ee5074", 0x32}, {&(0x7f0000000480)="51035c4feeee5477269c34ebf75e6305303a4f76a56c1fdb4a75963138ecf87d5c585d40fd9125f03d3a05a5f3cc1d376abe04d03b576d129e69e896eafd70181518ec3d8164b6f0d73626038ba0234fdee01a8d768bd9a3162fdbe6004824c9f48cc231a018c85d1b65218841a3239d5e7ac733cf427029d73e2ed272166163431e95b972fa7c8116747d3d95a8890255321d0974c9e6b0da", 0x99}, {&(0x7f0000000280)}, {&(0x7f0000000540)="5358f778e9ec48bb315a9b966a25b00dfb40cf49acd590c053b6f302aafded7853ba93663c169036f0d8b777478dff790e56ed0064f15a207b6ec6f6977d36b52f", 0x41}, {&(0x7f0000001e00)="e183b6fb718716e4cb20c288099b377af91ee01d09d98996ea5bdc8b8336d1254a70c8b07de8b4ebc5ec8e4a84905c79e0a8ed6581e1d66e0757c5bcbd98a9f7bd4625e72e6e14ea32c9eef612dc88bd3162637315481bab0fcef06307abeed8f181127892f24eed2247a9346f80239afaf4d99f8eb37e0a617255720917c0918c8501502995648cfa395f9c72a0e24d6f37e36a4939e7d633ec8eb04f7d56380ad18423c27c578658d54adbcc9c72cd9d3db15d03faef573fcfe470b4c9041d3cbda128067e0a6f2ec5f8d76399524ad8de539037f21a32a703aa587f2a09276bb261de77765f3af92a8f85c36f588b2fd78c0c3309de8fba0c2fac8801398906a9e416aef36509e2f644659e5715ae8f4bb8ab4b6a08422ccc3ead98f4f74993446aa4a32866607406df02f145057570006758eeabbd1588e5e356af5e21a2324a24f20aa59dd504c7f73113789146a1391dd6f98c61e8a8ce05a390e5e5af96171f4c326fb299952e71a5fb28c7e50266dba721e35eb1a0ec786be19e62200c438572dd7289e94851c62ae86901c0d65ba244673636f8a4dd9a9f2ca3d9cf46ec933cc8893679fb2429c8b5f5712355413c422892b7aff46b74b3c46387703db653ca4a417b530d2fa71b96b754a4408b9b824294f49548d1db28b24a9a9b6fa1d2df52689333fa041f0f7a086bac4a0811dba5aa45a1ab2301cdb395e16eec931aaaa2ec7cd90c3b22a329c697e11308fe1734b8672ff092d17e33816ce7efe2a3af23345651fe5d26da44021aa8578e853aed50fdf721c7bdd2049c42f2eec4bbfbbe2bc14e4b79bd9acef6eb211b41a011f36f97f8f57f36bd27aaf6c7fcd1a0b976db0f18e41a551c885c06a8379fb257c62c8d93b79e08fb3ce684a370869caccc6c5427611ed42d57a78af06a91d3e2ecbd1b774ec9329c99f0c0c77c93f34c3b247c5bdfd24baf895f6cc7c659c81bfaf9eb99ed116c4574c5c362875ded2a1b1a14ca27865dc2a1e6ab31a4ac367665443554f39be32525f82aaa164aa35c14ce19f6e672674dc8959709d2520c1c193a3ec61f89b56f8dd041757ece2cd358fd319e77f5fece6a26637fac9ef11ea49144bba8f1abd66c2de3d39fb53104953f2796f4e96a351786cc45c54373daa23e67fe55a9b6a6044e29855bb86cfcb04d8bf721b04c80415c2772ca7ad1ef059dba7b5a7a25459c0780f1ca00584f0459787aee3ae4d4153d598512b47dec247f1e3ce423c8ed1180a69aeca243567f2d8c019996a1fa41425bf4a4d8df8b588a81dc0c4574838b7849bd3a8f83dd888a931f3e45fb46152a3762009a6aecd89c0d2529e576dc956e0e02dfe6a5fb8bac9380c85eb6686d3baac6c962040e0d79ccb5b6a0f23e600306b7752a1f13e9ee2d7da6b9c6cb8e26b80005b98f0a924ac7bed3801193f1a265def6668ed4a54fb43aea49516a64fff397b7ba1154660fac2509eba9c232f296a035ff683b5f1fe551eb4f0c428ec1d1245e3b3873988ad57067cf111d7fb2223be69823c5433572620374b930ae6ffb748e6c9412a6f5ef361a237eff1623cb1405e52473db8176c7b77d1e4e0c33e993fac8188d076c88680cbfb9185682244868b664a1217bd01c9a0bfd0df02b28fd2972dc31a77d24adc85668a596833549b95fd39eb719d8cc56cae0427a779965ffdba0774d1f82899e750323f10bf23333a154e0c8e8b5f2407f01ff389c1746a2923d6c28183f4a1fd05af24ef2df1b4d660fd17a61a02ed38bcd49e6ebf47148480c0cd104657c47d8565fbb4fee3594f905ca2f0fa6a6901f309af25d692b37bf8289ce90e9a24b578fc53028617af4a4e52c6f7adad4ac66ae4ba9dd233b4d6b76cd7f9474d8edce75313ab96ce86e02974c42b280bbe2cf1ddab317bbf48ef2b43c0082fb91ebb9e34700efe57942ba40ec0fd894662c19f2e82579a277b2f603c905203d1fb863548a7cef0688492bcdaecc2e027c5277f5d09f23c7ea8cdb9106df887a25c650b1015b19b184b5966e8c7e3274465e15d7a901bef6ffc48b4ed83b729533477b107c49fa696466572aa5d0c59971c3824a19604a9005e8b08d785fe6259915086d137fde3604e8e6e8bc99b41ad9e0c0ca9b34aae683f32cf2675bfc3ead73470f58c22fa82f00cc2694976423a4c2431f6b8af2b1eecffee6de673d35d08b07fbc50900604812ddbb0d356111b10101c0fd01daef2bdcf9b3f3a63b2f90749ea50e4fb09498656d7f5fbcad121a92b39a0358f3ba72a1fe0d29960a70533bf3620e7c18f5b15b1dc7598cb5bce6db3d244846f3869d34530fa6fcbbfe9d52d6dc24dbbc1ad7771b3262e9eb71296fc5a5e24c4d1365c3819f6638a19e6a4c63947483c15eae82b0a1d43b51eb7d9a7f806071578d3ff04aa815826d688f6adc14edcccdd2fce4e8ff2a5ab2394db065ca1caf328e632c7ee43211592ea6317c9aa09b8593f9bb4d51aef33002bfa513155d3ea8dc5f76c4178f39be62e3304866611f6af4a0e2c7caa98134c99578538a89d05b94a80aa14473b41aedc11ac56610767c26e48f23dfaec71c2f754f8d063461204602da4f49e32575ab31825bf40eefe0f63c91ecca2d554769021b41e88bf94321dde1717a506422295af3e913555247284e6ba7c83c393db101726c8e556be6442c70dda696ea7657073e6b035470a86d7b411a807f21d68faa0400218501fef76743eee8b1f65dc45ff7e4f6e09bbc3681675acde218b85c813a693d478b3eb6eda137eda25737e3d7377dc6814f57d1d0fa3036b8ed16d495a85cc53a676f4484f3e8b1044a98d2f1b005f0470bb6bad78ffa2db16014d5801e264d3ac4626f1fd44c5331376d56c90f56157177ef2c92f5e45096c2ae05c1f807f2681f1569b82b31a0061b1668101189cfd38339bffbff354615394d8bb14464dfc75a07810f951d9b3f95ecb6457dbda0861298242fe8c30be397404f8cf24cf729b9d663e9688353262a94f4dc4a2b9aaabba27322aa070611b587c6eb9d13549d480435f84d5185307a6f0d3c086e319855cc2f56092beadcf8fc285809fe68042f60d34a75f40d26ba50660449a90e713596975d2d0c4129b446d5c34da45e0978571292e84fd4552ad77f748464ec880c98759c77b96080f0110a68917957131ebf145bc60d74d6f405240ad73274ebb3266b8580a0f78147bca0254a9bf0bcc141b656e73c941e1b7e582f606552ff7f21e3b39ad0fb2210f2d076218f8323ebf04890b687c8052f1ddc9ef9d3042b3d6f9d0df5bf35f1114ea12a5bfab954641875dca67f06129dec7ae467586e68f4bd2edf057a4cee013d5ce7cb8f6f98ab5b59931adf2feef89bf3005345a1fa237fd558ad1693ad7646b1332dd55af3296d30d4b46a06504a7dc3ee7bba2ba249e1b10423cb1a6ee9c51b2d004c4da9e45cca0fa293b99ccf0aa5530e1052a32daab4fe0d57e5259c65374022626d23538245313508b5577478ce4f13b1c688636c4026e83b96fda4967e48b1bea19d897e0404f1e3a0a4ad61eeb1ff7cf0af1b5c2a17af37b5e2513620a489f8080395b7268d0a829feee98baa88d641f8b41bb926ad3783f4cba083d82611781eaf80b98a21fa260fb110b129bd1878c767fa226e0f1106de9ad62a4e1256e6e9d8c0e6cb63475c2f79760437532fa6928b46141e6523b135c1e92ce6a796c86d43e812e47c19c9ddbb0ed68ab01803fdc561bbb26e0592cf5c81ed7f449616f3a7bb1b87c7c0cc2cfd65a277513a48ecc2033af600a838a3c64b4ab30a03b408b7548e4590cb7ed39c7e7ee3b76c953904ef62196a95b52bdecbb7cdb136a650a1301ff6ab28c62e490e05e88a664cf762009eaee0dcf0ab28791e80d560c9398d74017f95c4303fccf5f2e804792b2daeda92ec369c47afcffbb78dd98df7781807255b931cde97892dc62a2dcb43496f08de6135ff4019374bbe4ef82d354b710b2e4b0ffd0bd91fa220f85d8afe012a48f65602db5ba7ffc31b1abb37708ce5260e7d341c86dcd39ffa342545cad29dff2c6b4c043ede7636162981ee1f6254cdfd6b05a1b8d0503f415b470de9c7ed65ccc57e4d15eceeaede4cab409c26e8b6a94c69f5cd98fe795d8c78179b41311659297d87f5bd3d4c06cdd34bf39d50db79169c7fae4a41b3c62f1a63711cfc74826d4b0b186dd4d9da66af46dc2de55f48f5344ac4a42379bfb821f6d8a074210578a4c1bc74a58fbf38165fc14020d03173624ae241f6a63d0cfb8f8c6b836e2605a361de9f2892101fe851c6d5110ba5a18fc956e47ed9a00a9ce9df9ba6c3bb2469ea020333ee64064d9039679df24d10973eb4978db01a0e62aaf4beaede4c54334a93097eb62169a91b2c9c8ba94dfa48e57bff5461b1cc1a37271fa84251262d6bd2692d09bf9fbe1e4ece685426ba75cfa32dc701e09e00c3e7d47d0df3aba289968371d418686dc02b9848a7f0eec0a55cc6fca0d89b65240703200b24b85e6fd4686e28c76fe35f00740217e2bc70d9b66f3442835afc79de7ee465f9de394eb56f336d9a6dc5e2d0b5050f58fe8714e9d37baa648a7eb244a28ea012b6fac719202511f8034f37ea7f5c90a9cd3870edbad9470711725e4c84445bc7311c9aeea98c41594810b09743c011b4b7d122347b1da775c88b7d8acac474250f3744f534b036a75241423a81cbc6ba674d30194b1238d7ef6d9a879c683ba02eec87eadc11ac30ef6f2be38132b05ee119648a60fe709e26e2d548db771d9684968f954bfb0bee8a5911b04027ce9ee4420b025b97f434ed6b0268bdd647b65bb9b5e8db79864fd8cc360f58dfab5803a8ae63b62592cc75f36bc156e13efdf2c91c4c5c8918bb93d3d5b1ed2a2f8958d4e44ca807695dedb5ad319e732e832ec1afb72da54a6c05481cdb324ce1d0ff80f11f05af75c9e17aafaabd1ad2d5d74b9c01d78159f70fca1bd92c5837ed7cacc85f179a829e711aea781c96b5b926542d2e2b06e014db5d65fc9c5fbd7163b1cae4305c527173ab82cd94b8427effc2e98f0955f80d240f68ab6f2a0d695a5afce819ad6feec94919e3aea3d03e5e2809a4bedbd271ee4f2edaa86c9aaf0379cfc9e0834eb92c7ffb9766f058b60142f703b3f20e8f8677a9ab5ae61cbf254dec7414249c168a7439ac5604e2f207cf450e364afcfb827ea46905b024574d9a6e4d768b9494b182c0f4bd362b008c4d3cb7e16c47fb76901f084d002f3945d8451ca0bd3be4d5cbfbf459307b55b6c3a64e7ab1c7091b0c037c99f399e9f9fd64dd7f2e86e96dc92ff0593f3f8d7389177491dac7dd36a1a648f2650ac0967da863fe775af55c34d21ef9387cf04beb8130ce4062f281d01b5e7a3478712a000b9d636e8a3a10543be4e001599cabb2663a189df6c037557c37d2a411410614abbd0bb4b9828cd7530a39103dc46422731c0d2ba6723d0033993f3f4c9e76cf16c37e05e3e3e34c9bb21f0333cbcb9d68785522dc97c9dd163f5777a40f87247773215a68d61b04027470ce0c2cf6694321244accee57ccaebb781dbe4a3f38e890216f22ec681c0541d241515244d5844a5e22bb8403dd6641266e940d19f0d89db5520a6dde4cd9fa7f6b96b3cfd56d9017acabc63ee67b3b1b27ce6098c2c602e56ee6b5741d74c153e1a9f5a2afe64057057e5eb5a3d887cf0498423522ecce9a23a63dd0a263fd293162fd89b2c904ed1633edc831e6bf4828c1d4c530372938379e50a72f02b9d2a9b7a633dab83842adda8f832c306e30c2deae52d15618956f2d40926bdd058aca2493d244f60e829da407991fa53d3f702b1de24aeac588fddb7201fdc23ad4", 0x103b}, {&(0x7f00000002c0)="9dd26cea8d66d73be6003a52a47ae98da215833f64acc94da7b0806271", 0x1d}, {&(0x7f00000005c0)="2d828bb78fc9188d28794f2ff4f872f2a4fe42ca5f1abe4049483812dc75977d968298d4a8934f424baaabf89af6a4d271b481c819688de683af719f7d386686f2525ccf9339953771b05d5e495b1d7249dca66bf3e0103c97f7adae6cf054cc139e65cdaddbe803ff74cc327f24964f11", 0x71}, {&(0x7f0000000640)="c4e191e587f734e19b2abc01bc4a82b4b3c3353a7893d240fe1ad630ddd1fd4de1696833198779717838f68f10fc5ccbeb9930e1759896befb04249072dace3be21f1ccdf0aab1fd586aa8d5cece6ac228fa08b8c3263fefc47e78986c7eb1db0041ba5caaac9cad6b92b1a498b73767c8974758b21d89ae704f45e234126346b16b9d79e22ef39f5d651066350513fa", 0x90}], 0x8, &(0x7f0000001880)=ANY=[@ANYBLOB="a800000000000000290000003900000067120009000000002001000000000000000000000000000000000000000000000000000000000000fc0100000000000000000000000000fc020000000000000000000000000001fc000000000000000000000000000001fc020000000000000000000000000001fc00000000000000000000000000000120010000000000000000000000000002ff010000000000000000000000000001280000000000000029000000370000002b01000000000000000100c204000000040000000000000000"], 0xd0}}], 0x1, 0x8800) r3 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r3, 0x6, 0x21, 0x0, &(0x7f0000000000)) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e20, @empty}, 0x10) [ 1404.732843] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1404.732849] Call Trace: [ 1404.732867] dump_stack+0x107/0x167 [ 1404.732887] should_fail.cold+0x5/0xa [ 1404.732912] ? create_object.isra.0+0x3a/0xa20 [ 1404.732943] should_failslab+0x5/0x20 [ 1404.732970] kmem_cache_alloc+0x5b/0x310 [ 1404.732998] ? cred_has_capability.isra.0+0x152/0x2b0 [ 1404.733033] create_object.isra.0+0x3a/0xa20 [ 1404.733056] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1404.733092] kmem_cache_alloc_trace+0x151/0x320 [ 1404.733115] ? v9fs_write_inode+0x60/0x60 [ 1404.733130] v9fs_mount+0x5a/0x8f0 [ 1404.733148] ? v9fs_write_inode+0x60/0x60 [ 1404.733168] legacy_get_tree+0x105/0x220 [ 1404.733187] vfs_get_tree+0x8e/0x300 [ 1404.733203] path_mount+0x1429/0x2120 [ 1404.733226] ? strncpy_from_user+0x9e/0x470 [ 1404.733244] ? finish_automount+0xa90/0xa90 [ 1404.733262] ? getname_flags.part.0+0x1dd/0x4f0 [ 1404.733280] ? _copy_from_user+0xfb/0x1b0 [ 1404.733312] __x64_sys_mount+0x282/0x300 [ 1404.733328] ? copy_mnt_ns+0xa00/0xa00 [ 1404.733355] do_syscall_64+0x33/0x40 [ 1404.733374] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1404.733385] RIP: 0033:0x7f535d26eb19 23:55:04 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) [ 1404.733403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1404.733413] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1404.733432] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1404.733443] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1404.733454] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1404.733465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1404.733477] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1404.736023] loop5: detected capacity change from 0 to 2097152 [ 1404.749172] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1404.776862] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1404.815236] 9pnet: Insufficient options for proto=fd [ 1404.817012] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 1404.877937] FAULT_INJECTION: forcing a failure. [ 1404.877937] name failslab, interval 1, probability 0, space 0, times 0 [ 1404.877958] CPU: 1 PID: 9704 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1404.877969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1404.877975] Call Trace: [ 1404.878000] dump_stack+0x107/0x167 [ 1404.878023] should_fail.cold+0x5/0xa [ 1404.878052] ? create_object.isra.0+0x3a/0xa20 [ 1404.878083] should_failslab+0x5/0x20 [ 1404.878109] kmem_cache_alloc+0x5b/0x310 [ 1404.878135] ? kernel_text_address+0xf2/0x120 [ 1404.878168] create_object.isra.0+0x3a/0xa20 [ 1404.878192] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1404.878225] kmem_cache_alloc_trace+0x151/0x320 [ 1404.878243] ? find_held_lock+0x2c/0x110 [ 1404.878268] p9_client_create+0xaf/0x1230 [ 1404.878288] ? lock_downgrade+0x6d0/0x6d0 [ 1404.878322] ? p9_client_flush+0x430/0x430 [ 1404.878341] ? trace_hardirqs_on+0x5b/0x180 [ 1404.878362] ? lockdep_init_map_type+0x2c7/0x780 [ 1404.878383] ? __raw_spin_lock_init+0x36/0x110 [ 1404.878421] v9fs_session_init+0x1dd/0x1680 [ 1404.878441] ? lock_release+0x680/0x680 [ 1404.878468] ? kmem_cache_alloc_trace+0x151/0x320 [ 1404.878486] ? v9fs_show_options+0x690/0x690 [ 1404.878513] ? trace_hardirqs_on+0x5b/0x180 [ 1404.878532] ? kasan_unpoison_shadow+0x33/0x50 [ 1404.878549] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1404.878569] v9fs_mount+0x79/0x8f0 [ 1404.878587] ? v9fs_write_inode+0x60/0x60 [ 1404.878608] legacy_get_tree+0x105/0x220 [ 1404.878629] vfs_get_tree+0x8e/0x300 [ 1404.878646] path_mount+0x1429/0x2120 [ 1404.878670] ? strncpy_from_user+0x9e/0x470 [ 1404.878687] ? finish_automount+0xa90/0xa90 [ 1404.878706] ? getname_flags.part.0+0x1dd/0x4f0 [ 1404.878724] ? _copy_from_user+0xfb/0x1b0 [ 1404.878750] __x64_sys_mount+0x282/0x300 [ 1404.878767] ? copy_mnt_ns+0xa00/0xa00 [ 1404.878795] do_syscall_64+0x33/0x40 [ 1404.878814] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1404.878827] RIP: 0033:0x7fe2d9a8eb19 [ 1404.878846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1404.878857] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1404.878877] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1404.878889] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1404.878901] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1404.878912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1404.878924] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1404.888747] 9pnet: Insufficient options for proto=fd [ 1404.962148] loop3: detected capacity change from 0 to 262144 [ 1404.974729] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1404.992444] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1404.996048] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:55:19 executing program 0: statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300)) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cgroups\x00', 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0) write$P9_RUNLINKAT(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x2000000000800, 0xd6188, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x2, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x0, 0x20000004, 0x9700, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0x8) fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file1\x00'}) write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0xaf2) syz_genetlink_get_family_id$nl80211(0x0, r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0) 23:55:19 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xe00, @empty}, 0x1c) 23:55:19 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) (fail_nth: 1) 23:55:19 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) read(0xffffffffffffffff, &(0x7f0000002880)=""/196, 0xc4) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x3) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x20000881) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='sessionid\x00') pread64(r2, &(0x7f0000002100)=""/4083, 0xff3, 0x20000000000000) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000021200010df7b2527500"/24], 0x14}}, 0x0) poll(&(0x7f0000000200)=[{0xffffffffffffffff, 0x84}, {}], 0x2, 0x5) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r3, 0x0, 0x0, 0x1000002) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0) 23:55:19 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 16) 23:55:19 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 22) 23:55:19 executing program 6: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RUNLINKAT(r2, &(0x7f0000000040)={0x7}, 0x7) fallocate(r2, 0x20, 0x0, 0x8000) fallocate(r1, 0x0, 0x0, 0x2) syncfs(0xffffffffffffffff) fallocate(r0, 0x20, 0x2000, 0x8000) [ 1420.260142] FAULT_INJECTION: forcing a failure. [ 1420.260142] name failslab, interval 1, probability 0, space 0, times 0 [ 1420.262639] CPU: 1 PID: 9728 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1420.264144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1420.265884] Call Trace: [ 1420.266445] dump_stack+0x107/0x167 [ 1420.267228] should_fail.cold+0x5/0xa [ 1420.268031] should_failslab+0x5/0x20 [ 1420.268831] __kmalloc_track_caller+0x79/0x370 [ 1420.269794] ? v9fs_session_init+0xa7/0x1680 [ 1420.270728] ? kernel_text_address+0xf2/0x120 [ 1420.271669] kstrdup+0x36/0x70 [ 1420.272344] v9fs_session_init+0xa7/0x1680 [ 1420.273232] ? lock_release+0x680/0x680 [ 1420.274065] ? find_held_lock+0x2c/0x110 [ 1420.274933] ? kmem_cache_alloc_trace+0x151/0x320 [ 1420.275950] ? v9fs_show_options+0x690/0x690 [ 1420.276880] ? trace_hardirqs_on+0x5b/0x180 [ 1420.277785] ? kasan_unpoison_shadow+0x33/0x50 [ 1420.278745] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1420.279808] v9fs_mount+0x79/0x8f0 [ 1420.280557] ? v9fs_write_inode+0x60/0x60 [ 1420.281425] legacy_get_tree+0x105/0x220 [ 1420.282275] vfs_get_tree+0x8e/0x300 [ 1420.283070] path_mount+0x1429/0x2120 [ 1420.283871] ? strncpy_from_user+0x9e/0x470 [ 1420.284774] ? finish_automount+0xa90/0xa90 [ 1420.285679] ? getname_flags.part.0+0x1dd/0x4f0 23:55:19 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x20, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffbf, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[]) r1 = socket$netlink(0x10, 0x3, 0x0) fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000780)=ANY=[@ANYRES32=r0, @ANYBLOB="04a500006ccf5e00c10878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e7a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1561abd488524e1a8186b73a7d20fca99cbd9597f58d3ee2d8303f03c48826b5b5c93edcda6a12128aad77a2a60f8c0df6d24c279f0d6bb7abd4feeea57d0f320456bc6a44124484d4bfeb9091754913223d5ac6b090b08ba4e637b726ba51fe1a2e0d132710d9fc579002c01f63f0f2227ce7e34a2924345d7a4bf9568f537d3682044bab1784e30feeed593a2b85ce6b0"]) r2 = openat(0xffffffffffffffff, &(0x7f0000000400)='./file1\x00', 0x0, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000000)=0x9, 0x4) accept4(r2, &(0x7f00000002c0)=@alg, &(0x7f0000000040)=0x80, 0x800) r3 = ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000100)={0x200d}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4305, 0x88001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2c, 0x0, 0x90, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0xffff57e9, 0x4) accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440), 0xc, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0004051000009e571d23010000000c00030000000000000000000c0004000000010000000000080001000000000008000100000000000c0005000b0000aa180fa4658c5e030009f0ffffff00000004f1f49dc6ee8d530dd820930126ec71f08beff26dbf9feb5e94ba8d33b1cb52ac9c497f2a9b66dcb5f1b7f652cafc0bc9cb381f4d3e01075bcbf32dedf29bee1ac14a6fca14c8438aac9316fe0109b339c9fbfdff6c946585995af91a"], 0x54}, 0x1, 0x0, 0x0, 0x4040891}, 0x30004840) syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0) [ 1420.286666] ? _copy_from_user+0xfb/0x1b0 [ 1420.287710] __x64_sys_mount+0x282/0x300 23:55:20 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x1802, @empty}, 0x1c) [ 1420.288567] ? copy_mnt_ns+0xa00/0xa00 [ 1420.289489] do_syscall_64+0x33/0x40 [ 1420.290271] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1420.291355] RIP: 0033:0x7f535d26eb19 [ 1420.292137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1420.296012] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1420.297612] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1420.299119] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1420.300624] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1420.302126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1420.303636] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1420.311838] FAULT_INJECTION: forcing a failure. [ 1420.311838] name failslab, interval 1, probability 0, space 0, times 0 23:55:20 executing program 0: r0 = syz_io_uring_setup(0x76fe, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x1d2}, &(0x7f00007a8000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000b, 0x12, r0, 0x8000000) syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2, 0x0, @fd=r0, 0x10001, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0x0) r3 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r3, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) setsockopt$bt_hci_HCI_DATA_DIR(r4, 0x0, 0x1, &(0x7f0000000000)=0xee6, 0x4) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x7000001, 0x6090, r4, 0xe1e65000) fork() [ 1420.314270] CPU: 1 PID: 9729 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1420.315883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1420.317630] Call Trace: [ 1420.318184] dump_stack+0x107/0x167 [ 1420.318957] should_fail.cold+0x5/0xa [ 1420.319760] should_failslab+0x5/0x20 [ 1420.320560] __kmalloc_track_caller+0x79/0x370 [ 1420.321521] ? p9_client_create+0x41d/0x1230 [ 1420.322455] kstrdup+0x36/0x70 [ 1420.323144] p9_client_create+0x41d/0x1230 [ 1420.324040] ? lock_downgrade+0x6d0/0x6d0 [ 1420.324923] ? p9_client_flush+0x430/0x430 [ 1420.325814] ? trace_hardirqs_on+0x5b/0x180 [ 1420.326726] ? lockdep_init_map_type+0x2c7/0x780 [ 1420.327726] ? __raw_spin_lock_init+0x36/0x110 [ 1420.328698] v9fs_session_init+0x1dd/0x1680 [ 1420.329606] ? lock_release+0x680/0x680 [ 1420.330455] ? kmem_cache_alloc_trace+0x151/0x320 [ 1420.331473] ? v9fs_show_options+0x690/0x690 [ 1420.332409] ? trace_hardirqs_on+0x5b/0x180 [ 1420.333325] ? kasan_unpoison_shadow+0x33/0x50 [ 1420.334283] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1420.335357] v9fs_mount+0x79/0x8f0 [ 1420.336100] ? v9fs_write_inode+0x60/0x60 [ 1420.336973] legacy_get_tree+0x105/0x220 [ 1420.337825] vfs_get_tree+0x8e/0x300 [ 1420.338615] path_mount+0x1429/0x2120 [ 1420.339417] ? strncpy_from_user+0x9e/0x470 [ 1420.340325] ? finish_automount+0xa90/0xa90 [ 1420.341237] ? getname_flags.part.0+0x1dd/0x4f0 23:55:20 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x4000, @empty}, 0x1c) [ 1420.342217] ? _copy_from_user+0xfb/0x1b0 [ 1420.343265] __x64_sys_mount+0x282/0x300 [ 1420.344128] ? copy_mnt_ns+0xa00/0xa00 [ 1420.344961] do_syscall_64+0x33/0x40 [ 1420.345744] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1420.346836] RIP: 0033:0x7fe2d9a8eb19 [ 1420.347617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1420.351514] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1420.353119] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1420.353164] FAULT_INJECTION: forcing a failure. [ 1420.353164] name failslab, interval 1, probability 0, space 0, times 0 [ 1420.354635] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1420.354647] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1420.354665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1420.360561] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1420.362098] CPU: 0 PID: 9746 Comm: syz-executor.3 Not tainted 5.10.235 #1 [ 1420.362998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1420.364037] Call Trace: [ 1420.364420] dump_stack+0x107/0x167 [ 1420.364872] should_fail.cold+0x5/0xa [ 1420.365359] ? getname_flags.part.0+0x50/0x4f0 [ 1420.365924] should_failslab+0x5/0x20 [ 1420.366412] kmem_cache_alloc+0x5b/0x310 [ 1420.366929] getname_flags.part.0+0x50/0x4f0 [ 1420.367491] getname_flags+0x9a/0xe0 [ 1420.367955] do_mknodat+0x189/0x4b0 [ 1420.368430] ? do_mkdirat+0x2b0/0x2b0 [ 1420.368911] do_syscall_64+0x33/0x40 [ 1420.369388] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1420.370013] RIP: 0033:0x7f661bb96b19 [ 1420.370482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1420.372778] RSP: 002b:00007f66190eb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 1420.373718] RAX: ffffffffffffffda RBX: 00007f661bcaa020 RCX: 00007f661bb96b19 [ 1420.374601] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffffff [ 1420.375495] RBP: 00007f66190eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1420.376371] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001 [ 1420.377261] R13: 00007ffd2845cf8f R14: 00007f66190eb300 R15: 0000000000022000 23:55:20 executing program 6: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/block/loop4', 0x200000, 0x9) read(0xffffffffffffffff, &(0x7f0000000180)=""/193, 0xc1) getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x758a}}, './file0\x00'}) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000140), 0x4) r2 = accept4$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14, 0x80800) ioctl$sock_ifreq(r2, 0x8924, &(0x7f0000000080)={'ip6gre0\x00', @ifru_addrs=@l2tp={0x2, 0x0, @local}}) [ 1420.385393] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 23:55:20 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x149e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet(0x2, 0xa, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000014c0)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)=""/128, 0x80}, {&(0x7f00000003c0)=""/195, 0xc3}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x3, &(0x7f0000000200)=""/60, 0x3c}, 0x0, 0x40002000, 0x0, {0x2}}, 0x3ff) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000001500)=0x0, &(0x7f0000000140)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000080)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000500)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r3, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x5f, 0x8}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000600)="c5b803cf0a1d81c8487e2cc131a35b6cb62be743364d8a99f3118c1e011a5b21f3c7a2d164910ab74b6ba83f3d8150658342d25c47809e6d07b75fe3c26e36a0ed69d0215a2d84ac01ccb536dac21edf2a0cce0c06d14b0cafd92d16480500c0c4044ac31b02d1c9568fd34f4c6be664d2af00f250905d2954d1eee868e4f30e96973508c87c144acecc3ebde0ed9926d1b1cda6db058b1f07cbf34a8666568f7cbbf652b513b8b28041f9d9f44e054326905f594097c2ae7740871c4688200942ca0e9e1c21950925dad1856b64700906876461299b", 0xd6}], 0x1, &(0x7f0000000700)=[{0x38, 0x109, 0x1000, "f85c2f20b16dfdbea228ea048f0cf3148b9476a44aee38617704ca0d0161872277088ff966ab"}, {0x28, 0x181, 0x7, "58821893c0e095193d34b5b8713e32caf7d02963ac2cfb"}, {0xb8, 0x10d, 0x289f, "f804a4d16fbb5082ff0425d46750b320012673aded8172dfab7b899912b97a4900271bcddd05d9287f76e029b61fe802819cf800f465ec3e653d3c6f5d809321fcca9c8117b1e461eaae8e253a7cf242a7023a6a7ae6b27bdbb0ca7b7bbff8efa8330fd67ef6cb7d22cfc20d0cfdc3d2770defb1f449ccc074c3eb089a41f4e007d2b2e070dde74bc20b34dcc755ef9788e46db405b209421582404583ef8c51e7534d9b85b9"}, {0x100, 0x1d4, 0xfcb, "0b7d2bdb45d02af6ed418983b7a905fc420d06d6db8de35cdc313a88db8fdfa80785c6c180a5c95167f28602a10f5d068595cb715515a9fdccbbdbdf4da70f1c20497fa764a17bbefa6b478c5be5c78eee773165021216bc382aeb680ab5da4c1413b291af08dc93d2731d5bfea3c432946bcf5b0a5e553eabc2493d7037be560a39fbdcc3629c8c2bcf0e5dca8a054023c880d25bdad0c38bf67d9b2c0cc7fff1803051b27fe7733fdffa8e977d91c14538065f22eadd304fd1cfb55d9c5bec2749fcd71ad83cdb570cf8f3d116553fafd4106fc05e760e1c73d8dab7cde10f9f54d7b83b6b0998bfd17993fa"}, {0x58, 0x1, 0xffff, "aaec5316cc7426c99b215be70486c9772ada192ccce14f12e64eb046a94133fc75a5ebad53b122a6efee1856c6a43112280f15aed4eb0ec9b9f2c48023ceb356f6ff7916"}], 0x270}, 0x0, 0x8821, 0x0, {0x0, r8}}, 0x800) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_setup(0xb4, &(0x7f0000000240)={0x0, 0xa7c, 0x1, 0x2, 0x9c}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000300)) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r10, r2, &(0x7f0000000340)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3, r11}}, 0x1ff) syz_io_uring_submit(r9, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001) syz_io_uring_setup(0x0, &(0x7f0000000540), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000005c0), 0x0) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, 0x0, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1420.397741] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1420.399541] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1420.404869] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1420.409882] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1420.427244] loop3: detected capacity change from 0 to 262144 [ 1420.443316] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:55:20 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 17) 23:55:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 23) 23:55:20 executing program 6: syz_emit_ethernet(0x6e, &(0x7f0000000080)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "b6153f", 0x38, 0x3a, 0x0, @private2, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0009e6", 0x0, 0x2c, 0x0, @loopback, @ipv4={'\x00', '\xff\xff', @local}, [], "f63406a527f784d8"}}}}}}}, 0x0) syz_emit_ethernet(0x96, &(0x7f0000000100)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@generic={0x883e, "7c1be43877698d3cbc5b1375cd33d4b70a67aa6cc7279d410704a94df0b8db0135c5eb947a5ca8dabc58d86bbc099064737d873976bb76ca7759fbb310d2e2240d16211732b1b5f2fdc7305ce98ebc2bc699282cd2da1e65897e17533e0830712fd1de139db6a7d86402d84a7ec4ca35ee65ced71d240d53ec69990e81231daf86db0e7f2a723851"}}}, &(0x7f0000000000)={0x1, 0x2, [0xb27, 0x8c5, 0x85c, 0xec4]}) 23:55:20 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x4002, @empty}, 0x1c) 23:55:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800, 0x80000000}, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capset(0x0, 0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$DVD_READ_STRUCT(r1, 0x5327, &(0x7f0000000440)=@disckey={0x2, 0x0, "82ada47325d97f4913eab67f45f8051b13c07023b811c48ee40657e81cfe62cb92e604e9bcd55086db0a1a2e7095bad10c02b2cc36a07c6373d96b8e942b81021f372d7c9361f3aeb0d5dc6b6451d1bb8fcea706d4a74088b40178f4057a239ac0502a37c2376962cda551df057a61c78a2fd44cb5fd30c40f247d680857a97031e4885cc086f74ffa1e55144d240dde2fbd35e099a6b3761f1cc4e577676efe5f13094991f1ea1d6dcc219f56815a02e3e6427dba1d7cd5ed838575f3e98f353699c52cc4fdd515f4224df8d49d5f67be0a6a7d3b83722e9449133c82b886f742588119d0dc3fe6d69466a03f95d342e31699a6157f9d51e1b9c6542d6c5d60f41aee52512f20b99eae0b38067b9902654f02a0606860ff744f2ccdd5a0ca7c4e231cb65bd4445f4f69cb5bda24a729cfa93270cac3903fff4f77b1cf85cfd044025f61568580c07745860dba20f80d92af0b8f0409c6c9886e12488c56d5411aa0f5e8f6d4c3c14b73afa6934d3ae019bfcebcbf7e293cb79a7dcb588795d496ad2f6cd0a8209904e2ec46d5401f87369780d40be7c370d44da03687716be6dda73c62eeefe6cbe5e381b9716ae6d3ee1af560151b8d341a5f1b8685fca41957a99889eb0f3bd0f7de0ffea71e32a11d703c4783c64c5371034149005de778560f257aca78ec573686447facb7ec185b860be18e41944d1490306df1c953c0a3ffc975b090f219da1084c908907918226cf134faad8a5defe3aa3825df1b24f31275a98d23862b167ab8dc2f2435a284cad8a20e7673d783ad860c3ce5b4fdcf938e12df69c6de088dfe3e98a8270ec8aeb74b0188a8fe22cf6715142bf57aba362230698353dab43eee58419272e8028ac3aefaba63a7c8a25ccba5f519cdc61da88a910f040547d2c9ed601259a1d748d295cf51eaf1ece671807207423ebe64141336ff957445b1b90588582cfab585ae10092e789acd5ed886349404a6241851b8977e7e5ad96c3e2001e7c32f482cf64d871cd44af474471856518f6486a5ccfdcd7a164771c7188e6e0e3b17358befbe217eef0b73fa6cbbe61bb64b2c64d09dd3795e0119353086ef4bcc36abe57d83932c66df9d608678b297c5b0b1e899b532d0c37e7f3cdc7fd68446da2f5d90b02c00511a7429b73b95b51b78fb06e3a97f4e5c4a6bea4ec5a10f279814693aa4917dbba798cee12cabf6091c29b701097b224146ac2e076e90ad2e5acabdd78399ca83c829e00bc4f90b0ec00b1e411e823e1ab31193fe37ef4d1fe977f98e724e224f0354be8398722fe39da436aad0ea8cd70000007c2ba06a63d5edcaf3181dfcc91ee258f9455b5d9a479aaa6da4e5cdf0c40e7c056bd46f741d65f2d51136c0bb35f5573797a896bb5add7798c6f6a7b5d82de1bb1c5976d8c6fb067ad7e590ebea9412fe9f00d9f418be72edddae0749d5eff4b3dd25ccefa46522c5e5b960ad796035bcb582946424e0446f6992cefc5ebdac5f2e97e539e220ee2f1c7c7f233582c186dcddbdfc9ce954d85a29195788a3b8a964f281ce77ff06e771ea139b71da9b583f8ff4d4cb97dddfea34839695b81d97eabc250e2c891aecfbb60580312a57662d4eabd2226c406665a61ff59942e2bd3be82fae938be4c04f95f5159e6098dc1400579153fd1c419a3eac4c5b82ac58928a2f52410e915796e51e0b10fb5d9c70d67d5cd0b03ad8cd459cd15e58675f4875b9676b48aa61ed3c3b3b0e7d67203bc50207be4498aa013892a357dda413013c28479e612d739cb4972a0f19b0d77a04319b4d1786f82dd4a99e6d82f70c27a21733c77be8722a7313bcb7da5c6437bb87e59f56bd9c46c3ad50d691f6856719f1d305c5b57fea18d43228d813f9d91825ca830d748f80a9ccfadccfa4baeb4914b4a60b22478a5b2b7fb1156072179b6233f53e964a8182d6c01422d01ecc7983006d06d63cb19486017ffdf19265f83a6ac3fa1d52f003a7a9996e8e3f9ef23f8188ae5e414a443c5f58b7aa9deb97bc9925727fa9124ab667634d64fdcf9ad9375e5ab09f3e85f0b0dbe39395271f38005d6894aa45e68e51ba137ddba579fb864d65a337f881d6b434ca81cc89703f1ac18b56b7c88e9fdcc94d27c73120841522c4c90298d671a2611e2836ada099e789959372e392746e540b1268c5fdebb19339334f57e647d90691c9111d206db0de1d36fe5458a0a024e89d889e3a3f46d28e221e2c58ed45c502c5d08d837d5aa7fa3a50cedf3193a416b6c10123ed14bf36eb9a5c6f4d321ca1b55d1b98c275ea63c0a4dcef800bc3217ef34114f920e0556d2d30ba65f6ae443e4c9eefae05c1f4e2b3faae316f5658571aabbd80db226c5f10d3bf7ba6af81e0795239631a1de0eded351e10d43c38a1df20822d75b6bd5c3ccf21773f8250491b024fcb038ec487fe4b11a75df141483ab51db87be21aa37dd9f37a19367b6313d0bb175c1eeca0c0dc437053ba40385de089c7d06dbfa89851073aeb384bfa805abc50d756305520987ef57db25d7bc4a7841df5b83acf6b40292f46cdad7371b03ab7521cdce4953c932283e784f8ea4ce223746e23b6e100000080f7018db08ada6387e434bb95bae0ef1855dfb39c4b92b418a8bf81327da288cf01270ec2e9a33a21dc3a1f5dc4d0830aeaf7fe1a95d61fa81440205dea9f9cd0e25518035a5a06cc25a60aec547a79eee39941d6df6485aba011e8cdcccee0594769513133d18803e997fc543bcbc267ee0a253f287849619ec2e99daab97a83b622b44c08debfa5e18b62526f15958550390965013992d113275ae2d4ad32ef877b75006d9480809c1400"}) write$hidraw(r1, &(0x7f0000000240), 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000002100210c0000003edc6d57f83b8d00000000000200000005000080de000000"], 0x1c}}, 0x0) ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000040)={0x7f, 0x8, 0x5, 0xf000}) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{}, {0x0, 0x989680}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="45ce32ecea00"/23], 0x14}}, 0x0) read(r3, &(0x7f0000000080)=""/65, 0x41) timer_settime(0x0, 0x0, &(0x7f0000000380)={{}, {0x77359400}}, 0x0) timer_gettime(0x0, &(0x7f0000000080)) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1420.542932] FAULT_INJECTION: forcing a failure. [ 1420.542932] name failslab, interval 1, probability 0, space 0, times 0 [ 1420.544468] CPU: 0 PID: 9765 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1420.545292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1420.546297] Call Trace: [ 1420.546632] dump_stack+0x107/0x167 [ 1420.547075] should_fail.cold+0x5/0xa [ 1420.547537] ? create_object.isra.0+0x3a/0xa20 [ 1420.548099] should_failslab+0x5/0x20 [ 1420.548563] kmem_cache_alloc+0x5b/0x310 [ 1420.549067] create_object.isra.0+0x3a/0xa20 [ 1420.549597] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1420.550215] __kmalloc_track_caller+0x177/0x370 [ 1420.550796] ? v9fs_session_init+0xa7/0x1680 [ 1420.551338] ? kernel_text_address+0xf2/0x120 [ 1420.551883] kstrdup+0x36/0x70 [ 1420.552272] v9fs_session_init+0xa7/0x1680 [ 1420.552787] ? lock_release+0x680/0x680 [ 1420.553268] ? find_held_lock+0x2c/0x110 [ 1420.553767] ? kmem_cache_alloc_trace+0x151/0x320 [ 1420.554346] ? v9fs_show_options+0x690/0x690 [ 1420.554897] ? trace_hardirqs_on+0x5b/0x180 [ 1420.555422] ? kasan_unpoison_shadow+0x33/0x50 [ 1420.555984] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1420.556604] v9fs_mount+0x79/0x8f0 [ 1420.557037] ? v9fs_write_inode+0x60/0x60 [ 1420.557546] legacy_get_tree+0x105/0x220 [ 1420.558053] vfs_get_tree+0x8e/0x300 [ 1420.558507] path_mount+0x1429/0x2120 [ 1420.558982] ? strncpy_from_user+0x9e/0x470 [ 1420.559505] ? finish_automount+0xa90/0xa90 [ 1420.560030] ? getname_flags.part.0+0x1dd/0x4f0 [ 1420.560597] ? _copy_from_user+0xfb/0x1b0 [ 1420.561103] __x64_sys_mount+0x282/0x300 [ 1420.561592] ? copy_mnt_ns+0xa00/0xa00 [ 1420.562071] do_syscall_64+0x33/0x40 [ 1420.562524] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1420.563208] RIP: 0033:0x7f535d26eb19 [ 1420.563763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1420.566251] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1420.567205] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1420.568098] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1420.568978] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1420.569869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1420.570760] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1420.575401] FAULT_INJECTION: forcing a failure. [ 1420.575401] name failslab, interval 1, probability 0, space 0, times 0 [ 1420.576887] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1420.577826] CPU: 1 PID: 9768 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1420.580211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1420.581958] Call Trace: [ 1420.582519] dump_stack+0x107/0x167 [ 1420.583305] should_fail.cold+0x5/0xa [ 1420.584110] ? create_object.isra.0+0x3a/0xa20 [ 1420.585080] should_failslab+0x5/0x20 [ 1420.585883] kmem_cache_alloc+0x5b/0x310 [ 1420.586750] ? lock_downgrade+0x6d0/0x6d0 [ 1420.587628] create_object.isra.0+0x3a/0xa20 [ 1420.588560] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1420.589639] __kmalloc_track_caller+0x177/0x370 [ 1420.590627] ? p9_client_create+0x41d/0x1230 [ 1420.591571] kstrdup+0x36/0x70 [ 1420.592255] p9_client_create+0x41d/0x1230 [ 1420.593145] ? lock_downgrade+0x6d0/0x6d0 [ 1420.594039] ? p9_client_flush+0x430/0x430 [ 1420.594946] ? trace_hardirqs_on+0x5b/0x180 [ 1420.595854] ? lockdep_init_map_type+0x2c7/0x780 [ 1420.596854] ? __raw_spin_lock_init+0x36/0x110 [ 1420.597828] v9fs_session_init+0x1dd/0x1680 [ 1420.598759] ? lock_release+0x680/0x680 [ 1420.599603] ? kmem_cache_alloc_trace+0x151/0x320 [ 1420.600619] ? v9fs_show_options+0x690/0x690 [ 1420.601552] ? trace_hardirqs_on+0x5b/0x180 [ 1420.602453] ? kasan_unpoison_shadow+0x33/0x50 [ 1420.603419] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1420.604500] v9fs_mount+0x79/0x8f0 [ 1420.605259] ? v9fs_write_inode+0x60/0x60 [ 1420.606146] legacy_get_tree+0x105/0x220 [ 1420.607013] vfs_get_tree+0x8e/0x300 [ 1420.607798] path_mount+0x1429/0x2120 [ 1420.608603] ? strncpy_from_user+0x9e/0x470 [ 1420.609508] ? finish_automount+0xa90/0xa90 [ 1420.610429] ? getname_flags.part.0+0x1dd/0x4f0 [ 1420.611427] ? _copy_from_user+0xfb/0x1b0 [ 1420.612309] __x64_sys_mount+0x282/0x300 [ 1420.613163] ? copy_mnt_ns+0xa00/0xa00 [ 1420.613990] do_syscall_64+0x33/0x40 [ 1420.614799] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1420.615868] RIP: 0033:0x7fe2d9a8eb19 [ 1420.616658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1420.620526] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1420.622134] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1420.623661] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1420.625166] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1420.626681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1420.628181] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:55:36 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x1a, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e) r1 = socket$netlink(0x10, 0x3, 0x0) syz_open_dev$hiddev(&(0x7f0000000240), 0x1, 0x20803) r2 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0xbef4c000) r3 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) fcntl$dupfd(r0, 0x0, r3) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) memfd_create(&(0x7f0000000140)='/\\\'/]\x00', 0x2) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000003a00c5d500000000000000000a0002006803f51792af8281ca583f0895e6321cef6b331118ffa321907064ecde0000000000000002a5bc5b758c90cf4924a9da3a39fcafd018e8dfab23b63c332ae029f596740f51537d78c5e97d2611dca6e12735a0d77bf01eaf3ded177fdcbc9fb37f7bf5e39490a0e4961c7995bff433070e294ff400000000066bc7270f1f0d2a3aca15871727ec5f29a2cf32769ef9f1cf75c34b5b47054815a7493909ea17d2f0a0feb2d0dae1b0c14d1bbb045ac539ced0d39f5c47e866cebd2adfa93d7e3e82945d6020f8a90a365cc4ca"], 0x14}}, 0x0) [ 1436.707710] FAULT_INJECTION: forcing a failure. [ 1436.707710] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.710164] CPU: 1 PID: 9784 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1436.711658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 23:55:36 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='ramfs\x00', 0x0, 0x0) mknod(&(0x7f0000000040)='./file0/file0\x00', 0x410, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x2}) 23:55:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x4800, @empty}, 0x1c) 23:55:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 24) 23:55:36 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) (fail_nth: 2) 23:55:36 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 18) 23:55:36 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c4600000007000000000000000003003e00000000000000000000000000400000000000000000000000000000000000000000003800030040000000000003000000000000ffff00000000000004000000000000b668a6b6a109f3ce9d71c5"], 0xaf2) execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0) 23:55:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock(r0, 0x0) ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7002) ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, &(0x7f00000004c0)={{}, "a91015570c2b1212fef93b65fe385e2d9b770b143a3711ffcc6c3bd6bd0beb2b2e178875fab4997fe62f46291447f18528de2ad12d74630a1ff601c550c74fe958fe1f41841a30a1e27b439db5f907f702c5686bc217e2f050e9f05c291ab7e555bda11f1a85612b892d2880ef5759786a118d3e436a17619c22e38390f7933ca6be7f3123b1af1509c23873c08d12e1a875a74ed37917af4deaca0ce8ee7ac2811ea232df2957c140e004ec648fcf1436890c1d89bb24c00495511dbfb831be5f9ae722d40d8ed5845ce160c7fd28478103ff65e167b8b5b978d519fe9160c194697ee0d92e40d873ffc656bfd9d4da1887cc216868bdbb6a49246f93417f0a3e41b3efdf75fd77e9076dbd9110b53eee892da9b170a097016dc1efa96517bc89094f573be024b7b3779b3e205929eba3b34402a79f3f4854334e9a3176cb5ee22cb90ff72d96d14f2900e8ccefc56d49bffef30c4e848e294d80d8aad90ab0744d9159de80f8e957a7e43cfc6d479324d2e254492f6c6b10a4fd522ce89be179d60131f8b675a81e88ce7395057a88d0aefa37f72df24f7ac1789287b0ada4e6d5554e9417b6592a92f594d6bf12df5b328afa43c69e84feae91d8d674334d6277df5611a2263dff6fcc9e3e91feb86f483ed7d2dd302cec4545dd63f3cb336867396e8fbfb9cc5335c8d5dee5af13a44ce6c7db71f9c5413a1d68736a0e1eb5f67a44c0eecd32ba247658df10d90bcb7ecfa58467d2e73b9bed926ac25ffe65bb4a0a5dc43c9c0decdbe1a6dd79a2c17c2003f4776acb73ba6cda0a5bedf119169a133a5ee2cba81e5a993287e5abb98af71a9cb811977e1134140a43856f7e5f170b1e1e61838765b27e110807a6278062cc90f080c455937ea247e89876abad48dc08e3af539a57ce119a1e6dc3c0a4a72ea55cc1949e204d1e3ae5eed287efef7e5227ced5cbbd5e2e8b8fa7b06a4f411766760707421aee1eae8da5679dfc51a47fa4f228b2262e803030ed9e5ef0b523c12903c360e3f25c95d1cea576ef7a628882f239ee24b8056a76d573a810b60ce7a76f07b71e42b1c459a83132477ec5f133323aa6462781f8427f44a8c2130300e5afd2c80b41351010ce38a6b2a0a4b2133c56441dfcb590930ae10164212c71157af515e305da72079e0e0b405dfa323450ddcb3a112cb4df360679e638027bf81a4d15cc8eeddab19123ec6d7ad7909a30fb9feccec524c08273f8ac08c97cbfb562f049545ce328c590b076d79eacb5a7343cf0d19efc70d33b2aefb0f07c482b0486e8f20087667d4ff07ab39e5b3c2e10be9f08190d0053379285e3fccdd6b6f8224b960908953f1cfefca81f985e5f5faf2756ea8cf621ca3a80509ad4ec0f02cdaf795b68cb1267745f21aeda36d1224b2e5688620f599e537126718f7bd26cfb67b73fb6181bbb49fe5e4a239e009999acb21870d6380364bc41c18b90b831e8371efdf62b8fe1bc871825a52722ae4294a97fc70fc83e81e48a7381e23f299b89fa5fa95cc672483ad3b1eb2be1cd2bddb9e4bf221b425af208386b2bf99118e8a38496c3feebfcf32bf8f1492bd4718b256dfeb3bd5da1bc12fe3e62816b978c7f388884bee72f42b6658eb85cc34fcc2afb395dca870dd17acc1616811aeea9cbdcfae962ed52c402eb4e5e14d323e18125876d1136dae79450576dd3ad21f3b3125d9270d196aa91021b2e5a3e5dd5caa7120f3c669c60c8380f1923b5f22dc99dd3246dcc77835d597e843fa95a9bc0147ad58fd30c1c8ec70b9bcb7042994c916d50e2e08e43ef78995d509d2a599642ce5ec8850a8a15c4c02ba543b487cb60a6153ed600b661c1667eb96a5817b74e2ee4caeed172abd94ea9ea829235f13f5195b43f2dfb4613f6731c2e4e538f65d67ed06f82ff47bb585a3299eb6d8f7d3d67544d89d9b7f96b9e65a0d73f6a9bc61508a6ad0ff62cdda01cf3dfb2c1367dccec640f4260c4127bb9c58993410fcb9365c04c506e277a08ae71a655a69d03d86cd6c76acbac0166f44c55ffd580bc30efdbd38bc77ee368ab29a0b1ce5cd61991fea455bf25ea88687299f0b9d8d3df06687d9f730dc1d1914a87b232aed0d7a0ecdc74ff75eeb74d5fa6c4cbc50ea66097bb2873d9a2a988c6924c9b487af7257f4dc0bae9033aac8a0f4ab35992c1887466723fbd4f4f5573e9c0639ed80d7ac681b2aaae23208b546b0b725756c7df7956505136ad76808619d173201a404c3e4df32085101fcb36b0e8bd534eaa3407b0546dd68ec8df17960593457df139196de1496a5959f4cb469d86ff54766ab80acb9b438a23d04ed7f63d61c756f7c42ec6359c53004f5e8889328945460a6d499ab6e1a651a5544f83f3ea6c9206aefa1f015a535cd5d94e5f3965c01e1bc6c8d0a337d8fbf70c35f8846c44ba1becceff84b8c80e3d1db5c51ecd0f947632bab653fd876cf4ffff1929415c92c735ab340401c51d94e116b2ad6c0c9a5eadbd5740158b6fd13c0871a0c6af7194b35bbd13c238b67caca7137122b68c2e0067e2101256d7e7cd7dc35d11ec02921f1ef7745beca98eb349b36875ad147316274aebbac846d57d8134a9457cc49457fcb3aacfbaec1fdb21dae6edf6aa13595adbba2c20dc900dd0fd7a2ba4318bc34ba0cd0633de6609712c4861a4467643a483a60a96fe9da85311fe2d15934c6a6f6b8c01c1438e28658f456b469144c936d9a083453e82e19379c8831ff98538698fadac54c380f4a8dee8c9683c0189ad42db5ab585f5c147dedd77cd156ca5a080ca0fd63e9bcf4ca0944a814c60c9fcc52b6159e4011dd077fc9c99fbf886751b7b667940317d934029f5d5c25214851a5b7e09748f3b36bc50b144787026188904417b80bc273cdef25df69f4c683e233cf72be4e01d5d766f483c478ad3552707fb9abf4981bd379c31f1f26b10be9105362c7df415657b62384c4d01508a26bfd97115a67b424dfab7ecdd5b4f806f8d4c7843b2b227bd2360e51b2a611915c5be66cc669f5884570dec2da5f1368b5d1c5689524fcad4ca206f1f0cf8f64f32c92a215308b3c56955f5f50ca3bbc0a1397742c9a8fad8af5fac93d092bc575fb0a3117533ca51cd172e5401368dd6653b7534da16fa3c2466bba2556f6af6ac34b3a9513b5fcdde32ed38cd76703bc35433a68c72c689025ca179108e8f31617e62a9428aa6020041e3a46941202bfc22b71f958000862b9587db704d338674afdbdf4dde9b6f2210d05f3f39f6bcc0dc3c738cf21fc04a3617128b1b67c2db0405680196e37c437fdcb27a4589a9258f678ebe499ae679f9c3b8271644c293cb54c15e0ac813e76ed3abfbbfa8cb3b4b494352aeede313a9288090b70d9432c503f5ef59c598e0daec141b92432a281c954d9ae463b595430f7f4cc4e9aae649c6e53d9b0332497835e3353342e109fa10009fd53d5c0be619894d0857668f5b26971deb83e0c6a60ac0ec2a6e7683808c331e4631457c7249b9174cd65add991adb3d4c42429dc8ac32e5faf2100042335152a44d5dfbf3c53aa33de1fc3d8597c1cef1010bf548ede642476830b5a7bde58bd6036f861f3a69ddd2d1cdd851e538133d5fe95094d189641d8f0ee12a34d0a094bc79e7f0253c05dfb9c0cb961ad743d892b40bcc8377dc88e1922435e90785d10ddf18dc7bd539ef60050f9ecf990c518ac3dc4ebb16cdac31a0419d3fe3fd95c718c52ce744d21348ac0db6cb056a8e8ce0400a4975e8ceda498b5da9e4124ccf35e11c2177e771b94b26c2dcdfce581c00e687357a900b56eee112c7bafaa317666b96c63634c05a01bb7a0fb67ce1233714f7c375d8cd78e4b3089fd84945a8a740abc2342205403435e94cf3d377ca8852699feeab4dd7347734236c2b07200d620de7b92adc4924da2b648659066ab7b3f0e9d1de5efd8335b4c7616ac8c9b16ba1dbbe79fe9ec7e059b832195627d187b5743b9f6aa937084d85bf4e0d7983500b3627f8cf133c4395d3860c00629aabd528f3b2751b7d15ff3ca64a09629410ad4594066cba421186df2b912cd40e20fc81e417591b5d27c7bd641a0dd8b558632a2b630033a64f1c7c8cc19804ea28958c277dc8cf0988492a58f78a4fd616571cd5904f90b64e91c5ab7af6c912b5bdce9bbc711adeda8e519a28683f95f9aa405c91d5cee9b936d426c5c2b6ffd53e42c1f6dc8c954c04be62656ac536e13d78542ce561aaa9b6fe8e320fdd88812dc0ddc666306851ca37e7d8372c60cc62e9ecb294f8bd7d3e1960082e3a6a8597f11ded6dbd521eea2b035b9663769ecd7937da35c58ddf5c4ce54ceda88f577562c7e9e77522476d8dd7784a9ba443d06f8c8875c587d12329c20b914f174cfc3d1c21ebe0147f76e6262b5a5e5d8e710fcb3094715802adc10b974b1457ddfe9387db6e9c70eacf6b6a02959b5a2e5b655eb7e827f4ae0cffd1a27af6294a29ed8e48f30f15d084ed1d207d12ecda4ed1910737899ba0a3216d308a3e5ba299cff85d72e2b5ec37994a7c87d5e2ef3093088b1c76297caa285decb22c1be3b4c00d09c3761087f819d1bb8cdb7c2bbc8214d53e89994c180a28f1f14a05412ab26022072fed07539b11db0245bea4a2a4a84f7fb1562b2da90640f43713e701dd79f80983dad045f814031f94a5014cce25de476f79cd2ea1a8e57fce776e62425205531978967e34952af594e93b19a984cd291caa0c9461614e43d3ee0ee2bf1ad960a93cbbf49054ca2c9eb22534b668f86a0fba3fe3fd402c9512114d7842ee2a2e17a70dca0e2bd361fd7ff9b9bc0c867a357dc9a20185c02967230fa29704c960202f4133cc4dde1cfe47358051e55e5c2f53aaa40bfa1e8218bec10241840622b49f9add496b76931f4f08e82ed56418b5f43bcb632b765095f6de7015aa61a7799df03a0f426ac568847f0de0240e3d69c62d0484db6ac0770411b8e3ffdda54811e2767002b240c8615d5dff43b0b3bd7d7ecdfe1507a415fa7c733e6119695d8ce47cc8d16f7f8930bd275e6f4fc6f23c10a56bbdd7ba1e69e3440dc4026adcbc7d8b900612aab5afb4e6b66f3767fec32f940c67a5087d1516fcf76feafe926d75437b3a987aa49f51f7cf72afd21d277bd55498830597244a1652a3d5b6bc2ea56be758d68f0bb0dec7af1d23efbcf70359b05b197cf154f45c81a5f4fc9c7dea57797acf5cceaaf47f2e1f7a8ee8f1536bf6d8df2d344a43739c72d13e71afc990ca36547ce0a62fd1ce7218787bb74c5be8e1b78bebfd4d9b70094400889fc3a73565c012abc35143cfcc93889b28aaef0bb2bd61eeb2ae6c9c29171d523a4b1a22a5597dac5152e349eb376740e8b404e3a18cf19c6bfa2c565db59368a9b518177b9ddd86042b0f7bc97d9092da360ddab4849b9b6de57e356832c5d77a352a77264ab2364a266558e3038b0329d488b481f85caff7da6747d97667540616caa5e869eac722b8bba446ee9c54bd9b1f4abc2fcf8e8ba02e71c77b33adee6c73e957b718aa9970183b30ea452f8a5c4613ccd7a4077a132119b4703d67537538eeda50ae652c6e9de14ecf10a7a9114cb8c7bea24adc8db399087f24cba3e5e3bfc1047ee0597ffadc95dce0f8b092c6d0f6cc668d2d1e72bff8a1302088815b87bc42b40ae5b60aa8f6847a7d5241c52cf68f2736bb66e848982db3b8dd5b763de9cebba82433ff52fb854770fcde56144028713b6d549467500deb06dbc5fe6f5a34ac"}) r1 = socket$inet(0x2, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01}}, './file1\x00'}) fsetxattr$system_posix_acl(r0, &(0x7f0000000300)='system.posix_acl_default\x00', &(0x7f0000001bc0)={{}, {0x1, 0x3}, [{0x2, 0x2}, {0x2, 0x1, 0xee01}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x4}, {0x2, 0xc84118d45b0e85c6}, {0x2, 0x6}, {0x2, 0x1, 0xffffffffffffffff}, {}], {0x4, 0x1}, [{0x8, 0x1}, {0x8, 0x3, 0xee01}, {0x8, 0x6}, {0x8, 0x1}, {0x8, 0x3}, {0x8, 0x3, 0xffffffffffffffff}], {}, {0x20, 0x6}}, 0x9c, 0x3) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000280), 0x20040, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x13, r3, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000001780)={{0x2, 0x0, @remote}, {0x308}, 0xac1414fb, {0x2, 0x0, @loopback}}) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0) fallocate(r1, 0x1d, 0xfffffffffffffffe, 0xb35c) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r2, {0xc5a6}}, './file0/file0\x00'}) write$P9_RVERSION(r4, &(0x7f00000003c0)={0x15, 0x65, 0xffff, 0xfffffffd, 0x8, '9P2000.u'}, 0x15) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f00000014c0)="6b832ed13592090893e012c0276278830f126789328b314851463faf21b6739d8cda55ce7db738cf3356b5787d6c77493269dc66947167b8e0f2d5e692a93d32c26d4737eb5818c9566326d6226dedc8f10568d6badf0672c5f0e00b473c553c5e96fa6b6c8831375299efdccc86aef549178032d16c98ae473739bce51353b514abf038e4140cfc5f641241cdce17730fb342c5fde52f5a4d5d9380e8c5c77c92dd9bb6dee3debd5c7b7a0e67f850813624e4cc09915d23292b74b85954a67483b856ac401b30ecc7", 0xc9}, {&(0x7f00000001c0)="ca3eb984239251b0cd29b1d2e183bd3ccff5a7a44c1c01c4f791b0f842c530110759270e63d8828ca17c7c82368eb235b7e3752b50cc0b0cac021bceee981c3b592cc6f0cc931905a450a97011a7662bab8f736ad85892f97dcb72385b934d9f9c", 0x61}], 0x2) [ 1436.713792] Call Trace: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000000180)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000001800)=ANY=[@ANYBLOB="6e6f61636c2c0081c3571a02fb3ce4fda80967d6e24d73b006be03000000f63d0e472f595d5e0e434af492323782d00940b18d3ebe1bc3f46786c9a0743f9d66ad1d573dfbb9089bd5097dfb051209f1759dea0e7a3f92444251381ea16b672100cfde49b9427b643a0dc607c5fa1a4d7bfceaae13c0a4129e6864cb689a09b62c7e9f39e96e546f23a2af5c867243d443b30a208cf5541631ad1225483d2cee568fb0d96887e688038379407a62058ce492487a17e789a5bd34dd4e66f43a6bde1ba9471541c12e355d8e363ab7b460fb26e0d238e86c4f82b48377e5a0ceaf52160474e401d12c013e54cadaa002000000000000573ff8ae119b433f2a93f0174cded4a5f25ee4498c50c4f5c8f0a6f53db8cd084f95f6110439f8ac0b7871406b095f3374837e803aa706c774b103df6ca82059aa9c54971e67f60fb1f9fc22430e053414a453c23d2680a49a932e9171ecdde86707156c015285cda0aa84635844d7b0d65ff38a159aa556f78675753b9f3853f9f2c98cca8a535e61ecc479e54be22e5080a46bc934693b94a18c0f3e7ac9b356153a27246a0b1bf4121c426116f9293f29811fc12dff58fbc5470708c6937bb03b5da20221d0876b453fd3728afa1a82dcd211f47b2c13a86ebf4a366abbc3775c2b50cfc3906d4bd2b6eb400eb957ad21940ec6643bd31e0972034fbd4370207fe4e9a981ac7373aef3a9a12081c80f7423751e86915736566789b16cbf9fde2e5d45cee39a885e853bd09dee58b365a856ee45bb192d984b1aa8ebdeb50f73b4312dcfd08c43664543301c8de5571df579787bcd6bfd2b693a4b147c4465641b9a848ee8e588c0c3a86eaef1a8b8a2abc06d48c217304d03c8847516847c4ac81053adf1cc8ff37141b141446e8fb49a45ca"]) [ 1436.714605] dump_stack+0x107/0x167 [ 1436.715535] should_fail.cold+0x5/0xa [ 1436.715694] loop3: detected capacity change from 0 to 262144 [ 1436.716337] should_failslab+0x5/0x20 [ 1436.716363] __kmalloc_track_caller+0x79/0x370 [ 1436.718860] ? p9_client_create+0x51e/0x1230 [ 1436.719747] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1436.719785] kmemdup_nul+0x2d/0xa0 [ 1436.721486] p9_client_create+0x51e/0x1230 [ 1436.722383] ? p9_client_flush+0x430/0x430 [ 1436.723282] ? trace_hardirqs_on+0x5b/0x180 [ 1436.724196] ? lockdep_init_map_type+0x2c7/0x780 [ 1436.725194] ? __raw_spin_lock_init+0x36/0x110 [ 1436.726151] v9fs_session_init+0x1dd/0x1680 [ 1436.727065] ? lock_release+0x680/0x680 [ 1436.727908] ? kmem_cache_alloc_trace+0x151/0x320 [ 1436.728910] ? v9fs_show_options+0x690/0x690 [ 1436.729835] ? trace_hardirqs_on+0x5b/0x180 [ 1436.730740] ? kasan_unpoison_shadow+0x33/0x50 [ 1436.731698] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1436.732775] v9fs_mount+0x79/0x8f0 [ 1436.733514] ? v9fs_write_inode+0x60/0x60 [ 1436.734392] legacy_get_tree+0x105/0x220 [ 1436.735267] vfs_get_tree+0x8e/0x300 [ 1436.736054] path_mount+0x1429/0x2120 [ 1436.736871] ? strncpy_from_user+0x9e/0x470 [ 1436.737767] ? finish_automount+0xa90/0xa90 [ 1436.738693] ? getname_flags.part.0+0x1dd/0x4f0 [ 1436.739676] ? _copy_from_user+0xfb/0x1b0 [ 1436.740568] __x64_sys_mount+0x282/0x300 [ 1436.741436] ? copy_mnt_ns+0xa00/0xa00 [ 1436.742281] do_syscall_64+0x33/0x40 [ 1436.743088] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1436.744186] RIP: 0033:0x7fe2d9a8eb19 [ 1436.744981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1436.748915] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1436.750537] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1436.752082] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1436.753618] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1436.755146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1436.756669] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1436.760175] loop5: detected capacity change from 0 to 16776704 [ 1436.770398] FAULT_INJECTION: forcing a failure. [ 1436.770398] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.772903] CPU: 1 PID: 9798 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1436.774333] EXT4-fs (loop5): Mount option "noacl" will be removed by 3.5 [ 1436.774333] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 1436.774333] [ 1436.774379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1436.774392] Call Trace: [ 1436.778745] dump_stack+0x107/0x167 [ 1436.779535] should_fail.cold+0x5/0xa [ 1436.780350] should_failslab+0x5/0x20 [ 1436.781164] __kmalloc_track_caller+0x79/0x370 [ 1436.782139] ? v9fs_session_init+0xe9/0x1680 [ 1436.783085] ? kernel_text_address+0xf2/0x120 [ 1436.784051] kstrdup+0x36/0x70 [ 1436.784741] v9fs_session_init+0xe9/0x1680 [ 1436.785647] ? lock_release+0x680/0x680 [ 1436.786494] ? find_held_lock+0x2c/0x110 [ 1436.787381] ? kmem_cache_alloc_trace+0x151/0x320 [ 1436.788416] ? v9fs_show_options+0x690/0x690 [ 1436.789365] ? trace_hardirqs_on+0x5b/0x180 [ 1436.790288] ? kasan_unpoison_shadow+0x33/0x50 [ 1436.791273] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1436.792357] v9fs_mount+0x79/0x8f0 [ 1436.793116] ? v9fs_write_inode+0x60/0x60 [ 1436.794003] legacy_get_tree+0x105/0x220 [ 1436.794897] vfs_get_tree+0x8e/0x300 [ 1436.795699] path_mount+0x1429/0x2120 [ 1436.796518] ? strncpy_from_user+0x9e/0x470 [ 1436.797441] ? finish_automount+0xa90/0xa90 [ 1436.798364] ? getname_flags.part.0+0x1dd/0x4f0 [ 1436.799379] ? _copy_from_user+0xfb/0x1b0 [ 1436.800269] __x64_sys_mount+0x282/0x300 [ 1436.801137] ? copy_mnt_ns+0xa00/0xa00 [ 1436.801977] do_syscall_64+0x33/0x40 [ 1436.802771] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1436.803878] RIP: 0033:0x7f535d26eb19 [ 1436.804670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1436.808616] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1436.810243] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1436.811784] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1436.813324] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1436.814870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1436.816386] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1436.819624] FAULT_INJECTION: forcing a failure. [ 1436.819624] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.822029] CPU: 1 PID: 9804 Comm: syz-executor.3 Not tainted 5.10.235 #1 [ 1436.823510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1436.825271] Call Trace: [ 1436.825831] dump_stack+0x107/0x167 [ 1436.826610] should_fail.cold+0x5/0xa [ 1436.827433] ? create_object.isra.0+0x3a/0xa20 [ 1436.828413] should_failslab+0x5/0x20 [ 1436.829226] kmem_cache_alloc+0x5b/0x310 [ 1436.830098] create_object.isra.0+0x3a/0xa20 [ 1436.831053] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1436.832153] kmem_cache_alloc+0x159/0x310 [ 1436.833047] getname_flags.part.0+0x50/0x4f0 [ 1436.833989] getname_flags+0x9a/0xe0 [ 1436.834797] do_mknodat+0x189/0x4b0 [ 1436.835583] ? do_mkdirat+0x2b0/0x2b0 [ 1436.836413] do_syscall_64+0x33/0x40 [ 1436.837212] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1436.838313] RIP: 0033:0x7f661bb96b19 [ 1436.839120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1436.843089] RSP: 002b:00007f66190eb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 1436.844718] RAX: ffffffffffffffda RBX: 00007f661bcaa020 RCX: 00007f661bb96b19 [ 1436.846246] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffffff [ 1436.847776] RBP: 00007f66190eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1436.849306] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001 [ 1436.850838] R13: 00007ffd2845cf8f R14: 00007f66190eb300 R15: 0000000000022000 [ 1436.867063] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1436.869154] EXT4-fs (loop5): mounted filesystem without journal. Opts: noacl,,errors=continue 23:55:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 25) 23:55:36 executing program 5: r0 = syz_io_uring_setup(0x14d0, &(0x7f0000000300)={0x0, 0x1000002, 0x1, 0x0, 0x28b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x18}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:55:36 executing program 7: prctl$PR_SET_FP_MODE(0x2d, 0x3) r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x0, 0x20, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000002c0)='./file1\x00', 0x0) r3 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r1, r2, 0x1000) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000400), 0x303242, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r5 = fsmount(r0, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r5, @ANYBLOB="00000000000000004c2f729dd7730025"]) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 23:55:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x5400, @empty}, 0x1c) [ 1436.929844] FAULT_INJECTION: forcing a failure. [ 1436.929844] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.931279] CPU: 0 PID: 9812 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1436.932119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1436.933079] Call Trace: [ 1436.933407] dump_stack+0x107/0x167 [ 1436.933853] should_fail.cold+0x5/0xa [ 1436.934319] ? create_object.isra.0+0x3a/0xa20 [ 1436.934892] should_failslab+0x5/0x20 [ 1436.935360] kmem_cache_alloc+0x5b/0x310 [ 1436.935856] create_object.isra.0+0x3a/0xa20 [ 1436.936391] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1436.937015] __kmalloc_track_caller+0x177/0x370 [ 1436.937578] ? p9_client_create+0x51e/0x1230 [ 1436.938113] kmemdup_nul+0x2d/0xa0 [ 1436.938544] p9_client_create+0x51e/0x1230 [ 1436.939076] ? p9_client_flush+0x430/0x430 [ 1436.939604] ? trace_hardirqs_on+0x5b/0x180 [ 1436.940130] ? lockdep_init_map_type+0x2c7/0x780 [ 1436.940714] ? __raw_spin_lock_init+0x36/0x110 [ 1436.941273] v9fs_session_init+0x1dd/0x1680 [ 1436.941798] ? lock_release+0x680/0x680 [ 1436.942286] ? kmem_cache_alloc_trace+0x151/0x320 [ 1436.942874] ? v9fs_show_options+0x690/0x690 [ 1436.943419] ? trace_hardirqs_on+0x5b/0x180 [ 1436.943948] ? kasan_unpoison_shadow+0x33/0x50 [ 1436.944477] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1436.945102] v9fs_mount+0x79/0x8f0 [ 1436.945536] ? v9fs_write_inode+0x60/0x60 [ 1436.946040] legacy_get_tree+0x105/0x220 [ 1436.946531] vfs_get_tree+0x8e/0x300 [ 1436.946987] path_mount+0x1429/0x2120 [ 1436.947433] ? strncpy_from_user+0x9e/0x470 [ 1436.947957] ? finish_automount+0xa90/0xa90 [ 1436.948456] ? getname_flags.part.0+0x1dd/0x4f0 [ 1436.949032] ? _copy_from_user+0xfb/0x1b0 [ 1436.949541] __x64_sys_mount+0x282/0x300 [ 1436.950039] ? copy_mnt_ns+0xa00/0xa00 [ 1436.950516] do_syscall_64+0x33/0x40 [ 1436.950976] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1436.951598] RIP: 0033:0x7fe2d9a8eb19 [ 1436.952055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1436.954310] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1436.955239] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1436.956066] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1436.956885] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1436.957704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1436.958519] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:55:36 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0x5140e7668ba70197, 0x0) openat(r0, &(0x7f0000000140)='./file0\x00', 0x200, 0x50) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r1, 0x1000004) perf_event_open(&(0x7f00000002c0)={0x4, 0x80, 0x0, 0xa9, 0x6, 0x1f, 0x0, 0x7fffffff, 0x40041, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0xecfb}, 0xa80, 0x0, 0x95a, 0x5, 0x9, 0x9, 0xfffb, 0x0, 0x80000000, 0x0, 0x9}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000180)={0x0, 0x0, 0xfffffffe, 0xca1, 0x202}) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) fchdir(r3) r4 = fcntl$dupfd(r2, 0x0, r2) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000002100210c0000000080de000000"], 0x1c}}, 0x0) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f0000000240)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e23, @empty}, {0x2, 0x4e23, @rand_addr=0x64010101}, 0x8, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000200)='veth0\x00', 0x1, 0x6, 0x552}) r5 = socket$nl_generic(0x10, 0x3, 0x10) getpeername$netlink(r5, &(0x7f00000000c0), &(0x7f0000000100)=0xc) r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) socketpair(0xb, 0x3, 0xf2, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) lseek(r7, 0x22be, 0x2) r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) fadvise64(r8, 0x2, 0x5, 0x0) copy_file_range(r8, 0x0, r6, 0x0, 0x200f5ef, 0x0) 23:55:36 executing program 6: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) pipe(&(0x7f00000014c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18}, './file0\x00'}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000000, 0xffffffffffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x11d, &(0x7f0000000300)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x10f, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@timestamp_addr={0x44, 0x4, 0xda}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, {[@nop, @eol, @exp_smc={0xfe, 0x6}, @eol, @mptcp=@mp_join={0x1e, 0x3, 0x7}, @window={0x3, 0x3, 0xcf}, @exp_fastopen={0xfe, 0x6, 0xf989, "f2d3"}, @eol, @eol]}}, {"9b07c407c9b04774b4cef7526bf45292d6bbbaa11069c6f40c88d0a9d0954d0c15f5c44e429be89a1c08a6fe15a1c8bf6bc5cf7d1045bff2dfa3ead2958726a10100841cf4d98f017349e9f45bf9878a5daf075a18d8a5efde1bc1e5ed0379961c55ae9fff74833ee27598b703421bf3c685bf5393b330d1c5ffdec1fbb89bbc50910db0ad23f3a7db515725994cdec71522d27aa22bbed1d5785dd187926dbaf5707c96c078a7000993dfa5d75dc299c2a9bbb691ebc13a5380d6f76143108183f221131f4f5f6eb5c617"}}}}}}, 0x0) clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), &(0x7f0000000100), {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 23:55:36 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) (fail_nth: 3) 23:55:36 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 19) 23:55:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 26) [ 1437.023971] FAULT_INJECTION: forcing a failure. [ 1437.023971] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.025418] CPU: 0 PID: 9823 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1437.026269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.027233] Call Trace: [ 1437.027562] dump_stack+0x107/0x167 [ 1437.028005] should_fail.cold+0x5/0xa [ 1437.028475] should_failslab+0x5/0x20 [ 1437.028944] __kmalloc_track_caller+0x79/0x370 [ 1437.029506] ? parse_opts.part.0+0x8e/0x340 [ 1437.030012] kstrdup+0x36/0x70 [ 1437.030402] parse_opts.part.0+0x8e/0x340 [ 1437.030918] ? p9_fd_show_options+0x1c0/0x1c0 [ 1437.031474] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1437.032112] ? quarantine_put+0x8b/0x1a0 [ 1437.032621] ? trace_hardirqs_on+0x5b/0x180 [ 1437.033122] ? kfree+0xd7/0x340 [ 1437.033540] p9_fd_create+0x98/0x4a0 [ 1437.033994] ? p9_conn_create+0x510/0x510 [ 1437.034502] ? p9_client_create+0x798/0x1230 [ 1437.035043] ? kfree+0xd7/0x340 [ 1437.035443] ? do_raw_spin_unlock+0x4f/0x220 [ 1437.035999] p9_client_create+0x7ff/0x1230 [ 1437.036517] ? p9_client_flush+0x430/0x430 [ 1437.037035] ? trace_hardirqs_on+0x5b/0x180 [ 1437.037572] ? lockdep_init_map_type+0x2c7/0x780 [ 1437.038164] ? __raw_spin_lock_init+0x36/0x110 [ 1437.038724] v9fs_session_init+0x1dd/0x1680 [ 1437.039262] ? lock_release+0x680/0x680 [ 1437.039756] ? kmem_cache_alloc_trace+0x151/0x320 [ 1437.040345] ? v9fs_show_options+0x690/0x690 [ 1437.040883] ? trace_hardirqs_on+0x5b/0x180 [ 1437.041407] ? kasan_unpoison_shadow+0x33/0x50 [ 1437.041964] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1437.042557] v9fs_mount+0x79/0x8f0 [ 1437.043001] ? v9fs_write_inode+0x60/0x60 [ 1437.043486] legacy_get_tree+0x105/0x220 [ 1437.043985] vfs_get_tree+0x8e/0x300 [ 1437.044418] path_mount+0x1429/0x2120 [ 1437.044887] ? strncpy_from_user+0x9e/0x470 [ 1437.045413] ? finish_automount+0xa90/0xa90 [ 1437.045920] ? getname_flags.part.0+0x1dd/0x4f0 [ 1437.046485] ? _copy_from_user+0xfb/0x1b0 [ 1437.047004] __x64_sys_mount+0x282/0x300 [ 1437.047500] ? copy_mnt_ns+0xa00/0xa00 [ 1437.047981] do_syscall_64+0x33/0x40 [ 1437.048439] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1437.049071] RIP: 0033:0x7fe2d9a8eb19 [ 1437.049523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.051781] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1437.052717] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1437.053592] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1437.054415] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1437.055283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1437.056115] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1437.057099] 9pnet: Insufficient options for proto=fd [ 1437.062939] loop3: detected capacity change from 0 to 262144 23:55:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 27) [ 1437.082257] FAULT_INJECTION: forcing a failure. [ 1437.082257] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.083720] CPU: 0 PID: 9834 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1437.084548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.085507] Call Trace: [ 1437.085832] dump_stack+0x107/0x167 [ 1437.086291] should_fail.cold+0x5/0xa [ 1437.086739] ? create_object.isra.0+0x3a/0xa20 [ 1437.087315] should_failslab+0x5/0x20 [ 1437.087780] kmem_cache_alloc+0x5b/0x310 [ 1437.088257] ? legacy_get_tree+0x105/0x220 [ 1437.088783] ? vfs_get_tree+0x8e/0x300 [ 1437.089245] create_object.isra.0+0x3a/0xa20 [ 1437.089782] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1437.090406] __kmalloc_track_caller+0x177/0x370 [ 1437.090973] ? parse_opts.part.0+0x8e/0x340 [ 1437.091500] kstrdup+0x36/0x70 [ 1437.091891] parse_opts.part.0+0x8e/0x340 [ 1437.092369] ? p9_fd_show_options+0x1c0/0x1c0 [ 1437.092927] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1437.093564] ? quarantine_put+0x8b/0x1a0 [ 1437.094053] ? trace_hardirqs_on+0x5b/0x180 [ 1437.094586] ? kfree+0xd7/0x340 [ 1437.095005] p9_fd_create+0x98/0x4a0 [ 1437.095469] ? p9_conn_create+0x510/0x510 [ 1437.095973] ? p9_client_create+0x798/0x1230 [ 1437.096518] ? kfree+0xd7/0x340 [ 1437.096916] ? do_raw_spin_unlock+0x4f/0x220 [ 1437.097454] p9_client_create+0x7ff/0x1230 [ 1437.097978] ? p9_client_flush+0x430/0x430 [ 1437.098500] ? trace_hardirqs_on+0x5b/0x180 [ 1437.099039] ? lockdep_init_map_type+0x2c7/0x780 [ 1437.099625] ? __raw_spin_lock_init+0x36/0x110 [ 1437.100161] v9fs_session_init+0x1dd/0x1680 [ 1437.100689] ? lock_release+0x680/0x680 [ 1437.101177] ? kmem_cache_alloc_trace+0x151/0x320 [ 1437.101766] ? v9fs_show_options+0x690/0x690 [ 1437.102314] ? trace_hardirqs_on+0x5b/0x180 [ 1437.102849] ? kasan_unpoison_shadow+0x33/0x50 [ 1437.103409] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1437.104031] v9fs_mount+0x79/0x8f0 [ 1437.104468] ? v9fs_write_inode+0x60/0x60 [ 1437.104973] legacy_get_tree+0x105/0x220 [ 1437.105464] vfs_get_tree+0x8e/0x300 [ 1437.105914] path_mount+0x1429/0x2120 [ 1437.106375] ? strncpy_from_user+0x9e/0x470 [ 1437.106909] ? finish_automount+0xa90/0xa90 [ 1437.107431] ? getname_flags.part.0+0x1dd/0x4f0 [ 1437.108001] ? _copy_from_user+0xfb/0x1b0 [ 1437.108509] __x64_sys_mount+0x282/0x300 [ 1437.109010] ? copy_mnt_ns+0xa00/0xa00 [ 1437.109485] do_syscall_64+0x33/0x40 [ 1437.109937] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1437.110565] RIP: 0033:0x7fe2d9a8eb19 [ 1437.111028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.113259] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1437.114197] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1437.115081] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1437.115956] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1437.116838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1437.117716] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:55:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x5600, @empty}, 0x1c) [ 1437.133104] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:55:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 28) [ 1437.161162] FAULT_INJECTION: forcing a failure. [ 1437.161162] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1437.163750] CPU: 1 PID: 9839 Comm: syz-executor.3 Not tainted 5.10.235 #1 [ 1437.165215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.166979] Call Trace: [ 1437.167545] dump_stack+0x107/0x167 [ 1437.168323] should_fail.cold+0x5/0xa [ 1437.169145] strncpy_from_user+0x34/0x470 [ 1437.170032] getname_flags.part.0+0x95/0x4f0 [ 1437.170984] getname_flags+0x9a/0xe0 23:55:36 executing program 5: ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000300)={0x8, 0xffff, 0xfffc, 0x1, 0x10, "f65e571fd9440040"}) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, 0x0) r0 = syz_io_uring_setup(0x7f02, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) openat(0xffffffffffffff9c, 0x0, 0x30d00, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000180)=@sco}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000840)=""/99, 0x63}, {&(0x7f0000000640)=""/155, 0x9b}, {&(0x7f0000000580)=""/143, 0x8f}], 0x3, &(0x7f00000007c0)=""/18, 0x12}, 0x0, 0x20, 0x0, {0x1}}, 0x8001) syz_io_uring_submit(0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000040)='./file0\x00', 0x0) lsetxattr$security_ima(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), &(0x7f0000000440)=@sha1={0x1, "b6d245ccc720951115b665f784bbb85d115b858b"}, 0x15, 0x0) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000480), 0x400000, 0x0) io_uring_enter(r5, 0x488c, 0x42b5, 0x0, &(0x7f0000000500)={[0x4]}, 0x8) creat(&(0x7f0000000540)='./file0\x00', 0x80) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x40, 0x25) ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000000)=0x20000000) ioctl$AUTOFS_IOC_PROTOSUBVER(r6, 0x80049367, &(0x7f0000000380)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000008c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x541, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x7e66, 0x9016, 0x0, &(0x7f0000000340)={[0xec16]}, 0x8) [ 1437.171780] do_mknodat+0x189/0x4b0 [ 1437.172724] ? do_mkdirat+0x2b0/0x2b0 [ 1437.173550] do_syscall_64+0x33/0x40 [ 1437.174346] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1437.175459] RIP: 0033:0x7f661bb96b19 [ 1437.176249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.180189] RSP: 002b:00007f66190eb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 1437.181813] RAX: ffffffffffffffda RBX: 00007f661bcaa020 RCX: 00007f661bb96b19 [ 1437.183344] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffffff [ 1437.184857] RBP: 00007f66190eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1437.186372] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001 [ 1437.187907] R13: 00007ffd2845cf8f R14: 00007f66190eb300 R15: 0000000000022000 23:55:36 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(r1, 0x4, 0xc00) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="10ed04000203000000800000feffffff060000001ce94d2e3a1160fdffffff3b8470b55a432304a161503fa4a65b5415fc02c8479b85cbd81644ba3dd76f6b64fb969a2e4a67afd11470327775c4c0f627898aeea63d7004ea28ba01d7"], 0x8e880) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'veth0_to_bridge\x00'}) bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x11, 0x0, 0x1, 0x8, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f00000000c0)={0xaa5, 0x9, 0x9, 0xfffffffd, 0x11b2}) [ 1437.215562] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:55:36 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) (fail_nth: 4) [ 1437.272110] loop3: detected capacity change from 0 to 262144 23:55:37 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000140)=0x7f, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x8004) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) socket$inet6_udp(0xa, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x89f5, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f00000001c0)={'sit0\x00', 0x0, 0x2f, 0x1f, 0xc5, 0x8001, 0xf, @mcast1, @empty, 0x10, 0x80, 0xba45, 0x401}}) [ 1437.278620] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1437.297947] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1437.301265] FAULT_INJECTION: forcing a failure. [ 1437.301265] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.302674] CPU: 0 PID: 9856 Comm: syz-executor.3 Not tainted 5.10.235 #1 [ 1437.303513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.304520] Call Trace: [ 1437.304847] dump_stack+0x107/0x167 [ 1437.305287] should_fail.cold+0x5/0xa [ 1437.305759] ? __d_alloc+0x2a/0x990 [ 1437.306203] should_failslab+0x5/0x20 [ 1437.306676] kmem_cache_alloc+0x5b/0x310 [ 1437.307170] ? __d_lookup+0x3bf/0x760 [ 1437.307635] __d_alloc+0x2a/0x990 [ 1437.308061] d_alloc+0x46/0x1c0 [ 1437.308471] __lookup_hash+0xcc/0x190 [ 1437.308936] filename_create+0x186/0x4a0 [ 1437.309428] ? filename_parentat+0x570/0x570 [ 1437.309963] ? getname_flags.part.0+0x1dd/0x4f0 [ 1437.310535] do_mknodat+0x19c/0x4b0 [ 1437.310991] ? do_mkdirat+0x2b0/0x2b0 [ 1437.311473] do_syscall_64+0x33/0x40 [ 1437.311928] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1437.312550] RIP: 0033:0x7f661bb96b19 [ 1437.313003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.315233] RSP: 002b:00007f661910c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 1437.316172] RAX: ffffffffffffffda RBX: 00007f661bca9f60 RCX: 00007f661bb96b19 [ 1437.317043] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 1437.317900] RBP: 00007f661910c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1437.318761] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001 [ 1437.319628] R13: 00007ffd2845cf8f R14: 00007f661910c300 R15: 0000000000022000 [ 1437.322178] FAULT_INJECTION: forcing a failure. [ 1437.322178] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.323531] CPU: 0 PID: 9847 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1437.324360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.325325] Call Trace: [ 1437.325645] dump_stack+0x107/0x167 [ 1437.326086] should_fail.cold+0x5/0xa [ 1437.326548] should_failslab+0x5/0x20 [ 1437.327001] __kmalloc_track_caller+0x79/0x370 [ 1437.327554] ? match_number+0xaf/0x1d0 [ 1437.328031] kmemdup_nul+0x2d/0xa0 [ 1437.328461] match_number+0xaf/0x1d0 [ 1437.328919] ? match_u64+0x190/0x190 [ 1437.329367] ? __kmalloc_track_caller+0x2c6/0x370 [ 1437.329928] ? memcpy+0x39/0x60 [ 1437.330327] parse_opts.part.0+0x1f3/0x340 [ 1437.330848] ? p9_fd_show_options+0x1c0/0x1c0 [ 1437.331394] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1437.332031] ? trace_hardirqs_on+0x5b/0x180 [ 1437.332556] ? kfree+0xd7/0x340 [ 1437.332962] p9_fd_create+0x98/0x4a0 [ 1437.333421] ? p9_conn_create+0x510/0x510 [ 1437.333927] ? p9_client_create+0x798/0x1230 [ 1437.334458] ? kfree+0xd7/0x340 [ 1437.334849] ? do_raw_spin_unlock+0x4f/0x220 [ 1437.335382] p9_client_create+0x7ff/0x1230 [ 1437.335900] ? p9_client_flush+0x430/0x430 [ 1437.336415] ? trace_hardirqs_on+0x5b/0x180 [ 1437.336940] ? lockdep_init_map_type+0x2c7/0x780 [ 1437.337513] ? __raw_spin_lock_init+0x36/0x110 [ 1437.338066] v9fs_session_init+0x1dd/0x1680 [ 1437.338589] ? lock_release+0x680/0x680 [ 1437.339059] ? kmem_cache_alloc_trace+0x151/0x320 [ 1437.339647] ? v9fs_show_options+0x690/0x690 [ 1437.340166] ? trace_hardirqs_on+0x5b/0x180 [ 1437.340686] ? kasan_unpoison_shadow+0x33/0x50 [ 1437.341215] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1437.341828] v9fs_mount+0x79/0x8f0 [ 1437.342241] ? v9fs_write_inode+0x60/0x60 [ 1437.342743] legacy_get_tree+0x105/0x220 [ 1437.343219] vfs_get_tree+0x8e/0x300 [ 1437.343647] path_mount+0x1429/0x2120 [ 1437.344088] ? strncpy_from_user+0x9e/0x470 [ 1437.344583] ? finish_automount+0xa90/0xa90 [ 1437.345079] ? getname_flags.part.0+0x1dd/0x4f0 [ 1437.345613] ? _copy_from_user+0xfb/0x1b0 [ 1437.346093] __x64_sys_mount+0x282/0x300 [ 1437.346582] ? copy_mnt_ns+0xa00/0xa00 [ 1437.347041] do_syscall_64+0x33/0x40 [ 1437.347469] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1437.348057] RIP: 0033:0x7fe2d9a8eb19 [ 1437.348483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.350597] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1437.351477] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1437.352295] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1437.353118] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1437.353941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1437.354761] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1437.361794] FAULT_INJECTION: forcing a failure. [ 1437.361794] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.363096] CPU: 0 PID: 9845 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1437.363883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1437.364835] Call Trace: [ 1437.365137] dump_stack+0x107/0x167 [ 1437.365556] should_fail.cold+0x5/0xa [ 1437.365993] ? create_object.isra.0+0x3a/0xa20 [ 1437.366517] should_failslab+0x5/0x20 [ 1437.366961] kmem_cache_alloc+0x5b/0x310 [ 1437.367430] create_object.isra.0+0x3a/0xa20 [ 1437.367936] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1437.368561] __kmalloc_track_caller+0x177/0x370 [ 1437.369098] ? v9fs_session_init+0xe9/0x1680 [ 1437.369635] kstrdup+0x36/0x70 [ 1437.370009] v9fs_session_init+0xe9/0x1680 [ 1437.370521] ? find_held_lock+0x2c/0x110 [ 1437.371004] ? kmem_cache_alloc_trace+0x151/0x320 [ 1437.371564] ? v9fs_show_options+0x690/0x690 [ 1437.372073] ? trace_hardirqs_on+0x5b/0x180 [ 1437.372570] ? kasan_unpoison_shadow+0x33/0x50 [ 1437.373094] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1437.373681] v9fs_mount+0x79/0x8f0 [ 1437.374091] ? v9fs_write_inode+0x60/0x60 [ 1437.374573] legacy_get_tree+0x105/0x220 [ 1437.375073] vfs_get_tree+0x8e/0x300 [ 1437.375520] path_mount+0x1429/0x2120 [ 1437.375980] ? strncpy_from_user+0x9e/0x470 [ 1437.376500] ? finish_automount+0xa90/0xa90 [ 1437.377019] ? getname_flags.part.0+0x1dd/0x4f0 [ 1437.377584] ? _copy_from_user+0xfb/0x1b0 [ 1437.378086] __x64_sys_mount+0x282/0x300 [ 1437.378576] ? copy_mnt_ns+0xa00/0xa00 [ 1437.379133] do_syscall_64+0x33/0x40 [ 1437.379584] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1437.380198] RIP: 0033:0x7f535d26eb19 [ 1437.380651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1437.382873] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1437.383786] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1437.384644] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1437.385501] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1437.386356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1437.387227] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:55:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x6200, @empty}, 0x1c) [ 1437.448774] 9pnet: Insufficient options for proto=fd [ 1439.321628] Bluetooth: hci7: command 0x0405 tx timeout 23:55:53 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) (fail_nth: 5) 23:55:53 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f00000005c0)=@updsa={0x1bc, 0x1a, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in=@multicast1, 0x0, 0x33}, @in=@remote, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0xc4, 0x14, {{'sha256\x00'}, 0x3c0, 0x0, "5a6855fde7707c1b7cae3c147135f9c2ba7b610ac300bd06b2f009bd0537d7580c0bb8bc4a600300009ebf1fd296cb32d8347608236c9004d559f11fac88076804527b3839e6b2eb1bfbff2583102c3acdd40d498078a0e5414843d514f7feef875b4d8b47d8028280268536e3fd7a983c0ce3f890c1bb41"}}, @XFRMA_SET_MARK={0x8}]}, 0x1bc}}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000100)=0xfffffffffffffc60) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x9, &(0x7f0000000300)=0xfffffffe, 0x4) ioctl$AUTOFS_IOC_ASKUMOUNT(0xffffffffffffffff, 0x80049370, &(0x7f00000000c0)) io_setup(0x5, &(0x7f0000000700)=0x0) r3 = signalfd(0xffffffffffffffff, &(0x7f0000000280), 0x8) io_submit(r2, 0x1, &(0x7f00000006c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}]) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000004c0)=0xfffffffffffffff8, 0x7) r4 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0) r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0) io_cancel(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x2, r4, &(0x7f0000000340)="973718d000416d0e113ace690a98f1619484e4960056aa777fed63e5d28907e5dc658359736aa2b3be6a054ff61d0d0a1704feb3dcb95ee5a9cff583a4c2fe2b47dfbb4b82095e76228691e017e710f5527b9185295cf3d3a3e16d4d705f339c596fb9ddcd0bbc9eb440a4102813cb2df3f63c3d37f8ed50d3a4270ad215d9176a280cd1e1d5", 0x86, 0x7, 0x0, 0x3, r5}, &(0x7f0000000280)) setpriority(0x0, 0x0, 0x800000000081) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000400)=0xc) r6 = socket$netlink(0x10, 0x3, 0x0) fchmod(r0, 0x6) sendmsg$nl_generic(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="3000000010000100060000000000000000000000050000000000000011000080487fec864b245e0f3f9be149f8000000"], 0x30}}, 0x0) 23:55:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = socket$netlink(0x10, 0x3, 0x0) openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x40, 0x44) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000180)={'syzkaller1\x00', &(0x7f0000000080)=@ethtool_gfeatures={0x3a, 0x4, [{}, {}, {}, {}]}}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) 23:55:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 29) 23:55:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x80fe, @empty}, 0x1c) [ 1453.372991] loop3: detected capacity change from 0 to 262144 [ 1453.385421] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1453.412476] FAULT_INJECTION: forcing a failure. [ 1453.412476] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.415636] CPU: 0 PID: 9902 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1453.417507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1453.419693] Call Trace: [ 1453.420395] dump_stack+0x107/0x167 [ 1453.421347] should_fail.cold+0x5/0xa [ 1453.422333] ? create_object.isra.0+0x3a/0xa20 [ 1453.423528] should_failslab+0x5/0x20 [ 1453.424504] kmem_cache_alloc+0x5b/0x310 [ 1453.425563] create_object.isra.0+0x3a/0xa20 [ 1453.426707] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1453.428016] __kmalloc_track_caller+0x177/0x370 [ 1453.429201] ? match_number+0xaf/0x1d0 [ 1453.430212] kmemdup_nul+0x2d/0xa0 [ 1453.431124] match_number+0xaf/0x1d0 [ 1453.432083] ? match_u64+0x190/0x190 [ 1453.433032] ? __kmalloc_track_caller+0x2c6/0x370 [ 1453.433966] FAULT_INJECTION: forcing a failure. [ 1453.433966] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.434265] ? memcpy+0x39/0x60 [ 1453.437154] parse_opts.part.0+0x1f3/0x340 [ 1453.438227] ? p9_fd_show_options+0x1c0/0x1c0 [ 1453.439377] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1453.440710] ? trace_hardirqs_on+0x5b/0x180 [ 1453.441805] ? kfree+0xd7/0x340 [ 1453.442648] p9_fd_create+0x98/0x4a0 [ 1453.443594] ? p9_conn_create+0x510/0x510 [ 1453.444643] ? p9_client_create+0x798/0x1230 [ 1453.445761] ? kfree+0xd7/0x340 [ 1453.446594] ? do_raw_spin_unlock+0x4f/0x220 [ 1453.447738] p9_client_create+0x7ff/0x1230 [ 1453.448833] ? p9_client_flush+0x430/0x430 [ 1453.449893] ? trace_hardirqs_on+0x5b/0x180 [ 1453.450993] ? lockdep_init_map_type+0x2c7/0x780 [ 1453.452178] ? __raw_spin_lock_init+0x36/0x110 [ 1453.453333] v9fs_session_init+0x1dd/0x1680 [ 1453.454410] ? lock_release+0x680/0x680 [ 1453.455423] ? kmem_cache_alloc_trace+0x151/0x320 [ 1453.456624] ? v9fs_show_options+0x690/0x690 [ 1453.457736] ? trace_hardirqs_on+0x5b/0x180 [ 1453.458814] ? kasan_unpoison_shadow+0x33/0x50 [ 1453.459975] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1453.461240] v9fs_mount+0x79/0x8f0 [ 1453.462127] ? v9fs_write_inode+0x60/0x60 [ 1453.463172] legacy_get_tree+0x105/0x220 [ 1453.464191] vfs_get_tree+0x8e/0x300 [ 1453.465118] path_mount+0x1429/0x2120 [ 1453.466078] ? strncpy_from_user+0x9e/0x470 [ 1453.467164] ? finish_automount+0xa90/0xa90 [ 1453.468255] ? getname_flags.part.0+0x1dd/0x4f0 [ 1453.469422] ? _copy_from_user+0xfb/0x1b0 [ 1453.470460] __x64_sys_mount+0x282/0x300 [ 1453.471475] ? copy_mnt_ns+0xa00/0xa00 [ 1453.472446] do_syscall_64+0x33/0x40 [ 1453.473366] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1453.474636] RIP: 0033:0x7fe2d9a8eb19 [ 1453.475569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.480148] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1453.482040] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1453.483838] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1453.485603] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1453.487385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1453.489156] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:55:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 20) 23:55:53 executing program 6: sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="080005005ebcb878"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="dc8a98d5d26c35b20748a966d3771ab1370bbe7f0c2343aee1770c6f8680bc949c645f1ff0953adcdd6639cdf6abe096fdd11e3521c98847f72645c2c47460020cc717709c3a7e0d83aed2897cb8ab177d8f9f4e0155b251da3ceb44c2ae7316c6cee8510cdf01413bc5281b5243649b959ef55a95577bbd81836ecad89e1555345cb60246d699", @ANYRES16=r3, @ANYRESHEX=r1], 0x120}, 0x1, 0x0, 0x0, 0xc011}, 0x20000840) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r5, 0x0, 0x0, 0x1000002) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)='7', 0x1}], 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000340), 0x1000) bind(0xffffffffffffffff, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x80) sendfile(0xffffffffffffffff, r0, &(0x7f00000001c0)=0x80000001, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r6, r7, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r5, 0x0) 23:55:53 executing program 0: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000002c0)={'veth0_macvtap\x00'}) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x8e642, 0xe) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448d4, &(0x7f0000000080)) sendfile(0xffffffffffffffff, r2, &(0x7f00000000c0)=0x20008001, 0xffffffff) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb23}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000003, 0x1f012, r3, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_TIMEOUT_REMOVE, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f00000000c0)=0x6, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c) openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x440800, 0x0) chroot(&(0x7f0000000040)='./file1\x00') ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100841675abb0d98c54ac01a03539b8fe7bc9096ce5eb1192f2416d2c6b4bcca18ec0b35cc81acaf2a9502232401fb8917524ee13544157fe0e8fe55589122052d0b9cc4d753f3e17898c7cbf8fdd7b963890d0cefab4e72c3dde833ff176a925bea5", @ANYRES32=r3, @ANYBLOB="04000000000000002e0c667b6cec57ed2b2d44c82daf89653100e60601da2765ccb990e36c13"]) getsockopt$IP_VS_SO_GET_SERVICE(r5, 0x0, 0x483, 0x0, &(0x7f0000000240)) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r1, 0x0) [ 1453.490940] CPU: 1 PID: 9909 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1453.492433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1453.493982] Call Trace: [ 1453.494406] FAULT_INJECTION: forcing a failure. [ 1453.494406] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1453.496610] dump_stack+0x107/0x167 [ 1453.496627] should_fail.cold+0x5/0xa [ 1453.496644] ? p9_client_create+0xaf/0x1230 [ 1453.496661] should_failslab+0x5/0x20 [ 1453.496676] kmem_cache_alloc_trace+0x55/0x320 [ 1453.496697] ? find_held_lock+0x2c/0x110 [ 1453.496717] p9_client_create+0xaf/0x1230 [ 1453.502322] ? lock_downgrade+0x6d0/0x6d0 [ 1453.503103] ? p9_client_flush+0x430/0x430 [ 1453.503895] ? trace_hardirqs_on+0x5b/0x180 [ 1453.504704] ? lockdep_init_map_type+0x2c7/0x780 [ 1453.505585] ? __raw_spin_lock_init+0x36/0x110 [ 1453.506439] v9fs_session_init+0x1dd/0x1680 [ 1453.507252] ? lock_release+0x680/0x680 [ 1453.507999] ? kmem_cache_alloc_trace+0x151/0x320 [ 1453.508897] ? v9fs_show_options+0x690/0x690 [ 1453.509712] ? trace_hardirqs_on+0x5b/0x180 [ 1453.510504] ? kasan_unpoison_shadow+0x33/0x50 [ 1453.511354] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1453.512304] v9fs_mount+0x79/0x8f0 [ 1453.512960] ? v9fs_write_inode+0x60/0x60 [ 1453.513733] legacy_get_tree+0x105/0x220 [ 1453.514487] vfs_get_tree+0x8e/0x300 [ 1453.515179] path_mount+0x1429/0x2120 [ 1453.515885] ? strncpy_from_user+0x9e/0x470 [ 1453.516673] ? finish_automount+0xa90/0xa90 [ 1453.517456] ? getname_flags.part.0+0x1dd/0x4f0 [ 1453.518312] ? _copy_from_user+0xfb/0x1b0 [ 1453.519087] __x64_sys_mount+0x282/0x300 [ 1453.519846] ? copy_mnt_ns+0xa00/0xa00 [ 1453.520574] do_syscall_64+0x33/0x40 [ 1453.521265] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1453.522218] RIP: 0033:0x7f535d26eb19 [ 1453.522907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.526344] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1453.527771] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1453.529089] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1453.530415] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1453.531743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1453.533077] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1453.534429] CPU: 0 PID: 9910 Comm: syz-executor.3 Not tainted 5.10.235 #1 [ 1453.536121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1453.538146] Call Trace: [ 1453.538787] dump_stack+0x107/0x167 [ 1453.539686] should_fail.cold+0x5/0xa [ 1453.540616] _copy_from_user+0x2e/0x1b0 [ 1453.541588] kstrtouint_from_user+0xbd/0x220 [ 1453.542659] ? kstrtou8_from_user+0x210/0x210 [ 1453.543766] ? lock_acquire+0x197/0x470 [ 1453.544732] ? ksys_write+0x12d/0x260 [ 1453.545669] proc_fail_nth_write+0x78/0x220 [ 1453.546712] ? proc_task_getattr+0x1f0/0x1f0 [ 1453.547790] ? proc_task_getattr+0x1f0/0x1f0 [ 1453.548845] vfs_write+0x29a/0xb10 [ 1453.549705] ksys_write+0x12d/0x260 [ 1453.550581] ? __ia32_sys_read+0xb0/0xb0 [ 1453.551575] do_syscall_64+0x33/0x40 [ 1453.552469] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1453.553696] RIP: 0033:0x7f661bb495ff [ 1453.554588] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 1453.559065] RSP: 002b:00007f66190eb170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1453.560918] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f661bb495ff [ 1453.562612] RDX: 0000000000000001 RSI: 00007f66190eb1e0 RDI: 0000000000000005 [ 1453.564366] RBP: 00007f66190eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1453.566113] R10: 0000000000000103 R11: 0000000000000293 R12: 0000000000000001 [ 1453.567839] R13: 00007ffd2845cf8f R14: 00007f66190eb300 R15: 0000000000022000 [ 1453.587868] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1453.595384] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'. 23:55:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xb8ff, @empty}, 0x1c) 23:55:53 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=ANY=[@ANYBLOB="9c000000200021a3f9c0eb0000000000020000000000af018000000095652806f9ad42e90c69fab1febcffabad30783a1b6c2b430bb3fbf412733e518a0f1e9ada735c55919981955105740adac76fcbc431cd489b0ff4deb9ac054ee2d6ff426850ec1f6b24dc9cf0aca0c56a27e72df02114fe41ddcd9bee0365c4faadf185d4f36e414aa436a691567be160e4fe06277000307951ff1a9d571513e9e6cceab2e653a044906d370824da00a8fed03d1db43d26f1b45ae07be26c125cdaa730fc7d54a2e9b5c5b80cc37662f6b700cbe9911de920ca7e1d40f1d6c64d8a1430995595b4c27f3139d5ca"], 0x1c}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd_index=0x5, 0xfff, {0x0, r1}, 0x3f, 0x4}, 0x7) r2 = fcntl$dupfd(r0, 0x406, r0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000008, 0x4198051, r2, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000380)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xd8) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000240)={0xa0002002}) setsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000100)=0x4, 0x4) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x17}, 0x80002}, 0x1c) r4 = syz_io_uring_complete(0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) getsockopt$IP6T_SO_GET_ENTRIES(r4, 0x29, 0x41, &(0x7f0000000580)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000000000000000cf0000002aa7e4da8490b0d89235c8a5c80487d6ba319a6689ff2dab269a2e6ac51e048d141f176c53a5a6f01a06172cc7514f4c11288a0b08ec6b4205d5694c6f3e80e11c22f5d2aa7d2ea8eaefe96a8b32c104a940371e7518be8cfbe59098ad7df107579a26d114526807805a50d956e6e25f1569baeb138e00d63c37431d01138b54e50eec37fa7e34c9837911b329a4a2bf55eb2751c6c7dd6ac531be64ed733a70ab970f66d4f26c132197f414857f0340985a3bef5432e17825dfbb"], &(0x7f00000000c0)=0xf3) ftruncate(0xffffffffffffffff, 0x1000003) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)) writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000500)='z', 0x1}, {&(0x7f0000000040)='Z', 0x1}], 0x2) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x9}, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x212e44e6, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) 23:55:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 21) 23:55:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="a3", 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) syz_io_uring_setup(0x61cb, &(0x7f0000000100)={0x0, 0xb346, 0x0, 0x1, 0x276, 0x0, r3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fee000/0x12000)=nil, &(0x7f0000000080), &(0x7f0000000180)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000001200)={{0x1, 0x1, 0x18, r2, {0x80000000}}, './file0\x00'}) r5 = syz_open_dev$mouse(&(0x7f0000001240), 0x4, 0x20000) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000001280)={0x101, 0xff, 0x6, 0x10000, 0x4}) dup2(r3, r4) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000000200)={{0x0, 0x7, 0x4e, 0x5, 0x8000, 0x8001, 0x7, 0xffffffac, 0x65, 0xc02, 0xdd2b, 0x4, 0x2, 0x7, 0x1}}) 23:55:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 30) 23:55:53 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x103) [ 1453.780659] FAULT_INJECTION: forcing a failure. [ 1453.780659] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.783129] CPU: 1 PID: 9929 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1453.784566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1453.786307] Call Trace: [ 1453.786869] dump_stack+0x107/0x167 [ 1453.787647] should_fail.cold+0x5/0xa [ 1453.788457] should_failslab+0x5/0x20 [ 1453.789263] __kmalloc_track_caller+0x79/0x370 [ 1453.790228] ? match_number+0xaf/0x1d0 [ 1453.790854] FAULT_INJECTION: forcing a failure. [ 1453.790854] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.791059] ? kfree+0xd7/0x340 [ 1453.791091] kmemdup_nul+0x2d/0xa0 [ 1453.795020] match_number+0xaf/0x1d0 [ 1453.795804] ? match_u64+0x190/0x190 [ 1453.796593] ? __kmalloc_track_caller+0x2c6/0x370 [ 1453.797611] ? memcpy+0x39/0x60 [ 1453.798312] parse_opts.part.0+0x1f3/0x340 [ 1453.799212] ? p9_fd_show_options+0x1c0/0x1c0 [ 1453.800164] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1453.801269] ? trace_hardirqs_on+0x5b/0x180 [ 1453.802183] ? kfree+0xd7/0x340 [ 1453.802883] p9_fd_create+0x98/0x4a0 [ 1453.803682] ? p9_conn_create+0x510/0x510 [ 1453.804556] ? p9_client_create+0x798/0x1230 [ 1453.805481] ? kfree+0xd7/0x340 [ 1453.806174] ? do_raw_spin_unlock+0x4f/0x220 [ 1453.807158] p9_client_create+0x7ff/0x1230 [ 1453.808060] ? p9_client_flush+0x430/0x430 [ 1453.808949] ? trace_hardirqs_on+0x5b/0x180 [ 1453.809858] ? lockdep_init_map_type+0x2c7/0x780 [ 1453.810856] ? __raw_spin_lock_init+0x36/0x110 [ 1453.811833] v9fs_session_init+0x1dd/0x1680 [ 1453.812743] ? lock_release+0x680/0x680 [ 1453.813587] ? kmem_cache_alloc_trace+0x151/0x320 [ 1453.814610] ? v9fs_show_options+0x690/0x690 [ 1453.815552] ? trace_hardirqs_on+0x5b/0x180 [ 1453.816465] ? kasan_unpoison_shadow+0x33/0x50 [ 1453.817429] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1453.818500] v9fs_mount+0x79/0x8f0 [ 1453.819260] ? v9fs_write_inode+0x60/0x60 [ 1453.820136] legacy_get_tree+0x105/0x220 [ 1453.820995] vfs_get_tree+0x8e/0x300 [ 1453.821780] path_mount+0x1429/0x2120 [ 1453.822588] ? strncpy_from_user+0x9e/0x470 [ 1453.823506] ? finish_automount+0xa90/0xa90 [ 1453.824413] ? getname_flags.part.0+0x1dd/0x4f0 [ 1453.825391] ? _copy_from_user+0xfb/0x1b0 [ 1453.826271] __x64_sys_mount+0x282/0x300 [ 1453.827139] ? copy_mnt_ns+0xa00/0xa00 [ 1453.827970] do_syscall_64+0x33/0x40 [ 1453.828754] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1453.829831] RIP: 0033:0x7fe2d9a8eb19 [ 1453.830614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.834495] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1453.836119] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1453.837632] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1453.839153] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1453.840665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1453.842171] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1453.843718] CPU: 0 PID: 9930 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1453.844483] 9pnet: Insufficient options for proto=fd [ 1453.845277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1453.845285] Call Trace: [ 1453.845312] dump_stack+0x107/0x167 [ 1453.845334] should_fail.cold+0x5/0xa [ 1453.845355] ? create_object.isra.0+0x3a/0xa20 [ 1453.845384] should_failslab+0x5/0x20 [ 1453.852425] kmem_cache_alloc+0x5b/0x310 [ 1453.853344] ? kernel_text_address+0xf2/0x120 [ 1453.854526] create_object.isra.0+0x3a/0xa20 [ 1453.855530] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1453.856690] kmem_cache_alloc_trace+0x151/0x320 [ 1453.857748] p9_client_create+0xaf/0x1230 [ 1453.858701] ? trace_hardirqs_on+0x5b/0x180 [ 1453.859685] ? p9_client_flush+0x430/0x430 [ 1453.860647] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1453.861891] ? lockdep_init_map_type+0x2c7/0x780 [ 1453.862984] ? __raw_spin_lock_init+0x36/0x110 [ 1453.864026] v9fs_session_init+0x1dd/0x1680 [ 1453.865009] ? lock_release+0x680/0x680 [ 1453.865913] ? kmem_cache_alloc_trace+0x151/0x320 [ 1453.867009] ? v9fs_show_options+0x690/0x690 [ 1453.868013] ? trace_hardirqs_on+0x5b/0x180 23:55:53 executing program 5: sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000680)=ANY=[@ANYBLOB="34000000c9e1a051592a8e0c8a80c668ea7dc1f63a6f041c735417ca1dcc93223f2d3aa2b32d1fb509940660d8f4e057f616789bc1fa09f23190429accacf07468c919bedb0535d3575d9988e3d2daf6b4b6608b568e5d1be1d43399a5e9bc35c78e34dcf744232039", @ANYRES16=0x0, @ANYBLOB="00032abd7000ffdbdf256f2008a5288aff2e8c29026a7f0900000008000300", @ANYRES32=0x0, @ANYBLOB="0500070200000000000c00"/24], 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000003c0), 0x13}, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x200, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newpolicy={0xb8, 0x13, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x3c}}}, 0xb8}}, 0x0) r2 = pidfd_open(0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r2, 0x0, 0x800, 0x2}) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xffffffff81000000}, 0x48, 0x0, 0x0, 0x9, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(r4, r3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001500)={&(0x7f00000003c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x20004010}, 0x4040890) syz_io_uring_setup(0x5606, &(0x7f0000000040)={0x0, 0xef33, 0x0, 0x3, 0x256}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000004c0), &(0x7f0000000100)) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='smaps\x00') syz_io_uring_setup(0x67c, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000380)) pipe2(&(0x7f00000014c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc000) r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x100, 0xb91}) sendfile(0xffffffffffffffff, r0, &(0x7f0000000500)=0x9, 0x6) io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='ip6gre0\x00', 0x10) [ 1453.868988] ? kasan_unpoison_shadow+0x33/0x50 [ 1453.870205] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1453.871363] v9fs_mount+0x79/0x8f0 [ 1453.872174] ? v9fs_write_inode+0x60/0x60 [ 1453.873120] legacy_get_tree+0x105/0x220 [ 1453.874043] vfs_get_tree+0x8e/0x300 [ 1453.874886] path_mount+0x1429/0x2120 [ 1453.875765] ? strncpy_from_user+0x9e/0x470 [ 1453.876741] ? finish_automount+0xa90/0xa90 [ 1453.877722] ? getname_flags.part.0+0x1dd/0x4f0 [ 1453.878776] ? _copy_from_user+0xfb/0x1b0 [ 1453.879738] __x64_sys_mount+0x282/0x300 [ 1453.880658] ? copy_mnt_ns+0xa00/0xa00 [ 1453.881556] do_syscall_64+0x33/0x40 [ 1453.882441] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1453.883620] RIP: 0033:0x7f535d26eb19 [ 1453.884462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.888667] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1453.890398] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1453.892022] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1453.893640] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1453.895267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1453.896886] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:55:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xc0fe, @empty}, 0x1c) [ 1453.965210] loop3: detected capacity change from 0 to 262144 [ 1453.975820] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1454.031449] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:55:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 31) [ 1454.040386] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 [ 1454.153140] FAULT_INJECTION: forcing a failure. [ 1454.153140] name failslab, interval 1, probability 0, space 0, times 0 [ 1454.155995] CPU: 0 PID: 9947 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1454.157647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1454.159541] Call Trace: [ 1454.160145] dump_stack+0x107/0x167 [ 1454.160969] should_fail.cold+0x5/0xa [ 1454.161834] ? create_object.isra.0+0x3a/0xa20 [ 1454.162869] should_failslab+0x5/0x20 [ 1454.163738] kmem_cache_alloc+0x5b/0x310 [ 1454.164657] create_object.isra.0+0x3a/0xa20 [ 1454.165644] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1454.166791] __kmalloc_track_caller+0x177/0x370 [ 1454.167847] ? match_number+0xaf/0x1d0 [ 1454.168732] kmemdup_nul+0x2d/0xa0 [ 1454.169541] match_number+0xaf/0x1d0 [ 1454.170381] ? match_u64+0x190/0x190 [ 1454.171231] ? __kmalloc_track_caller+0x2c6/0x370 [ 1454.172328] ? memcpy+0x39/0x60 [ 1454.173078] parse_opts.part.0+0x1f3/0x340 [ 1454.174032] ? p9_fd_show_options+0x1c0/0x1c0 [ 1454.175063] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1454.176244] ? trace_hardirqs_on+0x5b/0x180 [ 1454.177231] ? kfree+0xd7/0x340 [ 1454.177984] p9_fd_create+0x98/0x4a0 [ 1454.178819] ? p9_conn_create+0x510/0x510 [ 1454.179769] ? p9_client_create+0x798/0x1230 [ 1454.180760] ? kfree+0xd7/0x340 [ 1454.181503] ? do_raw_spin_unlock+0x4f/0x220 [ 1454.182504] p9_client_create+0x7ff/0x1230 [ 1454.183482] ? p9_client_flush+0x430/0x430 [ 1454.184434] ? trace_hardirqs_on+0x5b/0x180 [ 1454.185409] ? lockdep_init_map_type+0x2c7/0x780 [ 1454.186486] ? __raw_spin_lock_init+0x36/0x110 [ 1454.187532] v9fs_session_init+0x1dd/0x1680 [ 1454.188520] ? kmem_cache_alloc_trace+0x151/0x320 [ 1454.189612] ? v9fs_show_options+0x690/0x690 [ 1454.190613] ? trace_hardirqs_on+0x5b/0x180 [ 1454.191591] ? kasan_unpoison_shadow+0x33/0x50 [ 1454.192632] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1454.193793] v9fs_mount+0x79/0x8f0 [ 1454.194595] ? v9fs_write_inode+0x60/0x60 [ 1454.195544] legacy_get_tree+0x105/0x220 [ 1454.196462] vfs_get_tree+0x8e/0x300 [ 1454.197299] path_mount+0x1429/0x2120 [ 1454.198163] ? strncpy_from_user+0x9e/0x470 [ 1454.199148] ? finish_automount+0xa90/0xa90 [ 1454.200122] ? getname_flags.part.0+0x1dd/0x4f0 [ 1454.201172] ? _copy_from_user+0xfb/0x1b0 [ 1454.202112] __x64_sys_mount+0x282/0x300 [ 1454.203034] ? copy_mnt_ns+0xa00/0xa00 [ 1454.203921] do_syscall_64+0x33/0x40 [ 1454.204768] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1454.205932] RIP: 0033:0x7fe2d9a8eb19 [ 1454.206771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1454.210941] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1454.212674] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1454.214295] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1454.215922] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1454.217531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1454.219149] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:56:09 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xe803, @empty}, 0x1c) 23:56:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x4, 0x2}, 0x0, 0x0, 0x0, 0x3, 0x1, 0x40}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000140)=0x7f, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0xfffffffffffffde1}, 0x404c008) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040)=@routing={0x41, 0x2, 0x1, 0x5b, 0x0, [@mcast1]}, 0x18) sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0) write(r1, &(0x7f0000000380)="071e9f7358ec922343d9786f7c2147c81e6890a8016fb53a5ffc4951d0a6a9f38dda8a9bae8f6f3750405ca0111cc8069cb8ebd8c8564cc6aff4e3631e4eb8ebf43b0e3a61bb5878257df934ab1c2df75a49f4d39cf7effe02c00c95f02860e708", 0x61) syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00') r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000080), 0x4) fcntl$dupfd(r1, 0x406, r2) syz_open_procfs(0x0, &(0x7f0000000280)='fd/4\x00') getpeername$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x1c) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x100000, &(0x7f0000000440)=ANY=[]) mkdir(&(0x7f0000000300)='./file0/file0\x00', 0x0) umount2(&(0x7f0000000200)='./file0/../file0\x00', 0x0) unshare(0x48020200) 23:56:09 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) getdents(r0, &(0x7f0000000440)=""/200, 0xc8) ftruncate(r0, 0x1000003) write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) fallocate(r1, 0x4, 0x75, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) getdents(r2, &(0x7f0000000440)=""/200, 0xc8) syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:56:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 32) 23:56:09 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x2, 0x103) 23:56:09 executing program 5: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10001, 0x1ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00') pread64(r1, &(0x7f00000011c0)=""/88, 0x58, 0x200000048) perf_event_open(&(0x7f0000000740)={0x2, 0x80, 0x3, 0x8, 0xa2, 0x0, 0x0, 0x5, 0x22004, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000700), 0x6}, 0x40000, 0x80, 0x10001, 0x6, 0x1, 0x5, 0x9, 0x0, 0x1, 0x0, 0x1f}, 0xffffffffffffffff, 0xe, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x40010, r2, 0x10000000) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000fffffdfd0201000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000df2800000000000077d324d88c7d5da71d00"/253]) syz_io_uring_submit(0x0, r3, &(0x7f0000000480)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000440)=0x80, &(0x7f0000000840)=@qipcrtr}, 0x81) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000000)={0x7, 0xfffffffffffff001, 0x5, 0x8, 0x684c, 0x64}) clone3(&(0x7f00000008c0)={0x3040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) recvmsg(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000640)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000940)=""/165, 0xa5}, {&(0x7f0000000a00)=""/166, 0xa6}, {&(0x7f0000000ac0)=""/203, 0xcb}, {&(0x7f00000007c0)=""/114, 0x72}, {&(0x7f0000000bc0)=""/196, 0xc4}, {&(0x7f0000000cc0)=""/225, 0xe1}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000000dc0)=""/130, 0x82}, {&(0x7f0000000e80)=""/155, 0x9b}], 0x9, &(0x7f0000001000)=""/143, 0x8f}, 0x60010000) syz_io_uring_submit(0x0, r3, &(0x7f0000001180)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, {0x80}, 0x3}, 0x8) mount$9p_fd(0x0, &(0x7f00000005c0)='./file1\x00', &(0x7f0000000600), 0x4826, &(0x7f00000010c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="2c706f73697861636c2cf8f83cf3052cd7576570726976706f72742c76657273696f6e3d3970323030302e752c686173682c646f6e8c5f6170707261", @ANYRESDEC=0xee01, @ANYBLOB='p\x00']) r5 = syz_open_dev$vcsn(&(0x7f0000000240), 0x7ffc, 0x200100) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r5, 0x80286722, &(0x7f0000000200)={&(0x7f00000004c0)=""/246, 0xf6, 0x6}) 23:56:09 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 22) 23:56:09 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x4, @local, 0xb}, 0x1c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x4, 0xff, 0x1ff}) sendmmsg$inet6(r1, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="9ea9d2000000000000006a5f769c9dec17667fb9dac9fcb8ca9e5afb44b99c3f0e9416c4e5f16d3a355e38025233b49ace40491fa5e51617715646c83ff046ee58dda799370bef896d73bcfddaf3cf8e000000003a15a312b6388125a2b25a4b", 0x60}], 0x1}}], 0x1, 0x4004001) [ 1469.487460] FAULT_INJECTION: forcing a failure. [ 1469.487460] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.489954] CPU: 0 PID: 9961 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1469.491403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1469.493136] Call Trace: [ 1469.493689] dump_stack+0x107/0x167 [ 1469.494448] should_fail.cold+0x5/0xa [ 1469.495276] ? create_object.isra.0+0x3a/0xa20 [ 1469.496237] should_failslab+0x5/0x20 [ 1469.497035] kmem_cache_alloc+0x5b/0x310 [ 1469.497891] create_object.isra.0+0x3a/0xa20 [ 1469.498807] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1469.499902] __kmalloc_track_caller+0x177/0x370 [ 1469.500874] ? v9fs_session_init+0xe9/0x1680 [ 1469.501796] ? kernel_text_address+0xf2/0x120 [ 1469.502731] kstrdup+0x36/0x70 [ 1469.503427] v9fs_session_init+0xe9/0x1680 [ 1469.504310] ? lock_release+0x680/0x680 [ 1469.505134] ? find_held_lock+0x2c/0x110 [ 1469.505983] ? kmem_cache_alloc_trace+0x151/0x320 [ 1469.506979] ? v9fs_show_options+0x690/0x690 [ 1469.507928] ? trace_hardirqs_on+0x5b/0x180 [ 1469.508827] ? kasan_unpoison_shadow+0x33/0x50 [ 1469.509769] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1469.510797] v9fs_mount+0x79/0x8f0 [ 1469.511530] ? v9fs_write_inode+0x60/0x60 [ 1469.512390] legacy_get_tree+0x105/0x220 [ 1469.513225] vfs_get_tree+0x8e/0x300 [ 1469.513976] path_mount+0x1429/0x2120 [ 1469.514763] ? strncpy_from_user+0x9e/0x470 [ 1469.515524] FAULT_INJECTION: forcing a failure. [ 1469.515524] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.515695] ? finish_automount+0xa90/0xa90 [ 1469.519092] ? getname_flags.part.0+0x1dd/0x4f0 [ 1469.520075] ? _copy_from_user+0xfb/0x1b0 [ 1469.520934] __x64_sys_mount+0x282/0x300 [ 1469.521769] ? copy_mnt_ns+0xa00/0xa00 [ 1469.522571] do_syscall_64+0x33/0x40 [ 1469.523367] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1469.524428] RIP: 0033:0x7f535d26eb19 [ 1469.525189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.528996] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1469.530556] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1469.532050] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1469.533516] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1469.534970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1469.536449] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1469.537938] CPU: 1 PID: 9970 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1469.539507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1469.541396] Call Trace: [ 1469.542005] dump_stack+0x107/0x167 [ 1469.542843] should_fail.cold+0x5/0xa [ 1469.543717] ? p9_fd_create+0x161/0x4a0 [ 1469.544620] should_failslab+0x5/0x20 [ 1469.545489] kmem_cache_alloc_trace+0x55/0x320 [ 1469.546532] p9_fd_create+0x161/0x4a0 [ 1469.547415] ? p9_conn_create+0x510/0x510 [ 1469.548357] ? p9_client_create+0x798/0x1230 [ 1469.549357] ? kfree+0xd7/0x340 [ 1469.550100] ? do_raw_spin_unlock+0x4f/0x220 [ 1469.551109] p9_client_create+0x7ff/0x1230 [ 1469.552102] ? p9_client_flush+0x430/0x430 [ 1469.553066] ? trace_hardirqs_on+0x5b/0x180 [ 1469.554051] ? lockdep_init_map_type+0x2c7/0x780 [ 1469.555133] ? __raw_spin_lock_init+0x36/0x110 [ 1469.556193] v9fs_session_init+0x1dd/0x1680 [ 1469.557174] ? lock_release+0x680/0x680 [ 1469.558098] ? kmem_cache_alloc_trace+0x151/0x320 [ 1469.559189] ? v9fs_show_options+0x690/0x690 [ 1469.560203] ? trace_hardirqs_on+0x5b/0x180 [ 1469.561176] ? kasan_unpoison_shadow+0x33/0x50 [ 1469.562209] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1469.563358] v9fs_mount+0x79/0x8f0 [ 1469.564167] ? v9fs_write_inode+0x60/0x60 [ 1469.565106] legacy_get_tree+0x105/0x220 [ 1469.566034] vfs_get_tree+0x8e/0x300 [ 1469.566880] path_mount+0x1429/0x2120 [ 1469.567758] ? strncpy_from_user+0x9e/0x470 [ 1469.568735] ? finish_automount+0xa90/0xa90 [ 1469.569718] ? getname_flags.part.0+0x1dd/0x4f0 [ 1469.570778] ? _copy_from_user+0xfb/0x1b0 [ 1469.571747] __x64_sys_mount+0x282/0x300 [ 1469.572661] ? copy_mnt_ns+0xa00/0xa00 [ 1469.573562] do_syscall_64+0x33/0x40 [ 1469.574404] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1469.575570] RIP: 0033:0x7fe2d9a8eb19 [ 1469.576414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.580575] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1469.582294] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1469.583915] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 23:56:09 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0xa2c0792771366ceb}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_DYING(r4, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000002c40)={0x14, 0x6, 0x1, 0x401}, 0x14}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000014c0)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r4, 0x0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)=""/128, 0x80}, {&(0x7f00000003c0)=""/195, 0xc3}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x3, &(0x7f0000000200)=""/60, 0x3c}, 0x0, 0x40002000, 0x0, {0x2}}, 0x3ff) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000001500)={0xfffff962, {{0xa, 0x4e21, 0xff, @dev={0xfe, 0x80, '\x00', 0x29}, 0x101}}, 0x0, 0x2, [{{0xa, 0x4e20, 0xd40a, @local, 0xb0a}}, {{0xa, 0x4e23, 0x8, @empty, 0x3}}]}, 0x190) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x1}, 0x1) sendmmsg$inet6(r0, &(0x7f0000004780)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000001400)=[@pktinfo={{0x24, 0x29, 0x32, {@loopback}}}], 0x28}}], 0x1, 0x0) [ 1469.585525] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1469.587361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1469.588981] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 [ 1469.599073] loop3: detected capacity change from 0 to 262144 [ 1469.625663] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1469.687958] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1483.615659] loop3: detected capacity change from 0 to 262144 [ 1483.621243] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:56:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xf401, @empty}, 0x1c) 23:56:23 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x4, 0x7f, 0x0, 0x80, 0x0, 0x2, 0x880, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80000001, 0x4, @perf_config_ext={0x7ff, 0x6}, 0x80, 0x6, 0x6, 0x6, 0x7f, 0x5, 0x4, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xa, r0, 0x1) r1 = gettid() r2 = socket$netlink(0x10, 0x3, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) r3 = fcntl$dupfd(r2, 0x0, r2) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="ff0100002100070000000200000005000080de000081001ed83920226e6a01ed2c77e63d3065f42b13caea6757d9459ea596c120e69287b10800000000000030f3e2a2ad55085f388287404370000000000000"], 0x1c}}, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r3) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r4 = getpgrp(0x0) pidfd_open(r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x1f, 0x2, 0x1, 0x7f, 0x0, 0xfffffffffffffffc, 0x82800, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x5, 0x4}, 0x2400, 0x9, 0xd8ba, 0x9, 0x100000001, 0x2, 0x1e, 0x0, 0x5, 0x0, 0x6}, r4, 0x6, r5, 0x9) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x3, 0x3f, 0x3, 0x5, 0x0, 0x7, 0x10, 0xd, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x4, 0x2, @perf_bp={&(0x7f0000000240)}, 0x0, 0x3, 0x8, 0x7, 0x13, 0x100, 0x47, 0x0, 0x3ff, 0x0, 0x10000}, r1, 0x6, 0xffffffffffffffff, 0x8) write$binfmt_elf64(r6, &(0x7f0000000100)=ANY=[], 0xfdef) openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x1a1c01, 0x0) setsockopt$inet_group_source_req(r6, 0x0, 0x2f, &(0x7f00000003c0)={0x80, {{0x2, 0x4e21, @private=0xa010102}}, {{0x2, 0x0, @loopback}}}, 0x108) creat(&(0x7f0000000100)='./file0/file0\x00', 0xc0) 23:56:23 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 23) 23:56:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 33) 23:56:23 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x3, 0x103) 23:56:23 executing program 5: r0 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000300)) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x40020, 0x0, 0x0, 0x2, 0x0, 0xfffffffd, 0x21df}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="5289292ec5fc200887150192f9a89f8ff3bcd3661faf9bb9127ac16c12945a2065eff5eb38ec9e9856018a8012d34dca98007b44c0443e147e2ed75269af267330a7262bfc0d5b46a8fc8ea12aa9fe137d4b4ecaa77617a5c491031a114001f38bba9f6119109f8635b93d4fbc01a3621cceaeea1df016d434dc9428f52d234f31914049aad3e2d9afe7cff29f8023ed79d7cdeeae68ea0e1800"/166, @ANYRES32, @ANYRES32]) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0) preadv(r0, &(0x7f0000000500)=[{&(0x7f0000000340)=""/175, 0xaf}, {&(0x7f00000005c0)=""/163, 0xa3}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/250, 0xfa}, {&(0x7f0000001780)=""/130, 0x82}, {&(0x7f0000001840)=""/246, 0xf6}, {&(0x7f0000000400)=""/78, 0x4e}, {&(0x7f0000000000)=""/43, 0x2b}], 0x8, 0xffffffff, 0x8) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000100)={0x3000000a}) recvmsg$unix(r1, &(0x7f0000001ac0)={&(0x7f0000001940), 0x6e, &(0x7f0000000200), 0x0, &(0x7f00000019c0)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x4, 0x80, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, r3, 0xffffffffffffffff, r5, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) dup(r6) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfb9b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETQUEUE(r7, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0) 23:56:23 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000068", 0x32, 0x540}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e1f4655fe2f4655fe2f4655f000000000000040080", 0xffffffffffffff1d, 0x4400}], 0x88000, &(0x7f0000014a00)) 23:56:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x4, 0x16058, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x42261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x0) mmap(&(0x7f00002fd000/0x2000)=nil, 0x2000, 0x1000008, 0x13, 0xffffffffffffffff, 0x32832000) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x1, 0x4, [{0x4, 0x1, 0xfffffffffffffffa, '\x00', 0xa00}, {0x10001, 0x16e, 0x9}, {0x40, 0x9, 0x7fffffff, '\x00', 0x3000}, {0xf2db, 0xc1c, 0x0, '\x00', 0x1008}]}) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x200, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000003, 0x1f012, r3, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {0x0, r7}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {r5}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000054c40)={0x0, 0x0, "fed130c416c69098668ee6dfc05a40970ae193c900bfa693f5ab103443c00a59647fe2d03b0c774b3976bff4095541f17d07a719aeeefe90c8164dfdee1d6217284f827070cc76bd6b397065dad13278197e38e5e3846e1899f6068412919806743197ca913ad10ea52acf8173a5752bb1a7ef929a0b1a7852490a73a1d9d685621175ff78ee55cffcf6e0e7cee341fcf0d88f23d5767c4fee975952283c0dcaf198c765e7c6ebe26f3894216d908962c480ba3e8d18644d4344ea9d2d64cb06007a49b55846df2d3175f9c57f7f770248514ad7db13154bbeb9c5da2708c952b644c77f74e26d8a6e1a666f95405ed63c6907b0f28b306be6071fcd24216241", "9fa7889c7f5185b88ad93fa23d6948333da0c8cb2a4027b996d6cb80a890975512bab0fd2dff69facca310d914ce60e2f05af5b930d7ed4995dd2de586625fc4503dc660091f0308b8d4897306d1a8c60583f839c3cdb808fa908e295391e0c0c99bf70fdb9be99f2c20b7ca1dba5012e852ecef27aff6ae6dbc9610a14bea1a98ff73bd1f257b173833c5ee65393f0bdf710e2abe7fca32a2d46b2ffc3aafbaa087d6b1eadc8e8f26ec0d2c2ecf0156b93d05ae7a39d9b78f7456c2674e064928a3b9796cebdbf5ee186b2a6e1deafb107db8c4035c71ee94e446cf81aaaea74af907a040318617cdcec09ba5066c18873dca473236bd62b5d95ef29996f39818a7e964c5175cd407c34e336c2a37e32ae1d87e053441019b25e6fee0953081f4b68caf56700f9939d5cde937b581c1d34f2a3ab392db045f95bc9f92e19db12871d5cfe04bcbfef3e0325dab1661c031d21bde201c87e5a55bcabe72d7016cdccc14919f51b498c954d126333524aac188418b0487ac1de2ed2a102e9c9c214ef4ca38299e6feab7c3fd878ea8f303c987fd0485357278065695dc17b4bcb07bace7cc96f8f0300d7406e4497b72959d25f5ef4ae1e313a2b88514a16067cce7f40f1354a5095a2b35ea82730f3d99e333bd31ccb5f64e96c8eff08d8092e974fed388c1f93d59bd782642bf5a3ad17dc176568fd88ad9400adb8b8c3ecdd1ff4e28acb76acbdfd04663c1b71a513125300c37a80901f9026b8e5533e674ed3c70c006b07a2e06801b9ce84631df075c07cbd76e1036e9c1419f1fa07b7d0135b6bcb5a8cdf94b9aa0f393dbfce94ea3b3a241b6e76b992214427321533c0067b96f9a2fa6d412bfe4fd0727ba0b3f0da4983ed1c60b4a6e94d579b6cb8b366571856f8b6e8278c1f2c63fdf8e7e8c7b44aefb0f16e704c7e5a984eaed6d44408fe70723893e2a4c8fc99caec07ac13374e5ab994f00eac19b9d5a75293b3c319534d18b348010335982a2cef1734f1fd4e336c34b537717c2468bce5d29d69857f0dc5647cd2e815cb6542acd8b725b832892088c2ce02d29a7237d6f14da58547360321e68b1c54d370a5a8e94860e05fda3e691225a532708cb0fbe6379d4deaa782383fef0126d96fc721ee2846bf435c3622269c3ebc7ea1e93f5d9290163a80c09f42704b781dd45250c93043efffdefec6630af24f8928d29cf9501f58d17685812bc725c7148af9e583766e2403874cf71a76f37a5e2dd9c573bfff59953eeafe060451f3b7e0c2f388c5f8590ac39026673e10e7e9159207d40a6fe50138f47db15dbe4fa42559a4cae9e165b6d0823ab6ee386164e3b73af2d578d470585fd4ee7c93f92c1d1909ad4fdc473203958375162fd5e6ab13e6b12c244e90c0cd432350a3b154ad434c161f25e965b7611c9c0d3851739ce09e67d071e424fbf8af8bd3954340df19ef005b2004e44be4116320a694a61d86ac25a7c7b1e185148f0eb4d8f3da97bda4c5747ac910f762d1ad295b8015e237d050856823e7df7bda07b273b1209a978cdc657eb77b937e494cd670e930d6a83f2de935367abb559b74500f688ba4aa77b01ba3101c5bf715a0bbedeebc67c96134673d7a246e9effd78288ad38d290f7c5e9706c071c2fee5c92287bf5b1e88ac3ac11542455406fcb10d8102116d560acbe45aa191ca76b27438f0276e63a9d64d155786f69daef7bd2dc8831e75f57fef3afb2585d64c0898565d140c789c1bd1396e4ae2aba8dbb01355c39d4a40bdf88d06f2e41b23bc36fdefe59934c2a105a182469d7fff50f40c634eb3e78e84a8b07b04ede90e8ae37ed5f28f831ada2c3647351fcff2c1266664eced30c9dd1179505f54db9d9b67030fd5c977d90422f09e9d6e66bdfb4854f26f5688f1087763daabd08584ea80a950e33587198da71fab5ed7ec564d4693b5469d67f81879ec98500a91467c119827fe53c9080af4d698dc79e943704a1e2c74e8399a7897b1680d65a90b59c063ef75f1201ee9a660fbafcd7bb626e981a36404802b1cb178c0133231bb37abd606148f3b3deb0bc1727109eadc3325d1a938d60cbce03d2f5590fac50e5667f4d2ab61bbcd317ee4d44f1435b6ac4db892dc213cb1287a57ca1b83e5121bbdbe91e61cbec78063f6de19812cf638971bf7323a348070401cfdef4ec02a6d337a23b18a2797bbdb36f88089ea37f654231197c41f1eefd7f1a9676e7806442323c4cf9d2b9bdc9f55635c6b290ed2a6a3185aaafe393af68186fa147f2f7ecece6b2b3d606f6e0f96a5296b5b7e4123d5de5ed4d4771e3fa76eef1c19038857b0de161e07295394f40bb1a2528132c9a1d6d17a2e156051a168a852a7031505021f8a98653fa2cf1af0e50523498680fc76f91f6aede54091d7b4e6b20f848ef814b0ce877309af05e06cc88be90037a15ec05f36b63ea53dc237317b44e8f203bc70b46d1f035315d19c79eac2867ef2c860d471372cc885a54511131a80ced477edfba9e9ebea909910708ae2c3293fc0a35473c89365bd986fe3f8de6b7087426595e30acd8597a2f38cfdb8e79bfcfe422780a687f6d75c7e57d5f3d04db2381e0f613aef29463b8c131654b75779e76119dde89469a64847788fe545cf9688b28e6c9f3edc79c7237913d0248b321d1f13cbe4171f8b9a931379e562c0f9c86de1efaea35487dd8ebf0fda29eebc9ccb47e7e53bcde5535f8d3feee935d9779f4953323851f03fd60e10a24c69f7717612896eb705a9c6c16a890dc930d1dfab8038f89505ebefafa13cff5518433eb118c6a0ecf64855eafe0f08fb995fa0b28a6840aa143e193c2074eb8f061e78a5aa4fe6b7b4bc233745844383ea6e67ba80f35add8cc43572c0c839040172387c6e26c69b64aba3cb422bc18d9a30534fde925ed354d72fa15ac02c043d1abf197252c348fddb289db99b5320dc6ea760fef4b1256bca2770b30e824088df8e595bc18ab546f361bf7225321176e9600420e05e4c8a48bfca746fc77d60c7c8c2e60fdcdf5bd96816e4a381049fafe4a746ab87c04d170b237d4b703a85d2908c8dffde8694feef4b07c554fe4db28b3af6e3c385913042bf899b12958d4e33219d828e29bad7ea53563e8e711ad523afd782f87d4dabd3311ce8cb319f0e2fb47ff856383d73db0cc8a4c55705f65a5cb9421a34e101f9f83d8041d29c70311ae0a0c8924c7ce76ce32389f19226a8100ae9f1b5d1a5a1285b8e0bc480606786256ed99a6f63791b24d04dc8fc15230704e12f76a044176c572b2cf92ff8f0b28695d00411170f601d9ea91e08fa8b74869255175ecf77a1877c22d212a5ce7bd136207aab100f3984ce8e511500cd890344ac7445e003d14a54e95b50368cb477e874c30923b8a3c352da3805a32c5ea6f1dd6277fdcdf5139d8b1d009df10b27ec327d97a99563f9701bbdecbef1a0eec8ef08ccd08b02625b7dab773514a517df772d2bda78ba4e6fe0e12b1500c28e3dc16aa281fb646726631aa437f4377bbc991708e73ee7aa024a8c2a677c11a32e9babbf1a019a1ca2ceb313a2c1a2449e7ee71a356187382c6a77ab140f7a6e13d919838b53f57d866ff3e9049dbb9a78a0f75f98660cb168583b95600ce8be1d03de865f121a582325650c3bc73ccea4ce26bef62e167b5f26c659d0ab7b1ac740e5422a5330d5082eaf3c809f35c36c490ad38106bd26cb000c40795f4e6f2c14ac3ee082d001bed28fc44e7c3bb0c9df1020e9ac45fd0ce2838ba4866b47d5bcc89b39c51264ef571752c4bd9eb16939da3da09a879166bd688ba7fef0ffd8129e47be1a49717cb1a49c7b174c61787e35fb2e90fd28946cf395d8393485752b0175eaa4ec2916ec41a9f4d8e6d16a1d1c440b97e007e92a02c988de3ae3027ce72f140abc321a3cd05ebaf40a1182b430aaae66086070a11c669fdcb88508230f185cf5ea224ac1f7c5df36adfcfc3c93f16edea9340cf78ac80db3743d92f6eea333c982f47d99f74ac4148be015564052626cdabf1e7a2b5c6798807ee8d9b027b8ee6c96bc32c3368beb8c1be3598c62299737545ffac0d5e591aa1fb5221baf74a9614c318f806da70085bd48c7830fb7fca7a04f86cfa5e755801ddf3f7f54385603712905127c7c570d0018d9cde0aa99e2b10d0e5f11de394430068197a9b5412103b338d00d5922d0261f53beae57f89e17ffcec6a46a051b900dedc415ff00da5111f0bc2a228db01dfa3935252d8e683f044ff1e5d5537ed7aecd95191200aa7e93062a9fbb93062716801491c578042d4ed7298e4f5ae2d2008a810135b1c864dd1c19517b44f398fc364ee99016445a032cec0cc5a2c4ebbe67de14edd246cf97269bc1bc442e30d7aaffd5e11a73843f09c35fc7d5b8b97cc1155a54fd887d8ed18ecd1d09dc1efcd0f3e5883f26980034ded74605599ff4fddc17b51f14bdc352e3c473a12c22c0ac82b315805bcaa46d25e07990bfa3c0264ee222d155cac6b5930b6c242424ec05fe76834ed16398ef5fe227f772d440fd1cf834da6febdfbc4ae0b113fdb07a115419b07267ed03c0794a6da892fc3bcb919e3028f95dea8f921520a5b5e56f1e0eadc245fee633947c61b18dd486d9c3d46eea40f258961ca2b6a27404e811890a35b39991113cfb92d19eab92de3ab4c8d3ab0fe980def274a4a69cbb5b503686af9132d95dd0d1b1f18ab0ca69c3feac398e7d405a4745d5e1e5ac742f08daabe9accdda2ffa99ef24a0f72831adbeda14e09e4d8ec110677d53d1e73a6eac6bc3c15d5ef91faa382da9d68ee5420ce84fda73627159f7f9bd0ef30256dc87ef4bf65f5421b54e1bf077e7debe19ae4fb57c9875d8639cb8e9f40570d5f90178b04efc917345f211faa3eda20cfd9c2db764efe58e965b26eacdb412552dcd60468f6b2ecee59f9230715b32b2d395c0c9c212bf997c832d214af265dac4bedb489bd7c949e3ba357a6aa1c39525ef734603c6b627ec4510f8b8be8eec60a6a37f08ccf10066f62d80f0e6a50b6aa932c077d59c454a0c09ecf46ed2b131f8621fcb4a27e94ea597dea9c12cc948144c85b06b84ea4e8dfbd47e3bcdc4a3f923dac8f7bd44a9382aaa34638423fc9ef3beea574b6d362439aab7a61f3eb1c14f9f8ce4cb9c66ea9eb7d835a4e7c5efada17489c13b1538fcb3719d6e8a1b91f679651ecd669d4604be60d2dec0bebb9cdc1d3d2eec47510fd735a618b669198331d0f01db5e226fb80bfacbeec960e5cccaed77a1f45d3bf2f03800b9fddf081b6f68b88e6c274336cf0275406530ae41665a429f220c86305d19d7ef35f5549d64a1edc6306a164a6b10995260112a1fd1af0a290fe76c6a29e8ec5af9b2365f695"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {0x0, r13}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {r11}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000055c40)={0x6, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r9}, {0x0, r12}], 0x2, "bc3da29f11634b"}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x7ff) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r0, 0x0) [ 1483.645656] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1483.656122] FAULT_INJECTION: forcing a failure. [ 1483.656122] name failslab, interval 1, probability 0, space 0, times 0 [ 1483.657553] CPU: 0 PID: 10001 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1483.658387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1483.659408] Call Trace: [ 1483.659730] dump_stack+0x107/0x167 [ 1483.660169] should_fail.cold+0x5/0xa [ 1483.660631] ? create_object.isra.0+0x3a/0xa20 [ 1483.661189] should_failslab+0x5/0x20 [ 1483.661649] kmem_cache_alloc+0x5b/0x310 [ 1483.662146] ? lock_downgrade+0x6d0/0x6d0 [ 1483.662654] create_object.isra.0+0x3a/0xa20 [ 1483.663182] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1483.663822] __kmalloc_track_caller+0x177/0x370 [ 1483.664391] ? p9_client_create+0x41d/0x1230 [ 1483.664930] kstrdup+0x36/0x70 [ 1483.665321] p9_client_create+0x41d/0x1230 [ 1483.665836] ? lock_downgrade+0x6d0/0x6d0 [ 1483.666341] ? p9_client_flush+0x430/0x430 [ 1483.666857] ? trace_hardirqs_on+0x5b/0x180 [ 1483.667403] ? lockdep_init_map_type+0x2c7/0x780 [ 1483.667981] ? __raw_spin_lock_init+0x36/0x110 [ 1483.668546] v9fs_session_init+0x1dd/0x1680 [ 1483.669064] ? lock_release+0x680/0x680 [ 1483.669547] ? kmem_cache_alloc_trace+0x151/0x320 [ 1483.669942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1483.670123] ? v9fs_show_options+0x690/0x690 [ 1483.670141] ? trace_hardirqs_on+0x5b/0x180 [ 1483.671993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1483.672483] ? kasan_unpoison_shadow+0x33/0x50 [ 1483.674879] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1483.675511] v9fs_mount+0x79/0x8f0 [ 1483.675943] ? v9fs_write_inode+0x60/0x60 [ 1483.676446] legacy_get_tree+0x105/0x220 [ 1483.676945] vfs_get_tree+0x8e/0x300 [ 1483.677407] path_mount+0x1429/0x2120 [ 1483.677780] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1483.677885] ? strncpy_from_user+0x9e/0x470 [ 1483.680063] ? finish_automount+0xa90/0xa90 [ 1483.680590] ? getname_flags.part.0+0x1dd/0x4f0 [ 1483.681159] ? _copy_from_user+0xfb/0x1b0 [ 1483.681663] __x64_sys_mount+0x282/0x300 [ 1483.682150] ? copy_mnt_ns+0xa00/0xa00 [ 1483.682633] do_syscall_64+0x33/0x40 [ 1483.683086] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1483.683720] RIP: 0033:0x7f535d26eb19 [ 1483.684172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1483.686404] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1483.687348] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1483.688216] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1483.689096] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1483.689958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1483.690815] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1483.694401] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1483.696887] FAULT_INJECTION: forcing a failure. [ 1483.696887] name failslab, interval 1, probability 0, space 0, times 0 [ 1483.698295] CPU: 0 PID: 10006 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1483.699129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1483.700141] Call Trace: [ 1483.700463] dump_stack+0x107/0x167 [ 1483.700906] should_fail.cold+0x5/0xa [ 1483.701374] ? create_object.isra.0+0x3a/0xa20 [ 1483.701935] should_failslab+0x5/0x20 [ 1483.701979] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 [ 1483.702393] kmem_cache_alloc+0x5b/0x310 [ 1483.702409] ? p9_fd_show_options+0x1c0/0x1c0 [ 1483.706199] create_object.isra.0+0x3a/0xa20 [ 1483.706731] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1483.707342] kmem_cache_alloc_trace+0x151/0x320 [ 1483.707909] p9_fd_create+0x161/0x4a0 [ 1483.708373] ? p9_conn_create+0x510/0x510 [ 1483.708880] ? p9_client_create+0x798/0x1230 [ 1483.709392] ? kfree+0xd7/0x340 [ 1483.709792] ? do_raw_spin_unlock+0x4f/0x220 [ 1483.710330] p9_client_create+0x7ff/0x1230 [ 1483.710855] ? p9_client_flush+0x430/0x430 [ 1483.711384] ? trace_hardirqs_on+0x5b/0x180 [ 1483.711889] ? lockdep_init_map_type+0x2c7/0x780 [ 1483.712461] ? __raw_spin_lock_init+0x36/0x110 [ 1483.712998] v9fs_session_init+0x1dd/0x1680 [ 1483.713522] ? lock_release+0x680/0x680 [ 1483.713990] ? kmem_cache_alloc_trace+0x151/0x320 [ 1483.714570] ? v9fs_show_options+0x690/0x690 [ 1483.715088] ? trace_hardirqs_on+0x5b/0x180 [ 1483.715642] ? kasan_unpoison_shadow+0x33/0x50 [ 1483.716194] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1483.716785] v9fs_mount+0x79/0x8f0 [ 1483.717216] ? v9fs_write_inode+0x60/0x60 [ 1483.717729] legacy_get_tree+0x105/0x220 [ 1483.718232] vfs_get_tree+0x8e/0x300 [ 1483.718682] path_mount+0x1429/0x2120 [ 1483.719147] ? strncpy_from_user+0x9e/0x470 [ 1483.719692] ? finish_automount+0xa90/0xa90 [ 1483.720214] ? getname_flags.part.0+0x1dd/0x4f0 [ 1483.720780] ? _copy_from_user+0xfb/0x1b0 [ 1483.721288] __x64_sys_mount+0x282/0x300 [ 1483.721778] ? copy_mnt_ns+0xa00/0xa00 [ 1483.722260] do_syscall_64+0x33/0x40 [ 1483.722714] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1483.723318] RIP: 0033:0x7fe2d9a8eb19 [ 1483.723778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1483.725899] RSP: 002b:00007fe2d7004188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1483.726829] RAX: ffffffffffffffda RBX: 00007fe2d9ba1f60 RCX: 00007fe2d9a8eb19 [ 1483.727705] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1483.728570] RBP: 00007fe2d70041d0 R08: 0000000020000100 R09: 0000000000000000 [ 1483.729429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1483.730289] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:56:23 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x4, 0x103) [ 1483.745881] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1483.785255] loop3: detected capacity change from 0 to 262144 [ 1483.805165] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:56:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfc00, @empty}, 0x1c) [ 1483.840226] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1483.852381] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:56:23 executing program 6: socket$nl_generic(0x10, 0x3, 0x10) r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(r1, 0x4, 0xc00) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="10ed00000200010000800025adfda23998308317c1e4044fa85390e24c354b3f008d582ccee6bf4d2aff9e6d4df87f96a42e0d3bbe4567bfc8729d0a9591691c2826721d699afd91c8b36a010000000000c44773f1e8cb8611ccd89f4a83e8821cb6f85bf3d7aba2008000006785e33d1ea718ee75e59be88ed629255114a87d3756a7906b13c88e9ffc3d7c0de8000000000000000000000000000000000000000000005ca07301ee9fcf4b134731083bf20b686166556922d7d175dbdac0584458733570c414cb0cd13c238e1f6599c9dd33639dc8e6bcb1458d53837cd31fd934fe22bc808c3b4e68fbfabbc7ab4a4cba1dab20715627ef9d487dc43830b633d076bbc276b80e05361d5070c950f1c099cbd4c0b65fec3091df28de1653c17be2a54b0800000039c00cf106dd115041596d86811278e463662ff975b7859ab13b3ef782607df453dd6e469bfaa586196799f3a5ece01ce583083f9be0d6106c9445a48a984f77873ac873b3e6edbde60c4ac2da9b22e0c5b5efd28859791d3c9533f8ad7c7950a37b66cf7cb95d0909ee1340189199b1fe4fca5a431a67ce3bda662475dc7bd4c05b82598676"], 0x8e880) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00'}) socket$packet(0x11, 0x2, 0x300) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x10, r5, 0x1, 0x8, 0x6, @multicast}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00'}) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f00000000c0)={0xaa5, 0x9, 0x9, 0xfffffffd, 0x11b2}) 23:56:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) (fail_nth: 34) 23:56:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfe80, @empty}, 0x1c) 23:56:23 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x5, 0x103) [ 1484.039122] FAULT_INJECTION: forcing a failure. [ 1484.039122] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1484.040641] CPU: 0 PID: 10027 Comm: syz-executor.4 Not tainted 5.10.235 #1 [ 1484.041437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1484.042392] Call Trace: [ 1484.042716] dump_stack+0x107/0x167 [ 1484.043159] should_fail.cold+0x5/0xa [ 1484.043655] _copy_to_user+0x2e/0x180 [ 1484.044124] simple_read_from_buffer+0xcc/0x160 [ 1484.044704] proc_fail_nth_read+0x198/0x230 [ 1484.045234] ? proc_sessionid_read+0x230/0x230 [ 1484.045788] ? security_file_permission+0xb1/0xe0 [ 1484.046359] ? proc_sessionid_read+0x230/0x230 [ 1484.046924] vfs_read+0x228/0x620 [ 1484.047376] ksys_read+0x12d/0x260 [ 1484.047817] ? vfs_write+0xb10/0xb10 [ 1484.048276] do_syscall_64+0x33/0x40 [ 1484.048716] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1484.049337] RIP: 0033:0x7fe2d9a4169c [ 1484.049777] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1484.052036] RSP: 002b:00007fe2d7004170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1484.052960] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fe2d9a4169c [ 1484.053787] RDX: 000000000000000f RSI: 00007fe2d70041e0 RDI: 0000000000000005 [ 1484.054609] RBP: 00007fe2d70041d0 R08: 0000000000000000 R09: 0000000000000000 [ 1484.055451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1484.056272] R13: 00007fffce9bfe5f R14: 00007fe2d7004300 R15: 0000000000022000 23:56:23 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) setfsgid(0xee01) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xb052) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', 0x7, 0x8, &(0x7f0000000b40)=[{&(0x7f0000000500)="1dfc2de7a8ae7a6555941dcc886675ed4cdc3c45cc6f0dec3e5de2e8f88d878a7e15f61a83a305e55ee5bb7bf22afb0a7c50569ec131ce53286e1502d41cbaa15f3bf03e2e83d8105541675934e7db9389bf1a874f8befe1ab6189ead19f6b3fe14e14f20b5181ef70cdddbe07d1d7b6bf975682b41d0fe646fe899c87b5259093fdfba66f4f4b61e2e2c221e872de6e7e23326524ae251c9563d57042d1de1a97b60b4067ca81de49915d5cf40a9184152c4130de3754ab52b0c3dc0c77c6afc7f3eaad22304f3b7a6819ec8ebda06e7e", 0xd1, 0x101}, {&(0x7f0000000600)="becd778da9226af08d21ee113b6b7398f8fe06c64f48547b22f7ee6056eb319db5445200f8ec61d7c44ad1c9abdfb7f43eb851db6d588ac84c5135749c4a5366c4b5acff07af3dd87e37a121dbe1fcfddf2b40a1dbd67b3b23c331d979da1b70158f068c7da3f722ecbec194399c7e9565d15cba6a5bba6f7f6ccbebb63281b2c5ee424abb3e0e3518c8d2774533f549d3c5b4e59a3618629ccc414ee5", 0x9d, 0x1ff}, {&(0x7f00000006c0)="6242ee9f11c4ee8e60e6217377ce475696733799044bd2f7ceac141a5339c5d99094302c2d75d976958655059d2b032bcb5678003c73f798834d84f69b56f3583ed3a8f10f9923e597db0e74d2614995602aa4418554101673196213f439a07390fffdfbbebc70d2b6ae3ab236c7f80b997f9485d241c93c4295877d6980b75bf36348fbd818d25182ec67f14c3a6d6ac43506a499ba8e570457552145707fb07bdf2fc192678eaccdfd6fb2c30513c819ba7fd101301060e5f0e389", 0xbc, 0x20}, {&(0x7f0000000780)="1e5a83f74f52a201f05b9dee4489c164a3dde8c8be7ce726218c8858e756281b45510cc69e7f4d54b838071b4b7ae537e0638491d732cc533b6f184c0e7d206f473444490343cc11da5a400cb9e0b0d1df1817fc76e8f68f3270a69187b2651cdc5b2838350649022fcd4f", 0x6b, 0xfffffffffffffff9}, {&(0x7f0000000800)="d71e7027a5086ae47ae0488452bd636866610b8bc8720db2f095555d0f1f8069e42178962af8f1dc925bd11490d0b5f3f8363b4a85d3a71f96c36421a9e4d805368b1e7c8315e190c1a4bffb4f542013cda0f17c88fa05cc87349427322dc4240245c9736813ea345eafe228d4e9f609c01d44e4dee6defe88572ac4a3fb032f4a8ccae7", 0x84, 0x7}, {&(0x7f00000008c0)="6de23c9b83f8ddeeea50e353517f4b312c38c1098b20ad93a4a2fadcbc75b38f5a8b0f8394dc0676cdc2937a1651a4398b9cb78fa5728b542c4d5c6776e099831b0613c260817103726d2e11eb5470d2aef9e8224fb55f924a598e7e5262f977a2440b7b97ac624745b0fa8d2b1511f37d51d30fdddbfe234894bd6ddc84b174eff7fd504bceabe4240c3f3f824716ac8ad33721ab303f47eadc8b2f6ff5de346622fdade0500594f065714e8850c9f4d55f63c7839f0d518f844aad38b4c6ef9197835a6e8b8b90bca78740ade63aa5fb6e47eca36052978dd27b53", 0xdc, 0xf9}, {&(0x7f00000009c0)="ff11ba9bd4b2a94a5f02f0687de4ff6a222330381d7f596ffd8652e88014cebadd843e01af3878c0fd4d2caeaeac78de19805b586a073e47b5c7460a440a138c78879ee0df1064a1f17b572815196787eb3228bc3d4144f6f68066", 0x5b, 0x6}, {&(0x7f0000000a40)="3e1731602481305f6b844c1773a85064fa977d6a32392592483ecc546c199e0702943ab42c6c96ebbbdb4621f3445528496e663c83e6136c390fc3a3dfd67b5b4c7801cdc58927ff97abcf5a81e1230077375f7c588c91c4371bd1077c6aae740c58c537cb3c28d68f06453a14aa5638fb2322d618e00f032f11b2bb8c00b8a55653be529a46e4d146a7aded08328cfcb335c5116cbb8d2fbef7b9d1af52056cde5f00df2e43d9f58d35c241bff67c78a8e493c68e3ca63016813832d7f8a05e6db60cc59ef03261a8fbcd59190445fc01c21690c93965bd487b03cebf467e0bfce3", 0xe2, 0x200}], 0x44010, &(0x7f0000000c00)={[{@rodir}, {@uni_xlateno}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, 'cgroup2\x00'}}, {@obj_role={'obj_role', 0x3d, '-:'}}]}) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000003c0)={0x0, 0x4, 0x0, 0x0, 0xfffffffc}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x8, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x10000) syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r5}}, 0x101) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(r0, &(0x7f0000000140)='./file0\x00', 0x242, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) [ 1484.090309] loop3: detected capacity change from 0 to 262144 23:56:23 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) r2 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x0, 0x0, 0x241808, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x199001, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xfffffffffffffe9a, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x34}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) mkdirat(r2, &(0x7f00000001c0)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={0x0}}, 0x0) [ 1484.106658] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:56:23 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 24) [ 1484.123142] loop5: detected capacity change from 0 to 8388096 [ 1484.126202] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:56:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfec0, @empty}, 0x1c) [ 1484.139682] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 [ 1484.173838] FAULT_INJECTION: forcing a failure. [ 1484.173838] name failslab, interval 1, probability 0, space 0, times 0 [ 1484.175257] CPU: 0 PID: 10042 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1484.176077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1484.177030] Call Trace: [ 1484.177339] dump_stack+0x107/0x167 23:56:23 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x6, 0x103) [ 1484.177768] should_fail.cold+0x5/0xa [ 1484.178338] should_failslab+0x5/0x20 [ 1484.178783] __kmalloc_track_caller+0x79/0x370 [ 1484.179327] ? p9_client_create+0x51e/0x1230 [ 1484.179859] kmemdup_nul+0x2d/0xa0 [ 1484.180293] p9_client_create+0x51e/0x1230 [ 1484.180788] ? p9_client_flush+0x430/0x430 [ 1484.181305] ? trace_hardirqs_on+0x5b/0x180 [ 1484.181805] ? lockdep_init_map_type+0x2c7/0x780 [ 1484.182353] ? __raw_spin_lock_init+0x36/0x110 [ 1484.182881] v9fs_session_init+0x1dd/0x1680 [ 1484.183429] ? lock_release+0x680/0x680 [ 1484.183914] ? kmem_cache_alloc_trace+0x151/0x320 [ 1484.184499] ? v9fs_show_options+0x690/0x690 [ 1484.185036] ? trace_hardirqs_on+0x5b/0x180 [ 1484.185558] ? kasan_unpoison_shadow+0x33/0x50 [ 1484.186107] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1484.186732] v9fs_mount+0x79/0x8f0 [ 1484.187161] ? v9fs_write_inode+0x60/0x60 [ 1484.187685] legacy_get_tree+0x105/0x220 [ 1484.188179] vfs_get_tree+0x8e/0x300 [ 1484.188612] path_mount+0x1429/0x2120 [ 1484.189058] ? strncpy_from_user+0x9e/0x470 [ 1484.189579] ? finish_automount+0xa90/0xa90 [ 1484.190099] ? getname_flags.part.0+0x1dd/0x4f0 [ 1484.190658] ? _copy_from_user+0xfb/0x1b0 [ 1484.191165] __x64_sys_mount+0x282/0x300 [ 1484.191683] ? copy_mnt_ns+0xa00/0xa00 [ 1484.192161] do_syscall_64+0x33/0x40 [ 1484.192611] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1484.193228] RIP: 0033:0x7f535d26eb19 [ 1484.193659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1484.195790] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1484.196667] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1484.197496] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1484.198314] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1484.199134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1484.199975] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1484.211044] cgroup2: Unknown parameter 'Â`qrm.ëTpÒ®ùè"Oµ_’JYŽ~Rbùw¢D {—¬bGE°ú+ó}QÓÝÛþ#H”½mÜ„±tï÷ýPKΫä$ ??‚G¬ŠÓ7!«0?GêÜ‹/oõÞ4f"ý­àP”ðeqNˆPÉôÕ_cǃŸQ„J­8´Æï‘—ƒZn‹‹¼§‡@­æ:¥ûnGì£`R—Ò{S' 23:56:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1484.241135] loop5: detected capacity change from 0 to 8388096 [ 1484.280915] loop3: detected capacity change from 0 to 262144 23:56:24 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = openat(r0, &(0x7f0000000200)='./file1\x00', 0x206000, 0x18) chdir(&(0x7f0000000040)='./file0\x00') r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) write$P9_RREADLINK(r2, &(0x7f0000000100)=ANY=[], 0x10) r4 = creat(&(0x7f00000001c0)='./file1\x00', 0x62) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_DEV_REPLACE(r1, 0xca289435, &(0x7f0000000300)={0x2, 0x80, @status={[0x7, 0x4, 0x77, 0xfffffffffffffff8, 0x9, 0x7fff]}, [0x7c, 0x9, 0x1, 0x3, 0xff, 0x8, 0x1, 0x9, 0x5, 0x7, 0x7fff, 0xed13, 0x6, 0x20, 0x40, 0x2, 0x9, 0x0, 0x0, 0x0, 0x6fa, 0x8000000000000000, 0x1, 0x4, 0x0, 0xff00000000000000, 0x5dcf93a, 0x6, 0x7fff, 0x9, 0x19, 0x1, 0xffffffffffffffef, 0x1000, 0x0, 0x8, 0xc46, 0x9, 0x0, 0x0, 0xffffffffffffffe0, 0x2, 0x7, 0x7fff, 0xf32, 0x8, 0x3, 0x8, 0xfff, 0x7fffffff, 0x0, 0x2, 0x8, 0x1, 0x2, 0x10000, 0x10000, 0x1000, 0x7f6d, 0x6, 0x681f, 0xfffffffffffff001, 0x2, 0x5]}) openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) openat(r6, &(0x7f0000000240)='./file1/file0\x00', 0x1a801, 0x70) sendfile(r2, r3, 0x0, 0x100000001) [ 1484.288437] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:56:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xff00, @empty}, 0x1c) 23:56:24 executing program 5: sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x8000) r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f0000000180)={&(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1000}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="2400000000000000290000003200000000000000000000000000ffffac141400", @ANYRES32=0x0, @ANYBLOB='\x00'], 0x28, 0xfffffdef}, 0x0) [ 1484.330711] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1484.349487] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:56:39 executing program 7: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "f31a0000434ef9bab774bdcab95c000d00", 0x0, 0x8}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r0 = socket$inet(0x2, 0xa, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) setns(r3, 0x2020000) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DVD_READ_STRUCT(r4, 0x5390, &(0x7f0000000440)=@manufact={0x4, 0x2, 0x800, "00bc95e1d7c7526002994560cca3cb55b66678e5eaea2741345629a1cec02f007569e0842af897601b10179ce9c733b49449827210b73d70a774f7e48cea1c35a571cf104a8db9faf6c7f7a86647a7a3a4a1740d6e9722cbf84f0d9ec33b9bab22d97351d38686158264793722ee3b2516645cf01a1a9ae08aa9192b0aa2d521be5340caa28d3e9aca95d6c911bf19b56b60b59d718961708152c187c5ec50437a3df5039deb78aa1ff0d0c1dce7ff26bb1fbbd65861e3bd8db8c3eabd654b68db5d517f3cad2b86c70d81f32e2a06e473b6ca25df162c2c9c07bc413dca11294ad0405edf9d6960235bf04a490a886388edae8fe3dc39031f5cf8d64613ce9bd37486c957324e5f11cb734692496a2ea9f4a345751bc9c2fe871e70c7b6611549350cde91af83ff7b1c57a2b3fa51cb7019e32b4a56fc4a3f0f78c41e923aed5cb89ab79fb2b1d7d2264638ec688486438cb5bfcda5bd3336c0eca5c4eb49ec0284e9b1356de8e47797300221dae6b2dc5998e5616720ffc947ec2810b3c85b606781abf15f61154565f58d2492cc6a2c56dffa9ba7ab98278ed6ee13653b779b893d8494c76cebde9bc51ed405e27e8daf3d6a9c0e3a09f155d92887781b7e1d1bdca9c0618f5ed7e0c97917b349b694a3d9005f9a672cd522aee5946b70b962128c7702b069399bf489ddb076c5ea02fe2b9030823c4247a6d22cd8c59b4290c56d47ccfa5167f94e9bf5e66bf4fb99c0585598f1113e111eb23cff6482c3060b77f79a77f71e9a6d8fdf8a7311ef5c2eaf7b102e638b3cd28644c29855f14b30e9c0631ead0c314870a30615de4c1bda467575f75edaf7569a77ba047b8443d96d8c862006bfcc7c21b848904100527b69d39c5caf1c3aa038fec350da5c1cbcdec3def9c83b0fe0e3d5f044685ca4e3da91622fcf098a3d4a827740c771dcfc67298754a2a1601e363c35ba09e0191097ac1cb793653beb39885a70b00457010111f12223bc6d6b8dfc16c29e31e27a0bf6c35b421907f10cd41cedd40709d56d7b8e9e3531c1acebc0a5ad21dc1a18affe006320ea8b5d7c4fca00ba4028f802c97ca82c5b321867ae14d8ec57614c9bc5a8b0b7df20bc38585a32d3cf58ea3f9402c478d84c9312e1660648f67ad131560dc6a4932657afcda99b9d5cbf9c8d8e19798f86e62c1dcf4e4bfcdedefac0cd9d9d21cc692a1eb6b7d5b1b2c1a1a49ea7c3566fa56a9d2cc025332479e61fe3a750e20446ebece96faaa58a355e59fb83205c2b389243ecf8141c4a75ffe7281adb43074b88a501682b32c5153f9b79441306a130d17536eafbc70bfe91bb34cf4488d8624cc4fa287fa60b6502c2cc1a049b0afc6bee5a6240238d5ef0e762791121ed045a939dafdf1dfe996325fd552570887ffc7f3066e857015ee8cf082339375cc0989afe26e125bd66579d44c56c4ffe86507b5155ac7f47ef66629ed7b6b11db00c40ef262f5609733ef55b27370e8fbfea36500ba3e9687232eb9f2f6af04dfbfa79a64cd7bfab080648330776ff4088b0345f436f869f5aea2dbd1155bcd62cb858f694ea8e8ca34c418dc7ee051a1a041f0521abd04a7319f73d8fb902688e58a69c9043e8392ff1ddb95a9f6f7c72d5ca765c809901b9e4da6929e6ab98fdbed606854e05677b5fc04b46c7e77550bb2cac1747774d9f5bb41071a2edfdf7ca48303b65800ae56b1d4254d504555484040c8a6a7ff987cfd65e29c921d6aa356ab1ab3c9c3f493cb3c55b414d31cde83084e2183bc2e173f5872c252ffbc5c97ff6712d5934fdc512575dc5db977bf7d5d0b92fc13fcdfd04bafb59d28aeac0d8d5c105b1d648f07753c1fb731f883d0957b1c56138847f34b9b669511580ccbe523de0abf33ee0ae793d659cb2fae7bb1e546eb3d9c4b805499627618b9d0400ff60fdafaf975cb3a9663eb1efef94676dce8042f0d93f11e93d7fcd25d7535c7a37f57b2835b2aefa0108924efba0390da2d939630b6047eb7fff3395d421a27412fadd589e4673f4e3b86d92c51b8d2451812ce4623b2c5de86894519f6e72e381c8fa39ef43f95bd4c812936794f709556e89f9f1044fc59237da4b40406d74b630f4b558e0ca5a7e85f45968ee2162c5c787123f3165cea19f4998ba73ea99af14de50017ced399b32c65fcc3b0069f2393958c5b8fae29ce59e3de43ff2fe4f603b264190ca1ebf9763cef6d81b3b16e59210c72f53f064e3e877791cdbb836cfc3fa9ca97c8adf27f1d012fffc243a95e10adb0de9d1b375c15d4b94e6e1ff7a2b1a3162fccab6e526e8db185555acdf449e15f9fb8b60185c61fc2f838e9c258ab52ece9a38214b0e8d100da3681e215eee5a2052de65f2568d49744786e56185416a53934f627f3fbb460880e5e399993743cc048549a08f9a4a1e11210fdf0ed031a3c8f44cee83af55bf74948f51126d53e6808915d630a0ec0e31884c3ea8b9eacfbda96501b44c200bb7caf55032ae99324af341291df2183ef4a6b0cb2f0272007dac9589149953e61f01e027627dacb58d5edc892fbe29146b3bce72431ec4e2fb4fb7a03af2c2e94c7d68cf59c2f618eff3e7e06d0e03608ac678b325dc4c7bf5af32b215b65fa9a1bed17292a56e9131a8af0e22b79a91f66e5294c9dfd0ee6546978e0d3d5420649f10c1b9f917351cf824887011a8b4ed165b5db68d8f8d4dbd87d337e49f05873553fe5d0e34638851a273618f59ce5fe148ca149cce089a8f4301a5507404939cf4993b4afa6f9d2a76c40adcbf4607e0e293483194f7756ac3fa8f7e2eb28be0a251d0e70f428d06731a135a02b239ab8a0a79472002e08291a7242c41251cd36185a1b31a32ba3da99897886dc37fc9c4d2a8d1"}) ioctl$TUNSETLINK(r4, 0x400454cd, 0x339) dup3(r0, 0xffffffffffffffff, 0x0) ioctl$SG_GET_COMMAND_Q(r4, 0x2270, &(0x7f0000000040)) ftruncate(0xffffffffffffffff, 0x5) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000080)={0x7, 'geneve0\x00', {0x3}, 0x6}) [ 1499.932444] FAULT_INJECTION: forcing a failure. [ 1499.932444] name failslab, interval 1, probability 0, space 0, times 0 [ 1499.933908] CPU: 1 PID: 10092 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1499.934763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1499.935787] Call Trace: [ 1499.936116] dump_stack+0x107/0x167 [ 1499.936568] should_fail.cold+0x5/0xa [ 1499.937036] ? create_object.isra.0+0x3a/0xa20 [ 1499.937603] should_failslab+0x5/0x20 [ 1499.938071] kmem_cache_alloc+0x5b/0x310 [ 1499.938574] create_object.isra.0+0x3a/0xa20 [ 1499.939113] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1499.939749] __kmalloc_track_caller+0x177/0x370 [ 1499.940323] ? p9_client_create+0x51e/0x1230 [ 1499.940872] kmemdup_nul+0x2d/0xa0 [ 1499.941309] p9_client_create+0x51e/0x1230 [ 1499.942036] ? p9_client_flush+0x430/0x430 [ 1499.942609] ? trace_hardirqs_on+0x5b/0x180 23:56:39 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) openat$cgroup_freezer_state(r0, &(0x7f0000000200), 0x2, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000080), 0x4) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x5d, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b8000000130001000000000000000000ffffffff00000000000000005f00f6000000000000000000000000000000000100000000000000000a00403c00000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB='\x00'/112], 0xb8}}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_snmp6\x00') getdents(r3, &(0x7f0000000100)=""/215, 0xd7) getdents(r3, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') r6 = socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xd, 0x10010, r6, 0x13bcf000) dup3(r5, r4, 0x0) syz_mount_image$ext4(&(0x7f0000000240)='ext2\x00', &(0x7f0000000340)='./file0\x00', 0x1000, 0x8, &(0x7f0000000a00)=[{&(0x7f0000000380)="14a403d8a45a6431c54a4fe12a17c77b0a300ad7109186ddb91fd8cc7fc938aab92411503718e18d35d9de25a3dc850ef6549c3a63", 0x35, 0xffffffff}, {&(0x7f0000000440)="c39e5be27e0c76864ee8918d0f8bb52230ce900f99342893a21bf6513a30c9a9b006724058308f846904ed6621daf4fda2d67b8953cc806e215738c6c423348633f5e822d1a070738e90d375a939b59e7e7a4f3fd3564f00de0d7c4043820f144025667404f1959c3847905fa129e2e3c2c16ac8398894e1372935b1c91ea19fe67c8dfb4fdf61b1842be375223b494a9327bea2c04a9e0d71d36aff1f3dca4912b68579f5fcc51b0a8b444af04630f8198500286c51f52002cc337c8db43e920e0142de89f875d22a8bc21032c0010003f30a8c1a8d3a25d8ab371a9777f12afaac0069546f215b76ec60310c650b781fcfaf592353803a274b0c7b", 0xfc, 0xc6cd}, {&(0x7f0000000540)="489f3a0bdca393020ff1eeb297d9b588695eab4a266e8c62871019efac34d02245bd300935a144741e246b3dc030c4c04ec53d09024ad427edc9873094ebb2eb186e0c89a683273ef08892ed93e739581ba1bc600c37fff9f5842c4eb50a676c25a1e30d3d9e757836ef7d43bf59004b4109147178939ae97ecf22c028824ac5e7ffc68448d2195d0bbd3af159755078d35c35a40d68bbfcaddf386aceaec6575594d797e9f6c7a97cd01ba75021156fcc934ee6a7cc315a13667bde958ce92c", 0xc0, 0x80}, {&(0x7f0000000600)="ce541ba7e964f495decef7792947a6310781459629c7459e023efbf71c286d70bd75614fe344def71dcd844a88b05b50c5717b196bb844195234af64f872b85752a58f9c521e972848f47519b016984b440593b66f7d0fed9a24f69a0799a32a031b49f9844562a8227650e202200eacc9dd8f4f1067dda1dcfb16e727eeb0acfbbfdcccce4f8484b3d7da08bc6224018fe3756ca05dc0a603324a6f97ec2129c3143ce8e932fb0e419834486e671f293d61bd9cefe985b446f77a92", 0xbc, 0x4}, {&(0x7f00000006c0)="14f402b9e63e388c486c06a09100a65cc3f9e5c4066430ab4d471e597b272e773e25fdc735621118db6c06dbeaa13790ac42b7b2a81423ad87d0af141cd4d043171e20cb6352775b7f13e13c44395c4f6b874a1578c0c1431ab472923a58c52406e1c8d4b6716d3d1a35e7727f2743ee574ca95fe98261177491b8a975d5c599e86b60d847e685b13c183704c75895831895c7f1c2b40b04a7dab1179c3f4f92ae43a9a2e898d23e8d12f9c4", 0xac, 0x7fff}, {&(0x7f0000000780)="9583a75c480d992d7c7937b3a291a204ede9775f50806ea1a64381287a8e9723bebeb37d9bbe7115f0417b4e2128c61e524e58b9fcfa743143b3c171b90b78b83f4aced58ce28643947a22ee60b0374bf24ff9c5677a75601484de97c6e01a27f3c8df1070aaf72824ee3a43fd510165c3c43de34d4013dda876e482a691236919704fb650e43cca68e5f6e9ac8df8bcbc859b4122ba2de33e95f8c562e307ca29d7c02e9871ecfa7e2bb5c5bcff1e72ae65cfacd5b11f7172c394d2cc381d698d095734e2df63439bcf93106cbb76f2376909e4a5ebcb0f", 0xd8, 0xffffffff}, {&(0x7f0000000880)="9b7bf0d976f3d31c743d6d7c895dd090ac852def80e31e1d85e6bb758847a52694c95bb67f6a8213375368e3489dbfa519ce2f0da45d5f9ef893a26be7aaf4389c4d6fd209d8c14735e0d34611b7e01733d86393340ab61b84f8eacc3115614248e960539f24774c8cac45b71bb49b2e8f2dd0f69b8f4f2124c932553d511446093621b417277020f151ade64b64ceffcdd09b7295ac860c9a5adaa1bdf805980e34d4cf6e69d7f2e55fcdb5a1a064014db8bd1d700d792c2581e6d331423eb43718eec9b947822eeba9ecc71bca4603b6202c353902eda1dbefaeab800683a359b316ca2f2c47a0ea01b9cf946e807aa5", 0xf1, 0x8f}, {&(0x7f0000000980)="d5c81f638a16e5f1da94ba08a0e033cb7a469cfbdc924d1b8fd216ba2c2f6bdfc4b792011d91d4c63a9f82ba3ce4418bc7834a3eb91363afff4228ff92c5018e9f1142311f21bd8e5fe8b719332538e0fe03442e907aead966a6d7d13056ca4e759b38d46beb1bdbb215aad14905ad323b946f19ae3381d5fb5917", 0x7b, 0x9}], 0x800000, &(0x7f0000000b00)={[{@quota}], [{@dont_hash}, {@fsname={'fsname', 0x3d, 'net/packet\x00'}}, {@seclabel}, {@fowner_eq}]}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000150000022dbd7000fbdbdf251000000008001c00", @ANYRES32, @ANYBLOB="a8351890b0e74c09ee9e2da5c2015937b8f6"], 0x1c}, 0x1, 0x0, 0x0, 0x20004010}, 0x480c1) syz_io_uring_setup(0x5606, &(0x7f0000000040)={0x0, 0xef33, 0x0, 0x3, 0x256}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) pipe2(&(0x7f00000014c0), 0xc000) pipe(&(0x7f00000001c0)) 23:56:39 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = dup3(r1, r1, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000040)=0x1ff, 0x4) r3 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0800002100210c00000000000000000200000072000080de000000"], 0x1c}}, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x1, @mcast1, 0x3}, 0x1c) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) sendmsg$inet(r4, &(0x7f00000000c0)={&(0x7f0000000180)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0x8004) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) r5 = fcntl$dupfd(r0, 0x0, r0) sendmsg$inet6(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 23:56:39 executing program 6: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) pread64(r1, &(0x7f00000000c0)=""/171, 0xab, 0xffffffff) read$ptp(r0, &(0x7f0000000480)=""/179, 0xb3) 23:56:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:56:39 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x7, 0x103) 23:56:39 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 25) 23:56:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xff0f, @empty}, 0x1c) [ 1499.943258] ? lockdep_init_map_type+0x2c7/0x780 [ 1499.943913] ? __raw_spin_lock_init+0x36/0x110 [ 1499.944478] v9fs_session_init+0x1dd/0x1680 [ 1499.945017] ? lock_release+0x680/0x680 [ 1499.945516] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1499.946175] ? trace_hardirqs_on+0x5b/0x180 [ 1499.946703] ? v9fs_show_options+0x690/0x690 [ 1499.947247] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1499.947915] ? kasan_unpoison_shadow+0x33/0x50 [ 1499.948483] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1499.949120] v9fs_mount+0x79/0x8f0 [ 1499.949561] ? v9fs_write_inode+0x60/0x60 [ 1499.950072] legacy_get_tree+0x105/0x220 [ 1499.950573] vfs_get_tree+0x8e/0x300 [ 1499.951029] path_mount+0x1429/0x2120 [ 1499.951522] ? strncpy_from_user+0x9e/0x470 [ 1499.952054] ? finish_automount+0xa90/0xa90 [ 1499.952599] ? getname_flags.part.0+0x1dd/0x4f0 [ 1499.953178] ? _copy_from_user+0xfb/0x1b0 [ 1499.953694] __x64_sys_mount+0x282/0x300 [ 1499.954198] ? copy_mnt_ns+0xa00/0xa00 [ 1499.954682] do_syscall_64+0x33/0x40 [ 1499.955139] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1499.955794] RIP: 0033:0x7f535d26eb19 [ 1499.956264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1499.958636] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1499.959576] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1499.960481] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1499.961359] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1499.962245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1499.963132] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1499.974513] loop3: detected capacity change from 0 to 262144 [ 1499.993496] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1500.004493] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. 23:56:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:56:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xffb8, @empty}, 0x1c) 23:56:39 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r3, 0x2ff, 0x70bd28, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x1c}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000002e000000880003008229f2e32faebf95b9cc989a859bdcbea7040243ebcd9ed89cd838bb5ae73fe0e7e98f60063c72626d2ebe304825e0f8a2854b74ced96ce84b4d8ede020a9763bb9e8684096c3b0de2eb7179189c7baf11a489e17bc423fb477c499c204a718c77d281047135f1e1fc665fa8fd532da30793cb521a904f6be4e8a01a3da79fd2b9aa48fa1fe5f2a8014501ab43eb793b207d5706462791f11404eb00"/183, @ANYRES32=r6, @ANYBLOB="0a0034000202020202020000"], 0x28}}, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, 0x0, 0x80) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x2c, r8, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r9}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)={0xc4, r8, 0x307, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x94, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x1c, 0x6, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x8, 0x1, 0xd69}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x2f1}, @NL80211_BAND_6GHZ={0x8, 0x3, 0xffffffc1}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ibss_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @random="7bee8810fca5"}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ibss_ssid}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x14, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x2}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x1000}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @from_mac=@device_b}]}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x201}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0xd, 0x7f}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4040080}, 0x20040000) syz_80211_join_ibss(&(0x7f0000000080)='wlan1\x00', 0x0, 0x0, 0x0) [ 1500.045224] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1500.090803] sr 1:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. 23:56:39 executing program 5: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1}, 0x0, 0xfffffffffffeffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00'}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000040)={0x0, 0xea60}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000900)={@in6={{0xa, 0x0, 0x3, @mcast1, 0x7fffffff}}, 0x0, 0x0, 0x33, 0x0, "4fb2386f65a856b6930930052d7d4e52fc4032fe98f268baabdf34269819ec36e44c87f906b59567acb1dd5aa5ba7be8ecc7069f172fddc076e97b1bb7ad34493270d4dbba4a2ca52cc13ca18e08c805"}, 0x9a) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x6, 0x4) recvmsg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000001240)=""/82, 0x52}, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x620001) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x31, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0xfffffdef}], 0x1}, 0x10044001) 23:56:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:56:39 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 26) [ 1500.162824] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 23:56:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x20000, @empty}, 0x1c) 23:56:39 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x8, 0x103) [ 1500.246184] FAULT_INJECTION: forcing a failure. [ 1500.246184] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.247522] CPU: 1 PID: 10133 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1500.248312] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.249253] Call Trace: [ 1500.249557] dump_stack+0x107/0x167 [ 1500.249971] should_fail.cold+0x5/0xa [ 1500.250416] should_failslab+0x5/0x20 [ 1500.250854] __kmalloc_track_caller+0x79/0x370 [ 1500.251372] ? parse_opts.part.0+0x8e/0x340 [ 1500.251882] kstrdup+0x36/0x70 [ 1500.252250] parse_opts.part.0+0x8e/0x340 [ 1500.252724] ? p9_fd_show_options+0x1c0/0x1c0 [ 1500.253240] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.253841] ? quarantine_put+0x8b/0x1a0 [ 1500.254303] ? trace_hardirqs_on+0x5b/0x180 [ 1500.254798] ? kfree+0xd7/0x340 [ 1500.255176] p9_fd_create+0x98/0x4a0 [ 1500.255614] ? p9_conn_create+0x510/0x510 [ 1500.256085] ? p9_client_create+0x798/0x1230 [ 1500.256589] ? kfree+0xd7/0x340 [ 1500.256963] ? do_raw_spin_unlock+0x4f/0x220 [ 1500.257465] p9_client_create+0x7ff/0x1230 [ 1500.257951] ? p9_client_flush+0x430/0x430 [ 1500.258437] ? trace_hardirqs_on+0x5b/0x180 [ 1500.258928] ? lockdep_init_map_type+0x2c7/0x780 [ 1500.259467] ? __raw_spin_lock_init+0x36/0x110 [ 1500.260005] v9fs_session_init+0x1dd/0x1680 [ 1500.260498] ? lock_release+0x680/0x680 [ 1500.260956] ? kmem_cache_alloc_trace+0x151/0x320 [ 1500.261504] ? v9fs_show_options+0x690/0x690 [ 1500.262011] ? trace_hardirqs_on+0x5b/0x180 [ 1500.262502] ? kasan_unpoison_shadow+0x33/0x50 [ 1500.263030] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1500.263619] v9fs_mount+0x79/0x8f0 [ 1500.264024] ? v9fs_write_inode+0x60/0x60 [ 1500.264499] legacy_get_tree+0x105/0x220 [ 1500.264962] vfs_get_tree+0x8e/0x300 [ 1500.265385] path_mount+0x1429/0x2120 [ 1500.265825] ? strncpy_from_user+0x9e/0x470 [ 1500.266325] ? finish_automount+0xa90/0xa90 [ 1500.266815] ? getname_flags.part.0+0x1dd/0x4f0 [ 1500.267349] ? _copy_from_user+0xfb/0x1b0 [ 1500.267836] __x64_sys_mount+0x282/0x300 [ 1500.268293] ? copy_mnt_ns+0xa00/0xa00 [ 1500.268743] do_syscall_64+0x33/0x40 [ 1500.269169] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.269752] RIP: 0033:0x7f535d26eb19 [ 1500.270178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.272287] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1500.273161] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1500.273978] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1500.274790] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1500.275611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1500.276422] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1500.277679] 9pnet: Insufficient options for proto=fd [ 1500.410717] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 23:56:52 executing program 6: r0 = open$dir(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) lseek(r0, 0x0, 0x3) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="540100001800210c000000006be400000200000065db1f79534510f593acf2bfab5d48821ddb28214d08c50807cba10f0842828fa0a447dea82f96339db7f366a351454736bf593530333df92aec157274576a6822f589f86affd11bea626b76f5351868ef0eace6b4d096316096a935a8d972ec54cd4b9b61fff66e0d7fb30ddcb260617cc865523fbc587337705e610a8c69882b67c64517a96678c2b65ceb5cd24916467aabe17412c9283b7b3bf9ce8efde18d862f03f0bfc9a9ad78132b0e78cd77fc337d47f0bf087f0009807d106715f9d76c62f3bd7f426c620496158e1e636d2292a638e3d068bdb62a3f288208434a5a6e3492c9735c90eacb33efdc60e5b64f129147d9d173dacb5f5d17281f954b32130a19ad4f6ddcc6caa1654bff6fdd87af40be19cce736e8e2a05ab302d4fdcc152496a661a7a20ae2d6b5ed7f5479a7a203c32cbb0000000000000000000046c5464f3b26b2e50b7376cffa0e7fedd9b4f74e2c043164bc5e3256365b306176c8eb99de54d93aab1b36db2dd5151ae60ea67fb1366a6417ab19e5f70a12ebc2b23a1d42ca946a67c04b2c40496054dd011f9d50d86634775d0a9b7ca8b1042995aaf7816fd56a0cbfaacf75916883ab3448163556ef162f28eec6782c6e45825eef7c2bbdd0f7dc13782be56cf979c8f2d8b25e6344ad77991d494b9783925f3fdf13b2e4eb4a49b27a8a68efc3c9e41d5970291ed97900a5dbfdfb1ea8a2bffa"], 0x154}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000140)=""/255, 0xff) unshare(0x48020200) 23:56:52 executing program 7: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=[@pktinfo={{0x24, 0x29, 0x32, {@empty}}}], 0x28}}], 0x1, 0x0) 23:56:52 executing program 5: syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) close(0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[@ANYRES16=0x0]) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) syz_io_uring_setup(0x528c, &(0x7f00000002c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) setxattr$incfs_size(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), &(0x7f0000000340)=0x5, 0x8, 0x2) syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x12345}, 0x39) getsockname(0xffffffffffffffff, &(0x7f0000000380)=@qipcrtr, &(0x7f0000000400)=0x80) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x100010, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(0x0, r2, 0x0, 0x101) 23:56:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:56:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x1000000, @empty}, 0x1c) 23:56:52 executing program 0: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x4e, 0x0, "15bb6949bc674ed64133723aa6453b9d292123bebbcd37c5097fd53da62c01e266166394afb8d0aca105da30931d140a11973acb99cc0d8da3a4f6f42444a1948f422c8d8d2d8bdd069588783e32b713"}, 0xd8) tgkill(0x0, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) write$binfmt_elf64(r5, &(0x7f0000002040)=ANY=[], 0xaf2) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x9, 0x7, 0xe1, 0x3, 0x0, 0xbb, 0x10000, 0xe, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xcd01, 0x1, @perf_bp={&(0x7f0000000200), 0x3}, 0x40204, 0x0, 0x2, 0x0, 0x1f, 0x5, 0x0, 0x0, 0xfffff000, 0x0, 0x7fff}, 0x0, 0x4, r5, 0x1) r6 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4) pread64(r6, &(0x7f0000000040)=""/32, 0x20, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000900)={0x0, "72b65d47eda932bc407d3663234162a9"}) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x13, r1, 0x8000000) syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1512.722125] loop5: detected capacity change from 0 to 262144 23:56:52 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 27) 23:56:52 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x9, 0x103) 23:56:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x2000000, @empty}, 0x1c) [ 1512.750717] FAULT_INJECTION: forcing a failure. [ 1512.750717] name failslab, interval 1, probability 0, space 0, times 0 [ 1512.753320] CPU: 0 PID: 10169 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1512.754295] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 1512.754913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1512.754923] Call Trace: [ 1512.754955] dump_stack+0x107/0x167 [ 1512.759158] should_fail.cold+0x5/0xa [ 1512.760034] ? create_object.isra.0+0x3a/0xa20 [ 1512.761074] should_failslab+0x5/0x20 [ 1512.761947] kmem_cache_alloc+0x5b/0x310 [ 1512.762878] ? legacy_get_tree+0x105/0x220 [ 1512.763848] ? vfs_get_tree+0x8e/0x300 [ 1512.764734] create_object.isra.0+0x3a/0xa20 [ 1512.765729] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1512.766884] __kmalloc_track_caller+0x177/0x370 [ 1512.767954] ? parse_opts.part.0+0x8e/0x340 [ 1512.768953] kstrdup+0x36/0x70 [ 1512.769681] parse_opts.part.0+0x8e/0x340 [ 1512.770629] ? p9_fd_show_options+0x1c0/0x1c0 [ 1512.771662] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1512.772854] ? quarantine_put+0x8b/0x1a0 [ 1512.773770] ? trace_hardirqs_on+0x5b/0x180 [ 1512.774756] ? kfree+0xd7/0x340 [ 1512.775509] p9_fd_create+0x98/0x4a0 [ 1512.776362] ? p9_conn_create+0x510/0x510 [ 1512.777306] ? p9_client_create+0x798/0x1230 [ 1512.778308] ? kfree+0xd7/0x340 [ 1512.779058] ? do_raw_spin_unlock+0x4f/0x220 [ 1512.780068] p9_client_create+0x7ff/0x1230 [ 1512.781036] ? p9_client_flush+0x430/0x430 [ 1512.781996] ? trace_hardirqs_on+0x5b/0x180 [ 1512.782975] ? lockdep_init_map_type+0x2c7/0x780 [ 1512.784058] ? __raw_spin_lock_init+0x36/0x110 [ 1512.785098] v9fs_session_init+0x1dd/0x1680 [ 1512.786082] ? lock_release+0x680/0x680 [ 1512.786995] ? kmem_cache_alloc_trace+0x151/0x320 [ 1512.788095] ? v9fs_show_options+0x690/0x690 [ 1512.789100] ? trace_hardirqs_on+0x5b/0x180 [ 1512.790077] ? kasan_unpoison_shadow+0x33/0x50 [ 1512.791116] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1512.792276] v9fs_mount+0x79/0x8f0 [ 1512.793087] ? v9fs_write_inode+0x60/0x60 [ 1512.794032] legacy_get_tree+0x105/0x220 [ 1512.794950] vfs_get_tree+0x8e/0x300 [ 1512.795809] path_mount+0x1429/0x2120 [ 1512.796678] ? strncpy_from_user+0x9e/0x470 [ 1512.797653] ? finish_automount+0xa90/0xa90 [ 1512.798640] ? getname_flags.part.0+0x1dd/0x4f0 [ 1512.799710] ? _copy_from_user+0xfb/0x1b0 [ 1512.800660] __x64_sys_mount+0x282/0x300 [ 1512.801586] ? copy_mnt_ns+0xa00/0xa00 [ 1512.802477] do_syscall_64+0x33/0x40 [ 1512.803326] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1512.804502] RIP: 0033:0x7f535d26eb19 [ 1512.805343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1512.809525] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1512.811254] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1512.812898] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1512.814522] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1512.816150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1512.817766] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:56:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x3000000, @empty}, 0x1c) [ 1512.838814] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1512.841464] loop3: detected capacity change from 0 to 262144 23:56:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x4000000, @empty}, 0x1c) 23:56:52 executing program 7: ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x42000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000340)='\x00', 0x6) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xb, 0x1d012, r0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$bt_hci(r1, &(0x7f0000000040)={0x1, @le_create_conn={{0x200d, 0x19}, {0x1, 0x41d, 0x3f, 0xe0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x73, 0xe793, 0xd66, 0x20, 0x40, 0x0, 0x1}}}, 0x1d) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) [ 1512.896275] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1512.907029] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 23:56:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:56:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x5000000, @empty}, 0x1c) [ 1512.947079] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:56:52 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 28) 23:56:52 executing program 0: open_tree(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0x4ad2, 0x0, &(0x7f0000000180), 0x2, &(0x7f0000000380)={[{@discard}, {}, {@bh}, {@block_validity}, {@jqfmt_vfsv0}], [{@context={'context', 0x3d, 'root'}}, {@func={'func', 0x3d, 'FILE_CHECK'}}, {@subj_role={'subj_role', 0x3d, '\xa2jth\x1c.\x8c4\xed\xa6\x9b8W\xea^vlan\x00\xd7\x17\x85\xb0\x18\xcd\x19\xa8\x906\x04\xe4\xe17\x89\x9a\x05\x1e\xb7\xaf\xb3e\xe3\xdf\xb2n\x87\xd5/\x80L\x05A\xa0\xa3\x85AT\xde\xd7\x1a\xc7\x94\xdc\xe00\x1a\xcd \xe2\xc3\xd7\xe2\x03?V\x1b\xed\x1ey\xc5\x83$\xb0H \xef\x13\'\x06\xe3%,\xc0\xcd\x194<\x9e\x9a4\xb9\xe8\x1ei\x0f\xdc\xe8\xb0*#_\xf0h\x97h>\x93\x91T\xda1]\x8d\xfb^\x1b\x9d\xa2\x82\xc8\xd7\xbbP\x80pu\xa8\t\xafg\x8d4\xbf\xe3\x8aQ_Y\xbd\x83R\xf38^\x92\x915\xb2\x97u\xaf\xef\xee\f\xe1\x97\xf8c\r\x84\x9f\xddV\xd2\xe6\xb3\x8a\xb4iLi\xc6:\x94\\5\xa4I\x11\x01\x10\xeb\xc0\xad\xf1\xfc\x02!\xb4\x1et'}}, {@smackfsdef={'smackfsdef', 0x3d, '-^].\\'}}]}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4044}, 0x0) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x200, 0x0, 0x0, 0x1, 0x17, "77004a6efdff00", 0x0, 0x1}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000180)={'wg0\x00'}) r1 = socket$inet(0x2, 0xa, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) unlink(&(0x7f00000000c0)='./file0\x00') fcntl$getown(0xffffffffffffffff, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r1, r0, 0x0) [ 1513.134636] FAULT_INJECTION: forcing a failure. [ 1513.134636] name failslab, interval 1, probability 0, space 0, times 0 [ 1513.135974] CPU: 1 PID: 10203 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1513.136763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1513.137710] Call Trace: [ 1513.138015] dump_stack+0x107/0x167 [ 1513.138427] should_fail.cold+0x5/0xa [ 1513.138869] should_failslab+0x5/0x20 [ 1513.139307] __kmalloc_track_caller+0x79/0x370 [ 1513.139842] ? match_number+0xaf/0x1d0 [ 1513.140299] kmemdup_nul+0x2d/0xa0 [ 1513.140707] match_number+0xaf/0x1d0 [ 1513.141135] ? match_u64+0x190/0x190 [ 1513.141561] ? __kmalloc_track_caller+0x2c6/0x370 [ 1513.142107] ? memcpy+0x39/0x60 [ 1513.142485] parse_opts.part.0+0x1f3/0x340 [ 1513.142969] ? p9_fd_show_options+0x1c0/0x1c0 [ 1513.143487] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1513.144103] ? trace_hardirqs_on+0x5b/0x180 [ 1513.144598] ? kfree+0xd7/0x340 [ 1513.144978] p9_fd_create+0x98/0x4a0 [ 1513.145400] ? p9_conn_create+0x510/0x510 [ 1513.145877] ? p9_client_create+0x798/0x1230 [ 1513.146379] ? kfree+0xd7/0x340 [ 1513.146754] ? do_raw_spin_unlock+0x4f/0x220 [ 1513.147264] p9_client_create+0x7ff/0x1230 [ 1513.147763] ? p9_client_flush+0x430/0x430 [ 1513.148245] ? trace_hardirqs_on+0x5b/0x180 [ 1513.148740] ? lockdep_init_map_type+0x2c7/0x780 [ 1513.149284] ? __raw_spin_lock_init+0x36/0x110 [ 1513.149808] v9fs_session_init+0x1dd/0x1680 [ 1513.150303] ? lock_release+0x680/0x680 [ 1513.150765] ? kmem_cache_alloc_trace+0x151/0x320 [ 1513.151318] ? v9fs_show_options+0x690/0x690 [ 1513.151834] ? trace_hardirqs_on+0x5b/0x180 [ 1513.152327] ? kasan_unpoison_shadow+0x33/0x50 [ 1513.152849] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1513.153432] v9fs_mount+0x79/0x8f0 [ 1513.153837] ? v9fs_write_inode+0x60/0x60 [ 1513.154312] legacy_get_tree+0x105/0x220 [ 1513.154779] vfs_get_tree+0x8e/0x300 [ 1513.155203] path_mount+0x1429/0x2120 [ 1513.155652] ? strncpy_from_user+0x9e/0x470 [ 1513.156146] ? finish_automount+0xa90/0xa90 [ 1513.156642] ? getname_flags.part.0+0x1dd/0x4f0 [ 1513.157177] ? _copy_from_user+0xfb/0x1b0 [ 1513.157655] __x64_sys_mount+0x282/0x300 [ 1513.158121] ? copy_mnt_ns+0xa00/0xa00 [ 1513.158572] do_syscall_64+0x33/0x40 [ 1513.159002] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1513.159591] RIP: 0033:0x7f535d26eb19 [ 1513.160025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1513.162129] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1513.163004] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1513.163824] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1513.164645] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1513.165460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1513.166270] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1513.172566] 9pnet: Insufficient options for proto=fd 23:57:07 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 29) 23:57:07 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(r1, 0x4, 0xc00) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) open_by_handle_at(r0, &(0x7f0000000100)=ANY=[@ANYRESDEC], 0xa25c3) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00'}) bind$packet(r3, &(0x7f0000000040)={0x11, 0x1, 0x0, 0x1, 0x8, 0x6, @random="190002400a00"}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f00000000c0)={0xaa5, 0x9, 0x9, 0xfffffffd, 0x11b2}) 23:57:07 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:07 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xa, 0x103) 23:57:07 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x0, 0x0, 0x241808, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x112) mkdirat(r4, &(0x7f0000000180)='./file0\x00', 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000180)={0x0, 0xfffffffffffffe9a, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x34}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) getdents64(r3, &(0x7f0000000240)=""/151, 0x97) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(0x0, 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000007c0), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x10) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00000001c0), 0xc, &(0x7f0000000100)={0x0}}, 0x0) 23:57:07 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x596174f, @empty}, 0x1c) 23:57:07 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6d7cf708bc06516e}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000080)=@fragment={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x865}, 0x28) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x400000000000070, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001e00)={{0x0, 0x7, 0x7, 0x0, 0x4, 0x0, 0x0, 0x4, 0x3f, 0x5, 0x0, 0x8, 0x9553, 0x9}}) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x81, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x14, 0x0, &(0x7f0000000000)) [ 1527.588994] loop3: detected capacity change from 0 to 262144 [ 1527.595069] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1527.599378] FAULT_INJECTION: forcing a failure. [ 1527.599378] name failslab, interval 1, probability 0, space 0, times 0 [ 1527.601987] CPU: 0 PID: 10222 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1527.603555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1527.605440] Call Trace: [ 1527.606040] dump_stack+0x107/0x167 [ 1527.606868] should_fail.cold+0x5/0xa [ 1527.607728] ? create_object.isra.0+0x3a/0xa20 [ 1527.608772] should_failslab+0x5/0x20 [ 1527.609634] kmem_cache_alloc+0x5b/0x310 [ 1527.610554] create_object.isra.0+0x3a/0xa20 [ 1527.611547] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1527.612718] __kmalloc_track_caller+0x177/0x370 [ 1527.613770] ? match_number+0xaf/0x1d0 [ 1527.614654] kmemdup_nul+0x2d/0xa0 [ 1527.615465] match_number+0xaf/0x1d0 [ 1527.616317] ? match_u64+0x190/0x190 [ 1527.617160] ? __kmalloc_track_caller+0x2c6/0x370 [ 1527.618253] ? memcpy+0x39/0x60 [ 1527.619021] parse_opts.part.0+0x1f3/0x340 [ 1527.619995] ? p9_fd_show_options+0x1c0/0x1c0 [ 1527.621030] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1527.622214] ? trace_hardirqs_on+0x5b/0x180 [ 1527.623190] ? kfree+0xd7/0x340 [ 1527.623957] p9_fd_create+0x98/0x4a0 [ 1527.624798] ? p9_conn_create+0x510/0x510 [ 1527.625742] ? p9_client_create+0x798/0x1230 [ 1527.626736] ? kfree+0xd7/0x340 [ 1527.627479] ? do_raw_spin_unlock+0x4f/0x220 [ 1527.628491] p9_client_create+0x7ff/0x1230 [ 1527.629460] ? p9_client_flush+0x430/0x430 [ 1527.630412] ? trace_hardirqs_on+0x5b/0x180 [ 1527.631382] ? lockdep_init_map_type+0x2c7/0x780 [ 1527.632462] ? __raw_spin_lock_init+0x36/0x110 [ 1527.633501] v9fs_session_init+0x1dd/0x1680 [ 1527.634479] ? lock_release+0x680/0x680 [ 1527.635387] ? kmem_cache_alloc_trace+0x151/0x320 [ 1527.636490] ? v9fs_show_options+0x690/0x690 [ 1527.637501] ? trace_hardirqs_on+0x5b/0x180 [ 1527.638479] ? kasan_unpoison_shadow+0x33/0x50 [ 1527.639517] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1527.640680] v9fs_mount+0x79/0x8f0 [ 1527.641488] ? v9fs_write_inode+0x60/0x60 [ 1527.642434] legacy_get_tree+0x105/0x220 [ 1527.643356] vfs_get_tree+0x8e/0x300 [ 1527.644208] path_mount+0x1429/0x2120 [ 1527.645081] ? strncpy_from_user+0x9e/0x470 [ 1527.646063] ? finish_automount+0xa90/0xa90 [ 1527.647042] ? getname_flags.part.0+0x1dd/0x4f0 [ 1527.648099] ? _copy_from_user+0xfb/0x1b0 [ 1527.649046] __x64_sys_mount+0x282/0x300 [ 1527.649960] ? copy_mnt_ns+0xa00/0xa00 [ 1527.650847] do_syscall_64+0x33/0x40 [ 1527.651695] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1527.652859] RIP: 0033:0x7f535d26eb19 [ 1527.653697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.657877] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1527.659606] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1527.661226] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1527.662849] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1527.664472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1527.666093] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:57:07 executing program 6: syz_mount_image$ext4(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0xfffffffffffffd2d, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000240)='cgroup2\x00', 0x64000, 0x0) open(&(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0/../file0\x00', 0x6100, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0)="128b51fec897f858d53cb4464b5cc49160e7b99e31a9126a6b14116d0681", 0x1e, r1}, 0x68) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000000380)=0xc) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r3, 0x0) r4 = getuid() getgroups(0x9, &(0x7f00000003c0)=[0xee01, 0xee01, 0xee00, 0xffffffffffffffff, 0xee01, 0xee00, 0xee00, 0xee01, 0x0]) recvmmsg$unix(r0, &(0x7f0000004780)=[{{&(0x7f0000000400)=@abs, 0x6e, &(0x7f0000001a40)=[{&(0x7f0000001500)=""/85, 0x55}, {&(0x7f0000000480)=""/34, 0x22}, {&(0x7f0000001580)=""/175, 0xaf}, {&(0x7f0000001640)=""/195, 0xc3}, {&(0x7f0000001740)=""/153, 0x99}, {&(0x7f0000001800)=""/33, 0x21}, {&(0x7f0000001840)=""/85, 0x55}, {&(0x7f00000018c0)=""/208, 0xd0}, {&(0x7f00000019c0)=""/13, 0xd}, {&(0x7f0000001a00)=""/28, 0x1c}], 0xa, &(0x7f0000001b00)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{&(0x7f0000001b80), 0x6e, &(0x7f0000002e00)=[{&(0x7f0000001c00)}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000002c40)=""/139, 0x8b}, {&(0x7f0000002d00)=""/138, 0x8a}, {&(0x7f0000002dc0)=""/43, 0x2b}], 0x5, &(0x7f0000002e80)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x118}}, {{0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000002fc0)=""/165, 0xa5}], 0x1, &(0x7f00000030c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}}, {{&(0x7f0000003200)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000003280)=""/249, 0xf9}], 0x1, &(0x7f00000033c0)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x10}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}}, {{&(0x7f0000003500), 0x6e, &(0x7f0000004700)=[{&(0x7f0000003580)=""/96, 0x60}, {&(0x7f0000003600)=""/4096, 0x1000}, {&(0x7f0000004600)=""/61, 0x3d}, {&(0x7f0000004640)=""/133, 0x85}], 0x4, &(0x7f0000004740)}}], 0x5, 0x40000000, &(0x7f00000048c0)) r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r7, {0xee01, r8}}, './file1\x00'}) r9 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r9, {0xee01, r10}}, './file1\x00'}) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000280)='system.posix_acl_access\x00', &(0x7f0000004900)={{}, {0x1, 0x4}, [{0x2, 0x6, r2}, {0x2, 0x4, r3}, {0x2, 0x3, 0xee01}, {0x2, 0x7}, {0x2, 0x4, 0xffffffffffffffff}, {0x2, 0x4, r4}, {0x2, 0x4, 0xffffffffffffffff}, {0x2, 0x2}], {0x4, 0x4}, [{0x8, 0x1, r5}, {0x8, 0x5, 0xffffffffffffffff}, {0x8, 0x1, 0xffffffffffffffff}, {0x8, 0x6, r6}, {0x8, 0x6, 0xffffffffffffffff}, {0x8, 0x1, r8}, {0x8, 0x3}, {0x8, 0x0, r10}], {0x10, 0x4}, {0x20, 0x2}}, 0xa4, 0x2) [ 1527.697662] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:57:07 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:07 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x6000000, @empty}, 0x1c) 23:57:07 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xb, 0x103) 23:57:07 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:07 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x7000000, @empty}, 0x1c) 23:57:07 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xedc0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x6000000, @empty}, 0x1c) 23:57:07 executing program 6: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) io_submit(0x0, 0x1, &(0x7f0000000400)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000540)="4fa961a32c46292c4c203b03c6cfcb7f41a36b2033c451524efa095f3259d324fe60cf5baa606c7c29d5626c6a425a3357a6ef9b122793056fe62dc737af44a1070dcbaede3f1a1a803aeec79b506e019ba9a0faad0ffeddee88e9c7f880a2b88dd7ec8a16c3670691b02178a9efe72a78120600fe8be129a52b1b4d82cc8adf2f88522df22ee2ca034bd40b6be1e2b77c7b9594a599c877", 0x98, 0x0, 0x0, 0x3}]) syz_usb_connect$cdc_ecm(0x4, 0x0, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000004c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clock_gettime(0x0, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000440), &(0x7f0000000700)) close(0xffffffffffffffff) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x4, @thr={&(0x7f0000000600)="1a90741b478736dcb3b315064fc9e72c4608370b13bc2cb637529112fc303e1776468566db550164e33a10b0631194d0c525a6de03dea72ca7919d9f8026f6731bde01f3232df675dccf6cfdc168550c74433af885e6c95d44c46a6227103177f847898edf0b69b5bb4ce7cb18c9b532190cab9007de662870fd202b7c55fc84576b9e25c32997e5ebfb4bf56dacbc75625e461c5efcef9c8d5ad29e03c5acb0699a5bf8fca88e223ab1b91bd8b79f91aeddb32d54049112fa", &(0x7f00000006c0)="d268db7656a375b39a1a8696902ef074b8ab"}}, &(0x7f00000001c0)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000007c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="00ed0400003189000000000000000201004423ce044ef83b3696bb9a713c70e6d65a8632d2000000a55553d04600000000000e5b58ec24cd22fec30a9ab56f590b0d23f2c01816df67709c52597c72374d3a22ae07c17891533a302e0000000058c4c6825f6e0e184a8d763aa4"]) clock_gettime(0x0, &(0x7f00000000c0)) clock_gettime(0x0, &(0x7f0000000100)) timer_create(0x9, &(0x7f0000000080)={0x0, 0x22, 0x1}, &(0x7f0000000380)=0x0) timer_gettime(r0, &(0x7f0000000280)) timer_create(0x6, &(0x7f0000000240)={0x0, 0x4, 0x4}, &(0x7f00000002c0)) timer_gettime(0x0, &(0x7f0000000080)) timer_delete(0x0) clone3(&(0x7f0000000740)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 23:57:24 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 30) 23:57:24 executing program 5: ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c) syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x11}, @random="90d3696620a7", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @redirect={0x5, 0x0, 0x0, @private, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, "dfe34aa5edde5634"}}}}}, 0x0) 23:57:24 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x6000000, @empty}, 0x1c) 23:57:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001940), 0x0, 0x0) perf_event_open(&(0x7f00000018c0)={0x5, 0x80, 0x81, 0x80, 0x44, 0x3, 0x0, 0x8, 0x4058, 0x8, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x1, 0x10000}, 0x41a0, 0x40, 0x4, 0x7, 0x6, 0x0, 0xff, 0x0, 0x0, 0x0, 0xd1b}, r2, 0x10, r4, 0xb) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, &(0x7f0000001880)=0x8, 0x4) sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)={0xb0, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_FEATURES_WANTED={0x90, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8c, 0x3, 0x0, 0x1, [{0xfffffffffffffd9b, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'Z:%\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '-*!S-[\x91.\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ']!}#\x00'}]}]}]}]}, 0xb0}}, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001500)={&(0x7f0000000bc0)={0x920, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x4}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xb7}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}, {{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8ffe}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x4, 0x0, 0x0, 0xae0e}, {0x8ed, 0x81, 0x4, 0x8001}, {0xfff, 0x4, 0x3, 0x8000}, {0x2, 0xf8, 0x9, 0x6}]}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x911}}, {0x8}}}]}}, {{0x8}, {0x260, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xafcd}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xbdf}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}]}}, {{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x94, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}]}}, {{0x8, 0x1, r8}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x920}, 0x1, 0x0, 0x0, 0x4}, 0x4000800) sendmmsg$inet(r0, &(0x7f0000001800)=[{{&(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10, &(0x7f0000000180)}}, {{&(0x7f00000001c0)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000200)="80b062b29506822a217e5564b9a5f04365a2f11db99de2a0aea6e6a359163be701b4996123925070ee7ab25db937847e312317df1825a28ba3b8847da29ee58b5dceb619a818854830415f916ff127c290c2600e16a8224c6972b6031d70cee8e8c25e60b4f3e5113a5fbc162b3a1b19fc7e7dfe548a0e08b81e75fbb60758676a50cdebdeae9d4ddbb1837b6053fd44d88e4bd388a9ecdf", 0x98}, {&(0x7f00000002c0)="8a627d99c079568b71a9861497335c31f5bbc1a2775761ebcb4692604f8b50efac3d9352005fa76a214a7e97b723531ad0f2830bccf76c8084e9e43c1169b3a3be1d4e4d4773b5194ffee914bae4f918e557f696acd51f2b56961ae98a70162f63d595eb70821f9bec389e9ed363c18d83d147976234dfe6f8d3cf9d1572277b138be4f35b8147dae7a02e9c547a5387184835d79365cc91eda93d833d2a63802eb79cdb88d98a863691b2d6c30aea338aaf180e3f8d2e54fff3b89150beb3b0ced23ca727f7dd4e0628d53a8246f12410fa4dec8204b1fd4e00586b20c613e7e86d2b525afa941152ce4648f18095bccc320962c9ee9b8166ac7cf9537c5d41f64445ace719de47f791eaf97b27f6f1001892c6b7ba15f8c88180d5e528760d65b0cb766cd8656b8391ebd47052195e4b0429b71f225d6b75bb00eef0c231760c900b9aeb336808d2de6556735ea3d551c5dec6df9aaee647b172466613a9bf9b44c605aef6629665fbbf022dc2166c82341b81527cfda0973ce850cb739642c735680dba47e2676718108352b0205b89178d1ca9a222ce8096a597a32e58db42eb0ce28b8d06b059b8be52a25cee123fbfc651fc075e879180f1ffbcee2d1707bee6b08eefefe0ea0676e3b2cf13176a74c37f0ccae8fa07a40b75e9292c947d263535ed369d1220e151c9599b7971a020f1a9837e12732a7870d1eca905125e6a1894bf98a4b4297e32c42994dcefb0e86b083caa7aec5da0b43662eeddfa0f70e67aae791876acbc67911044e48c389fcbe572eb5563c00d9ff48c8fc81414525d902270ef494924594dc9a246acd7608d5072797f3b907bcb451e22ca2e38cf5f9f3f3526208fcdc5097ac2459e7b5ce73d5d10e22ddcf85b0f8e7db2c2a916871be0f9e71eeb16d39f741f8e66354b41350427c867504c5422ec0553df78d865d48f5ebb71cc69ab5f7b9d463d333881b9b8abb85c4773a148c3b98b52e7d5ab37d41ca34abf301fc4627d7bb0e84e5548e56ed6e8b4baa38c55da4a27a24e671f0154a4cf9b36405ff03cb045ddb3fec99ab9c78bbc5e648ff3bd1ba8293dfb7a820e054804dc4f34dbd6dc8fc277785822edeca4a8e20f8383dd45aac1ec8f93ff1af8811432da377d5412edf45d5c687e6077677705278858242cccfa63f226e006fca83106569075224b94471db4267fbdf255f5c61dacca26e43cf11c0c746950c076cd7b75466c1414cb46ca951659552deea20fa3aa31f0cfaa4f46d25416c27c65bfc8cccc62a7dcfdc7d3cea73e3e655ddaec05c362a5969bf641e52c686d309b46b6a3c78090dba4a4579e456f3e4502223fb01173245ce182f93e30b01a421e580776ce0bd9250e870356fdb4d1bc3a87a881eb38f8c043e6515c1090c7d63e00c43df63c7635d43f306b11c12322256640cde48d4817f331ea968a57a06a21437bb007ece2cf5b68f08ef881e19596c9f6db0b2308ede34da827074712ced6ab1fc5c25296f4b01e856c9b5ee814ff251fa8c460a9e990132992499f1c739748c8ce8123d296cceceb0d76a4f2792620a2d8433a7a34aafe60b273be24711bd4288a4741a61694255c25481fe43c1d1681b1d834490e243c2d45439071cbdaaa09a1b3ef167d084a1a2b443f6b253c735fbd595c2abcf1502464f0172e87af81333ace66a8526dfb849157a5e8a8c11611fcc1ea4bbf137404f6de7a955ed4d0e8482bd4b9c3d73d69379b4192481f17b316044cbd9ccf240e1f36f79cf0a8515a47f50ac65ff58e27876138582f278a54e629fb9055aeaca405fb6f7c94ef8f12a04881d3864a2bb3a34e3610fdb295e4c373c07735b63013276214242b55c7e8ba3e899fb9d632a3f10c751efa82904eab1b9c9dbe97ff86a46df002b8b035657e990011efc64312f32d0366a730f5ad58c23e3f7abf09e8659084a93b7d0270d7b319160af72177b8d461abc91afde4ab0d248751d781b4f0246217655050f1b82e2c463703829895c3a307d843e0d292fad71be3786b3c410c4a3c145743caf0337ca7be030f044be3ad09847d759fe004f54ae5438a07f9fba7665e763c8b5869d6ff1606de091b5033a88401e474927a1ca463121e10be4d5dbdf808e8e48078ab29bb64a3f2b55d745cf9ca94561ea99aa06255377353efce68f376de2d1c67bad635fa064be97439b57fb72e4023146ddeb408446ae35369782e55ba0bb3ce4de686bcba8610db34d15fb2fd48d3f33749e29f288eb481d44c5cfa47cd45e892d272fdc76a97659112281ff0024a0ce1180420b1d99c4acd6e88eaaba6b444a50e9ae2b097e1e7711a400474de7bfabc07fa579f497e00e630827439c3a6fea41837705dee504e0d77168a70f9b519d815d74b2d14e234df169f210cae53b5cc6de8d06379b2e5fec46235f91b0d2aadb152bd63c1780a081f2558a500e621ab0bdf0a9faf5018dfe48375f7ee638cb2e5235333234dacc1ff832e0b8627829199acae2d4a55fdb983fa6c67a53edca2671a0b8907e3cc8bfc0c7bfece258451ec0e5dd9c9cbf9d777290a88daef06b379eaa9fffc29640a9889509f776bf7cd30b6f2727b0525e6b2984609d010008ce9b6aacbd9bd08782479b10d453dddba963f70c7b0efecda0473e74f2ef74078e8801fa1cc6507e22502b731904bcbdf676330d35428d25acb211dcf6e1a74bcdac4caf6d7faf50c9d6f07ec2e1c049976de2dfb9056f41ee1b212c3e5df429b62b036f7015c4051c6284cf0ee92b62ac8dc1a5d2041e69b874695ce647092f4472df1b9c909368e394265a5d0cf2741b7a873341c96dab6d139223c500e0ba9fce360be90d4b32f4534d466b01c90d3e9e8a5ecc9e6f0b39a4363019d80ff9e741218ea6e56a039cdda3e3657d9ba84616b2910d4eb90d61079821aded31ace372f9865d3c4735f36ed6596e043c605ca7fc8b21a4c5d0c8f996ec432f2879b3142d40330c962e3deba802a8a49bc2a474e599d8036326571ef0e072beed87e1ceb76e41b9fbe54cd7a51156b95b217ade3866a8b419ebc61dd30f755a5b9aa9470a89ab7a8914b8920db29833d675b42977f5107b32ec66c506d4fbf21534e7b1607bcaf122b407bdbfae008cd72140d5f77a18f67ed5379e5184f3afb74cf2fe98ef4f96a0f552372f13b82a915a08f2ade899ab17b51cf3eb64320cb8c2f3c0f47bcb21c7c0a384572e6e34eb224e06d404f0edfe12b46d0a4cd1cc9f5a6ab3415bacffdc60753bb4f1154524d6d864575919d5355649c02d45a4481866bd61ecfeb89dff3b0fb681e8201007e26ae41cf47b6eba457e3abe553fa6df6ab291db3ec00c60e5d8fbea4f5ecb4832148df6f1e582d82e5dd4b21266866ec244453d760804dc22e71edeedc2cb040c48c79c53fb01477357ed8032c0471492c0157e28393ef4b3746b17ca8624c72e96087e223a0dd8e43e3cf29ac3a84ca5111ed62580f0f2b523f1d5db38d9ddce98eecddb7ac9cec2fb4622b28d848465a952c014406974913553017a99b06dadc3260bde21cccc4da7741416055f766f0655920b5838fbd18c1d62ae45f2564020d690bd813a63b5ebd4b0857c626ea15d4176442ab4f30a85392c09360d3f4bd83c59235fbb5994e4ee88ab482e647959b77fe3f9bd4e28ea601a7a52a6bc33e134a53eb816395c4e91ea56f910ca97a0a0f00601b6a1be98cb81295708a41e094ce097cd3f17aa9a0f2bf4175ec52f83360cade75f9674fc01c8278ff22ea4d8f6e64ac4c1123d2a8f308cdaf477f77f424de98042373ae23e36fe370ca7713acca0afcd0f1fcdbd0b575af9ae9e8a32c348a12ed02c06dfd63f9b3f5f6ae129f6a8be28f41749d424e2489a1651cf8d505d1f8576af1baaa067896be8b5ff43d1b978d85a553aaf086286c4e54b06f4cdafb748bad174dfb536bc59ebd52a888e4ab2769b1562a682e26ea06b374e0181525bbea3ee7b63ab72c1025383af8754bb9f3a999a2a98d6ce1fb8ed5a223a711ba8ca00b0bbdc040240c5d9887d6bf790098f11625b1cc5c44c870b69aff4e5b070508fe6ecd095c0588be44318ae84b5e0f3ffd9561ba30862f5e6631ec15aa89d87a99f8cd65ef041394c359d93da9f26831ca5d03529476c6fa868dc16c5f59ed8b3fc11f3bc77609cd2d6d2db9c46b9584a87a575a083769506676a0305fb60ac3df4e8c9975aa62631d0b31829c53e3406fe89eb81f8a621ae11af26576cb0b305170e68a302a5039e22aa9719b44820ccfa06f92ad327d0807b7614b209f2a7dd1dd9a5c6d2e8ab9c13e11f62ffe9b511af1fa1c24ffa549680e6396ea3cba3795049647c5e2b388e29d02cdf6cdd157d76e9b1965e004596c92d0257790c08af2adf8daa5167c0269b1d58464f4d65864e683fe01a07a03c489ec30e02f8428af2fe688f741a4eed5b9a86859331aac435c2c1912b3cbaea85905a24c8d0a5e6fa5e9f37ac4e6025223b4b2a7e0858e13e747b6efa486fadc58f5503ce98e3c14580304fa39a032bdc4a10bbf4bdb512104ab3ee136071677a8783cba2487ff9f92060f6c9da7f492460a6f39db89fb3d88ee7e58b7204eb6163e924c7ac8dca7bfa9ba3a988a85052faa61c923171d532418da92fdda97b95a1fcd503449a5807ec3520191a2477f1a632b561d6f1b79acae50d21cc874a1646b468042ec9e1287ee5e16d8f59cf77aadcd21cdcbfcac3246e46b4f8319a4db73079fef243c499119a291fb9e90b960d0ecbc041566de9d9e7e021164d1b3d8feb07fd97f8470b1e1d669c73f37566c11d0db0899357fd99715aee1485862b6d2bd8e151e5894fa96e34523d903e9a1cf515c3f37a401193356d57653bba576cbc56c3380909ad0a887dbfc021f82b3176f51d5daa562c6256049c3aa57cdbd13fc12c553d9c0ef0e074469f54b470291c39bc9648495004c37959cfc0d257e5cb5f8125523f40beede836c4be3a78f53e784b4ac9239ab123d3001921012c69c0abbb7ae57df7360e0509ccb0805e713e339e5b8f220d7d8cb8a6be209be204bc3e160e04f6a054523fa3480e67fd2e7079963825b87b0400de979f3d6b6eadf24992dfd1d6c92bd770ebc8866434d4c0e4c21fbf4dcb824c7d40e03a5471aacf18be781e64379f90bad8dca250fc4cf2daf1a2b99756bce06d50f10a746b902fc0d963f2e3a15205df762692bf56583c88b606df5c72f13fbc4497c4596bac646e11cca2a51f9f3d86c5278bd6d7bfa2fba428be4761dcfaa285500c6a86ee3f89fd5fd89d4494e1ca2eeb17f1075266d2f2c729736ec0820bb0f189da54da5dd51a528d3297ef4c7fc7c9f4f31da3003957da0690a3bc2dd820967283c9de08fd013f1c1eb3db00c77d13350d5b3d25c559608d05c8bb2411658b343b17d23ce08c1e4588527e7456931607450c990859f6a5b1ed758849eda1a8237fcbe643382613f2a1b306a7ba573fef906614ba947b04a5142856c5074e95442c0621b9d4295c77c729f0b2658775682c0ab46020efb03fb93f1c9cb2875016c8a7a0a4f709bb83d2163cae5decaab0721f48724cad992eb6180f98cac7b7b0e06686c23b7af9cb686e0d1a5f762da35a666a6824af682a9c7ef78f5ead1232b966b2b7a0839c6fc9657f33971678d5633b93fbf00380b7d626c5ffdfeea471435e333b4824e850691cdd04d439412023e749e011d884929ec5cd4ca3d503745c5fca09c36150e3a3ab3c29dd98428e9db540d3264abb95487109efad02128000ee8b0e421a8", 0x1000}, {&(0x7f00000012c0)="6a92f6ab0ca4fb464241bf976c457959d25f7ce1653f85f3ac7e8997f58d4f2ac537070a26fe2ac750a5e9e82ff379d62e6e9b7c388311bfa26b0660f6082ac5a265bded40f15a29d4465582fb88e7544a6b95913b8115a30b6f2862ef4a6d00d815c3ffa95c813f7182a3b3f3f73fed6171b35ed2a162f101182051c8f7fe7d1ef8084835e2bf5b5377b845b3a4786eaba7a6b4fa0822505257316acbddc522c1fb2582b5f633ef6599db9433d33b67655dc948810ed30f36b54c553f6745", 0xbf}, {&(0x7f0000001380)="575f68163c79b9acbe15ef434c36a4c99497c0daa9bc05bb7f1de7b39b23df35411db50da5c0c02b5adfc2fa85580a5debf3d94bd057be4cac0762358e9ed52d40e881a139763456e011943fa6b5c88b4d05c4aa4948eb1f9264bf406ff84e995bf880b4716024af1407385e988beca3ba11714e3bc7a7e076fddaf0dfb6863be56cb08959c592fec19c69c764b578e47c15a084a2d74da24f1667540d0f3b8fd4c7f1afd1de33900e92be0d22c68576efde81e05940a4a50505f31e137058dc17265ccba7c33cab60d1", 0xca}, {&(0x7f0000001480)="84ea6f6df19d78a32277f0ba4e0c30161879d1ff1e0a7dc8cd9655662d6dc670b7eb8c249b842181aefab40a764d70f49f314a3c93f48930c7", 0x39}, {&(0x7f0000001e00)="26e72bc8c68c0f77d3db761ca5e5dd646eb1a6ca2c0849c0f671f6800f62870576a0917a8a9cd51f1240e1a311ec3a3494a6bf91dc4b43ce5281307e8a977d4ce513df97fafdd22c2a2f96d71caae9d82e969ad0738516cfe218c6e8bee6ec3d1baee92ccbcd18d7ac30c67a6e00c1e6291573994b4e8a7d3f3a5a298fd4d94522b62f77f055800b0794b098417576206a0c3287ce476e8f88b99bcae5180c3abb5be1addf6eb871390677a37d5dbc2703200e38e7fe8d8116ddaca8aae68e8e35f96cf441def45850aa6e8b4a2f430c57dac6dfdceaa75cade3f7a17769cc73b6d7f38461830e633b9f1f21d33dbeb85577dbc749ccaf8ccdf80661f2309d68fd6e8d5e5511e4a80f35567a31e0b8ab481de6a9e7be9458acb59ad26f1d9e2217132a1476d4affdbbfe9346d36794f1d15465b33b86c158d40974d008abc7cf6767e126f63a148c50615440b440e4d38c4c59721bc5543295406c0f91c868fec872e3d0753c1aad8fbcc183ee79660a25ce4a0c0c000e358db9d5863a9a5aa0a9249acba3a9397d578a0bb2e8db81e1a85745cd4d1e95698da9ce27cc985587b4a9b3e84f5a9574533203e4b504ab71f9fbcad9fc79cab0f2ee78d7c72d71c36062b999248bb89ef36418734f8a5c8b6925d8237b7cc46008da03331d48f1e0751e3e7b57c167bcfd3186cfee1ab8e2da0ae402c0f157d555ea70fe54634b51776399a14dbfbc8e0eae5146059836a35b1b81fdb632280b05dadd1ab7dc40894762576a93562c86f62458bd4a60d7ed2e482a438e47d4cd0838c761dd28cdc15f98c41d9fc8aa5ddcf68a22cbbdb53e1cd75c81574177a880d9911cd70ec00abab71520fe2b3c270d0c5d12f56e2cd7b06e3d0fd9bffc111f853dd1e6757fddaab648d4a8e22020766e5de77375ceef4668b57716e7778bff8709954a652866f588ef40ca204abf992380ead1b670841e4e7a266e6529788d1a1bc2cba242c61fe22896a7145076e1b868e6d888139bd9d3fb05e7af08f7d94e8ea84829d07f42989dc878fc87ccf5b97245a894685beca8a50dc3c650ef7699fb6be7fa55743ebcb8c471786291dccd8eee5b118b4f72859b819fda41d26cba56fb2c94266b9cc710c2dcab8b78b67366274afae898630d4134553ab3d969edc6d02616d38dc422cc8bc69dab0f6d285a9a9e9ce123393a5f0de94f547855e3587d536925b3aca936b2923cea86ded653c3fc8fba0828a161fddf9384e9dda8dfcd2f949044eadb83b3e488bdb80fb2cc11397a6750311069845a6a3af529ea3f66923a443557288eacb22b74c7ed53c7bdd52e39b5b24efa0a051f52df00063311b23ab439f6011ff0628813b8354f9d093c32ad679469ef3597b54add30b73fa3803329bdbf739f9fae212c5f82e4007684c90b78d68765eae60d661475c3e13eddfe1c1d05a090f567593aa4227a7db170936b4e6f0996b43d3b29558054a5551bccd5ecb12c1fc00d58793437852ea686891f8f9174eb8b3ea00b9452b9a783703bda5eb7a28999f5bcf7b00bf0bcb4ebdef9ae97a9258d7d1e7200fadd26affeeaee5886d3dcadcda6dd6226a7295d15890c81ce2da7ede4ba47ef61bbf10b9f3d19016a7f0cf4530b197a0d3565292d0681bf8c151e11fab855c6f1d714aa39073cc7e9f62d094c05c817ebb30d0a244879600db3a9e6ed29d3f4a07e709ecc9538f46dc86ff83641475fec5e192880df1265a73311f8af5f99323e7221837fbc10581ddd3e9718b7d6c14c8e9eb2184e226f2575ebb58626ac2be68b794bdcad300000c5c7300a31cdff38f5adb2f44e823a6b7fc6ff5b91d1c8be3e3c4854b2598b3198a03dc88eb20b0de93a7dde2f67aebfad32076f154f5382c52d77d0560862282e3d6388c66c014dc4ff5017d996c7075db04c5f45ac6d49075ba4af4052386a4f6d9605e0b04fcd88cc82c08a3961de22557c880e78491c7da356f13cf5a848dff083987033fd63c7e33b0588d67c0fabb4612f07e58368d3058b3f019446e159a0e5aea5c7c2ee4b71b2461b2a760149031758a17d1dfa433160734afb250a44653b22d7b0b2cbf4416c2e869d6195cec54e8cba2a2408cb2b48bd1023fc402be7f5806d17a9e50a845afee70c41688762990252adffac8bf431ec5d847997b4219de1fbee997fae484f791562e24ffbd0cd505d11ce066b0760eca987793c8b7029876e4907175c48797b0219eef521ce37f3136ce2c24c8dbbb007ec27225e4ce1289c75d137833cb240dbcfdeea8e182371eedbe1c52e03dd4e33f69b67985217a69aeacee7c6b9cb381b8ec2410103abd22f3530a472dee84f9676ea8efee262d40142b0cf4a2429df11cc861d346b2f24a40486b70a4b5476e0e78d1f9845a91d26b7f0732588f06a39af2bef06e61e0321a6c1a015fa709d3573b149def6d0bd3603a4c524a146ea80cbca53b2314af66ac7126dbdffe1aa478808e1a1c2195aa534385a6df4584f3ecfb0115f3ce2aed6330980f9b4be613aaff6379690af9eca6a98b3b995197966be912c419b0fc6b5ef8f18ef4c15e5b209cfabbef4060e97bdfd2c1f94873ffe0f2fad4e84208920a1877a38dfc8358b5a36cc34b8e6efc9d5b87061fea609d377129c0d14d307d5c75c5cb1ce185f71dbd0a3b2be23553fee13d772e1f82cd16e621b2e97aea97862a80d240f0d7d91a7c05be13ecc39843a421adeefbc17b7443597c00551782355c575fcc1f480e874f4b45b98f3f590a5514ab75b622d0ca8eeeacfe5a4efc99300f7cfca3830bd711a7b5c9cecfeb470734a6d98bafad69752d39e5a7edf36802022687a9383df2814a94436c9ba29682bd951f8056a80c497b39503f2203f299d0c5ff93459e385b009b244eb8775992154f2acfbd98cb0b03f3baee9501ce865dce4190963748bc9d5927dbde67767bb845a5c7a9c83139f9d700d80c039bcc5c85768519863fb4f5b9444058da1ca8692fe93ddaf41cdc2be2fcdbb399cc881446592eb038d4c0fc7beaaf5cef66f470aa500472ec1532bcc737f0f80660df47edfd3cea2b44aabed8b581e1cf27f7a04569d8a0f96809de12a1931e0a667fd8fa799a0c404de6794e4a12eededf58c48b1ae02d050c65e82cd7f09e2d0726a804e95a99623a810863de78b3ed9987bc7b09a0254bf7fb31b7f076f1c33e514e62855e75170c12550b5012e8022e64f6b47915aa54f65464814735a6ebeaf1f3524a56fe6510ee32ff83f2118d72f9dc29550646d090f74b7f0d1480c2e373a374e6249314d3dfa8f350c6c1f54c0ad897e2b03892f3fdf7b07dd7328ae89d579833b07c2248bf44060896726f5721633bcb0b79068130dae9776f2dbc1aa4b7f46bcf4185f3804594fde6c85a3357c3ada7e0c52c11f795062ce71abbe85883757bbe6fa3790fee9c07a8ea73d633a14136613cdb1e4f8f971abe13fbd7af9b2e41ed21569cd4dd19a1008fbb55fd85f8e4da3733b177b74a9b7a903b54a523d16ca0e73ab216a1141f1d448d0e44add6146c17b0586c33f1deb9003a182a69fd6be1894fb80db95594c41f35776fff3d6e56c9e95a659e555067952d5e75c4c2d3b12421a431aa1e00868eb1310fad79087d27c8f3ff8b3149d2eeaacd8266c8ccd8121df238bd154ddcffc7da181a7cf095d20c89f1199e9b4eba39f74e3150412aee3b243e823b1d0989d90d962267189a68886bc3f8a4452a9a64f927e762cf00a9b15181cc0f382fe6875e3fe3d2b429581c90f774007382f896e08116154e3e281de8af40ccd1fb5e8127a09e294d257690dd72e6ff6403ac763032b917c64ff76c8003f8d3e77398209430cf746c2ce14e22c8c7c9f554aa5c436a33df17a5030c04ade391f9f859f73fc55f83e5ef8cfc7d6edde9051713a56c56329b12fe875c6b0734f973b0783821b87fc3c61ceae14996105ae8b2ce85a5406a68d76a9717cfc3b3d8684f36747622f0efa2f0b620979c6e720eaea395d7e91496c3a1ef624a0c5359aa0dc0883279fd7078e2241a1923e0ad9c3f902e19287a9fdb75acee1edefc79a17340d8aefdf2aa65fb7fd48f98cfd960b3e574db00f87cbe070f7966aec38c9656a81d5ed5414c7905e13ab89d00d913b8f2c9fb01a4d9f7573e2bfc49eac4c745883491b92908d586d11c0bd06fbe941476371e7f38d1e9b947cf402188ef85e662f397936e84234f46789d6afd6033052fa2d54c353b33bdb2d4ce786db5b0cdbedda40717dbcfecc1250399b4007904a4325fb34acb32458305fc6c0ad581ef8af9d90d97690c4fc9a59beaae5fb787bc5fd7cce6c1b0e77387c626afc16b786e24733b394f430eae588f871e4f53088a9b29aa046d908a3b783738a08d8f433ba1da85bf2902db5247ce7dfe3202ba47d8b2ac676961f231ec27c2798571ab75179e1855e8e6a55f0743bd345ce14690af5e63b0d66b9a1d241629a6d05fff752674887a00f9e5cff378f1d01d5f7501759fc5ae1e249b13d37375a24ea60380cce2057ea57fd953b82d15d88613817f8f82c3096a23b3b1f55a9e1b7cc82ded83cd40e6417c4241a39338c5ce1a204b6c2b8ef63d84cd00a80a697a3590299c8dd2c92ef9549bca43dc3288d148a9549f6eca2c5619f7faa9d44466960bc795cbd2fddc87e0a8e66078e35b7ed93e65bb3c92256db8f3ac59b994be85c34fb85090973142ee9225a6508de0a52605c4b18ea71a50f4561aa30663191837ad0fba50792dea5d1d86b8e70521a594a2f897f81d10d2279a37bd5f036761f28ae2699122603d764ce37b72382d624830312a57f8813d438dbd2edb0785acac17cb16c24f5363d711bab4b074abb58f03954d0f891f3db2e95819ffcc4b8a1b200d43ef8d46170048a53cf764133e8e463199e56ca55a1b1cb77297198f89f9645a1e7d857d7f55a398418e2a678c30bd92c884c5cda4587bbba85256b55c14c24daa316ccb7f337607c9450b329dee82f3878f8793264092c7c69dc7074026c0ede65887c2f1eceb04068a34030aaa820eb44b0bdfb6413878269201c2e1554c220d4e9b1648ad0f6c39c4a6f4f19af2f29dacc5c274f09166f41ebe439162e4e368b8a672da4dc57b1e4cba73922cdbef5f6dab34503fd0238324f1eaa3851facd1a59f761d11f13fd3a7fd631ef9aeeaba3687e42124e9d4b9a2120988dab654a4559147c44be1e63ca5e946d8a526b2e4b0c6bce3fe0299f1ed50f23b08bab57fc2ceb2221905211687ee0e5e345308bfe056f6a8193224ccff70e984e9f35ddfb24b459bff7a23fb2fcb7660c09a03a8822e5bd90972c7be6b350ac78ba5e41740fec6c78a286f24aa226414d12637dd7fdf8af00a57497b3ef759e8916f5fe59d0e3d02ffa45ae4dc664d1ac1964060b951f1e6b59ee06e94a5a0db289805cc05215d4bf882ec0b5f67cfdd11a0a84d8c44c8ab15bda766933edc952b2780d556cbcf2700cae54326a79f8c4ab7744222e50c9cc2487f4f62a3407f69b2a7c25d4a2325092640ac668060c3d1facad973cafd2f00be5ae9686683366eb1ff7b5167dad2b35a80254782b72f9e9f67e34b6ff23c1a5694ecafcf018e85a4d1035ddeb10a0174cb81071ef696ddf152ad8ce390e9bc40c28029ff5ff0e926cc99e250946cf4fcbd97052cd331c51b1db5c833889929ac98ff02b56812888bb0d5f7d58222fac427783316ea89cb10f2f3a0603c79a0d2326ef0e5ac8f34de6a276ab5f68b38bf8440df5225d82ed30945424258482fa716e20e5bf", 0x1000}, {&(0x7f00000014c0)="bb4bde636c1479a5dd07e890c21e198bb508a91d2c5a5b7b43b3e6214b3e49f5f4ae9ba57b40c112d76ec61c5cccb281ebf006cf9e21fb9c881730a2de7b65d28adccc9f5d6e977d64ef98375adfaf16876f2ce2d00745d714ce2ae2961c60003f819748a13aa2e7ce82f906d582e39614f9c4123eccb642a4eaed38b241a0471f82099ce4a30019574d1a713512e6a64f44ebe823ef0ea24f7e072e1b28ba68ac2f84cf300b2eaec247a7d9d1e599fc3d0f321d671b956d9a65fb90ea5adf829cf63571ff7c48b0fe94ee8498e1d393b6061aca4b9703584b614c92541e3348080c5b25282458ed1f8ca5cff43e0e23d9e5", 0xf2}, {&(0x7f00000015c0)="e0fcd5d7c83b1c8e71fcb8ca2bb9097de47b243a246b", 0x16}], 0x8, &(0x7f0000001680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @multicast1, @local}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x34, 0x0, 0x7, {[@timestamp={0x44, 0x14, 0x46, 0x0, 0x6, [0x4, 0x1, 0x8, 0x0]}, @timestamp={0x44, 0xc, 0x9d, 0x0, 0x4, [0x8000, 0x1]}, @end]}}}, @ip_retopts={{0x68, 0x0, 0x7, {[@timestamp_addr={0x44, 0x14, 0x94, 0x1, 0xe, [{@dev={0xac, 0x14, 0x14, 0x3b}, 0x6}, {@loopback, 0x1}]}, @rr={0x7, 0x1b, 0xe4, [@multicast1, @multicast2, @empty, @local, @broadcast, @rand_addr=0x64010102]}, @lsrr={0x83, 0xb, 0x32, [@rand_addr=0x64010102, @local]}, @timestamp_addr={0x44, 0x1c, 0x40, 0x1, 0x5, [{@broadcast, 0x10001}, {@remote, 0x8}, {@multicast1, 0x7fffffff}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @empty}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1f}}], 0x160}}], 0x2, 0x4800) mmap(&(0x7f0000fee000/0x10000)=nil, 0x10000, 0x2000001, 0x80010, r3, 0xdf00d000) setsockopt$inet6_group_source_req(r0, 0x29, 0x18, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @local}}, {{0xa, 0x0, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) 23:57:24 executing program 7: r0 = open(&(0x7f00000004c0)='./file0\x00', 0x50000, 0x112) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6ed6, 0x20000000200}, 0xa032}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lseek(r1, 0x0, 0x1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000380)={0xa, 0x4e24, 0x3, @loopback, 0x5}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x7}, 0xc3a}, 0x1c) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000000), &(0x7f00000000c0)=0x4) fallocate(r1, 0x3, 0x52, 0x6) fstat(0xffffffffffffffff, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x5f42, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet(0xa, 0x3, 0xff) ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={@private0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400032}) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x950) ioctl$SCSI_IOCTL_PROBE_HOST(r3, 0x5385, &(0x7f00000003c0)=ANY=[@ANYBLOB="6c0000000000000000000000000000000000000000000000000000ede4e27bf3c8222451a43dd08fb00000002000"/125]) syz_open_dev$vcsa(&(0x7f0000000840), 0x0, 0x28180) creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000200)=@hci, &(0x7f0000000280)=0x80) 23:57:24 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xd, 0x103) 23:57:24 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x80000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x8000000, @empty}, 0x1c) [ 1545.146082] FAULT_INJECTION: forcing a failure. [ 1545.146082] name failslab, interval 1, probability 0, space 0, times 0 [ 1545.148909] CPU: 1 PID: 10283 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1545.150594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1545.152607] Call Trace: [ 1545.153252] dump_stack+0x107/0x167 [ 1545.154144] should_fail.cold+0x5/0xa [ 1545.155075] should_failslab+0x5/0x20 [ 1545.156010] __kmalloc_track_caller+0x79/0x370 [ 1545.157120] ? match_number+0xaf/0x1d0 [ 1545.158066] ? kfree+0xd7/0x340 [ 1545.158878] kmemdup_nul+0x2d/0xa0 [ 1545.159741] match_number+0xaf/0x1d0 [ 1545.160656] ? match_u64+0x190/0x190 [ 1545.161561] ? __kmalloc_track_caller+0x2c6/0x370 [ 1545.162722] ? memcpy+0x39/0x60 [ 1545.163516] parse_opts.part.0+0x1f3/0x340 [ 1545.164554] ? p9_fd_show_options+0x1c0/0x1c0 [ 1545.165473] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1545.166524] ? trace_hardirqs_on+0x5b/0x180 [ 1545.167393] ? kfree+0xd7/0x340 [ 1545.168073] p9_fd_create+0x98/0x4a0 [ 1545.168819] ? p9_conn_create+0x510/0x510 [ 1545.169650] ? p9_client_create+0x798/0x1230 [ 1545.170535] ? kfree+0xd7/0x340 [ 1545.171196] ? do_raw_spin_unlock+0x4f/0x220 [ 1545.172091] p9_client_create+0x7ff/0x1230 [ 1545.172945] ? p9_client_flush+0x430/0x430 [ 1545.173799] ? trace_hardirqs_on+0x5b/0x180 [ 1545.174664] ? lockdep_init_map_type+0x2c7/0x780 [ 1545.175618] ? __raw_spin_lock_init+0x36/0x110 [ 1545.176548] v9fs_session_init+0x1dd/0x1680 [ 1545.177422] ? lock_release+0x680/0x680 [ 1545.178362] ? kmem_cache_alloc_trace+0x151/0x320 [ 1545.179326] ? v9fs_show_options+0x690/0x690 [ 1545.180250] ? trace_hardirqs_on+0x5b/0x180 [ 1545.181122] ? kasan_unpoison_shadow+0x33/0x50 [ 1545.182034] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1545.183049] v9fs_mount+0x79/0x8f0 [ 1545.183763] ? v9fs_write_inode+0x60/0x60 [ 1545.184608] legacy_get_tree+0x105/0x220 [ 1545.185433] vfs_get_tree+0x8e/0x300 [ 1545.186181] path_mount+0x1429/0x2120 [ 1545.186952] ? strncpy_from_user+0x9e/0x470 [ 1545.187825] ? finish_automount+0xa90/0xa90 [ 1545.188706] ? getname_flags.part.0+0x1dd/0x4f0 [ 1545.189646] ? _copy_from_user+0xfb/0x1b0 [ 1545.190483] __x64_sys_mount+0x282/0x300 [ 1545.191297] ? copy_mnt_ns+0xa00/0xa00 [ 1545.192094] do_syscall_64+0x33/0x40 [ 1545.192839] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1545.193870] RIP: 0033:0x7f535d26eb19 [ 1545.194616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1545.198317] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1545.199849] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1545.201290] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1545.202729] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1545.204164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1545.205591] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1545.207316] 9pnet: Insufficient options for proto=fd [ 1545.211172] loop3: detected capacity change from 0 to 262144 23:57:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xe000000, @empty}, 0x1c) [ 1545.228213] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1545.300221] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:57:39 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 31) 23:57:39 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x6000000, @empty}, 0x1c) 23:57:39 executing program 6: r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={0x24, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x10, 0x0, 0x0, @ipv4=@multicast1}]}, 0x24}}, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={0x24, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x10, 0x0, 0x0, @ipv4=@multicast1}]}, 0x24}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x200000, &(0x7f00000001c0)=ANY=[@ANYBLOB="7472faeacf6f3d", @ANYRESHEX=r2, @ANYRES32, @ANYRESHEX, @ANYBLOB="2c64656275003d3030362c6d65ffffffffb07572"]) r3 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = syz_io_uring_setup(0x205e8b, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000004c0), 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, 0x0, 0x0) r5 = fsmount(r0, 0x1, 0x8) preadv2(r5, &(0x7f0000001680)=[{&(0x7f0000000240)=""/162, 0xa2}, {&(0x7f0000000300)=""/229, 0xe5}, {&(0x7f00000014c0)=""/162, 0xa2}, {&(0x7f0000000400)=""/4, 0x4}, {&(0x7f0000001580)=""/149, 0x95}, {&(0x7f0000001640)}], 0x6, 0x7, 0x401, 0x1e) openat$zero(0xffffffffffffff9c, &(0x7f0000001640), 0x434300, 0x0) ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, &(0x7f00000004c0)={{r3}, "a91015570c2b1212fef93b65fe385e2d9b770b143a3711ffcc6c3bd6bd0beb2b2e178875fab4997fe62f46291447f18528de2ad12d74630a1ff601c550c74fe958fe1f41841a30a1e27b439db5f907f702c5686bc217e2f050e9f05c291ab7e555bda11f1a85612b892d2880ef5759786a118d3e436a17619c22e38390f7933ca6be7f3123b1af1509c23873c08d12e1a875a74ed37917af4deaca0ce8ee7ac2811ea232df2957c140e004ec648fcf1436890c1d89bb24c00495511dbfb831be5f9ae722d40d8ed5845ce160c7fd28478103ff65e167b8b5b978d519fe9160c194697ee0d92e40d873ffc656bfd9d4da1887cc216868bdbb6a49246f93417f0a3e41b3efdf75fd77e9076dbd9110b53eee892da9b170a097016dc1efa96517bc89094f573be024b7b3779b3e205929eba3b34402a79f3f4854334e9a3176cb5ee22cb90ff72d96d14f2900e8ccefc56d49bffef30c4e848e294d80d8aad90ab0744d9159de80f8e957a7e43cfc6d479324d2e254492f6c6b10a4fd522ce89be179d60131f8b675a81e88ce7395057a88d0aefa37f72df24f7ac1789287b0ada4e6d5554e9417b6592a92f594d6bf12df5b328afa43c69e84feae91d8d674334d6277df5611a2263dff6fcc9e3e91feb86f483ed7d2dd302cec4545dd63f3cb336867396e8fbfb9cc5335c8d5dee5af13a44ce6c7db71f9c5413a1d68736a0e1eb5f67a44c0eecd32ba247658df10d90bcb7ecfa58467d2e73b9bed926ac25ffe65bb4a0a5dc43c9c0decdbe1a6dd79a2c17c2003f4776acb73ba6cda0a5bedf119169a133a5ee2cba81e5a993287e5abb98af71a9cb811977e1134140a43856f7e5f170b1e1e61838765b27e110807a6278062cc90f080c455937ea247e89876abad48dc08e3af539a57ce119a1e6dc3c0a4a72ea55cc1949e204d1e3ae5eed287efef7e5227ced5cbbd5e2e8b8fa7b06a4f411766760707421aee1eae8da5679dfc51a47fa4f228b2262e803030ed9e5ef0b523c12903c360e3f25c95d1cea576ef7a628882f239ee24b8056a76d573a810b60ce7a76f07b71e42b1c459a83132477ec5f133323aa6462781f8427f44a8c2130300e5afd2c80b41351010ce38a6b2a0a4b2133c56441dfcb590930ae10164212c71157af515e305da72079e0e0b405dfa323450ddcb3a112cb4df360679e638027bf81a4d15cc8eeddab19123ec6d7ad7909a30fb9feccec524c08273f8ac08c97cbfb562f049545ce328c590b076d79eacb5a7343cf0d19efc70d33b2aefb0f07c482b0486e8f20087667d4ff07ab39e5b3c2e10be9f08190d0053379285e3fccdd6b6f8224b960908953f1cfefca81f985e5f5faf2756ea8cf621ca3a80509ad4ec0f02cdaf795b68cb1267745f21aeda36d1224b2e5688620f599e537126718f7bd26cfb67b73fb6181bbb49fe5e4a239e009999acb21870d6380364bc41c18b90b831e8371efdf62b8fe1bc871825a52722ae4294a97fc70fc83e81e48a7381e23f299b89fa5fa95cc672483ad3b1eb2be1cd2bddb9e4bf221b425af208386b2bf99118e8a38496c3feebfcf32bf8f1492bd4718b256dfeb3bd5da1bc12fe3e62816b978c7f388884bee72f42b6658eb85cc34fcc2afb395dca870dd17acc1616811aeea9cbdcfae962ed52c402eb4e5e14d323e18125876d1136dae79450576dd3ad21f3b3125d9270d196aa91021b2e5a3e5dd5caa7120f3c669c60c8380f1923b5f22dc99dd3246dcc77835d597e843fa95a9bc0147ad58fd30c1c8ec70b9bcb7042994c916d50e2e08e43ef78995d509d2a599642ce5ec8850a8a15c4c02ba543b487cb60a6153ed600b661c1667eb96a5817b74e2ee4caeed172abd94ea9ea829235f13f5195b43f2dfb4613f6731c2e4e538f65d67ed06f82ff47bb585a3299eb6d8f7d3d67544d89d9b7f96b9e65a0d73f6a9bc61508a6ad0ff62cdda01cf3dfb2c1367dccec640f4260c4127bb9c58993410fcb9365c04c506e277a08ae71a655a69d03d86cd6c76acbac0166f44c55ffd580bc30efdbd38bc77ee368ab29a0b1ce5cd61991fea455bf25ea88687299f0b9d8d3df06687d9f730dc1d1914a87b232aed0d7a0ecdc74ff75eeb74d5fa6c4cbc50ea66097bb2873d9a2a988c6924c9b487af7257f4dc0bae9033aac8a0f4ab35992c1887466723fbd4f4f5573e9c0639ed80d7ac681b2aaae23208b546b0b725756c7df7956505136ad76808619d173201a404c3e4df32085101fcb36b0e8bd534eaa3407b0546dd68ec8df17960593457df139196de1496a5959f4cb469d86ff54766ab80acb9b438a23d04ed7f63d61c756f7c42ec6359c53004f5e8889328945460a6d499ab6e1a651a5544f83f3ea6c9206aefa1f015a535cd5d94e5f3965c01e1bc6c8d0a337d8fbf70c35f8846c44ba1becceff84b8c80e3d1db5c51ecd0f947632bab653fd876cf4ffff1929415c92c735ab340401c51d94e116b2ad6c0c9a5eadbd5740158b6fd13c0871a0c6af7194b35bbd13c238b67caca7137122b68c2e0067e2101256d7e7cd7dc35d11ec02921f1ef7745beca98eb349b36875ad147316274aebbac846d57d8134a9457cc49457fcb3aacfbaec1fdb21dae6edf6aa13595adbba2c20dc900dd0fd7a2ba4318bc34ba0cd0633de6609712c4861a4467643a483a60a96fe9da85311fe2d15934c6a6f6b8c01c1438e28658f456b469144c936d9a083453e82e19379c8831ff98538698fadac54c380f4a8dee8c9683c0189ad42db5ab585f5c147dedd77cd156ca5a080ca0fd63e9bcf4ca0944a814c60c9fcc52b6159e4011dd077fc9c99fbf886751b7b667940317d934029f5d5c25214851a5b7e09748f3b36bc50b144787026188904417b80bc273cdef25df69f4c683e233cf72be4e01d5d766f483c478ad3552707fb9abf4981bd379c31f1f26b10be9105362c7df415657b62384c4d01508a26bfd97115a67b424dfab7ecdd5b4f806f8d4c7843b2b227bd2360e51b2a611915c5be66cc669f5884570dec2da5f1368b5d1c5689524fcad4ca206f1f0cf8f64f32c92a215308b3c56955f5f50ca3bbc0a1397742c9a8fad8af5fac93d092bc575fb0a3117533ca51cd172e5401368dd6653b7534da16fa3c2466bba2556f6af6ac34b3a9513b5fcdde32ed38cd76703bc35433a68c72c689025ca179108e8f31617e62a9428aa6020041e3a46941202bfc22b71f958000862b9587db704d338674afdbdf4dde9b6f2210d05f3f39f6bcc0dc3c738cf21fc04a3617128b1b67c2db0405680196e37c437fdcb27a4589a9258f678ebe499ae679f9c3b8271644c293cb54c15e0ac813e76ed3abfbbfa8cb3b4b494352aeede313a9288090b70d9432c503f5ef59c598e0daec141b92432a281c954d9ae463b595430f7f4cc4e9aae649c6e53d9b0332497835e3353342e109fa10009fd53d5c0be619894d0857668f5b26971deb83e0c6a60ac0ec2a6e7683808c331e4631457c7249b9174cd65add991adb3d4c42429dc8ac32e5faf2100042335152a44d5dfbf3c53aa33de1fc3d8597c1cef1010bf548ede642476830b5a7bde58bd6036f861f3a69ddd2d1cdd851e538133d5fe95094d189641d8f0ee12a34d0a094bc79e7f0253c05dfb9c0cb961ad743d892b40bcc8377dc88e1922435e90785d10ddf18dc7bd539ef60050f9ecf990c518ac3dc4ebb16cdac31a0419d3fe3fd95c718c52ce744d21348ac0db6cb056a8e8ce0400a4975e8ceda498b5da9e4124ccf35e11c2177e771b94b26c2dcdfce581c00e687357a900b56eee112c7bafaa317666b96c63634c05a01bb7a0fb67ce1233714f7c375d8cd78e4b3089fd84945a8a740abc2342205403435e94cf3d377ca8852699feeab4dd7347734236c2b07200d620de7b92adc4924da2b648659066ab7b3f0e9d1de5efd8335b4c7616ac8c9b16ba1dbbe79fe9ec7e059b832195627d187b5743b9f6aa937084d85bf4e0d7983500b3627f8cf133c4395d3860c00629aabd528f3b2751b7d15ff3ca64a09629410ad4594066cba421186df2b912cd40e20fc81e417591b5d27c7bd641a0dd8b558632a2b630033a64f1c7c8cc19804ea28958c277dc8cf0988492a58f78a4fd616571cd5904f90b64e91c5ab7af6c912b5bdce9bbc711adeda8e519a28683f95f9aa405c91d5cee9b936d426c5c2b6ffd53e42c1f6dc8c954c04be62656ac536e13d78542ce561aaa9b6fe8e320fdd88812dc0ddc666306851ca37e7d8372c60cc62e9ecb294f8bd7d3e1960082e3a6a8597f11ded6dbd521eea2b035b9663769ecd7937da35c58ddf5c4ce54ceda88f577562c7e9e77522476d8dd7784a9ba443d06f8c8875c587d12329c20b914f174cfc3d1c21ebe0147f76e6262b5a5e5d8e710fcb3094715802adc10b974b1457ddfe9387db6e9c70eacf6b6a02959b5a2e5b655eb7e827f4ae0cffd1a27af6294a29ed8e48f30f15d084ed1d207d12ecda4ed1910737899ba0a3216d308a3e5ba299cff85d72e2b5ec37994a7c87d5e2ef3093088b1c76297caa285decb22c1be3b4c00d09c3761087f819d1bb8cdb7c2bbc8214d53e89994c180a28f1f14a05412ab26022072fed07539b11db0245bea4a2a4a84f7fb1562b2da90640f43713e701dd79f80983dad045f814031f94a5014cce25de476f79cd2ea1a8e57fce776e62425205531978967e34952af594e93b19a984cd291caa0c9461614e43d3ee0ee2bf1ad960a93cbbf49054ca2c9eb22534b668f86a0fba3fe3fd402c9512114d7842ee2a2e17a70dca0e2bd361fd7ff9b9bc0c867a357dc9a20185c02967230fa29704c960202f4133cc4dde1cfe47358051e55e5c2f53aaa40bfa1e8218bec10241840622b49f9add496b76931f4f08e82ed56418b5f43bcb632b765095f6de7015aa61a7799df03a0f426ac568847f0de0240e3d69c62d0484db6ac0770411b8e3ffdda54811e2767002b240c8615d5dff43b0b3bd7d7ecdfe1507a415fa7c733e6119695d8ce47cc8d16f7f8930bd275e6f4fc6f23c10a56bbdd7ba1e69e3440dc4026adcbc7d8b900612aab5afb4e6b66f3767fec32f940c67a5087d1516fcf76feafe926d75437b3a987aa49f51f7cf72afd21d277bd55498830597244a1652a3d5b6bc2ea56be758d68f0bb0dec7af1d23efbcf70359b05b197cf154f45c81a5f4fc9c7dea57797acf5cceaaf47f2e1f7a8ee8f1536bf6d8df2d344a43739c72d13e71afc990ca36547ce0a62fd1ce7218787bb74c5be8e1b78bebfd4d9b70094400889fc3a73565c012abc35143cfcc93889b28aaef0bb2bd61eeb2ae6c9c29171d523a4b1a22a5597dac5152e349eb376740e8b404e3a18cf19c6bfa2c565db59368a9b518177b9ddd86042b0f7bc97d9092da360ddab4849b9b6de57e356832c5d77a352a77264ab2364a266558e3038b0329d488b481f85caff7da6747d97667540616caa5e869eac722b8bba446ee9c54bd9b1f4abc2fcf8e8ba02e71c77b33adee6c73e957b718aa9970183b30ea452f8a5c4613ccd7a4077a132119b4703d67537538eeda50ae652c6e9de14ecf10a7a9114cb8c7bea24adc8db399087f24cba3e5e3bfc1047ee0597ffadc95dce0f8b092c6d0f6cc668d2d1e72bff8a1302088815b87bc42b40ae5b60aa8f6847a7d5241c52cf68f2736bb66e848982db3b8dd5b763de9cebba82433ff52fb854770fcde56144028713b6d549467500deb06dbc5fe6f5a34ac"}) r6 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSARP(r6, 0x8955, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000440)=[{&(0x7f0000001700)="00d073d88b2c8a992075b3d766172f80fef1b2c571ab85e591e45a718e63933b7612f9833d1f8e910f53ba994af817bd681914973fb9b31c56af23faa9be0e4703d74a54c675a48d03479bfaa4", 0x4d, 0x7}, {&(0x7f0000000000), 0x0, 0x9}], 0x0, &(0x7f0000001780)={[{@resgid={'resgid', 0x3d, r7}}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@max_batch_time={'max_batch_time', 0x3d, 0x8000}}], [{@uid_lt={'uid<', 0xffffffffffffffff}}]}) 23:57:39 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0xf0, 0x24, 0x300, 0x0, 0x0, {0x12}, [@typed={0x4}, @generic="5c0520881aa51b3417b57de4b424f3cc21812e297b69eeb1a626d9cfbaa1cb80dabc7d6494bfbad38ed6221af78c39a8db02ae523c8696434200929ba0c809c7121ea4803a5e25c368042e4cd5f05fbbad8c4d17bc72faf5ff6be18a1beccffa53cd3d6b4ad5beee5bb1fcb618c3fae29e65be4fce11a63e335cc6dbf963da67606354772ba45fedd1220d7c1dc7c0e3c1bfc74a96eff2e8ae7814717808000000000000007def89ae4392ab2e671d7c5119a9d2fafd7500edbb6a1fd1a2e1cafd2a53a629ff49db216b48879fd8cdd3b2a40a4416b6d9"]}, 0xf0}}, 0xb0fadb9b6afe234c) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 23:57:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f00000002c0)) timer_delete(r0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000ac0)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df081650478277b5405e62aba026eb436609209c45f379b7476400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f06e73374ccc30d4fd279538bb65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499174110315288ea4eff39a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e373000000e5f3dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d204882ab6c333951c4d1524ce9bcd4beaaa6b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b288c477a25e79eb3448c6a4e08a36402cd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6e011beb747919f888890f14b3fd7aec1f8bd4f3ae3327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee855c74363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d5335e9ac4bb0dca63680f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab410"], 0x4, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) capset(&(0x7f0000000240)={0x20080522, r2}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r3}, &(0x7f0000000340)) r4 = fcntl$getown(r1, 0x9) capset(&(0x7f00000000c0)={0x20071026, r4}, &(0x7f00000003c0)={0x7, 0x5, 0x1000, 0x8, 0xa8, 0x401}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000f81500410d000000d081dcbef400dd23000000000000dd1822f9d4b22259bc2f0766848432f20432c634861790f42dd7a3675833d5e110"], 0x14}}, 0x0) timer_delete(0x0) timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600)) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 23:57:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x1000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:39 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xf, 0x103) 23:57:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x18020000, @empty}, 0x1c) [ 1559.662794] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1559.667462] FAULT_INJECTION: forcing a failure. [ 1559.667462] name failslab, interval 1, probability 0, space 0, times 0 [ 1559.670935] CPU: 0 PID: 10320 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1559.672543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1559.674450] Call Trace: [ 1559.675068] dump_stack+0x107/0x167 [ 1559.675917] should_fail.cold+0x5/0xa [ 1559.676813] ? create_object.isra.0+0x3a/0xa20 [ 1559.677875] should_failslab+0x5/0x20 [ 1559.678755] kmem_cache_alloc+0x5b/0x310 [ 1559.679714] create_object.isra.0+0x3a/0xa20 [ 1559.680720] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1559.681900] __kmalloc_track_caller+0x177/0x370 [ 1559.682954] ? match_number+0xaf/0x1d0 [ 1559.683845] kmemdup_nul+0x2d/0xa0 [ 1559.684661] match_number+0xaf/0x1d0 [ 1559.685510] ? match_u64+0x190/0x190 [ 1559.686370] ? __kmalloc_track_caller+0x2c6/0x370 [ 1559.687474] ? memcpy+0x39/0x60 [ 1559.688263] parse_opts.part.0+0x1f3/0x340 [ 1559.689243] ? p9_fd_show_options+0x1c0/0x1c0 [ 1559.690300] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1559.691494] ? trace_hardirqs_on+0x5b/0x180 [ 1559.692495] ? kfree+0xd7/0x340 [ 1559.693268] p9_fd_create+0x98/0x4a0 [ 1559.694131] ? p9_conn_create+0x510/0x510 [ 1559.695104] ? p9_client_create+0x798/0x1230 [ 1559.696110] ? kfree+0xd7/0x340 [ 1559.696873] ? do_raw_spin_unlock+0x4f/0x220 [ 1559.697879] p9_client_create+0x7ff/0x1230 [ 1559.698850] ? p9_client_flush+0x430/0x430 [ 1559.699828] ? trace_hardirqs_on+0x5b/0x180 [ 1559.700844] ? lockdep_init_map_type+0x2c7/0x780 [ 1559.701939] ? __raw_spin_lock_init+0x36/0x110 [ 1559.702999] v9fs_session_init+0x1dd/0x1680 [ 1559.703993] ? lock_release+0x680/0x680 [ 1559.704914] ? kmem_cache_alloc_trace+0x151/0x320 [ 1559.706008] ? v9fs_show_options+0x690/0x690 [ 1559.707004] ? trace_hardirqs_on+0x5b/0x180 [ 1559.707992] ? kasan_unpoison_shadow+0x33/0x50 [ 1559.709039] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1559.710209] v9fs_mount+0x79/0x8f0 [ 1559.711030] ? v9fs_write_inode+0x60/0x60 [ 1559.711974] legacy_get_tree+0x105/0x220 [ 1559.712918] vfs_get_tree+0x8e/0x300 [ 1559.713767] path_mount+0x1429/0x2120 [ 1559.714656] ? strncpy_from_user+0x9e/0x470 [ 1559.715650] ? finish_automount+0xa90/0xa90 [ 1559.716661] ? getname_flags.part.0+0x1dd/0x4f0 [ 1559.717727] ? _copy_from_user+0xfb/0x1b0 [ 1559.718692] __x64_sys_mount+0x282/0x300 [ 1559.719617] ? copy_mnt_ns+0xa00/0xa00 [ 1559.720522] do_syscall_64+0x33/0x40 [ 1559.721368] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1559.722567] RIP: 0033:0x7f535d26eb19 [ 1559.723402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1559.727641] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1559.729431] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1559.731048] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1559.732705] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1559.734319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1559.735935] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1559.738059] loop3: detected capacity change from 0 to 262144 [ 1559.751566] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:57:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x2000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:39 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000180)='./file1\x00', &(0x7f0000000980)='./file1\x00') perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="640000004f000000d199cf99708ab3b1852b8ec576d1f1e9d2fbfc6eb4e3844d2a5e66af0bc7e7726078578eacefcc28efcc17e7ff2515d37091448ed8e5668c7bf46632e043d5fcdf36455826ae966522a2b8b2db14dc2eab04ec4035d98119060ee6622a38bb"], 0x0) bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(r0, 0x4, 0xc00) eventfd(0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) mq_open(&(0x7f00000001c0)='\x00', 0x1, 0x0, &(0x7f00000005c0)={0x7, 0x0, 0x7, 0xf7a2}) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg$NL80211_CMD_SET_MPATH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)={0x64, 0x0, 0x400, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}}, 0x4015) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)}, {0x0}, {&(0x7f0000000380)="d21e0ed1ee27c972fd2bef67c6a077b239514e0a205b38c9", 0x18}], 0x3}, 0x38008004) dup2(0xffffffffffffffff, r0) readlink(&(0x7f0000000440)='./file1\x00', 0x0, 0x0) lchown(&(0x7f0000000000)='./file1\x00', 0x0, 0xee00) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) sendto(r1, &(0x7f00000000c0)="12695ee4b4714856dd50e793c188ad6ca66912c1a401a69432b03b45dde3759bcb2c661522d92821d8f27befc95dc5898e55f469f9b35cdfbb6d49a03498236f05168ff8857b7239bc7c8a844f9257fa7e990a11b74b6b2e13b3958699ac3515a48f547c1d69", 0x66, 0x4, 0x0, 0x0) 23:57:39 executing program 7: openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x4180, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) openat(r1, &(0x7f0000000140)='./file0\x00', 0xf759598551baabff, 0x42) openat$vcsu(0xffffffffffffff9c, 0x0, 0x400, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00', 0x800000, 0x16) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f00000000c0)={&(0x7f0000000180)=""/108, 0x6c}) 23:57:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x9000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1559.811200] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:57:53 executing program 0: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fork() r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x40030121, 0x0, {0x0, r4}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, r4}}, 0x7) 23:57:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x40000000, @empty}, 0x1c) 23:57:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 32) 23:57:53 executing program 7: r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000140)={&(0x7f0000000080)=""/14, 0xe, 0x1, 0x8}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) ioctl$CDROMSEEK(r2, 0x5316, &(0x7f0000000300)={0x1f, 0x3, 0x8, 0x6, 0x2, 0x2}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}}, 0xe466) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000000380)={{0x34, 0xf5}, 'port1\x00', 0x4, 0x8, 0x9, 0x9, 0x80000000, 0x5, 0x5, 0x0, 0x1, 0x40}) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r5, 0x0, 0x3, &(0x7f0000000080), 0x4) getsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000340), 0x10) 23:57:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x10000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:53 executing program 6: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000040)={0x0, "64f34cf07c5f4d91dcdb5d6c0604df7f"}) syz_mount_image$nfs4(0x0, 0x0, 0x0, 0x1, &(0x7f0000002600)=[{&(0x7f0000000000)="4e3a240b6ac1e15dacd22ee5ae2cdf3aed436b44b9af953626846b650274dae4d5fd187c90c2479eea210f30", 0x2c}], 0x20000, 0x0) 23:57:53 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x10, 0x103) 23:57:53 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000180)='./file1\x00', &(0x7f0000000980)='./file1\x00') perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="640000004f000000d199cf99708ab3b1852b8ec576d1f1e9d2fbfc6eb4e3844d2a5e66af0bc7e7726078578eacefcc28efcc17e7ff2515d37091448ed8e5668c7bf46632e043d5fcdf36455826ae966522a2b8b2db14dc2eab04ec4035d98119060ee6622a38bb"], 0x0) bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(r0, 0x4, 0xc00) eventfd(0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) mq_open(&(0x7f00000001c0)='\x00', 0x1, 0x0, &(0x7f00000005c0)={0x7, 0x0, 0x7, 0xf7a2}) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg$NL80211_CMD_SET_MPATH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)={0x64, 0x0, 0x400, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}}, 0x4015) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)}, {0x0}, {&(0x7f0000000380)="d21e0ed1ee27c972fd2bef67c6a077b239514e0a205b38c9", 0x18}], 0x3}, 0x38008004) dup2(0xffffffffffffffff, r0) readlink(&(0x7f0000000440)='./file1\x00', 0x0, 0x0) lchown(&(0x7f0000000000)='./file1\x00', 0x0, 0xee00) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) sendto(r1, &(0x7f00000000c0)="12695ee4b4714856dd50e793c188ad6ca66912c1a401a69432b03b45dde3759bcb2c661522d92821d8f27befc95dc5898e55f469f9b35cdfbb6d49a03498236f05168ff8857b7239bc7c8a844f9257fa7e990a11b74b6b2e13b3958699ac3515a48f547c1d69", 0x66, 0x4, 0x0, 0x0) [ 1573.511858] FAULT_INJECTION: forcing a failure. [ 1573.511858] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.513299] CPU: 0 PID: 10355 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1573.514165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.515184] Call Trace: [ 1573.515514] dump_stack+0x107/0x167 [ 1573.515959] should_fail.cold+0x5/0xa [ 1573.516437] ? p9_fd_create+0x161/0x4a0 [ 1573.516933] should_failslab+0x5/0x20 [ 1573.517397] kmem_cache_alloc_trace+0x55/0x320 [ 1573.517959] p9_fd_create+0x161/0x4a0 [ 1573.518421] ? p9_conn_create+0x510/0x510 [ 1573.518929] ? p9_client_create+0x798/0x1230 [ 1573.519465] ? kfree+0xd7/0x340 [ 1573.519872] ? do_raw_spin_unlock+0x4f/0x220 [ 1573.520421] p9_client_create+0x7ff/0x1230 [ 1573.520949] ? p9_client_flush+0x430/0x430 [ 1573.521468] ? trace_hardirqs_on+0x5b/0x180 [ 1573.522003] ? lockdep_init_map_type+0x2c7/0x780 [ 1573.522588] ? __raw_spin_lock_init+0x36/0x110 [ 1573.523159] v9fs_session_init+0x1dd/0x1680 [ 1573.523687] ? lock_release+0x680/0x680 [ 1573.524182] ? kmem_cache_alloc_trace+0x151/0x320 [ 1573.524781] ? v9fs_show_options+0x690/0x690 [ 1573.525325] ? trace_hardirqs_on+0x5b/0x180 [ 1573.525863] ? kasan_unpoison_shadow+0x33/0x50 [ 1573.526423] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1573.527055] v9fs_mount+0x79/0x8f0 [ 1573.527491] ? v9fs_write_inode+0x60/0x60 [ 1573.528008] legacy_get_tree+0x105/0x220 [ 1573.528513] vfs_get_tree+0x8e/0x300 [ 1573.528974] path_mount+0x1429/0x2120 [ 1573.529450] ? strncpy_from_user+0x9e/0x470 [ 1573.529979] ? finish_automount+0xa90/0xa90 [ 1573.530510] ? getname_flags.part.0+0x1dd/0x4f0 [ 1573.531088] ? _copy_from_user+0xfb/0x1b0 [ 1573.531603] __x64_sys_mount+0x282/0x300 [ 1573.532099] ? copy_mnt_ns+0xa00/0xa00 [ 1573.532588] do_syscall_64+0x33/0x40 [ 1573.533050] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.533683] RIP: 0033:0x7f535d26eb19 [ 1573.534140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.536416] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1573.537351] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1573.538226] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1573.539107] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1573.539980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1573.540856] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1573.554663] loop3: detected capacity change from 0 to 262144 23:57:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 33) [ 1573.571855] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1573.591663] FAULT_INJECTION: forcing a failure. [ 1573.591663] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.593457] CPU: 1 PID: 10377 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1573.594562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.595869] Call Trace: [ 1573.596292] dump_stack+0x107/0x167 [ 1573.596881] should_fail.cold+0x5/0xa [ 1573.597481] ? create_object.isra.0+0x3a/0xa20 [ 1573.598209] should_failslab+0x5/0x20 [ 1573.598816] kmem_cache_alloc+0x5b/0x310 [ 1573.599457] ? p9_fd_show_options+0x1c0/0x1c0 [ 1573.600162] create_object.isra.0+0x3a/0xa20 [ 1573.600812] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1573.601624] kmem_cache_alloc_trace+0x151/0x320 [ 1573.602314] p9_fd_create+0x161/0x4a0 [ 1573.602917] ? p9_conn_create+0x510/0x510 [ 1573.603527] ? p9_client_create+0x798/0x1230 [ 1573.604214] ? kfree+0xd7/0x340 23:57:53 executing program 7: ftruncate(0xffffffffffffffff, 0x0) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) statx(0xffffffffffffffff, 0x0, 0x6900, 0x8, &(0x7f00000001c0)) umount2(&(0x7f0000000040)='./file1\x00', 0x8) lstat(&(0x7f0000000180)='./file1\x00', &(0x7f0000000540)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000007c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, &(0x7f0000000500)=0xe8) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x3c700, 0x0) uselib(0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) socket$netlink(0x10, 0x3, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) perf_event_open(&(0x7f00000003c0)={0x1, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1573.604875] ? do_raw_spin_unlock+0x4f/0x220 [ 1573.605565] p9_client_create+0x7ff/0x1230 [ 1573.606189] ? p9_client_flush+0x430/0x430 [ 1573.606816] ? trace_hardirqs_on+0x5b/0x180 [ 1573.607445] ? lockdep_init_map_type+0x2c7/0x780 [ 1573.608136] ? __raw_spin_lock_init+0x36/0x110 [ 1573.608881] v9fs_session_init+0x1dd/0x1680 [ 1573.609540] ? lock_release+0x680/0x680 [ 1573.610182] ? kmem_cache_alloc_trace+0x151/0x320 [ 1573.610935] ? v9fs_show_options+0x690/0x690 [ 1573.611625] ? trace_hardirqs_on+0x5b/0x180 [ 1573.612340] ? kasan_unpoison_shadow+0x33/0x50 [ 1573.613054] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1573.613850] v9fs_mount+0x79/0x8f0 [ 1573.614416] ? v9fs_write_inode+0x60/0x60 [ 1573.615030] legacy_get_tree+0x105/0x220 [ 1573.615658] vfs_get_tree+0x8e/0x300 [ 1573.616247] path_mount+0x1429/0x2120 [ 1573.616844] ? strncpy_from_user+0x9e/0x470 [ 1573.617528] ? finish_automount+0xa90/0xa90 [ 1573.618234] ? getname_flags.part.0+0x1dd/0x4f0 [ 1573.618974] ? _copy_from_user+0xfb/0x1b0 [ 1573.619619] __x64_sys_mount+0x282/0x300 [ 1573.620250] ? copy_mnt_ns+0xa00/0xa00 [ 1573.620878] do_syscall_64+0x33/0x40 [ 1573.621475] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.622295] RIP: 0033:0x7f535d26eb19 [ 1573.622891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.625776] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1573.627005] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1573.628135] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1573.629276] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1573.630407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1573.631525] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:57:53 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000007840), 0x80000, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000100), 0x0, 0x10040) r2 = fcntl$dupfd(r1, 0x0, r0) syz_open_dev$vcsu(&(0x7f0000000140), 0x2, 0x101000) r3 = syz_open_dev$vcsu(&(0x7f0000000180), 0x0, 0x567440) sendmsg$nl_generic(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x40, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2101, 0x62) syz_genetlink_get_family_id$team(&(0x7f0000000040), r4) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000000)=0x4) 23:57:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x20000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:57:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x40020000, @empty}, 0x1c) [ 1573.682079] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:57:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0xa2c0792771366ceb}, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_DYING(r5, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000002c40)={0x14, 0x6, 0x1, 0x401}, 0x14}}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000014c0)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r5, 0x0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)=""/128, 0x80}, {&(0x7f00000003c0)=""/195, 0xc3}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x3, &(0x7f0000000200)=""/60, 0x3c}, 0x0, 0x40002000, 0x0, {0x2}}, 0x3ff) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r6, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r7, 0x0, 0x3, &(0x7f0000000080), 0x4) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r8, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000180)={0x0, r8, 0x80000000, 0x9, 0x2, 0x100000001}) socketpair(0x18, 0xa, 0x5, &(0x7f0000000000)={0xffffffffffffffff}) syz_io_uring_submit(0x0, r3, &(0x7f0000000140)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r9, &(0x7f0000000040)=0x80, &(0x7f0000000080)=@generic, 0x0, 0x80000}, 0x1d7b) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001d00)={&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000001b40)=[{&(0x7f0000001500)="d18241168cc57eb01c6a3dd27627d34ab3003f14ce5bc502055a0dcb559ff8d4e3e878597ed571e47c8be8b26f66beb56d6677e9245b6a283ea471be599fea703e2555d1ea5276617a0cb43303d3af5cecc0accd5f7aa5126db37201cf58278aebac82564b9b4ed98ca6d7d7f92309a613bc69bb2d98d8f7ceb9c9d7f6076d2b67d636d2", 0x84}, {&(0x7f00000015c0)="98f2bcec77ef3c8f3dfd155c32034c03fc8bb28918e252d47d5d1c5f830627e51347171fa1214b1fcd18d9fd6a53641897bb6f073b0d2764cd16b6ff240818d3e852f786954148321f03d8eebf02f7bdb735e9fef3549008e7443b4d54cb5da8d65f76e16ddd7ca8407df06ca3487836d464", 0x72}, {&(0x7f0000001640)="e016a0176ef0f7d8ad364fe40988976e596ed0a756f02b36a7aa540fb667cd40aae868693c646775514e5272636aa8206f2b887142ec30dffafe36b6e8379c173f3671f90152c0d2ec444c256353a76526b905eedaf9decfa394c225b6e4259154e7c79bba8e1cd56175284cde11986b41ec059b625f", 0x76}, {&(0x7f00000016c0)="0c1e1f0a1fc4b04739d2e02a28c7674a42286cb2a274ffbcab1eee4d4744b099948ac31851c203eb769a893dc2dcd62335dab52c6f619818b04bcaad2e62ec9f864b5154d6300db2b87bd9ec42958e044692f52f7885ecded49889f98b3f1476ea427499634560d092db925e91bebfdba4ed945e23c58f74ec3d6109980537b02ee7b17113c082875903834c4da3e10d33f7b6e67a501f2e329a2e0a21afd7c341bacc28f65f5991d43bbdfed750d16ca2df05771c5c2230f86cdcdb48e384812b8b8dbfbfd9b06ac4c56f75bd139a1d7a5ff8bf9b242b433353e7f547868775c9d6ad9ca88e94cc553ed6711b0f6a952245df8ff3b69bb927317a9bfaa3eb", 0xff}, {&(0x7f00000017c0)="2da6ebdcee0b39c1e884dab8ed7871f19baaf2d2331706ef4047a212ecc2b56b66102460ce9ea71b5d14a2182f020ff505d0cd85c6d79ad3874ae9903b51c84848689e7031f03f3a36772f84ae88ed60d8f82bad2a31bc5e8e9655fdc326dc3d60aef94f7bf44b00ff60305eea2ce983353085db359c60d0", 0x78}, {&(0x7f0000001840)="c3c10cdea07847e73ba7e249699b7d691c0c5e96422ec990b5e1cea7271c5d49b8f74526cbb226eeb55e4793ffb1e40946b7f0962a0dc4ae8ba0a2c3f33e96ec9753c92a5914ef760fb1b339dfb018299dafe12a01ea04a02cb72c12054360e1615b13534ec3eccc110541e34ac2d8ec2033bdc5aedf363317e8029cfd94c79d52b715e931fc465d33618322916ddf026ff4398399db974f0c4b1993ab04d5b5bab3ecaf28dad2470a116a89fff0920874fe300fdacfb9b8898787", 0xbb}, {&(0x7f0000001900)="56f272bcc4c535aceaf55ed9ad9e358e1666bff1b179152659010ab11df6db9c95e6d384baa60c6af8bcdcf463039d89b75dbc48064e48f00222f80c27123a4d46a4e0f77fb6ad9c86f289c6ac37ea0d9b8492e7f7e694cce8a88053582d1317c9e055bb92aae89604f99e68994a80145ef3d7bc3dd71bfa2babdb9433df1cf93d241ebda2330bc3710a0e5c337d5652d054ac72f7b6beb738b405849df19ae9491d604eddc9db72fec423b4112f96519104c26f8e0b0a353e3dec4038db1254e387c4e4757891d6d5958da8bc3d5afc6c186ebe59f4efa918a3806459f0fe6db5c387f01fc411589b70ff7610df0221c1e850d72e", 0xf5}, {&(0x7f0000001a00)="75f6724e45bd70f538188feac807bc7678484c56ddc67a0711665d07de09a5c49fa1911801de19d188b951f01829a6bb1136ef15ebdfdf60774ed44cf5ab41b75dcaf0f4fb5243e42bc9497ffd71b4591463f096b3436f4ef05ed3e30774bc7d690bb860607fbe34f72bbfe3b03f2efd6b59d9719392638b464e8edda8f383e0c1b224cf24f8d816695cb6fd997b38caf37a27cfe033de7d299b0f4aa625683b494c3fabbc0356fe0d9415b851972f069f745ce8cd078c1752652abfe41ff7a503b3a6f25b384bf39a49fb08965abe3024f49c33d3388df65e2a3fb57a9f85568461362f6caf7c", 0xe7}, {&(0x7f0000001b00)="6b37e8b3", 0x4}], 0x9, &(0x7f0000001e00)=ANY=[@ANYBLOB="140000000000000000000000020000000900000000000000b4000000000000000000000007000000009404000094040100441cb4e1ac1414aa0000dd99ac141418fffffffd640101020001000094040000442c0fa364010102000007ff00000000fffffff90a01010200000007ac14142d80000000ffffffff00000005444c9441ac1414aa00000020ffffffff00000200ffffffff674af56cac1414bb000000015031f693aeda1c7c0a01010000000001e000000100000006ac1414bb00000008ac1e00010000dc817f0000010000000700000000000000140000000000000000000000020000000010000000000000140000000000000000000000020000000008000000000000"], 0x100}, 0x240040a1) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6609) 23:57:53 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x11, 0x103) 23:57:53 executing program 5: syz_io_uring_setup(0x4d53, &(0x7f0000000080)={0x0, 0xfffffffc, 0x1a}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040)) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00') r1 = dup2(0xffffffffffffffff, r0) setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000100)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@remote, 0x4e22, 0x0, 0x4e23, 0x0, 0x0, 0x20, 0x80, 0xff}, {0x14f1, 0x9, 0x8, 0x7fffffff, 0x200, 0x81, 0x7, 0x3ed}, {0xfff, 0x0, 0x7f, 0x3}, 0x4a, 0x6e6bbc, 0x0, 0x7575732e17d3bbc1, 0x3, 0x3}, {{@in=@multicast2, 0x4d4, 0x33}, 0xa, @in6=@loopback, 0x3503, 0x2, 0x0, 0x87, 0x7, 0xffffffc1, 0x1}}, 0xe8) r2 = syz_io_uring_setup(0x523d, &(0x7f0000000140)={0x0, 0x3a38, 0x8, 0x2, 0x1a0, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000), &(0x7f00000001c0)) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00') pread64(r4, &(0x7f00000001c0)=""/4107, 0x100b, 0x0) r5 = dup2(r3, r4) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000001240)={'batadv0\x00', 0x0}) bind$packet(r1, &(0x7f0000001280)={0x11, 0x16, r6, 0x1, 0x7f, 0x6, @local}, 0x14) r7 = open_tree(r5, &(0x7f0000001380)='./file0\x00', 0x80100) ioctl$CDROMSUBCHNL(r7, 0x530b, &(0x7f00000013c0)={0x5, 0x7c, 0x1, 0xd, 0x20, 0x20, @lba=0x8, @msf={0x80, 0x3, 0x1f}}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB='./f\x00']) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000006d80)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ac, 0x222, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) 23:57:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 34) [ 1573.808415] FAULT_INJECTION: forcing a failure. 23:57:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3f}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x9, &(0x7f0000000180)=0x9, 0x4) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, '\x00', 0x16}, 0x3f}, 0x1c) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000280)={0x0, 0x6, 0xb}) creat(&(0x7f0000000200)='.\x00', 0x20) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="7472616e733d66642c3266646e6f3d23b48f40dcccde0ee6df8568d6b671f112e5e3dd1cf696397ba1ace9e7a5322abd464670497108a493174671919a39d13387a70d9a752fdacd19eb3f7774ac17f80715dd79161a696aa184108ae13403355e948f59d5c9c92b754609d6ee1c9e730bc9fdf652a7feb22916714714eea585d772390ce93260feb54637399d1111c1a28f15895ac3dac24f910cd9cff491765727c88520f697dc2ce6a6115542a86be8726a99bf67bc95eb305a8507b234ae8c3a723fa777d5d77f39b792f0f17645432f04ce410cb40d0b70b15daa72488e16ee878f17b2d995", @ANYRESHEX, @ANYBLOB="8b26f86d179ffb5356dd4c438663f13186125e77cbe5bd44a03fec72d44a3528ea87716a5d8a87ab0b2218c43b66212f098aff7a91c0c48314ebd9cf90016cba31278b920bdae3633185d4b1c9193f", @ANYRESHEX, @ANYBLOB=',\x00']) connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e20, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0x2}], 0x1}, 0x10044891) creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000340), 0x200040, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000080), 0x4) poll(&(0x7f00000003c0)=[{r1}, {r2, 0x2000}], 0x2, 0x10001) write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7}, 0x7) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x4d, 0x4) [ 1573.808415] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.809987] CPU: 0 PID: 10399 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1573.810825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.811829] Call Trace: [ 1573.812154] dump_stack+0x107/0x167 [ 1573.812607] should_fail.cold+0x5/0xa [ 1573.813074] ? p9_client_prepare_req.part.0+0x3a/0xac0 [ 1573.813717] should_failslab+0x5/0x20 [ 1573.814179] kmem_cache_alloc+0x5b/0x310 [ 1573.814679] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1573.815298] p9_client_rpc+0x220/0x1370 [ 1573.815781] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.816434] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1573.817085] ? pipe_poll+0x21b/0x800 [ 1573.817540] ? p9_fd_close+0x4a0/0x4a0 [ 1573.818025] ? wait_for_partner+0x3c0/0x3c0 [ 1573.818554] ? p9_fd_poll+0x1e0/0x2c0 [ 1573.819021] ? p9_fd_create+0x357/0x4a0 [ 1573.819502] ? p9_conn_create+0x510/0x510 [ 1573.820005] ? p9_client_create+0x798/0x1230 [ 1573.820546] ? kfree+0xd7/0x340 [ 1573.820948] ? do_raw_spin_unlock+0x4f/0x220 [ 1573.821488] p9_client_create+0xa76/0x1230 [ 1573.822007] ? p9_client_flush+0x430/0x430 [ 1573.822523] ? trace_hardirqs_on+0x5b/0x180 [ 1573.823054] ? lockdep_init_map_type+0x2c7/0x780 [ 1573.823631] ? __raw_spin_lock_init+0x36/0x110 [ 1573.824193] v9fs_session_init+0x1dd/0x1680 [ 1573.824730] ? lock_release+0x680/0x680 [ 1573.825225] ? kmem_cache_alloc_trace+0x151/0x320 [ 1573.825817] ? v9fs_show_options+0x690/0x690 [ 1573.826356] ? trace_hardirqs_on+0x5b/0x180 [ 1573.826883] ? kasan_unpoison_shadow+0x33/0x50 [ 1573.827440] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1573.828062] v9fs_mount+0x79/0x8f0 [ 1573.828501] ? v9fs_write_inode+0x60/0x60 [ 1573.829003] legacy_get_tree+0x105/0x220 [ 1573.829498] vfs_get_tree+0x8e/0x300 [ 1573.829956] path_mount+0x1429/0x2120 [ 1573.830424] ? strncpy_from_user+0x9e/0x470 [ 1573.830951] ? finish_automount+0xa90/0xa90 [ 1573.831476] ? getname_flags.part.0+0x1dd/0x4f0 [ 1573.832050] ? _copy_from_user+0xfb/0x1b0 [ 1573.832564] __x64_sys_mount+0x282/0x300 [ 1573.833056] ? copy_mnt_ns+0xa00/0xa00 [ 1573.833538] do_syscall_64+0x33/0x40 [ 1573.833996] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.834615] RIP: 0033:0x7f535d26eb19 [ 1573.835072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.837295] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1573.838216] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1573.839082] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1573.839945] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1573.840814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1573.841673] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:57:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x48000000, @empty}, 0x1c) [ 1573.873962] loop3: detected capacity change from 0 to 262144 [ 1573.878494] udc-core: couldn't find an available UDC or it's busy [ 1573.879640] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 1573.890649] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1573.910099] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1573.915105] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 [ 1574.395785] udc-core: couldn't find an available UDC or it's busy [ 1574.396912] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 1589.902985] FAULT_INJECTION: forcing a failure. [ 1589.902985] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.905446] CPU: 1 PID: 10426 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1589.906909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.908663] Call Trace: [ 1589.909226] dump_stack+0x107/0x167 [ 1589.910000] should_fail.cold+0x5/0xa [ 1589.910811] ? create_object.isra.0+0x3a/0xa20 [ 1589.911783] should_failslab+0x5/0x20 [ 1589.912599] kmem_cache_alloc+0x5b/0x310 [ 1589.913473] create_object.isra.0+0x3a/0xa20 [ 1589.914403] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1589.915489] kmem_cache_alloc+0x159/0x310 [ 1589.916387] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1589.917483] p9_client_rpc+0x220/0x1370 [ 1589.918555] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 23:58:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:09 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 35) 23:58:09 executing program 7: [ 1589.920061] ? p9_client_prepare_req.part.0+0xac0/0xac0 syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x15, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e31313037303533313000"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000000ac78aee630b40d9ae2efa3163fd2529010040000c00000000000000e2f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000500400000000000000000000000000000005e00000000000000", 0x40, 0x540}, {&(0x7f0000010300)="02000000030000000400000019000f0003000400"/32, 0x20, 0x1000}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000e2f4655fe2f4655fe2f4655f00"/8224, 0x2020, 0x2000}, {&(0x7f0000012500)="ed41000000100000e2f4655fe2f4655fe2f4655f00000000000004008000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x4100}, {&(0x7f0000012600)="2000000088b35c7188b35c7100000000e2f4655f00"/32, 0x20, 0x4180}, {&(0x7f0000012700)="8081000000c04000e2f4655fe2f4655fe2f4655f00000000000001008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000010000000000000000000000000000000000000020000000000000000000000000000000e2f4655f00"/160, 0xa0, 0x4600}, {&(0x7f0000012800)="c041000000300000e2f4655fe2f4655fe2f4655f00000000000002008000000000000800000000000af301000400000000000000000000000300000020000000", 0x40, 0x4a00}, {&(0x7f0000012900)="20000000000000000000000000000000e2f4655f000000000000000000000000000002ea00"/64, 0x40, 0x4a80}, {&(0x7f0000012a00)="ed4100003c000000e2f4655fe2f4655fe2f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000008c0e26bc0000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4b00}, {&(0x7f0000012b00)="ed8100001a040000e2f4655fe2f4655fe2f4655f00000000000001008000000000000800010000000af3010004000000000000000000000001000000500000000000000000000000000000000000000000000000000000000000000000000000000000007a837ae20000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000", 0xa0, 0x4c00}, {&(0x7f0000012c00)="ffa1000026000000e2f4655fe2f4655fe2f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3131303730353331302f66696c65302f66696c6530000000000000000000000000000000000000000000002e5c7f160000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000", 0xa0, 0x4d00}, {&(0x7f0000012d00)="ed8100000a000000e2f4655fe2f4655fe2f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005c91e3450000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000e2f4655fe2f4655fe2f4655f00000000000002008000000000000800010000000af301000400000000000000000000000300000060000000020000000100000062000000020000000180000062000000000000000000000000000000347eabae0000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000", 0x1a0, 0x4e00}, {&(0x7f0000012f00)="ed81000064000000e2f4655fe2f4655fe2f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cd1ec0e270000000000000000000000000000000000000000000000002000000088b35c7188b35c7188b35c71e2f4655f88b35c710000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x5000}, {&(0x7f0000013000)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000013100)="0b0000000c0001022e000000020000000c0002022e2e000000000000e80f0000", 0x20, 0x20000}, {&(0x7f0000013200)="00000000001000"/32, 0x20, 0x21000}, {&(0x7f0000013300)="00000000001000"/32, 0x20, 0x22000}, {&(0x7f0000013400)="504d4d00504d4dffe2f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7032390075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x40000}, {&(0x7f0000013500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x50000}], 0x0, &(0x7f0000013a00)) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80000, 0x54) 23:58:09 executing program 5: rt_sigaction(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000100)) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x9, 0x0, 0x4000004, 0x0, 0x0, 0x0, 0x687}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000300)=ANY=[@ANYBLOB="0139102b17261d42fb40614aa76a8ed90b0008000000000002002000", @ANYRES32=r0, @ANYBLOB="01000000000000002e2f66696c65312f66696c653000"]) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r1) ftruncate(0xffffffffffffffff, 0x1000003) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x2000000}}}, 0x108) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) io_uring_enter(r3, 0x45ca, 0xf331, 0x0, &(0x7f0000000280)={[0x7]}, 0x8) pselect6(0x40, &(0x7f00000013c0)={0x0, 0xfffffffffffffeff, 0x0, 0x9d, 0x5, 0x0, 0x8}, 0x0, &(0x7f0000001440)={0xe5, 0x80000000a, 0x0, 0x2000000000000005, 0x1, 0x401, 0x81, 0x104c0cd1}, 0x0, &(0x7f0000001500)={&(0x7f00000014c0)={[0x7]}, 0x8}) fspick(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1) quotactl(0x0, &(0x7f0000001340)='./file0\x00', 0x0, &(0x7f0000000180)="637b5d08aede0e6ded4f1e4ea75480cf7f06d1e53798a2acdb3a4a8f435a290000c65a7edea4f0d894b6") ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0xa, 0x19, 0x12, 0xd, 0x9, 0xb54, 0x3, 0x142, 0xffffffffffffffff}}) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000001c0)=0x2) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000400)=ANY=[@ANYBLOB="50010000100001000000000000000000ac141441000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000000010000000032000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080c8060296eba7a4ac2701240039c84d42ece14c7f18b08f715e1cf21a401f438612e58d260c6d3bc7d381039bf56b32e4356fab93298daf19d2e594577abd3bb797308c126535145bdad49a07bbd90c8e1a8c4ae6fcfd324fa69d55e8b58af988a3609c9b22fd3624d003662fa8d4b1a2a3d3a7c0dd2659ff1648f8bdbe5cf7b00da29f2429a60fed43c8977733e607e5411e4a87d198b74c8461a40b37b2975132927a4920e12f6fd2ff2536ab81c7b4c91a8f68885bd2dcc45d3e6ae1df7940123bd056b09a1b80fd9f4a80e6468231821a7a1afe558644e5c04e62a1e2a0f3344119c1394d23"], 0x150}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="940100001c000300fdfffffffedbdf256c0c0015005d073500d30000001c00040003004e204e210000fe8800000000000000000000000001010c000f00050000000000000008001d0005000000080016000900000015011200726663343534332861656769733235362900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004806000000010000ae6ebbd84e71ff9950749c765159aacae4b3a0df90fbdf2b4f48119d70b5d66045663504f15d63ba81239b2c66fdadfe6715a1f412e2032737f95d45584d63514560818240f51d2f9e235f6d73de9c8f35ad58f8f19f8fdecf889faf5b6a07a795a289a4b7e56e0af197e174983e9a7ffad327193d0548ea77ccc41be78ed032693dd5fe5909beef056640e064b45d9b8f2dbfb00a60b8f8afabca78fda4288091cbad07cbd8df9d56e6fa1186613d3455b997ba5b5de7f01ab2ab4c000000240009000500000000000000ffffffff000000000000008000"/391], 0x194}, 0x1, 0x0, 0x0, 0x24044804}, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) unshare(0x48020200) 23:58:09 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x100) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000740)={&(0x7f0000006380)=ANY=[@ANYBLOB="6d810aa5b645c70cf7ff3b9dd3e4a275d2", @ANYRES16=0x0, @ANYBLOB="08002abd7000ffdbdf250c000000fc0003804800040098a84ebe7dfa2fb11f84a7c51a2870d1d50cdefc2f6987b1a49d03363bf47597c8f07791f86f78197d708259af16d0a1b200a6d8074777c938fdd5e5b8d3c214d6e42f321b00040083db9bb16ea9d8ffc377ef215e1625eb5bb2ea2df9647200080002007f0000008b000400044a6ba397eb17c0d02f0e84e4633dab930fdb201d54633f39ebeed1db65b2f6ea56d81e00c7b10dc1c82c9ef7dda8f2e4ebf7aa169168ce97328d01db00f8f9f630744173268b6ea4e3175976460ac6c2a0a0ffd3a1c750eedf7ec73d20ff4190b500d9be4bd01d0415664e1df4a4deb38ce77481d7850e5080d898ee2dfdd902c48a0840d57b005800018014000200766972745f776966693000000000000008000300030000001400020076657468315f6d6163767461700000001400020076657468305f746f5f626174616476000800030001000000080003006863dd8f2402038008000200060000007c0003800c000180040003000400030038000180040003000600020025000000110002002f6465762f7572616e646f6d000000000400030008000100feffffff08000100040000000c0001800800010000000000280001800400030008000100ff0000000800010008000000080001000200000008000100030000009f0005003cfe37c0a312898d9adbd2685bbed57e4eabfe43ea42721516bf2126729d04e58708b49f02e35cc8d1fbcb7e9c042d45ab76aa0ad764b3c18f27ea8f0b84f885ce55c97f58da265bbea5174adc27e29808b5f1e394a7f7249ab5a6bcfedf21666c2aa214a335f7809aee57ebb3c21f97f431a947c4adef9fc5ffa1af83777f23cbfbf3dfd2a156596c2252cf4efd768cba88e27e286e0efffb048b0004000100cc0003805c000180110002002f6465762f7572616e646f6d000000000400030004000300110002002f6465762f7572616e646f6d00000000110002002f6465762f7572616e646f6d00000000080001000101000004000300050002000000000008000180040003000c00018008000100090000002c000180040003000800010005000000110002002f6465762f7572616e646f6d0000000008000100008000000c00018004000300040003000c000180070002005d5d000014000180080001000100000008000100060000002c000400f8009c1d1b4001884cd5d7279d1a3dd66530b6ed023b02d033d0825f785f2b893d31343c6fce48c6"], 0x38c}, 0x1, 0x0, 0x0, 0x5}, 0x20048090) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ftruncate(r0, 0x1000) openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0), 0x1a000, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x32d) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) pidfd_getfd(r0, r2, 0x0) [ 1589.921541] ? pipe_poll+0x21b/0x800 [ 1589.922528] ? p9_fd_close+0x4a0/0x4a0 recvmmsg$unix(r2, &(0x7f0000005d00)=[{{&(0x7f00000001c0), 0x6e, &(0x7f0000000680)=[{&(0x7f0000000240)=""/41, 0x29}, {&(0x7f0000000280)=""/81, 0x51}, {&(0x7f0000000300)=""/43, 0x2b}, {&(0x7f0000000340)=""/176, 0xb0}, {&(0x7f0000000400)=""/115, 0x73}, {&(0x7f0000000480)=""/208, 0xd0}, {&(0x7f0000000580)=""/253, 0xfd}], 0x7, &(0x7f0000005f00)=ANY=[@ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="71e06e998a0000000023000000002656000100000001400000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYBLOB="20000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESDEC=r1], 0x98}}, {{&(0x7f00000007c0), 0x6e, &(0x7f0000001a80)=[{&(0x7f0000000840)=""/180, 0xb4}, {&(0x7f0000000900)=""/136, 0x88}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/146, 0x92}], 0x4}}, {{&(0x7f0000001ac0), 0x6e, &(0x7f0000003d40)=[{&(0x7f0000001b40)=""/15, 0xf}, {&(0x7f0000001b80)=""/4096, 0x1000}, {&(0x7f0000002b80)=""/4096, 0x1000}, {&(0x7f0000003b80)=""/252, 0xfc}, {&(0x7f0000003c80)=""/62, 0x3e}, {&(0x7f0000003cc0)=""/121, 0x79}], 0x6, &(0x7f0000003dc0)}}, {{&(0x7f0000003e00), 0x6e, &(0x7f0000004040)=[{&(0x7f0000003e80)=""/119, 0x77}, {&(0x7f0000003f00)=""/182, 0xb6}, {&(0x7f0000003fc0)=""/19, 0x13}, {&(0x7f0000004000)}], 0x4, &(0x7f0000004080)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f00000040c0)=@abs, 0x6e, &(0x7f0000004340)=[{&(0x7f0000004140)=""/95, 0x5f}, {&(0x7f00000041c0)=""/81, 0x51}, {&(0x7f0000004240)=""/23, 0x17}, {&(0x7f0000004280)=""/146, 0x92}], 0x4, &(0x7f0000004380)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000004400), 0x6e, &(0x7f0000005a40)=[{&(0x7f0000004480)=""/238, 0xee}, {&(0x7f0000004580)=""/177, 0xb1}, {&(0x7f0000004640)=""/211, 0xd3}, {&(0x7f0000004740)=""/94, 0x5e}, {&(0x7f00000047c0)=""/151, 0x97}, {&(0x7f0000004880)=""/33, 0x21}, {&(0x7f00000048c0)=""/4096, 0x1000}, {&(0x7f00000058c0)=""/243, 0xf3}, {&(0x7f00000059c0)=""/75, 0x4b}], 0x9}}, {{0x0, 0x0, &(0x7f0000005c40)=[{&(0x7f0000005b00)=""/114, 0x72}, {&(0x7f0000005b80)=""/130, 0x82}], 0x2, &(0x7f0000005c80)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}], 0x7, 0x100, &(0x7f0000005ec0)) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendfile(r3, r5, 0x0, 0x2000000000007) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) r7 = socket$inet_tcp(0x2, 0x1, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r8, 0x0, 0x3, &(0x7f0000000080), 0x4) kcmp(r6, 0xffffffffffffffff, 0x2, r7, r8) 23:58:09 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x24, 0x103) 23:58:09 executing program 0: syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./mnt\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000140)='./mnt\x00', 0x0, 0x0, 0x0, 0x3a0c0a0, &(0x7f0000000200)={[{@gid}]}) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) mknodat$loop(r1, &(0x7f0000000000)='./mnt\x00', 0x800, 0x0) 23:58:09 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x4a5fb997, @empty}, 0x1c) [ 1589.923626] ? wait_for_partner+0x3c0/0x3c0 [ 1589.924644] ? p9_fd_poll+0x1e0/0x2c0 [ 1589.925463] ? p9_fd_create+0x357/0x4a0 [ 1589.926304] ? p9_conn_create+0x510/0x510 [ 1589.927184] ? p9_client_create+0x798/0x1230 [ 1589.928113] ? kfree+0xd7/0x340 [ 1589.928820] ? do_raw_spin_unlock+0x4f/0x220 [ 1589.929769] p9_client_create+0xa76/0x1230 [ 1589.930674] ? p9_client_flush+0x430/0x430 [ 1589.931581] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1589.932668] ? lockdep_init_map_type+0x2c7/0x780 [ 1589.933679] ? __raw_spin_lock_init+0x36/0x110 [ 1589.934656] v9fs_session_init+0x1dd/0x1680 [ 1589.935578] ? lock_release+0x680/0x680 [ 1589.936433] ? kmem_cache_alloc_trace+0x151/0x320 [ 1589.937475] ? v9fs_show_options+0x690/0x690 [ 1589.938417] ? trace_hardirqs_on+0x5b/0x180 [ 1589.939335] ? kasan_unpoison_shadow+0x33/0x50 [ 1589.940303] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1589.941392] v9fs_mount+0x79/0x8f0 [ 1589.942148] ? v9fs_write_inode+0x60/0x60 [ 1589.943029] legacy_get_tree+0x105/0x220 [ 1589.943891] vfs_get_tree+0x8e/0x300 [ 1589.944693] path_mount+0x1429/0x2120 [ 1589.945511] ? strncpy_from_user+0x9e/0x470 [ 1589.946421] ? finish_automount+0xa90/0xa90 [ 1589.947338] ? getname_flags.part.0+0x1dd/0x4f0 [ 1589.948328] ? _copy_from_user+0xfb/0x1b0 [ 1589.949228] __x64_sys_mount+0x282/0x300 [ 1589.950092] ? copy_mnt_ns+0xa00/0xa00 [ 1589.950925] do_syscall_64+0x33/0x40 [ 1589.951723] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.952815] RIP: 0033:0x7f535d26eb19 [ 1589.953606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.957503] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1589.959117] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1589.960641] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1589.962150] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1589.963663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.965187] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1589.981246] loop3: detected capacity change from 0 to 262144 [ 1589.985171] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1589.994285] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1590.003697] netlink: 384 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1590.020401] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:58:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x8cffffff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:09 executing program 7: preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x1c705, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(0xffffffffffffffff, 0x40049366, &(0x7f00000000c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$lock(r0, 0x0, &(0x7f0000000140)={0x2, 0x3, 0x0, 0x3}) r2 = fsmount(0xffffffffffffffff, 0x0, 0x71) sendmsg$nl_generic(r2, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f00000002c0)={0x134, 0x3f, 0x20, 0x70bd2a, 0x25dfdbfe, {0x18}, [@typed={0xba, 0x86, 0x0, 0x0, @binary="a3b07c155a6cdb8e5b23c4f8d9ab00df0c1d919bb1e542ac236d70b27d4e78c131ce8b76d119ebf46adb53fbb6b97354c21bce1f413a41299dcf6fb97db77f40b374083e451744502ef3e2860746cdb7af8282e0d42239c7da76ee2ab77c13b812dfce6339207c61c474ca6647ff2f200907570e27db03bde7e002f3ca2c1bc1fa271e085a72c5c0cee101497b213f2e102420a0d7e7858a3630e121f4d79b001d750879556dbfc8d4ccb142bf30fb25167ce7a6fd8a"}, @nested={0x62, 0x40, 0x0, 0x1, [@typed={0x8, 0x26, 0x0, 0x0, @pid}, @typed={0x1c, 0x75, 0x0, 0x0, @binary="dfb80c0c5273afb4fce9b8b089441857388cb4d48ccc0103"}, @generic="e4e323080ecc577e827fecec2e8e8329148e23ea34a74b5d52d39e52c9c61ab8b4ec178d42f85b588a3a395cf84295015156f1b86ecc6eef7480"]}]}, 0x134}, 0x1, 0x0, 0x0, 0x80080}, 0x4048080) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x14, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}}, 0x14}}, 0x0) r3 = getpgrp(0x0) pidfd_open(r3, 0x0) syz_open_procfs(r3, &(0x7f0000000040)='net/raw6\x00') 23:58:09 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 36) 23:58:09 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x48, 0x103) 23:58:09 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x4f179605, @empty}, 0x1c) [ 1590.119038] FAULT_INJECTION: forcing a failure. [ 1590.119038] name failslab, interval 1, probability 0, space 0, times 0 [ 1590.121545] CPU: 1 PID: 10456 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1590.123023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1590.124800] Call Trace: [ 1590.125367] dump_stack+0x107/0x167 [ 1590.126147] should_fail.cold+0x5/0xa [ 1590.126962] ? p9_fcall_init+0x97/0x290 [ 1590.127817] should_failslab+0x5/0x20 [ 1590.128639] __kmalloc+0x72/0x390 [ 1590.129382] p9_fcall_init+0x97/0x290 [ 1590.130202] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1590.131295] p9_client_rpc+0x220/0x1370 [ 1590.132146] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1590.133283] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1590.134422] ? pipe_poll+0x21b/0x800 [ 1590.135207] ? p9_fd_close+0x4a0/0x4a0 [ 1590.136034] ? wait_for_partner+0x3c0/0x3c0 [ 1590.136957] ? p9_fd_poll+0x1e0/0x2c0 [ 1590.137770] ? p9_fd_create+0x357/0x4a0 [ 1590.138619] ? p9_conn_create+0x510/0x510 [ 1590.139505] ? p9_client_create+0x798/0x1230 [ 1590.140438] ? kfree+0xd7/0x340 [ 1590.141142] ? do_raw_spin_unlock+0x4f/0x220 [ 1590.142085] p9_client_create+0xa76/0x1230 [ 1590.142991] ? p9_client_flush+0x430/0x430 [ 1590.143891] ? trace_hardirqs_on+0x5b/0x180 [ 1590.144820] ? lockdep_init_map_type+0x2c7/0x780 [ 1590.145824] ? __raw_spin_lock_init+0x36/0x110 [ 1590.146796] v9fs_session_init+0x1dd/0x1680 [ 1590.147734] ? kmem_cache_alloc_trace+0x151/0x320 [ 1590.148762] ? v9fs_show_options+0x690/0x690 [ 1590.149704] ? trace_hardirqs_on+0x5b/0x180 [ 1590.150616] ? kasan_unpoison_shadow+0x33/0x50 [ 1590.151582] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1590.152667] v9fs_mount+0x79/0x8f0 [ 1590.153427] ? v9fs_write_inode+0x60/0x60 [ 1590.154312] legacy_get_tree+0x105/0x220 [ 1590.155180] vfs_get_tree+0x8e/0x300 [ 1590.155972] path_mount+0x1429/0x2120 [ 1590.156802] ? strncpy_from_user+0x9e/0x470 [ 1590.157718] ? finish_automount+0xa90/0xa90 [ 1590.158637] ? getname_flags.part.0+0x1dd/0x4f0 [ 1590.159630] ? _copy_from_user+0xfb/0x1b0 [ 1590.160534] __x64_sys_mount+0x282/0x300 [ 1590.161391] ? copy_mnt_ns+0xa00/0xa00 [ 1590.162229] do_syscall_64+0x33/0x40 [ 1590.163028] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1590.164115] RIP: 0033:0x7f535d26eb19 [ 1590.164915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1590.168846] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1590.170468] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1590.171995] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1590.173526] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1590.174328] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1590.175053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1590.175066] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1590.192615] netlink: 384 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1590.217372] loop3: detected capacity change from 0 to 262144 [ 1590.221427] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1590.228337] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1590.233765] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:58:25 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x4c, 0x103) 23:58:25 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629) creat(&(0x7f0000000080)='./file0\x00', 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x6000, 0x0, 0x0, 0x6, 0x100000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="00000000000004002e2f66696c653100"]) perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x1, 0xb5, 0x57, 0xd4, 0x0, 0x6, 0x2000, 0xb, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x10, 0x1}, 0x200, 0x0, 0x2, 0x8, 0x1, 0x20, 0x74, 0x0, 0x3, 0x0, 0x4}, 0x0, 0x10, 0xffffffffffffffff, 0xa) r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x0) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0) r5 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x26, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x66, 0x0, 0x0, @ipv4=@multicast2}, @typed={0xc, 0x28, 0x0, 0x0, @u64}]}, 0x28}}, 0x4008000) close_range(r5, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000) sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]}) 23:58:25 executing program 5: sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x40000) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x50, 0x0, 0x800, 0x70bd24, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048800}, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240), 0x868000, 0x0) dup3(0xffffffffffffffff, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r1, 0x0, 0x0, 0x1000002) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140), 0x3) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$inet6(0xffffffffffffffff, &(0x7f0000000500)={0xa, 0x4e24, 0x1, @remote, 0x40}, 0x1c) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0xf501, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) fstat(r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000340)=ANY=[@ANYRES64, @ANYRES32, @ANYRESOCT]) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xbf}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendfile(r2, r5, 0x0, 0x100000001) 23:58:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x54000000, @empty}, 0x1c) 23:58:25 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 37) 23:58:25 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) dup3(r1, r0, 0x0) 23:58:25 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) io_submit(0x0, 0x3, &(0x7f0000000500)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000540)="4fa961a32c46292c4c203b03c6cfcb7f41a36b2033c451524efa095f3259d324fe60cf5baa606c7c29d5626c6a425a3357a6ef9b122793056fe62dc737af44a1070dcbaede3f1a1a803aeec79b506e019ba9a0faad0ffeddee88e9c7f880a2b88dd7ec8a16c3670691b02178a9efe72a78120600fe8be129a52b1b4d82cc8adf2f88522df22ee2ca034bd40b6be1e2b77c7b9594a599c877", 0x98, 0x0, 0x0, 0x3}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x6, 0x3ff, r0, &(0x7f00000001c0)="b543f71c67220fd0e78a5d93081738d94786096998393724c6383b199acdf1fb13248bd1b9c7ada869181a6d0720cf22cc916239f85696f95d569adedc9ffef4b87b7f6336a43a2a2bcf", 0x4a, 0x9, 0x0, 0x1, r0}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x6, 0xffdd, r1, &(0x7f00000007c0)="b484cf2ddfb0da9b6aedb7445c3a173184387c0721cccd0a46aa4b53b0169dd0be29aac054c7752d2bc0e87451ca86288ac2749f34d71b225c28aaaad99d07099a58bde6738cb775aac8bba06d754710e8", 0x51, 0x3}]) syz_usb_connect$cdc_ecm(0x4, 0x0, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000004c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000440)={{}, {r2, r3+60000000}}, &(0x7f0000000700)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)) close(0xffffffffffffffff) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @thr={&(0x7f0000000600)="1a90741b478736dcb3b315064fc9e72c4608370b13bc2cb637529112fc303e1776468566db550164e33a10b0631194d0c525a6de03dea72ca7919d9f8026f6731bde01f3232df675dccf6cfdc168550c74433af885e6c95d44c46a6227103177f847898edf0b69b5bb4ce7cb18c9b532190cab9007de662870fd202b7c55fc84576b9e25c32997e5ebfb4bf56dacbc75625e461c5efcef9c8d5ad29e03c5acb0699a5bf8fca88e223ab1b91bd8b79f91aeddb32d54049112fa", &(0x7f00000006c0)="d568db2300a3755f0b1ee0122d2c7dea51ab"}}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)) ioctl$TCGETS(0xffffffffffffffff, 0x5401, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f00000000c0)) clock_gettime(0x0, &(0x7f0000000100)) timer_gettime(0x0, &(0x7f0000000280)) clone3(&(0x7f0000000740)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1606.042564] loop3: detected capacity change from 0 to 262144 [ 1606.064086] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:58:25 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xc0ed0000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1606.098016] FAULT_INJECTION: forcing a failure. [ 1606.098016] name failslab, interval 1, probability 0, space 0, times 0 [ 1606.100713] CPU: 0 PID: 10493 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1606.102290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.102974] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1606.104181] Call Trace: [ 1606.104208] dump_stack+0x107/0x167 [ 1606.104234] should_fail.cold+0x5/0xa [ 1606.108181] ? create_object.isra.0+0x3a/0xa20 [ 1606.109237] should_failslab+0x5/0x20 [ 1606.110104] kmem_cache_alloc+0x5b/0x310 [ 1606.111035] create_object.isra.0+0x3a/0xa20 [ 1606.112031] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1606.113208] __kmalloc+0x16e/0x390 [ 1606.114025] p9_fcall_init+0x97/0x290 [ 1606.114895] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1606.116065] p9_client_rpc+0x220/0x1370 [ 1606.116997] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1606.118201] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1606.119426] ? pipe_poll+0x21b/0x800 [ 1606.120275] ? p9_fd_close+0x4a0/0x4a0 [ 1606.121170] ? wait_for_partner+0x3c0/0x3c0 [ 1606.122147] ? p9_fd_poll+0x1e0/0x2c0 [ 1606.123017] ? p9_fd_create+0x357/0x4a0 [ 1606.123919] ? p9_conn_create+0x510/0x510 [ 1606.124869] ? p9_client_create+0x798/0x1230 [ 1606.125870] ? kfree+0xd7/0x340 [ 1606.126616] ? do_raw_spin_unlock+0x4f/0x220 [ 1606.127624] p9_client_create+0xa76/0x1230 [ 1606.128596] ? p9_client_flush+0x430/0x430 [ 1606.129202] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=38 sclass=netlink_tcpdiag_socket pid=10492 comm=syz-executor.6 [ 1606.129573] ? trace_hardirqs_on+0x5b/0x180 [ 1606.129596] ? lockdep_init_map_type+0x2c7/0x780 [ 1606.129621] ? __raw_spin_lock_init+0x36/0x110 [ 1606.135238] v9fs_session_init+0x1dd/0x1680 [ 1606.136222] ? lock_release+0x680/0x680 [ 1606.137145] ? kmem_cache_alloc_trace+0x151/0x320 [ 1606.138246] ? v9fs_show_options+0x690/0x690 [ 1606.139260] ? trace_hardirqs_on+0x5b/0x180 [ 1606.140243] ? kasan_unpoison_shadow+0x33/0x50 [ 1606.141293] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1606.142451] v9fs_mount+0x79/0x8f0 [ 1606.143267] ? v9fs_write_inode+0x60/0x60 [ 1606.144219] legacy_get_tree+0x105/0x220 [ 1606.145155] vfs_get_tree+0x8e/0x300 [ 1606.146006] path_mount+0x1429/0x2120 [ 1606.146882] ? strncpy_from_user+0x9e/0x470 [ 1606.147862] ? finish_automount+0xa90/0xa90 [ 1606.148857] ? getname_flags.part.0+0x1dd/0x4f0 [ 1606.149915] ? _copy_from_user+0xfb/0x1b0 [ 1606.150862] __x64_sys_mount+0x282/0x300 [ 1606.151785] ? copy_mnt_ns+0xa00/0xa00 [ 1606.152694] do_syscall_64+0x33/0x40 [ 1606.153536] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.154689] RIP: 0033:0x7f535d26eb19 23:58:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x56000000, @empty}, 0x1c) [ 1606.155526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.159910] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1606.161651] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1606.163270] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1606.164897] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1606.166509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.168127] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:58:25 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xf6ffffff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:26 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 38) 23:58:26 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x60, 0x103) 23:58:26 executing program 7: ioctl$EVIOCGBITSND(0xffffffffffffffff, 0x80404532, &(0x7f0000000380)=""/14) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000700)=""/222, 0xde}], 0x2}, 0x0) syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) pipe2(&(0x7f0000000040), 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000180)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r5, 0x4) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r3, 0x40049366, &(0x7f00000001c0)=0x1) ftruncate(0xffffffffffffffff, 0x1) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0x0, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) sendmsg$nl_generic(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000ad9ed5ad439e949800000000000200000005000080de000000"], 0x1c}}, 0x0) openat(r8, &(0x7f0000000280)='./file0\x00', 0x48000, 0x12f) 23:58:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xc02c2, 0x0) openat(r0, &(0x7f0000000780)='./file0\x00', 0x2c0000, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x1831c1, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000200)="af", 0x1}, {0x0}, {0x0}, {0x0}], 0x4) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="02000000010000000000000002000200", @ANYRES32=0xee01, @ANYBLOB="04001d9b6be1c16f9eb642cb040000000000080000f8ff5fbe4582927b54940417eaeab6f325acdab50f025452c6656038c8762edf11c2e2fd81998a9c52ef36d4b6e9ede9085315506cc653da15b77e0b205be01caeab7e7d16fa1b25a0793308bf77121d11dbf200dfb4f959e2abc550dc63e951f879102e3a3ff05a461e556bd29f0d7b4711583c7d2f532ab8fe78df8483c066f7e822209cfef6d37fc770376bd74b8cb6ab72f9ff0e9b44e7de22a1a0797eab8ef7e0ae7145667e8c079e8bcf831407b4813d9ff7c058edf337f98bf474377f1afe73bc60774e0ab08cb0e1669c6e6dfd82d4218014124fa3f2ff6b9791fa18550a59ebabf13a3d42d9659912211997b5097b40480e373813e9f819f972", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000060000000000"], 0x5c, 0x1) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/stat\x00') r4 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x1, 0x0, 0x0, 0x880000, &(0x7f00000006c0)={[{@gid}], [{@fsmagic={'fsmagic', 0x3d, 0x9}}, {@smackfshat={'smackfshat', 0x3d, '(^\x9e@@#-'}}]}) openat$incfs(r4, 0x0, 0x501200, 0x0) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4002) fallocate(0xffffffffffffffff, 0x1, 0x6, 0x0) fallocate(r2, 0x0, 0x0, 0x8000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x4) ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006}) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2}) [ 1606.354923] FAULT_INJECTION: forcing a failure. [ 1606.354923] name failslab, interval 1, probability 0, space 0, times 0 [ 1606.357415] CPU: 1 PID: 10508 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1606.358918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.360719] Call Trace: [ 1606.361298] dump_stack+0x107/0x167 [ 1606.362086] should_fail.cold+0x5/0xa [ 1606.362908] ? p9_fcall_init+0x97/0x290 [ 1606.363758] should_failslab+0x5/0x20 [ 1606.364576] __kmalloc+0x72/0x390 [ 1606.365328] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1606.366420] p9_fcall_init+0x97/0x290 [ 1606.367234] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1606.368339] p9_client_rpc+0x220/0x1370 [ 1606.369205] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1606.370331] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1606.371469] ? pipe_poll+0x21b/0x800 [ 1606.372263] ? p9_fd_close+0x4a0/0x4a0 [ 1606.373107] ? wait_for_partner+0x3c0/0x3c0 [ 1606.374028] ? p9_fd_poll+0x1e0/0x2c0 [ 1606.374834] ? p9_fd_create+0x357/0x4a0 [ 1606.375666] ? p9_conn_create+0x510/0x510 [ 1606.376529] ? p9_client_create+0x798/0x1230 [ 1606.377458] ? kfree+0xd7/0x340 [ 1606.378141] ? do_raw_spin_unlock+0x4f/0x220 [ 1606.379065] p9_client_create+0xa76/0x1230 [ 1606.379974] ? p9_client_flush+0x430/0x430 [ 1606.380884] ? trace_hardirqs_on+0x5b/0x180 [ 1606.381806] ? lockdep_init_map_type+0x2c7/0x780 [ 1606.382809] ? __raw_spin_lock_init+0x36/0x110 [ 1606.383786] v9fs_session_init+0x1dd/0x1680 [ 1606.384711] ? lock_release+0x680/0x680 [ 1606.385573] ? kmem_cache_alloc_trace+0x151/0x320 [ 1606.386594] ? v9fs_show_options+0x690/0x690 [ 1606.387545] ? trace_hardirqs_on+0x5b/0x180 [ 1606.388453] ? kasan_unpoison_shadow+0x33/0x50 [ 1606.389444] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1606.390525] v9fs_mount+0x79/0x8f0 [ 1606.391276] ? v9fs_write_inode+0x60/0x60 [ 1606.392155] legacy_get_tree+0x105/0x220 [ 1606.393030] vfs_get_tree+0x8e/0x300 [ 1606.393814] path_mount+0x1429/0x2120 [ 1606.394620] ? strncpy_from_user+0x9e/0x470 [ 1606.395537] ? finish_automount+0xa90/0xa90 [ 1606.396459] ? getname_flags.part.0+0x1dd/0x4f0 [ 1606.397457] ? _copy_from_user+0xfb/0x1b0 [ 1606.398341] __x64_sys_mount+0x282/0x300 [ 1606.399204] ? copy_mnt_ns+0xa00/0xa00 [ 1606.400045] do_syscall_64+0x33/0x40 [ 1606.400844] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.401941] RIP: 0033:0x7f535d26eb19 [ 1606.402737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.406698] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1606.408327] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1606.409855] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1606.411392] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1606.412927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.414458] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:58:26 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x62000000, @empty}, 0x1c) 23:58:26 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xffffff8c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES64=r1, @ANYBLOB="0102000b5f00000000000700200008000300", @ANYRES32=r2, @ANYBLOB="140019bc4ba17468305f746f5f626f6e6400000008000500040000000400cc001400048184fc1d8ef070a6d8cc40aaaf9143d958a78033c7e8aa14a5c2f014ce7bdd721ab94ff7eee5ef08e4326d6ee872e149d164ebb84585737d52808e2f3fa561ad91f5899acf2f0cae9aca8b0a3f0b740db08b1404207348b9ca4a8395fe4ae244141c8968756c7cd79cc8e371754a3a3d5928ab876f5f401a51b0c2b151abccf8a49608e78cb67b8ac8a274f281c2277c9982e2d92d588463531feab0d4e0a602a4880eb3a6d4b4cc5a2a24a58e24a66442011d4bc1c0dbe2bcb1b32fcad061729a9f328e3c180fa07eaab0d9f5b31d"], 0x74}}, 0x0) [ 1606.591481] loop3: detected capacity change from 0 to 262144 [ 1606.603653] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:58:26 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 39) [ 1606.644926] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1606.656875] FAULT_INJECTION: forcing a failure. [ 1606.656875] name failslab, interval 1, probability 0, space 0, times 0 [ 1606.659477] CPU: 0 PID: 10535 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1606.661074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.662979] Call Trace: [ 1606.663583] dump_stack+0x107/0x167 [ 1606.664414] should_fail.cold+0x5/0xa [ 1606.665298] ? p9_fcall_init+0x97/0x290 [ 1606.666208] should_failslab+0x5/0x20 [ 1606.667081] __kmalloc+0x72/0x390 [ 1606.667875] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1606.669041] p9_fcall_init+0x97/0x290 [ 1606.669915] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1606.671079] p9_client_rpc+0x220/0x1370 [ 1606.671994] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1606.673220] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1606.674448] ? pipe_poll+0x21b/0x800 [ 1606.675290] ? p9_fd_close+0x4a0/0x4a0 [ 1606.676174] ? wait_for_partner+0x3c0/0x3c0 [ 1606.677162] ? p9_fd_poll+0x1e0/0x2c0 [ 1606.678034] ? p9_fd_create+0x357/0x4a0 [ 1606.678938] ? p9_conn_create+0x510/0x510 [ 1606.679877] ? p9_client_create+0x798/0x1230 [ 1606.680895] ? kfree+0xd7/0x340 23:58:26 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x91ffffff, @empty}, 0x1c) [ 1606.681641] ? do_raw_spin_unlock+0x4f/0x220 [ 1606.682774] p9_client_create+0xa76/0x1230 [ 1606.683754] ? p9_client_flush+0x430/0x430 [ 1606.684734] ? trace_hardirqs_on+0x5b/0x180 [ 1606.685717] ? lockdep_init_map_type+0x2c7/0x780 [ 1606.686788] ? __raw_spin_lock_init+0x36/0x110 [ 1606.687831] v9fs_session_init+0x1dd/0x1680 [ 1606.688821] ? lock_release+0x680/0x680 [ 1606.689735] ? kmem_cache_alloc_trace+0x151/0x320 [ 1606.690827] ? v9fs_show_options+0x690/0x690 [ 1606.691838] ? trace_hardirqs_on+0x5b/0x180 [ 1606.692831] ? kasan_unpoison_shadow+0x33/0x50 [ 1606.693870] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1606.695028] v9fs_mount+0x79/0x8f0 [ 1606.695835] ? v9fs_write_inode+0x60/0x60 [ 1606.696795] legacy_get_tree+0x105/0x220 [ 1606.697724] vfs_get_tree+0x8e/0x300 [ 1606.698570] path_mount+0x1429/0x2120 [ 1606.699454] ? strncpy_from_user+0x9e/0x470 [ 1606.700434] ? finish_automount+0xa90/0xa90 [ 1606.701423] ? getname_flags.part.0+0x1dd/0x4f0 [ 1606.702483] ? _copy_from_user+0xfb/0x1b0 [ 1606.703441] __x64_sys_mount+0x282/0x300 [ 1606.704361] ? copy_mnt_ns+0xa00/0xa00 [ 1606.705263] do_syscall_64+0x33/0x40 [ 1606.706116] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.707284] RIP: 0033:0x7f535d26eb19 [ 1606.708129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.712340] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1606.714086] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1606.715730] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1606.717368] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1606.718998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.720621] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:58:26 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xfffffff6, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:26 executing program 6: r0 = socket$unix(0x1, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8982, &(0x7f0000000040)={0x8, 'veth1_virt_wifi\x00', {'ip6gre0\x00'}, 0x1}) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f00000009c0)={0x0, 0x0}) setpgid(0x0, r1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[@ANYBLOB="01c292fa0c590e4ab46c4d12902cb973100997ecc8160e43545f5bb80e116b1797bcfd709223dfc710fc1eccd613778ee7028125c54e560aa9e866f92a80e03eab489b79d783b33b21f4b86c2cdf62ff093af3a8e3b28b3830211d5f079540147c11d3d07b75892f82c70896e7e12a1a93f82cff5be5f9bc944e460d56897a2305e1e0eb416885d16dcf96e50e3db3ba2397bcc1500ee6dfe341aebb7d5b6d0e8d44f04b7b8ee661f8b245f9cf6cca013747791fc7c0d8bc11350928d7fe53cb7088dd639b1785f4ecc34894cbf006abcd34b524b238b0bff3c995e0cf04d87e19b0c114b65734e82b10b9c85457232deefc4cb76a436e5ae523ffa560e38e18bf3576b02e6ca584c62a57f792f17ad85997e716d53d7f69c73c0e9d0556d6f821c100000000000000802441c281da4103b44909cbe1c0417efecd287e1efc5a7d44ddeff9711ed11783f8942cb376f99a281751a4594932c9aaf20585075357c2e1673ddeab0c772b44962871ff6157402aae6a355a54eef63533700c0b1894344bc008124051da135557b8bd578641a2040036b1506be39089a96b551e8ed44aee9773ce00c8c4fa2ce58b6cd3e219cef952ef6a8d2448dd1334c671f99422d4b7002f3c0e85282d1ed04a7905cef5a4552a8a01a5956b7508a7c3fcaa987b49ae8b1ce1692405d610f9e2a6ad176b2ccad113b22487ee7aaad5584e78b65cd71125803371ce8cb1bb3cdc042dfffe789080d488521b616ab28168f0547104020c3c47fa7b41a392f10e1e722d94ff22bd20d597438c1f70bb30ed152b629a8cb474f48228330902a673a86b90e05360c4a233f6d60bc8fe7375cb30a7ec78bc2c2223abb2a4fd9e16bd83313f7a64605ace2f53ecee61d787fda53adc17f9133d9b408d142165ea1402098384990097b5708657684bfac37a4e81399d96318a3d7dd8ba658c8cd748f5d64ab71d970f3d977a255a39f9e6188cec21ade85e2ba1cace64f3bca70fe6a91ca79c14281b01b65b1535cb1977732c27d4f328d3d784406cf38777033a0ceeb501b064bc12066fdb2ac748074684cc763d13bba4af1c154da199857fa0bfa3a4c51979eda45131ed400c2de0c2bbe314da58f8708655f41beb0e470725b2474d58f6003f38b731ee7faa3b346c27d2de234aacaeb0e3d1d72ccc2bb82f2a84844438585197d96cdf37f183192c024bd48bfaa89f88d775d09f9b5ad1f3556a07bcab80470fa442f7612a1c6b39adb4c2d908379c2573b8d113fce0d121fbc8bf26141d1bad5d4766214e569f63b73d80277fde174474a469f7763a627ebb0f7b35af96305aa18e213203975537ca4d7bdd9e0fe079777a752632d1653d7c41fdec82042889d90cff28b9e2b3dc4256b628c0304873db0ac99c6610de6fcf2ce97e5a35cad8d8bbf2bd5e6a078de47844d49085aeaaa9793ddcf38c43342c10394a1f2c8a9e020c80dac6e16392d585149d5a3c4ea5a4806dfcc6345bff93065d1aa94e9dc5b1e0f6c1817abd10cc7644f7f17149edc3d41258a4af11456609788b3ab6d87881f783fbb4bba5620583a0fcfa952f62bc5aa050067d35d469de50018bf8203009abfe22bafdc48475bd5a5c2eaf82524cec3d72a3cdae5c48cc26f06e075a5945485014a01c518c51e9ddea89afaacf2252c98f55575846d760a91008d23fdbe6a79b3f033e38d6f3863f222228535d7cc53ad4d600366cf44d7fba5802703b47a6ce621493a9ec3a217bda037c186525199a14491fccc8df4bd93ac1c0c7fde4616131e861d359bd506587158cbf0856b0765749eb424f82bac3fcf22795eb41249e9816ed725bc01831e7327e582c68d07173976df0493cf22db0b183574f5b0095a3c7e0abcf2bbada51437c2522061ed37d3885b5c9ff8277f45bad844f5c9effdaa0abf69512dc468c47df65f58ecf981c81335c6405a949ec76e8398194aa9bac7ee740f1b87db9a8fafb7f762524970c69c22277cbc216515c6ee73a833a6be7add73ad62e26f0719c1db73d2a1d751c40584b7b10d62d1642db46843c018aba126f835b91aceba3b9a75b1751b746369ad5328d40fb43eba26737f7a0742664f0413ae421b72688f1f427e3f319bacb42e5b4a5b4fa4890f71e2975ad8b3be869e983840560735819d9053ca24d59d76c4bdf8f683886151e45e6619777e27aef9f220c9dfd98610bd2a10c66b64ad06a7b2bef9dbe05b4ec5b08313868f82a564a4a339ff31aede1f9f63359249dfcb3a64f7afb153835870d55fdddf8db32e83f1299424356087a0a572dc99a7bf267e4e022a64c2766b9d17d68010eaa5ffee4c631ea1a46a328c48dde0101a661e1d9e6d3f8159863f797c131561be5198727d3eeed0fba08c2a65bab0e96921097bf1da0dfa7b22b2775953935ae1829d8e6ba50ffe3d228ab723e03dedd5290384843ec39e2ae769cd9d864c24fda01335e59a74b9b57729a25ba84e3dde7c9329f9e82b047a7958f4c4d6d2c432e5ae79372068e92e4d23fa2ee4bc8761a913fc32f5ae4ae717b2b59b5ebe33d8d5c16a421d316a85ba83d71a26326d14cb87b260b16591cb7f0637b0ee8b334195e0e136765111898083004c02d4ad27c424922122a7f782ddcaea9f6db95ba56855d86ff0dcb619c4dc14716abad5450241d2a8e9554053f482f0ff69952673291e0da40a13bd73359e411fde538728241cdee2e032317cbf8267f14e9de97a56e428ca8128dd366dbdf1cb9c74f29991e9e3cf0d271650415b646f6b8490d7033bb8d552f7d2634f90a8d6b2409cdcb9a5d344bbffa48cf4911e5f3d2ad7a89d078793afb6af38ba8721b4ffd885a5b44c356d5256a62ecb4e0825f3dbe4fc495a16c75cda9a0b944b2478a788aa2606eb2330f83dcbca827ad86262b4d52312d00c31ec107d0522a23867006a229732732483161ce5993fe0f756842d84d353dfab50a2ccd80a5a9e58b5e01026dff5c4419b81c6059a990275a7a6db986bbe72bcca7188af2d147b5b3e59828ef92c2d03d1568465176ba93a8a8ad2390ce40c33f372c92ec664b1bd11b5c509d389c0c0bc9dd5f408b1fb4ec42364d319dd88c1722cdf63e05acf21db26d0e7c9458159107a427c608ede9351997c02a5b815db1d63316c76d7e200d74bf52c500d8189cb0fb7ba48cedca87f56d33b32dc97e236635d940ecf80d9fc3f5d454dc6aaa5e4d32110256823f334ca5196e73e36b9745c234246aaf5a3c2d6ed3515f5c54be0d55745bcbe0ba4881bf26a3cb38546c830f66afe55499eb890408a0e36a7644b058a3b546ee03fceb33557c2ba7868bf07dfd26cc2e24caf94c20bf1667dc9938bb74751635f632f98b4430c7e6f0b61f47ae442be93215a642e4d317fbab5a278bc6fb6efda06a9fc8d6b64ca867f1102b10a1fab42c360cce7e6f494967cf5590494addc9c629bace9169fc9db07471daf6f849bc24751a8d09ca73e7fb9e41a146241ab456e9f848286502f1df149fd205c414ca34ffe0c7eb114f78acec462a3856109d8d16a7c7278556e0b2593decd2affe71fec86d2ee0b6f5fab8ac278a4da53913772189a28d79c31ef75370da0677dd369ef9fa9ccfb28c121f5c69b628393a20f651f4777b44851beaa9ee8b7ba954d56d266c8a8df13d296d9f2c7e5836f8f7398cbe377e92715be4b0401a4c2e5db90a53f9748eb1c0effd5bb05adfeadaadb08407b89be555b8d45266e15b2dbac87c80ab842da59e7a190039fc04576bd96f5840f395160117beca1b2f5b19269284117042f24add7ef09953df85a4a00a2a9479e41bb4ac44ff72fc2311eef4c255252bbc3b90c640b66891d1349f8870169ee3d313c4b29fb4a2b6cc93186ccf683c822137ba28d22ef57de5247c7fa873dcac0358ba5113b7e318d8179ea12c6ea973f765602263eb7c369c2d5eceb35e41febb607d8e8112da7a1ec852522b312a8f971e21d2d8b0fff798a10f65c66bb891bac62b34eac3f58f807e95b85b2e6b11473c7c1c9eb79aa5692f07961f5d63939f3ebabbbc4dd4d506bf442f0696fc82928c5bfd1bba31e3511da3b19dec57f913e202942c86421ee57f499a35eadef2db0afb41aa77e2a7db3d260e7410fe3fd127f9def3e79d0fa0abe9ab05c5f95d49947881785c6f23bfe4a2082a8e6f44c5be1ef16309e116510552d3c5d424e199a4321c88dd372d71992723eaf54eb070ec0377b6f7d6b03f156088ba86bce1c8a72bbf5ef9db2e7dc802150d3a070558d883638fc43f218e871e31abde7fab2b72a204b8e20d746123f56868552877046161fdd2d75c562d94761bf22978ce0786d3658a1f547bc143e307a8142a72b8fc2012b1ed4fd1fd5cb5d99ac64b807ccc16a4e0d60920c7d68e324671d53238cc935ccff7f48778192e7895e8cb92735533b57369745e22abf858a7281f9e0f0c5079f46e2b0ce9c9fbd95097e6f3c9c56f14b388eff9461fba6a9086de556e1f8f162b53656d228491fc7c9a7d89ccc365224b93131b67d7a4e0e4928331dcdb05d466289c896fee425b127d88e3d3767f0defbfba3cf53bdf008349dbdc7c7ef9ebf0db4319889e53f0a06aa0d2de158b7d90b631d2b4968139f813c7b076dfa9427e28150a8997ee94991eaa49f8a2b6015428181ea63227285c405864c7df1fe6032bdf31865018b7bd8d81e4b39427a2b33b692d8bcc1de731910d4be2cc3872192dd6200fd9afb26fe4964ca97225f341a66a34f67adb5d4d77734fd9371d295cc4efe2376677bba1efe4cc9898eef6484b2d91b4d6e7e1d7d7e686f2f1e4b4c74de4932775fd2489d1b8b7bd30de282af366c3adf82fc1450828a1baf4f95ad8a9176f77dcd71598fc972592ea3c2dcec6f9cf9d2a1ab15adf2e1cc7877e226f20691adaac06ab77e11416bd37d8218f970beea7129fe0476a779bc6d50aab9432dea0bc3fd614ea623cb6e777c0a362d3821f56afadc8009eaa72fad7f37e642ec6d27d9d4186fff1711144ef61219fee4cd4ef2b9f1823086370081694190b353f6a23f906edfc8021f208fafba8c33a5850caad7303ad0c3ef1d1b60bde9989eba843eb55d86eed72d6f30d8c966cf55b53e811eebdec77e9ef242dd6b4b881c7f9bb15ab873ccc239ec27b3bd60c693851062ccfdf11c967e92ef996c0cea4a25a262bf2da0b4fa6ee0cc6566fd41bc9a5d60a7ca638b34470b3de43901679c5632063d2c9889189a56ed098da31e2c9df46060e1d876e2fd0f125470c25c24d71e8cba3b0992571a272fa3cf28be47e8bc6d304add3968023230eb1cd8fbaa3f4b7a2ecef772e5d406135eabe34842b24bf76a9669bc8b7abd6768eebf7c740a5a3e8ab29627d2777365ffa3f12784a2ea9227e261883224dec49c4c7493b78bcc231a6b295abeb36e6882483d9c57135a603f98936d85d9d7101e5ec830753e0ef1e9d136e4dde1c065c349c92cb5c9f3fc4254deb359ee9b59c500bbf8200e4ead6a688db97c0e191da2e2addd0a06e2be33d07c79530ea7de1613e01eb9bbea11ee48c6d92ae1b7d559b4afb37d22d274312236b189b88bb4539709caa3cd87e86bdec8bcfffeee3d9d1853781aebcddfcc11f41fbe062dc8bf9f49e20c50145bec1af0d6c3bc769e01b8f5752540148d0ad7a8780ac649357ae03406f77a601c4f78d7f8b4d3df68ef3c0addc96525261477fc0519525954f94888e992ab75c39d5ca207666757a7363d2629b04657358fa2c0c7aa53c3c2bfa5fd51e78ae47256ef68541743244804ff02406cff6be8f1f04738627f573e9cc084eb2fd357aebb4ac7dfe2101d5f9f84940d06497bd113c78a1f332a77ad9d940b56705f8e19e0d63afb54f095d673807fceef28d0554d89181d609b2b4adfb81e84c69655b191447a1232a4df81975eb81b8965cccaa71a98ddb409fae5c6e96598737e7904c00f63978a7e5fe449bcbb05b529211c3791c90f356e995996b5fcc480d44ee0d1b71bbbaf871e29d5d73870721ea0808aa7ebe6617657fdd0107b15eb83bf8843434c4c20c8eac09b8c93f1d346924ce3be40104900f413bf9f0e7151758bb1d8f676a256c4b182f69cd3ae1591de4d781030ba5", @ANYRES16, @ANYRES32=r0], 0xfdef) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x28800, 0x0) fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(0xffffffffffffffff, 0x4008941a, &(0x7f0000000300)) listen(0xffffffffffffffff, 0xfffffffd) close_range(0xffffffffffffffff, r2, 0x0) r3 = openat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x18) preadv2(r3, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) unshare(0x48020200) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) fchmod(r4, 0x2) 23:58:26 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x70, r1, {0xd3db}}, './file0\x00'}) r4 = socket$inet(0xa, 0x3, 0xff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@private0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000a80)={{{@in6=@mcast2, @in=@empty, 0x4e22, 0x7, 0x4e24, 0x667d, 0x2, 0x80, 0x0, 0x33, 0x0, 0xffffffffffffffff}, {0x0, 0x2, 0x1, 0x0, 0x104, 0x2, 0x7fffffff, 0x1}, {0x200, 0x6ff, 0x100000001, 0x1}, 0x1000, 0x6e6bb7, 0x0, 0x1, 0x7}, {{@in6=@mcast2, 0x4d5, 0x6c}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3503, 0x0, 0x3, 0x4, 0x5, 0x7f, 0x9}}, 0xe8) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000300), &(0x7f0000000340)=0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES16=r6, @ANYBLOB="0103000000000100b415b6f5df9683fae200200001000008000300", @ANYRES16, @ANYBLOB="7912632d4cc659432043d4d364f39ccf201e8675caeebf226ebe8ecbe8df8b90a7633fe11f0771787d270639d395e07886ae0b1fc946e768422857956ca4da2dc93f203376ac9282010e0eec7305300057204f3e4b7fa8a94794816f55e3edde72b24460ae67955086a042435325a65ff99fa8edca63428edbda65dc7351417e80a63ecaf973f2105d358fe4cde02063bff3d5d18fbaee0e02284a4deb98fc17dfcf3fa508ee5ed3f0885b4fdf6f0749aeaf8e2f34633cd75be0fd3f1b180c46d565b577782c92c2e356c54bee19771bec1eeff296ce3cc41c78b049ca11119222"], 0x1c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x70, r6, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x2, 0x5a}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x49}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r9}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0xfffd}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x1}, @NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0xc5}, @NL80211_MESHCONF_ELEMENT_TTL={0x5, 0xf, 0x7}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x63}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x3, 0x4}}]}, 0x70}, 0x1, 0x0, 0x0, 0x4800}, 0x5) 23:58:41 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x97b95f4a, @empty}, 0x1c) 23:58:41 executing program 7: ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f0000000000)) syz_emit_ethernet(0x3a, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x9, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x33, 0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0xb, 0x16, [@private=0xa010102, @broadcast]}, @ssrr={0x89, 0x3}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 23:58:41 executing program 6: eventfd2(0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000005c0)='net/tcp\x00') pread64(r0, &(0x7f0000000040)=""/55, 0x37, 0x0) 23:58:41 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x68, 0x103) 23:58:41 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xedc000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f00000002c0)) timer_delete(r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clone3(&(0x7f0000000880)={0x20000, &(0x7f0000000640), &(0x7f00000003c0), &(0x7f0000000400), {0xd}, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/224, &(0x7f0000000840)=[0xffffffffffffffff], 0x1}, 0x58) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000ac0)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df091650478277b5405e62aba026eb436609209c45f379ded06400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f08d65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499174110315288ea4eff39a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e373000000e5f3dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d204882ab6c333951c4d1524ce9bcd4beaaa6b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b295c477a25e79eb3448c6a4e08a36402cd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6edd1beb747919f888890f14b3fd7aec1f8bd4f3ae3327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee854874363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d53358c1562d539f040a9f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab41000"/665], 0x4, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) capset(&(0x7f0000000240)={0x20080522, r1}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r2}, &(0x7f0000000340)) socket$netlink(0x10, 0x3, 0x0) capset(&(0x7f0000000280)={0x19980330}, &(0x7f0000000380)={0x101, 0xd7c1, 0x6, 0xcfc, 0x8001, 0x3}) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f00000000c0)) timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600)) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 23:58:41 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 40) 23:58:41 executing program 0: keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000000)=""/99, 0x63) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000080)=""/213, 0xd5) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000180)=""/164, 0xa4) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000240)=""/4096, 0x1000) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001240)=""/232, 0xe8) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001340)=""/25, 0x19) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001380)=""/175, 0xaf) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001440)=""/248, 0xf8) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001540)=""/4096, 0x1000) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002540)=""/63, 0x3f) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002580)=""/200, 0xc8) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002680)=""/220, 0xdc) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002780)=""/146, 0x92) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002840)=""/124, 0x7c) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f00000028c0)=""/240, 0xf0) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f00000029c0)=""/29, 0x1d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002a00)=""/96, 0x60) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002a80)=""/22, 0x16) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002ac0)=""/101, 0x65) [ 1621.332695] FAULT_INJECTION: forcing a failure. [ 1621.332695] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.335603] CPU: 0 PID: 10567 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1621.337200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.337952] loop3: detected capacity change from 0 to 262144 [ 1621.339090] Call Trace: [ 1621.339159] dump_stack+0x107/0x167 [ 1621.341806] should_fail.cold+0x5/0xa [ 1621.342691] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1621.344002] should_failslab+0x5/0x20 [ 1621.344873] kmem_cache_alloc+0x5b/0x310 [ 1621.345803] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1621.347083] idr_get_free+0x4b5/0x8f0 [ 1621.347964] idr_alloc_u32+0x170/0x2d0 [ 1621.348865] ? __fprop_inc_percpu_max+0x130/0x130 [ 1621.349976] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1621.351203] ? lock_release+0x680/0x680 [ 1621.352118] idr_alloc+0xc2/0x130 [ 1621.352922] ? idr_alloc_u32+0x2d0/0x2d0 [ 1621.353216] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1621.353846] ? rwlock_bug.part.0+0x90/0x90 [ 1621.353879] p9_client_prepare_req.part.0+0x612/0xac0 [ 1621.353909] p9_client_rpc+0x220/0x1370 [ 1621.358490] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.359698] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1621.360923] ? pipe_poll+0x21b/0x800 [ 1621.361770] ? p9_fd_close+0x4a0/0x4a0 [ 1621.362655] ? wait_for_partner+0x3c0/0x3c0 [ 1621.363633] ? p9_fd_poll+0x1e0/0x2c0 [ 1621.364505] ? p9_fd_create+0x357/0x4a0 [ 1621.365413] ? p9_conn_create+0x510/0x510 [ 1621.366353] ? p9_client_create+0x798/0x1230 [ 1621.367350] ? kfree+0xd7/0x340 [ 1621.368098] ? do_raw_spin_unlock+0x4f/0x220 [ 1621.369105] p9_client_create+0xa76/0x1230 [ 1621.370081] ? p9_client_flush+0x430/0x430 [ 1621.371049] ? trace_hardirqs_on+0x5b/0x180 [ 1621.372034] ? lockdep_init_map_type+0x2c7/0x780 [ 1621.373123] ? __raw_spin_lock_init+0x36/0x110 [ 1621.374171] v9fs_session_init+0x1dd/0x1680 [ 1621.375155] ? lock_release+0x680/0x680 [ 1621.376074] ? kmem_cache_alloc_trace+0x151/0x320 [ 1621.377219] ? v9fs_show_options+0x690/0x690 [ 1621.378227] ? trace_hardirqs_on+0x5b/0x180 [ 1621.379201] ? kasan_unpoison_shadow+0x33/0x50 [ 1621.380234] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.381401] v9fs_mount+0x79/0x8f0 [ 1621.382216] ? v9fs_write_inode+0x60/0x60 [ 1621.383169] legacy_get_tree+0x105/0x220 [ 1621.384096] vfs_get_tree+0x8e/0x300 [ 1621.384955] path_mount+0x1429/0x2120 [ 1621.385827] ? strncpy_from_user+0x9e/0x470 [ 1621.386810] ? finish_automount+0xa90/0xa90 [ 1621.387787] ? getname_flags.part.0+0x1dd/0x4f0 [ 1621.388857] ? _copy_from_user+0xfb/0x1b0 [ 1621.389810] __x64_sys_mount+0x282/0x300 [ 1621.390729] ? copy_mnt_ns+0xa00/0xa00 [ 1621.391627] do_syscall_64+0x33/0x40 [ 1621.392474] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.393652] RIP: 0033:0x7f535d26eb19 [ 1621.394495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.398684] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1621.400434] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1621.402081] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1621.403706] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1621.405336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.406962] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:58:41 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x8000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:41 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3fffffffffffc}, 0x8000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000a80)=ANY=[@ANYBLOB="00f9ff00000000000100606e74a80fb646147dc85e00000000000000000000ff030000000000000000000000000000000000000000000000000000000000eaff0200000003000000ffff00000000000009000000000000000600000000000000020000000000000000000000000000ffffffe50000000000000000000000000000800000030000000200007f000000002a84000000000000fcffffffffffffff0800000000ff01000000000000000000c91d84c3000000000000000000000008000000000000000000000000000000000000001d300000010000030000000000000000e2ffffff00000000000000000000000000bde386d63bcd07f198d746b9157e5bb66cacc3317884d539c0cb07f0432fa5c0cc6d215b3df4f3146623cc352833ca4e5c8a29f5293b66bbbbe1626566e7cb7f908feb74133e10edb36e004febd9bdd5666aba350b1e4871fe1d3d3163daea34319314168a0f52566e068efc69ae2467ed0521131580f063b47145fde83dcc89ec6faa226f316174181770836d9ccf8467f3fcf34e54f752b6ee5868cbd58a1db6558002ff5d649ad2007ac5b25884429d9b7e372a480cb61ddd873a2cbd146b69ba038acbfbfe843411c124e8d22947d62368d0a977d4bea46832dc2d0efb9675f96687f1c3417d7d49aeb8045c21ffc969cfb704e450fe462050ff80588979a1d69879903f989bae9dc2c599441721234a84652ebf4218b6e0ce32fe10c1fa4d5e170c515229628131de71197e7387ec2eab018be7b4c6a4f2dfe76b5f9d240033f8b3872484db4f182d9d1fba63d800978b3f9845123490549ea944cb838f02000000f87cf524c9079f60b9dc621518e0039ec3f20f717ae0b38da93bd3ec9ae808a142cb8af18cd4042038d6e34429d561b257f6997e38d6cae1d4686aa4653cc972bf37a717695ff75b5d6339832bd4c6806617b12ee49a7c46ebaeaa65bb855f07737fbaa23820c7bd62591186c41483c3844693561fa500b316fae64e230000000000000000000000004c5f60817b03661652306f2c2c1b394e0122a45ed6ee29b000a3ba947933a88224993823b07b118bb4fe6e2d3b865255e6cb22f6e8aa07f6be4ead120382bfd577fb879047c6f329d8aea01cafc8e741804e90f929f5676d849a35b966d3b6d0209e939c885d6116f721673aa990171fb80f4d0149b908b359e5978aa0d6ec5f6cd99915a066677d862d4d012ff41e6706b8cc0dac07360db46706935131fd7aeccee41564faa91cb714ccc3ef1a6ad6a88a833a1d087118f7ac4ddc3d4308de22f96977fbb36c23894695ce1ccbba43458ad552"]) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00') readv(r0, &(0x7f0000000280)=[{&(0x7f0000001e00)=""/4098, 0x1002}], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40086607, &(0x7f0000000080)) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)=0x9, 0x12) r3 = syz_io_uring_setup(0x8, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x2c5}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000000)) io_uring_enter(r3, 0x18e0, 0x0, 0x0, 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000500)=""/212, 0xd4}], 0x1) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$sock_buf(r2, 0x1, 0x1c, &(0x7f0000000600)=""/154, &(0x7f00000001c0)=0x9a) ioctl$sock_bt_hci(r4, 0x800448d2, &(0x7f0000000080)) io_uring_enter(r3, 0x64ba, 0x7e41, 0x1, &(0x7f0000000140), 0x8) syncfs(r4) getdents(0xffffffffffffffff, &(0x7f0000000380)=""/233, 0xe9) 23:58:41 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) openat(r1, &(0x7f00000000c0)='./file1\x00', 0x2, 0xa0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x105000, 0x0) syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={[{'\x05\x00'}]}) [ 1621.474966] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:58:41 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x100000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:41 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xb8ff0000, @empty}, 0x1c) 23:58:41 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff8, 0x401}, 0xa402, 0x0, 0x0, 0x3, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000011b000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0096fc47e671"]) r0 = gettid() perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x9110, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, r0, 0x3, 0xffffffffffffffff, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x90, 0x1, 0xff, 0xb0, 0x0, 0xfffffffffffff548, 0x40, 0x7, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xb1c, 0x1, @perf_bp={&(0x7f00000000c0)}, 0x0, 0xffffffffffffff2e, 0x3, 0x3, 0x5, 0x3ff, 0x9, 0x0, 0x80000000, 0x0, 0x9}, r0, 0x0, r1, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) pipe2(&(0x7f0000000480), 0x0) r2 = epoll_create1(0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = epoll_create(0x3ff) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000300), 0x8}, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000200)={0x20000001}) dup2(r4, r2) 23:58:41 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x6c, 0x103) 23:58:41 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f80100200040000300000000000000800029842f98f153595a4b414c4c4552202046415431362020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffffff000de0000f000111200113400115600117800119f0ffff0f000000000000000800"/83, 0x53, 0x1e0}, {&(0x7f0000010200)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b9ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b9ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b9ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b9ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e202020202020202020201000b9ea70325132510000ea7032510300000000002e2e2020202020202020201000b9ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b9ea70325132510000ea70325104001a040000", 0x80, 0x1a00}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c00}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x2200}, {&(0x7f0000000300)="73797a6b61096c657273797a6b616c6c6572797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c65727300000000000000000000000000000000000000000001000000000000c3e01d84a146fe6b45a522175aa95bee895c42125cf5740f1f725604d12b1cfb1a76bebe516298f85bc1336abdfe535a999304e7ad176bf68e19551381b6eb2e4b9820f145904927831af89b3112984113405f63b137909da3c9c541cccaf71062cb226d85781aee8d49aa96737029759c7922716d211054c9614262d53c09484f7db8293d8cf9195ca101b00c0c7778eac8a3cc9d999bb24b62117b114ce0baae64c3858e7e4b7ec59e0d2765c21db22b5e66911c958d0bdc45ec2aded52a0c1711b225390cb8a2197ce4a41002250aee48871d17737385958c8f009464577b0a65d45ed25bb909755c8fc1affceae3ea80df73bcd5aed7345cd6e2b75fc976895912cd49b148940c052bff25ad1622", 0x186, 0x4800}], 0x0, &(0x7f0000010f00)) mknodat$null(r0, &(0x7f0000000040)='./file0/../file0\x00', 0x800, 0x103) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000140)={0x19, 0x17, 0x2, {0x10, './file0/../file0'}}, 0x19) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffff9c, 0xc080661a, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}}) 23:58:41 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x200000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:41 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xbd3ae1c3, @empty}, 0x1c) [ 1621.741164] loop3: detected capacity change from 0 to 262144 23:58:41 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 41) [ 1621.770055] FAULT_INJECTION: forcing a failure. [ 1621.770055] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.772384] CPU: 1 PID: 10612 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1621.773840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.775582] Call Trace: [ 1621.776136] dump_stack+0x107/0x167 [ 1621.776915] should_fail.cold+0x5/0xa [ 1621.777716] ? create_object.isra.0+0x3a/0xa20 [ 1621.778674] should_failslab+0x5/0x20 [ 1621.779470] kmem_cache_alloc+0x5b/0x310 [ 1621.780328] create_object.isra.0+0x3a/0xa20 [ 1621.781263] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.782328] kmem_cache_alloc+0x159/0x310 [ 1621.783210] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1621.784375] idr_get_free+0x4b5/0x8f0 [ 1621.785196] idr_alloc_u32+0x170/0x2d0 [ 1621.786021] ? __fprop_inc_percpu_max+0x130/0x130 [ 1621.787029] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1621.788143] ? lock_release+0x680/0x680 [ 1621.788980] idr_alloc+0xc2/0x130 [ 1621.789705] ? idr_alloc_u32+0x2d0/0x2d0 [ 1621.790558] ? rwlock_bug.part.0+0x90/0x90 [ 1621.791465] p9_client_prepare_req.part.0+0x612/0xac0 [ 1621.792559] p9_client_rpc+0x220/0x1370 [ 1621.793403] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.794513] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1621.795629] ? pipe_poll+0x21b/0x800 [ 1621.796397] ? p9_fd_close+0x4a0/0x4a0 [ 1621.797215] ? wait_for_partner+0x3c0/0x3c0 [ 1621.798121] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.799223] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1621.800344] ? trace_hardirqs_on+0x5b/0x180 [ 1621.801269] ? p9_client_create+0x9dc/0x1230 [ 1621.802203] p9_client_create+0xa76/0x1230 [ 1621.803098] ? p9_client_flush+0x430/0x430 [ 1621.803980] ? trace_hardirqs_on+0x5b/0x180 [ 1621.804883] ? lockdep_init_map_type+0x2c7/0x780 [ 1621.805869] ? __raw_spin_lock_init+0x36/0x110 [ 1621.806831] v9fs_session_init+0x1dd/0x1680 [ 1621.807732] ? lock_release+0x680/0x680 [ 1621.808568] ? kmem_cache_alloc_trace+0x151/0x320 [ 1621.809582] ? v9fs_show_options+0x690/0x690 [ 1621.810498] ? trace_hardirqs_on+0x5b/0x180 [ 1621.811399] ? kasan_unpoison_shadow+0x33/0x50 [ 1621.812352] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.813420] v9fs_mount+0x79/0x8f0 [ 1621.814154] ? v9fs_write_inode+0x60/0x60 [ 1621.815014] legacy_get_tree+0x105/0x220 [ 1621.815859] vfs_get_tree+0x8e/0x300 [ 1621.816640] path_mount+0x1429/0x2120 [ 1621.817452] ? strncpy_from_user+0x9e/0x470 [ 1621.818358] ? finish_automount+0xa90/0xa90 [ 1621.819260] ? getname_flags.part.0+0x1dd/0x4f0 [ 1621.820221] ? _copy_from_user+0xfb/0x1b0 [ 1621.821097] __x64_sys_mount+0x282/0x300 [ 1621.821938] ? copy_mnt_ns+0xa00/0xa00 [ 1621.822764] do_syscall_64+0x33/0x40 [ 1621.823542] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.824615] RIP: 0033:0x7f535d26eb19 [ 1621.825413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.829229] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1621.830811] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1621.832292] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1621.833783] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1621.835266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.836754] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:58:41 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000c40)='tmpfs\x00', 0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0/file1\x00', 0x0, 0x0) link(&(0x7f0000000040)='./file0/file1\x00', &(0x7f0000000080)='./file0/file0\x00') lsetxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) unlink(&(0x7f0000000200)='./file0/file1\x00') unlink(&(0x7f00000001c0)='./file0/file0\x00') r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) futimesat(r1, &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000240)={{}, {0x77359400}}) [ 1621.850922] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1621.881396] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:58:41 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x900000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:56 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) r2 = getpgid(r1) r3 = syz_open_procfs(r2, &(0x7f0000000040)='fd\x00') connect$inet6(0xffffffffffffffff, &(0x7f0000000440)={0xa, 0x4e20, 0x8, @mcast2}, 0x1c) getdents64(r3, &(0x7f0000001280)=""/192, 0xc0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_mreq(r4, 0x29, 0x21, 0x0, &(0x7f0000000280)) setsockopt$inet6_opts(r4, 0x29, 0x3b, 0x0, 0x18) fcntl$notify(r0, 0x402, 0x20) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='errors=remount-ro,utf8=0,iocharset=utf8,fowner=', @ANYRES64=r3]) ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x560c, 0x0) r5 = openat(0xffffffffffffff9c, 0x0, 0x640683, 0x0) pwritev2(r5, 0x0, 0x0, 0x1, 0xff, 0x1e) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @local}, 0x10) 23:58:56 executing program 7: ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f0000000000)={{}, {@val, @max}}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="6caf6cf10798742b0aaed9d9e010f658f40dac51bac5c9445a0eea5dab55b603c75ca0ffb4a170952c53a457df618e675be052a0b6527289585bd702d7879db6181a34343c8a08a6c702de639f5ccf069b26bdb18721b3233ff6d2899654a831c39abcd8736a2f99a01a0fea963573ba8d48257f4391e5a0ff9ce4651e2daab81678f8abd1b49b9527a29dd9ef54f76774bf29fc3f7cda3759d889366bbb9d2114c7b4e4c19acac556b780f2c11164f1e0ee63b16cc779601a0bd3ae547ea11880cf06a92516891897", 0xc9}], 0x1, &(0x7f0000000180)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x8}}, @flowinfo={{0x14, 0x29, 0xb, 0x4}}, @dstopts={{0x150, 0x29, 0x37, {0x87, 0x26, '\x00', [@padn={0x1, 0x1, [0x0]}, @generic={0x8, 0x44, "1005ab263f6376ccb7a0b17285151879c7003692069cdd32c343cb36a7ccedd48e2d5a8767e7cd139398e7f050b3f073de194d22088235cf9a539a066aa2c5c9e53c9a5f"}, @generic={0x3f, 0xae, "0398acfc31c99610a2aa39fa216b438e6a0bace08cdf6cdd8eee5db3e9879b925376eb56b2d5139aff55e4ecc5c8f63b9255e459ea6c667aec823285bbca05aefd37d61b66293ebed9afd7023eb29daaf0a1b0175dbaee2a2d10b4a11ae28c1572cd4322bda67b6cfe1b512a3370bc0ea7b468ba663072352b371cc8a9998db17d878d3863600802e3043d23b1d19b9cc874f155f7ab99d171bb7be4633633fb6510b7321ea6a28a93c0310af44d"}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast1}, @calipso={0x7, 0x20, {0x0, 0x6, 0x5, 0x1000, [0x8, 0x0, 0x5]}}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x4}}], 0x198}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000015c0)="9fe2c02dae2027ac609164db31bbc3bdb0cbf3625d7aa9c6bdbd8f61e22f0dae34f5476abc384a7c70dc2aeae8b785e869b11215071cc497d490e2bf41b639acc1fee3d0be097bd9744c3f8ef9a9f15fa6271f99f48c9aeceb166060aeec7b0f4c3ce0d27547f5581e28b3f956c3264138354d176a04629ea86c47bace959d3a3e3e5e1f053d6043143a6fb992f101b4ae6bb93516c151fdd6eae9c085df0b5beb57c6592d6d96c9688cf95d03fccb80e04d8b44556525e8b626d97e70f2981878f8b0f9f61ae0595992559490fff09f6533fbdc2edfcd19ac4d59c1437b7ae8b7997eb47657b023878e3fe4d0c89b782de4a7bc734ca540f929b23bfa237ddd5869410b5bddeab264d7662e8eee5ce2cdb862903457463d357828122905c3efdcd2194df758ab56c54bada6a18d4d8fa0cc533dc7647f8f8c7687512a4c2e52a00962859b1d343d5ed5c774c6de936c7004ca19778af65067a1a6c6f5e07705f33f0e10e9a77c0dcb0463826831224ba9a0d7e73c170cbf3d5bc312d96c3dccb065f8d3c66e9c0f9ada35decb7140d6355fa9a1ad6f490d23a019dc9621df5e6798f354c76a383c5389bffd5a8534f047b020bc94c0c37b2252f960d8ef7ffe059b1790f2529cfc031d50173c49a2701ab6aa4da4e7bc9171b74c43bebd0fa540801588f1a0ac113b69f3d42d4197cb13eb0a3bc21e0c19ddeebfb11afb00b740d77d356ef1d433785d89ba3ddd28bb01093adca72352db075b830000ffa9d7c631ee968c9968fd70541eca9dbdc5f5fad01f74be9e05023cd19240d75e1e1022958bbc216d93e3eb10efb80df63fa6b3bc008f028608ac89808f077d2a0a334e3132783a9f3657e1cc7dd882b89d27d0e7a16b8a936e3acb5a6645b276e05640f10a942087947d9b6846abca5f55a67dc37a00ef8a05719f7c9a7694051d01d5193068aa2949bd59632e1386888086868731e7e161572352b4e96eead694812d288295048a18e2a3d64c4f24fe31b73453b3829555f045684bd81eadda84e0ae78d6af8b042ad0cce171df34bf72be10fab52c49439d83fb252979b4399c8222da4437a959e774a5d64cc3aee57be105cc1bd29a93d98a5a51dbfaadd6f5a0b3b10331f7887dab6e5cf013fff09f0f0bc20e1d755ab3144ac915614617a57d8e788496cc6ec18c907bb6620973d74bf4ca51fe09c7ad8c0c9e4be9db8bd4980ff5c75c6dec386c83f0ae1ef5d90cd7ebb1c267d081dd6ccf09dea7de45a77af9ea3498c435ea3485790108d3ff068123942ed2f89f1621f323ba70f7f9b1f5b0e048151d24c8634666f1605428718e069f33a8f2a179b15f002923f3fd8d73c694971b8f5d6f2227b63752a00c223e220410bead1049563d67e925bc61cae11d2c2779f131648b1f9e29a38fedb0ba40581a841fd4124e71e6bd0700141eda56034f7d97817ff10cba2284fee829e4324396d9f86cd40ac79e3724b22de4817d1d5d0e253790dca8aa691843504610565effa718b319ee63bba0aed00e95e08f204a00be226bef7e3e9e43a3dde2b96898b347b4d8889e7b502dd05d092a172371ffbfefddfa25e9955989c70446d5a149d26f7fbfc83fc806f0ae1d9eb0d309da484e01387e4dc1eed37b65a43aa14a185ff236c937260618b9d966f10f2916ae514f3f8c820231e3dcc766379f65b2b06f4b9b26d151e4d66e6e8b5e5bc0bf39186d4729f85b7ddcd9abdc91245e5a670022affd983b7d8efbe9c8806263302c983145418ee4bf8312b384120748a4982c1704f6a30407b914bea8adef85d370c0c5ad69926bb19ff94490809ba56188eb30dfeea5d2a5f6290c5b936a560db5d99a63114e77e013ee5b22e3e518d531a0f263157cf92781c916f2c830f4892d0e8aac4384e5cfd49ad46e43cda6da454d94435ca66614a8b7527c3f5f0593add05da09c4d2e75c713dbb6d9eb30e43e449953c8685477c590065fbda4fa87a57bc9f7fc6b379cb81aef9ebdaebb9617f8bda8b44dc917d7501a930a21c81acfaf2b61f756c8a1bc7ac24c3e3d04f368ad5a17ed198ea07dcdb8523bd0ae5a7a0cdd38d492544292f463479736477181a0e8ee2496c8645b84b7f1840b1d498f00c45899321eb47f96cfe8cf0186f75eff91d05c63820879f30aad3607b729edad4a3bcc5aea6bf91a69e61a3bf5250619b366271af16cdbc3ec411df46139f9a47a8e4e11cc88dc48c9187ed28c5a1d7386abac688bdec939abbcedc50244fcaa9124c8a19c9750245903a282704da3b12e5fbe92f5cb8ddc9ae98d1d23aa29c2e416c34db221372db63ba62492492a86c8c974a714cdacebc6089a5b684e424d69d1e4a411ffe0ddd456a6cdfb58864c937d11eacef23c66ebfe339d3ddce018b7e014a4cc07b51af3f776c48a60ce176303e996d119ce8cd8cb77566176f3279c3811130224f90694bc991172f82de98c9c00135a5b33411202f86b4022b9d0a1216d7257b638d7e95b2b265636a881368e90c038366d58fdc1f8f8183549ae3f1d535e9465e4415a424c9cba68993849700c1e3ec0d967a5c742dafb2e3d7460dd5e8297ce4587a07e657c4fc83a1c537726898e5b84c5104a7be102b9f34fb9c83a91270ff17dbebdc4366a9a7113af88c8cca856ac0fcd07f32855e10d685e97f12a4495c5d16c1b85327fac955aa1d3bb95f3a94a448849a6fc314722c5ead917ec8728bb070eaaeeb23099ee35b17f4dddcc92c8f7cf9c879b56286611f8d702f7baa38c11d52ecbda778229755b13867ab974bf089733567c5737312bb70050170b982caa42b2b7a73aa0ba8c7b65a0668ac8b40066526093981773f7e1880737b0127523e0cfb0b401581a7778566f36892e07526bf47cf44126e5d4e22ee45861f4b02fa43bfffdec80e2a3c52c37e2ff11339c939612fbf6347576701d036160d1b53caf3dfe8a4b7ccf2663857326e7f352fc79248a83c5dec9fe74edaa443d0ef154aee04c01d961b9851f162bbc9aa102fc2af4c57c5f5848bc4f7be2b237a17015f6e843e84d5cfac1cf86b1e2962059b2128a10e66c79500fe9f0e5881ecff1145c071c32574fbba8709741a3cb516167c4fb6ff0f72c447f597921ea751db722fb721ff8e8fad99470b76af8c3477f27fa624cef84a1450e8c1e61399cf0a175443d57e9c581bef9f42ca765e4b883f3b3dc0d20f57ced245e5f0ab2656ba589570c1f5bec1f630775f373d62aec796121146dee91e270d1578cfa3b3e3f49fa4ae1b807550f3d49d7ccc5b572308088fb1b916073dfa87fdbd73f3907f818c7582da784f3241e011271315ebd9413c83fa8a83eac054d7047d0f7cbdd1fcb3b58a44be0ba6d60ff8c04ade27aab66ef15a7d86436220ff8a37374c0217ee25d3f779080e5f990922c5c992172110916dd38c23e178bd05b9e2d0949b0dca8f93078065fafa695a3870f7974e3a395025ed7e81eec4b9e7571aa2869b2bdcf1f258832da8b6840f3082246c940212c8529ee9b74daf662382c61e1af8d8818ec427f95cb9b19fce6e247b454e2e6342abfea398930e746a8d30c182f8da0c0929da18e3ebae4b19fa4ab3dd6442e637525dea7768353315cdf77ea2d7ab6fd4f8fedeee571bb58cce5de07b3b0fd48e02ea05e103e863bf44a28e4d04d9fdac33ab2c3cc002e6c24e57c3dca02bcf97e1ab8c13f9b671b008a1aa9e17033b7f397ef5caa97c77dc5c7b70781f9e4723730d5998c079f41432e705d0fd72bda0b2b14a4c4e519c6d525da5573d1551b76f3517287b45a6f01af30befaf3284eb953dcc30ebbe7b134e01254f03c03d8211ebafccb3e78a50a913154b782d5f743e2aad9c27fa5d0be8b9d67c30bb5b9f914ea049232d3248f6fead47e6bb136226d6dd7e9d1d5b731bedd4478cfe63a2b7652660144ec28e5d6c7d0d223d4fb9131db1d91d8eb90b73f15b0e481ee08848d0d91866bfe640b18c596b2f4fc505ee844d790705de8a113496fad74fadef8b1dbdd7287b6c9e4eb4618a4a452728c1d868a2491fc803021f28ec989d1928e9f48d3b948ed53ca83ef2ea236a745508b3914ad5fff6f91f3fdf1d3ceea94d80705deee8d0799d552c1f345c143dfbc18e8dcee9b44e91910f326d03f58b3d627bc7417a48e98a2ac64145d6cea1c74a39ad665acd35c8173e18e7b8e06f08d61fc1a70140857f905d8dd320f083f31c5699bb6399f78320f3e14cf62e9c40ceabb0f10e58f9d7332ff5d8942ed13f871a56ae98bc36551ec080c478f75c7145b2fabee74a230565fc726f55477e06aa47db215a7da8faff5503bb376b9d659691afa09dc77600262687f63a1500e2d0dc0e71deeabf26c2d5f8fd6d320817a4c83b9b186d3951403f5f8fd358de6207846a7798b839cab2b9f9bfb8bd97c3277570fba0cd8a4533d39221b6a49632f2f2e868d9efa8cf876c0c673d1991d6a2f32b09801905c4e08de2a6b8acb3924c6f5ea4fa9e5d37eb35a75a34309230d5d77f81a74d7393342f4c4736f1a1bee89eb89744610b27d1ee92f16196568372d65da72cdc7d3e69c1dc2ffae45f9887dbea7b23791ce1fb10d5ad716823f6f065ef5a2557ae3a7a36d4debfa3df5ef208e7ff429ab64c24e88732fde5d64064ae32c1f44fac51581aa03ff6fdd2e1bf01f3e67d526d61168b4b763f82d98fe25a048f18e4ce421e14908bd896dfcb90342dd7aaeac36eb9fc92b8a185a4a221812521af0133b625701ddfb870a43efe7236c8a863e0553f2486dc8e36fb95d73df47ec65b4697373fc72bfcf866aae0d94e8e8a69c8fe468ed1da30a72cdf13dc1b4f28c0205a5bd0c73bb7021f805af06c321f5e9326f98788b9f6568c4eb00a467710573c9bfc5ccfe1af5b6964194e79b8a17f4075a25d0be4d4401a8ba375ca4d16299da356d4d8c65be5eb6f371411339723c58c6e38ef091e9421e008d5bac34b9d06621e0a4521b1af53e5858e24d91e73e94f39ac93d8d43ae131cac95a62482c24d102762e5e019fbd108a12149d8f2a07c38f710259105606a90180b8f52702d1fdcea45e6c76c375e5e67c1568190067ef35ff5196aa74e79e7741253c2094c2068ebfd526d772c53bbc783fcdddd5665276a63496c704f1f9f1e9312e02db794641b193dc13fc3da5dda26f5efc6f5645ec3aeafe878a6dfd4c8089ec460079ff24ce850bef419a0dab125dea39d7e6e33044de247dbf19c448868b849f48afe35649175c12d4c893d32a71df3f4a21ff55e61c789f372e80d99a3a2a762bc48449447ec2897a831d8e9bee943ccef9150f634c15dffdbc9e52621d914c9ce8a61a40ef97b5c2367e5f577aa56198d4f1a7b564796243e039bcf51fdc2682072d7e75f3caca75e9d9c083509ec3435406cfa5778fe468232fe6d7c9316a0c5871955ba0fd3d7fee8e84ebfbdc6e33e4dd0e9441cfd49aba764bd5c64acfc73ae2161ade113a89c3e9a76f4077c6e6d0f6ff05f2c31cadc339d9ff4a240d7a26ce7d16e62b8499f6b0fbe5dfbe80604c8fc18d27c35efd8c100fd2217833bab1645a8cc6c3956755fe317a5824c7196f33fbb777269193f3bb8ec033fcfb6d8e1c535e1486a521fe08468f4f33f87f9def07dd2595931e6a9fc1c799383a75e1592f1d12096105e20f6a2818c4844f2a0b132b1ebf79b64996e999db07545d1944f5d69ef317ff7e078ece942cffefc3e23da30ad5fe3210e67895de9b0c9e34c14e67a703d4cbb7f97836bdc14b76f7a97a7a5ad81ad5019d4f8ad076c86", 0x1000}], 0x1, &(0x7f0000000380)=[@rthdr={{0x58, 0x29, 0x39, {0x2f, 0x8, 0x0, 0x14, 0x0, [@empty, @remote, @dev={0xfe, 0x80, '\x00', 0x38}, @private0]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x87, 0x0, '\x00', [@pad1]}}}], 0x78}}, {{&(0x7f0000000400)={0xa, 0x4e24, 0x3, @private1, 0xffff}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000440)="f6006818b42f831a4daf6b1626e0b242ff9ae96d4d3629c154a4a88aba9f753bc1361487cf5cd3f66a688c9992fedf3c0ee5ea966dfb033be9e01c261c004c287e4eb9ba71beff177bd520f71c5ef909bb94991d0b438422126959780bbcd941a1ba993def32e8fe4046ed4fe4e4ec998270e0103c3f4a9478414ef4b405999c3fb1cb231c3c69e1a5333759fc32a2b450f2daab6c5f400ea750dd52e8d8ab75ad0463af34c8193b25133fd0ffb40fdf94ce4429df290292e1f0d35b175f61e27be4bc1225e29cc41a947fd4dd5b3179a0c2a81c7edbf5eeee510d04e664db84bcd28475f624d35143cc556b5d684ea8274ae2835f58c1", 0xf7}, {&(0x7f0000000540)="4cbf7f28798e4ad386", 0x9}], 0x2, &(0x7f00000005c0)=[@hoplimit={{0x14, 0x29, 0x34, 0xfffffffa}}, @dstopts_2292={{0x48, 0x29, 0x4, {0x62, 0x5, '\x00', [@hao={0xc9, 0x10, @mcast1}, @hao={0xc9, 0x10, @mcast2}, @jumbo]}}}], 0x60}}], 0x3, 0x40001) r0 = syz_mount_image$ext4(&(0x7f0000000d80)='ext2\x00', &(0x7f0000000dc0)='./file0\x00', 0x0, 0x1, &(0x7f0000001480)=[{0x0, 0x0, 0xffffffff}], 0x1, &(0x7f0000001580)={[], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) openat(r0, &(0x7f0000000700)='./file0\x00', 0x200000, 0x89) 23:58:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xc3e13abd, @empty}, 0x1c) 23:58:56 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) io_uring_enter(r1, 0x72de, 0x4157, 0x0, &(0x7f0000000100)={[0x3825]}, 0x8) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000080), 0x4) writev(r2, &(0x7f0000000000)=[{&(0x7f00000002c0)="7633a2afdfaa177736d399b3eb292580aec31a20d0c278dcaa3dfb296e484b830b821bfc466bf40aea6bbf453b3a67a77c331a4acc029c645663f28525aa15aa004942f9bbaaf8d0b1c6da22a45671868adac7f9bbe3dc7768608be144f42d5f32a8bf930bfab1773d47f652d1fae42c0afaf829dacba33cf142791c0312b564ddfbbdd68bd0d9b5bccf1874e928c400c094085a4b0f0cf420be0aaaa9ab867d55096b0f9c4f", 0xa6}], 0x1) r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x4000010, r0, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x10000, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d663f1afe8c4015d291", @ANYRESHEX, @ANYRESHEX=r3, @ANYRESDEC=0xee01, @ANYBLOB=',subj_user=,subj_user=oom_adj\x00,smackfstransmute=ccm-aes-c']) r4 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x12) dup3(r4, r4, 0x80000) gettid() r5 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) syncfs(r5) 23:58:56 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 42) 23:58:56 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x1000000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:58:56 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x74, 0x103) 23:58:56 executing program 5: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x97, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ptrace(0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) pidfd_open(r0, 0x0) ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/106, 0x6a}) readahead(0xffffffffffffffff, 0x0, 0x0) [ 1636.647955] FAULT_INJECTION: forcing a failure. [ 1636.647955] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.647996] loop3: detected capacity change from 0 to 262144 [ 1636.650491] CPU: 0 PID: 10643 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1636.650502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.650508] Call Trace: [ 1636.650533] dump_stack+0x107/0x167 [ 1636.650556] should_fail.cold+0x5/0xa [ 1636.657543] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1636.658836] should_failslab+0x5/0x20 [ 1636.659696] kmem_cache_alloc+0x5b/0x310 [ 1636.660628] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1636.661901] idr_get_free+0x4b5/0x8f0 [ 1636.662778] idr_alloc_u32+0x170/0x2d0 [ 1636.663657] ? __fprop_inc_percpu_max+0x130/0x130 [ 1636.664751] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1636.665972] ? lock_release+0x680/0x680 [ 1636.666869] idr_alloc+0xc2/0x130 [ 1636.667647] ? idr_alloc_u32+0x2d0/0x2d0 [ 1636.668558] ? rwlock_bug.part.0+0x90/0x90 [ 1636.669538] p9_client_prepare_req.part.0+0x612/0xac0 [ 1636.670709] p9_client_rpc+0x220/0x1370 [ 1636.671606] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.672788] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1636.674006] ? pipe_poll+0x21b/0x800 [ 1636.674845] ? p9_fd_close+0x4a0/0x4a0 [ 1636.675720] ? wait_for_partner+0x3c0/0x3c0 [ 1636.676686] ? p9_fd_poll+0x1e0/0x2c0 [ 1636.677557] ? p9_fd_create+0x357/0x4a0 [ 1636.678449] ? p9_conn_create+0x510/0x510 [ 1636.679378] ? p9_client_create+0x798/0x1230 [ 1636.680363] ? kfree+0xd7/0x340 [ 1636.681108] ? do_raw_spin_unlock+0x4f/0x220 [ 1636.682104] p9_client_create+0xa76/0x1230 [ 1636.683062] ? p9_client_flush+0x430/0x430 [ 1636.684017] ? trace_hardirqs_on+0x5b/0x180 [ 1636.685000] ? lockdep_init_map_type+0x2c7/0x780 [ 1636.686093] ? __raw_spin_lock_init+0x36/0x110 [ 1636.687144] v9fs_session_init+0x1dd/0x1680 [ 1636.688118] ? lock_release+0x680/0x680 [ 1636.689040] ? kmem_cache_alloc_trace+0x151/0x320 [ 1636.690136] ? v9fs_show_options+0x690/0x690 [ 1636.691142] ? trace_hardirqs_on+0x5b/0x180 [ 1636.692119] ? kasan_unpoison_shadow+0x33/0x50 [ 1636.693156] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1636.694303] v9fs_mount+0x79/0x8f0 [ 1636.695102] ? v9fs_write_inode+0x60/0x60 [ 1636.696037] legacy_get_tree+0x105/0x220 [ 1636.696960] vfs_get_tree+0x8e/0x300 [ 1636.697808] path_mount+0x1429/0x2120 [ 1636.698672] ? strncpy_from_user+0x9e/0x470 [ 1636.699644] ? finish_automount+0xa90/0xa90 [ 1636.700625] ? getname_flags.part.0+0x1dd/0x4f0 [ 1636.701688] ? _copy_from_user+0xfb/0x1b0 [ 1636.702637] __x64_sys_mount+0x282/0x300 [ 1636.703553] ? copy_mnt_ns+0xa00/0xa00 [ 1636.704462] do_syscall_64+0x33/0x40 [ 1636.705318] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.706471] RIP: 0033:0x7f535d26eb19 [ 1636.707313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.711480] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1636.713209] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1636.714824] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1636.716439] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1636.718068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.719683] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:58:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r1}, &(0x7f0000000040)) r2 = openat$incfs(0xffffffffffffffff, &(0x7f00000001c0)='.pending_reads\x00', 0x101080, 0x3418223cedfd54ee) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x40, 0x7, 0xa1, 0x1, 0x0, 0x5, 0x10, 0x4, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000100), 0x2}, 0x4010, 0x3, 0x6, 0x1, 0x21edc034, 0x8, 0x7, 0x0, 0x4e, 0x0, 0x7}, r1, 0xc, r2, 0x3) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10018, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)=0x100000) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=0x0) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0x109000, 0x0) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x20, 0x93, 0x1, 0x2, 0x0, 0x1, 0x400, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x200, 0x4, @perf_bp={&(0x7f0000000000), 0x5}, 0x2, 0x9, 0x4, 0x3, 0x8, 0x400, 0x9, 0x0, 0x400, 0x0, 0x1eb}, r5, 0x6, r6, 0x2) sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) 23:58:56 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xc4ffffff, @empty}, 0x1c) 23:58:56 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x2000000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1636.788684] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1636.812069] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:58:56 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x7a, 0x103) [ 1636.951730] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1636.956222] loop3: detected capacity change from 0 to 262144 [ 1636.979044] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1636.987276] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1637.004325] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1637.011817] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:59:11 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2(r0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x1, 0x2, 0x1}, 0x18) preadv2(r0, &(0x7f0000001500)=[{&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/205, 0xcd}, {&(0x7f0000001440)=""/145, 0x91}, {&(0x7f0000001380)=""/106, 0x6a}], 0x4, 0x1000, 0x7fff, 0x11) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0) mount$bind(0x0, &(0x7f0000001400)='./file0\x00', 0x0, 0x100000, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') lsetxattr$security_evm(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080), &(0x7f00000001c0)=@sha1={0x1, "c937cf6e2334f71eed9a047447993f514b0e873f"}, 0x15, 0x3) 23:59:11 executing program 0: r0 = getpgrp(0x0) pidfd_open(r0, 0x0) waitid(0x2, r0, &(0x7f0000000080), 0x2, &(0x7f0000000100)) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x1675e0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@mmap}]}}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) ioctl$BLKPBSZGET(r2, 0x127b, &(0x7f0000000280)) 23:59:11 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) r4 = open(&(0x7f0000000000)='./file0\x00', 0x10040, 0xd1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x8001}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x2}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x2}, @ETHTOOL_A_COALESCE_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004800) sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 23:59:11 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xf0, 0x103) 23:59:11 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x2010000000000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:59:11 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xe8030000, @empty}, 0x1c) 23:59:11 executing program 7: sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) openat$cgroup_subtree(r0, &(0x7f0000000040), 0x2, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5) getpgrp(0xffffffffffffffff) bind(0xffffffffffffffff, 0x0, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x100000001) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0) [ 1651.408202] 9pnet: Insufficient options for proto=fd 23:59:11 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 43) [ 1651.419138] loop3: detected capacity change from 0 to 262144 [ 1651.429090] 9pnet: Insufficient options for proto=fd [ 1651.435862] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1651.441107] FAULT_INJECTION: forcing a failure. [ 1651.441107] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.443628] CPU: 0 PID: 10694 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1651.445190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1651.447073] Call Trace: [ 1651.447670] dump_stack+0x107/0x167 [ 1651.448494] should_fail.cold+0x5/0xa [ 1651.449368] ? ___slab_alloc+0x155/0x700 [ 1651.450286] ? create_object.isra.0+0x3a/0xa20 [ 1651.451330] should_failslab+0x5/0x20 [ 1651.452191] kmem_cache_alloc+0x5b/0x310 [ 1651.453121] create_object.isra.0+0x3a/0xa20 [ 1651.454119] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1651.455279] kmem_cache_alloc+0x159/0x310 [ 1651.456235] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1651.457515] idr_get_free+0x4b5/0x8f0 [ 1651.458393] idr_alloc_u32+0x170/0x2d0 [ 1651.459286] ? __fprop_inc_percpu_max+0x130/0x130 [ 1651.460391] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1651.461649] ? lock_release+0x680/0x680 [ 1651.462560] idr_alloc+0xc2/0x130 [ 1651.463343] ? idr_alloc_u32+0x2d0/0x2d0 [ 1651.464256] ? rwlock_bug.part.0+0x90/0x90 [ 1651.465244] p9_client_prepare_req.part.0+0x612/0xac0 [ 1651.466418] p9_client_rpc+0x220/0x1370 [ 1651.467320] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1651.468525] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1651.469751] ? pipe_poll+0x21b/0x800 [ 1651.470586] ? p9_fd_close+0x4a0/0x4a0 [ 1651.471461] ? wait_for_partner+0x3c0/0x3c0 [ 1651.472432] ? p9_fd_poll+0x1e0/0x2c0 [ 1651.473309] ? p9_fd_create+0x357/0x4a0 [ 1651.474207] ? p9_conn_create+0x510/0x510 [ 1651.475142] ? p9_client_create+0x798/0x1230 [ 1651.476148] ? kfree+0xd7/0x340 [ 1651.476887] ? do_raw_spin_unlock+0x4f/0x220 [ 1651.477896] p9_client_create+0xa76/0x1230 [ 1651.478865] ? p9_client_flush+0x430/0x430 [ 1651.479821] ? trace_hardirqs_on+0x5b/0x180 [ 1651.480795] ? lockdep_init_map_type+0x2c7/0x780 [ 1651.481877] ? __raw_spin_lock_init+0x36/0x110 [ 1651.482914] v9fs_session_init+0x1dd/0x1680 [ 1651.483892] ? lock_release+0x680/0x680 [ 1651.484811] ? kmem_cache_alloc_trace+0x151/0x320 [ 1651.485912] ? v9fs_show_options+0x690/0x690 [ 1651.486915] ? trace_hardirqs_on+0x5b/0x180 [ 1651.487889] ? kasan_unpoison_shadow+0x33/0x50 [ 1651.488918] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1651.490088] v9fs_mount+0x79/0x8f0 [ 1651.490892] ? v9fs_write_inode+0x60/0x60 [ 1651.491832] legacy_get_tree+0x105/0x220 [ 1651.492755] vfs_get_tree+0x8e/0x300 [ 1651.493602] path_mount+0x1429/0x2120 [ 1651.494475] ? strncpy_from_user+0x9e/0x470 [ 1651.495447] ? finish_automount+0xa90/0xa90 [ 1651.496429] ? getname_flags.part.0+0x1dd/0x4f0 [ 1651.497501] ? _copy_from_user+0xfb/0x1b0 [ 1651.498453] __x64_sys_mount+0x282/0x300 [ 1651.499370] ? copy_mnt_ns+0xa00/0xa00 [ 1651.500268] do_syscall_64+0x33/0x40 [ 1651.501115] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1651.502285] RIP: 0033:0x7f535d26eb19 [ 1651.503125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1651.507297] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1651.509024] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1651.510648] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1651.512261] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1651.513885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1651.515501] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1651.543280] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 23:59:25 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3, &(0x7f00000001c0)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}, {&(0x7f0000000500)="602533f94d6c8889ba3c6cecb1b61047e22a64199f0f3c49c92ef6ac5876951966bc673c2d44b843074ee9f44be3b457627e35f20da044511e2f57f74732c895a3898fd933c4b80a2827a77d597a216c0a97960295adb8d94b23b42aaebf0bd4b4f57b3a40cedf6649d0162deeb999c4d99215d037fe3f4a8ff78d35fcc0a56aba2134d8009d1ead23afd7067ec7331ff601d221bc8fe0d3ac0a2002c22b444ca9bda8ffd014caf005bb229b80a1885c41d41c59ec45d9ef78f968dab9f0fc075a137d1fc7f64bf43565d01e6a8e2d1cc7ad24e6212f2885969932fb7b169238c2fa977bdb2511b07a6112b1b5c7484de9d4413ce05b9a53a38d9b01b55a80ffa51a2c5d03bc2d0fee3921e7ed5b4a5f9950f2211bc1076ccef29a79380c2b242d9868ed8ce8961728ac1ff90b1b381f26a21de9836f9a48002e5353dfcc31b2c2a15faeffbe3f24eade1e567f915b2cdb49f3edfc2db2629f9f7faec7a8c7e7c5e5920f7047bba8eefa5f5b0daff31c39f481a7a13f16d486c0980264c388ce178ad41f39115664daf290f963897bdf6e084160f9420e26e389e8bbed78a55452513a9f1edd7a8ba5bb0d141cbedc0ff628a781fa94750c913d5247ece04173c999b503fae3a1d362f308811f326fc76c5ce47a9b0a66a1fbc95a7f665e01aa923f11bbca4a2f6ae7f8532b880f9f83db30b1681242cda02bf03cb2bf3afaa1662af430a7f8b2bb4944bed0252d31c0710590a300c220bb23d114a2be8297d240298599c8c0594e0b324d89e6a6ae5bd8b451f0eba2ff895967e43426dd67e9f89682fa553f9228ccfabb5710419827058d6bbfe137500d1d8746dbfe93a8bb520e42405a85b66c9e0b8b3065d7efa91229ff311ead9185d7e5a6b7d1a3c959d9a031aeec59831d236fb5e4e5191bea4c4c7ce1c07e62749331e9d82b2c1f1f68fee17525b14d364d8b0642360ee4afece853d04dd7b7c5af5ae6bbd4279390057262e750dafabedca86b410185a51b06de6aed023a2d31caf0290541c59c2ae9a034e417bab88a50d2cfd847997df7ac6461cd4baa1edb7508fa1557cc5c4840832f817cdd33d35c4d8bbc5447973b768383e07680e72ab5b21e77c022358cd3ef24589a4bb65520f3ef7f31ec9e5f7f640fa6c8f145efe73d2dc8a079df71556f2f2c15fc527aea6b189afb6e2a51be39d36256ef9236b668fc70b191403d4131ea6f7b0e463e473f6f343649f2410c44305d0261f1845e3985c33c90fc1c427b178b19b4c4ba31f6deb1d309c2f0fcf689b41d86a2834c77c394b017ccdd8cacfb7ca0ffa24d52b18869698758fa695becdea2d713ecd6cc39cdeafef6aa947ef8c418087fa6c00eb5f36bc743cc858619042766ae817e75aad0058a54bca5dafea4fe589e08235be98c8fbda40b322b002d2725e09c13398ebc51ecedd049e70480abc536c397821d16d433dc5271e7052a16f2e9c511af95789d95bb60d52b867ec318534a1ebd333da930eaa1e8b769c06201edb21f7a7356dd3397309e9120daf1f75b2de73b69b5d83ffcbba106d8426fe39d7e6a261ed8d4f610917bb26a7a5b08aadb7a7539229ee251b242d2d5ea319cca690f5ce12db6ce1b326b91def81e5baffdb6abc26b6aebecd5d0946b022d193d1d21162b048f3af3ba867ef0def3afaf6f7e07ced4d6483fd16af86bddb3f00cc0d4998d86fc1243aa08ab9c46635843b2f862fc9fa5daa708d494af1671aa8d578b67c5879634211c6db634055dab84d1f1335990ea2075a00922bcbe2261cd32390d3315b8aedc0c0a14a026df745c2e27197cc5cb369cdab99db85157628be51d7d3df13e68c4e1c5d3cf550411b0c66d7cf097fd42b1c13f3f1989b8f1491e3a47c37402465ad3411d9c817b1b8b3e85ee53baf05b2a4395005f6c850fd3d036e251c08234883d3ed188551fa3b6faccf6e3731f6c328614fe93e1fa43335f8e99ecfa45d46f25a1672a6f36e8f2eb5dffdb1319552d9b977b38a6ea634a973ae37463e54a5c414500c080ff809428893ab02673b98bb1f459e046ce86e665d77b787f66178680025568e7ecfa2f53ff44cec4cfef534fef39099fa854dda2eb7e26392fa2f7ea83eb1fc9cb3564bf4e6919999059241d12f66b528bff2ed049b4c80aa7b6fd014d049e5cbec4af20e4c2769d9c11a84568f6f243fdf36133fa61e767c3c1e03158b161d15ad6094cf4d371a8b981344a68ded8f7bbb2922f3b174df52151fe569c3ee317e257f96c7924d45231a7518dfe424bc3a75bb79f7713aba4a7dd2b742b99800a32bbd26b5253f925f45e87f92544fb9f470868c8a9616e8109dacc07b29a7d56f94d8d511dc1d7962a2f7558dc0b278d70239a1166d155b946b086cc2cb855299e459132d3a4994ca3e105fe481d4230639cfeff4fa812841c844a07645fd33b4e796260da119e1762b8c9c853d7409983b7643fafe1718592ea22bfe1cd3227fa5751944eaeea91251c77c87eeeed4ce3095386d5796ea8d48414aa9c03d55f023b6fadd817899e53e68868fab9e2524dca8583b9714873afdfbbb1f1053c559b41a55a96f7008d416bcab4c508c7d27be82e94b4ba5a08dcda9ea1019de335a23f84836394a7371596f2087858fc0579af893379ac3a8d010eb35ca19f682b380489dfb9f4d976da44b8e511e3ebd76dbda1f0e89044378db9404ccdf499ffb0f8ced54599f96cc3ba9c0c46cb233548426cc899e135dadd8503b775788ca2a9fc611fffba8c451571f41bcc8c24da387216c71424651b812b1e44cfd17261d31a97caf5331b31f14e0b5f05f740cd7e81d8f0f9c70be3ebd1dd6b307e47768175a3c13e8bf48bdac086b93a1a731c8b45ef8c78c211cfdc815dbcc83f6feccd7731ddc0859fe262603608047c49a3e5e8a147285196efb5d9678abd62a1cf4c7c1e85c788351762032faaebfba4e5aa78e390d8bd31302f39564d9fe4d19208e0a77cfecd53eb6100f8b1986cef6f35d010cd382b9e4fee1398400c16b5baca28cf6ef5f049d69eaa541c5293e2661e99388440a05b9c38bb75109672b545ae760995c35a38feb9c203a82ba5ec55b242270aed928e1bbec210384a29e3068d42aee5ed6d3367812f1202f9c13c34fe619bd933ab5e342341e51fb44d9756960bdd681b0e4a597a08244488cb70ba6a3ce2402c63b4250cbd56bef9824e391b0cd3f6b1d15e36136129b976570cb89a1c870a9394443b3b618cb372904312611d77c230110eb4b0e17fa6da0b6fd289cb768085d20abc67ad679b68d7b8981c47487c58c768f8a77fa2bb62fdfc2587b0bcce66390dc80284c211781d229e3dfc0c313fc24e564ca701d43c8d31b59b5b667df56d76277075ab94b46dcbf1aba47ee9e4c1caf236767b93faef69038550ac89df3e63f9b65a5b45218fe97ea7c4f4ce7b412d9d0802703a185d45312ddc0bbd4f1e6215d8586405450edb8e9536c68b9e95caa4b1b1ca8991462f5cb51775289227fa3476358bb3a262ec7439884054cd0c213978dc26f6039f25041438fbc6f96045d813ba55f23922ca20b2391227da26d078dfa9ca9c8a1db8967b88d46cd7e7ab3bbb17189f3103fab5b4fc3b87c41fda5aac307c593f976b7c8478e58ce7962d90dfcf264f774d6d43ed20966cb3a104fb0b720c6c92a8a5371af537424364aa54ca84ead239aa747e9b2a72fb595bc4e888883efd2bec39aee42c8885f450912bd8aa63ca14ab79fe2ccd392602954fd887a67eaf11fe11b1d94ceba63a7bb180cb9e0139f59bbfb580a3d574121556c6fce6054640c57493f78b55cd8cad715dd65e50101feaf04d11d5590a8ba309c316d109fc71357e105fa604feb73de5b8b74af1d7a04701fa8485856b18dcfd99deca51dd4784c80a0e710c80f529a95af5edecbc68b8e5d37b1ecdbf20315eff9a1763809725787c63da43ffba69418e3af0e114c66d2346d82a6dc1d90b4e2c6ace1a12606d37f91650d56e322353fe9b914f31a7d6ed028761e1009a31f0a7980413af1ae808d780d061c2cf68c610b9613006efe1e2c144edece813a29abeb5f43e602a46620f9a223406909e960049153bb18e6ffe9bcb5befb9960205420c58503ed5847e03caa34dbef90d51b686ee41e687ca972ef822c8446da37459006d596437f2c046663c723bad20de584abef87d646364b18f04bd948fdb04bd04d8338d9d509f8ba978524e7701cb7938c165be6a3d262ab5dd8fe9c0812f1b2f33ddebc7094a864a300f65a97cd5b4f33a10736d300270cf024088c223c7b15d6528051aaee913b087dc1ddd82463757ff1ca88f72b40db32965e195850df33f0579735bf6cad95d4e5300e8d440c461f682bc754ce2718157a5a37b545dcbdac28853d1ccdb023a8327da60e0090362eef64cd1e508ba1192f83be9a0e0a5b983febb24a8775e491859c3cfbfde56d6cd94706424fc170bd6a9f9256af94230c66f7b48faec8213b0e8d74fc393e41232a8c88b42c76c23600f015ffd085d29935bd48f2c02b1242f650ca818f73fddea3f930eac705b71d837cc97720867e189bc24699d1148de1889b1e52106dc6868a24738174fcc58e29f55e3c7da5220b67077bd7cee0076a084c9657102fbb9306dd38786beca2a1fa4217bff42d19bf8815038e2c4fafb24cfcc3533809e10ae7547ef0afcfbe8099167c0e7465d0861fc8edd0e8313b4b8271c1f7a3ec53d31dd19ba5cf04f5fe3b96bdde66d1f8fb3d3c9413d57f0e28dd89acd24ae52b9c77ef10bb69f57200742480bbee0a41bc56e8e724a626b955492b2a52a2e1b959b97c52948ee5088b7da33cf1eeb4824f0e0f4de9c1e1367e144db1d796994d480f8165136fc74e4f4b18308406b2be925e1c2b0931a473c8423df69250ec2bf5a994bb571ee469f101879ae43d7ac331c4b69d970bb0b7da6dec76a2d72527d1d3b4a946838dda4ced21fb4ea631335b8a678cbb71a196fa6a19862357d6141629df84154aae6", 0xde4, 0x7da}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000400)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x2}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(&(0x7f00000000c0)='asymmetric\x00', 0x0, &(0x7f0000000000)='0', 0x1, 0xfffffffffffffffb) r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$getown(r0, 0x9) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) pread64(0xffffffffffffffff, &(0x7f0000000440)=""/121, 0x79, 0x1) bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @empty}, 0x10) add_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r1) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000340)={'fscrypt:', @desc3}, &(0x7f0000000380)={0x0, "e71855bfcc241bc072c613f95531bcd9b9c4f6d7e2782e401551d30ce4e675e9977c647fdb19ab819f8a2d0836f84f694d4d12b8eb3dec5ccf8f830f8174f9ea"}, 0x48, r2) keyctl$revoke(0x3, r2) add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r1) add_key$fscrypt_v1(&(0x7f0000000500), 0x0, 0x0, 0x0, r1) add_key$fscrypt_v1(&(0x7f0000000800), &(0x7f0000000840)={'fscrypt:', @desc1}, &(0x7f0000000880)={0x0, "e98bd2a2d9afb1d14e3d76abf856f9f54da47be7dafc494c6d064a7874af3e1010bfb6dfca2b4e08b319aa9c0ab4114faabfd1acdd255360ed5f6d2ffc1c2505", 0x15}, 0x48, 0xfffffffffffffffe) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(r0, 0x407, 0x7f) 23:59:25 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:59:25 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 44) 23:59:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xf4010000, @empty}, 0x1c) 23:59:25 executing program 5: r0 = io_uring_setup(0x6f07, &(0x7f0000000580)) syz_io_uring_setup(0x1802, &(0x7f0000000100)={0x0, 0xf6cf, 0x4, 0x1, 0x1db, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000200)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x17) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x23456}, 0x3ff) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)=[0xffffffffffffffff]}, 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/122, 0x7a}], 0x1) 23:59:25 executing program 0: pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000c40), 0x0, 0x0) ioctl$TIOCL_SETVESABLANK(r0, 0x541c, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x9, 0x2}, {0x2, 0x4d}, {0x8, 0x441d}]}) r1 = syz_open_pts(0xffffffffffffffff, 0x200) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x6, 0x400, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x28, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x14, 0x11, 0x0, 0x1, [@generic="809801a7b0c7dba09475f251c743092f"]}]}, 0x28}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$BTRFS_IOC_SNAP_DESTROY(r3, 0x5000940f, &(0x7f0000000c80)={{r4}, "85b0784f4aeb1bc35fe252e2872406885bf30a6be4bfa9b57a967ced26e8454205e0960f3785cb95513ace5b86cb054d773d28ba817c0dd6b32967c5766fff5df5a16f4a4a4e541e860db25ad7f651d39ee373be3845aad7dfdd66b36a43b1155823aead25bb81aae26eda66d461ff80001df64d6087938bf2b9b36e99040079f7cc38df2d380f1227028a53815b835b873b3314c9d383555856c4108aac4ae06f412b021821e6338a18d3913761060520143d3c8e5f5c7d2fef97aec92c9e8dd2e5e6b66e7f5b507753dda2ce1d22e297f952bac24a33f6e5ea581085f74fcf39614a1741e0961caeaf6f293995c3f201e8391025d05318a3c64340579f180af2ea8699be6fdfb996f26b0a9fc3328076dec2adf806ec510f96af20bf45ce13d73f9c76ad50e6807628b9ce4ea6a7bbfdaede029bbc92693b83190a1a5e49c6823792756cbcc14f0a1018829f638dadefa344d76e1f2ca0303e11a2f83e42edbf24d6dbfe9dad39d5b828b90d696b18d6ac16b8c7e07c4283c17847e1f49249e269212579a650f38aaaf9280d95b387a6ee08e0696049be38533bfbae9fef33b3fbc1006ebd2fcf691409ff0187065a6d4f9919e111da0fd6efc684cac493cb47bfb3a2b1e3e9c2ff767a3c0ff4b9afaa1ce94400222c5da12213dee9e685286092eb39cde6be168c5bc8b30d4b3dc1adb598b7cd8e81036a876fe87c131e1631be2a766c1d91496d9dd4d0d59bdf18a574a89afaae44c4bb948b3a61156e08257fd1e48853f4a371eaa78937f4ec3766e4ef8c5708f819f926458e5bfb4f68caaca2ae98f690fd7c1b25732d87285315598d213c258845cd86ef8638237e135d68f38fc389e38c82822198c7fec69ee1ca90bb9ba85228d051a54ea253ab71f96cbc4d3e9275ce7c521dff12e64109870b24a3a1877c041df1706f980cf3a8291538532fbe7fd0cceaae13f100728e1726baf94618940facd0c77342b29c5f7e1bfdbfd462bbbc7eb1569be5c94493e83d0c1329446edb7cb3e51441106eb07be2fb167c103554602c7694396d410c6493a7b50c503c176c506c5260582bac03d8b8b1d8b3c20b1c3d19a74983183e2b6ffbb9d6c89bc139044b9efc7329b1fd8b2a171955ffbc1798375a5884f706027839942ebc49d98dcafb2d8087c42699b0fc316ded24a6c869507f231eee515103bdc77eeb0e33c3bf5b7d1346911a3d9bf34c911cde1e3839908e4a6aa4f5f12015eb96afdbf32332a3e0de95119ddd7d403e0c8128c8508920f4f5490ea920d76f580ad0fcb151955c375d5cadc4401981915f63d68715367410d225bae24b6deca6725c5eaf0ede8da65134ee32b2ee02b996f4516ac7d489d4dcaecb720c94d4c49f50a43f7ef7f8378f771327fd096386b97a38f98675dbf3a9f498149f84c36577c6ce6da79b27253429a1f408259415723c1fa52b75506dda66b398fc9cf199c2b3c398fbe2c2e36bdd4e60fdde11ac9cbf8b9a38b4415b92b523d3cee7d02b3946b3a0df2a772040dead5799edb1077bedd2d635567d0878bd4971db3267c9bfeff08f2e3851cd9241351f107b7a29e410357bd1988f3118f25e378ee536edfbd5e099b3c374f2a3b872ca75c3049e3e8a534cdecbbbdad4cacd7782cd0a9746049b22ef96177bef45b1d856c286084e9ace78cc77098abf85afc21dce3bbdb6e7a8a40d04bdac335139174a3ffcb03056e9e031307755a417d2cffc43a99d61e81d21bb6d232b27881fc4dfc9e21257151e21919bf60b1dd0819a3322ac050e367f56eaf7e573009d9cc12ad7d7f223f6979b5756ae1825a7b7b81bc21eda2e074ccb76f2e9932076c531b4fa5bc6fb7e6f414a517da7adaf71379e0af13bf10b9b074d1ec8826b01669fb6cafe4c3b6f9a13cd55bfb18e82eb11eb40a2be57b7043f26a2a8dd61a36a4c4993e3407d81fb0ccc47df9b50ab80608f0b3550f280d16e801d378ca442a35cc3b8fd4f42fa92f832ea1dcd779bbf7442af57335b8864e116d9f83b6298f066287efe77856bab638b40153b99dd9602dc138a04f45dce923828f41cd0519fed5e101bccd99405e0dd9e930717d8472a37602a935f0c4a0c13d41055eab6b5af4c3d81b51f8ab16eabdb61187436323f9c4f21ece353c670b7eed35367ca95c2b4b4b30c68e4bd948c5f07b899ba80e82f177e4a4e81a5a679e5fc004d13d96aa71e7cb5cf807113a0ffc7c641ebe9d1c688bffb169fbdee3842880d1fc0d76e410191aab62904227d2911727703150523792f75130adc42aef47bf3da3077f4367f5614fb765d2fb477108244143c67e93b2da5f3411af6ef8f2b4b789f0b7e3fa0b7d10f7d1a0a22c178ca42c816724493e43695f59b7122a90b5eac24f35862f4b6d3202d5e993794e271f9ab0acc989048be6776fad99bdd0ea87ccffda67e563d6f1529d99f2ac8590d0f2f882ed394fd17a1ba2eb8a4529136bf8aa2bced3cff691db35828d8ceafe520b82e387c56d5c8b9baaca104c356515d260e880222577087b1cc93e8c07892d8178db291ef726af31188cb994a0c3b0ad2d1cb282cc7afa13762d7d6f03aa1181fe2d6ad50bbde9eeca22c81c32bef4e61afc99aa89a171135c14f8a2f4da6dea05b0a91ee079fe13580ef19639c110f14c53fddfb6c526baaa534985d0da19a91e992b6555a851c4742d3229e0a30f90945f06145012824638264476d36d8fbe9d6a98930dca8ddab856828eb44e4cba867cc3c42e01fa6300968c7e25a9ae09735de9904b30d8a256c853ce071431564f753607cd0c6406282c7217b785e54fd2f8cb1b3a72fefe69859bc6254fe4fb38c4be6d0e3401233b260a3c21f08d17fffe56b456f5af281946f01d00a127e111f57b77bce5a33651e38e21afef02ef428ea9b8d264bce554404bbdddd49e47804ecc2adbb4cfff9f266692c51231351fc092b52bf27bbeb4476ace6452557cdce2f132f06db684f5a4d08e3dca02580a04b19bc957e6ad7a6783d5d82b571736310be44fa6f849eca0d4f211b35cb8ffcf4565c46bbd411501f1a945e5ab574fb90b0330a29058d5ae2d3e9644b1be3db0c79214018c8e251bba7d07a5599d25817ab1adb93d2e2cd0391395dbbe8e0ae8b466bb7f32a8272b75d43d635ca588b6c5df019ae84e85421fc4c63b55751cbe18e8d22c4075a5972564cc6f1fe607b6f2d6985b6ad0af1bb1b352c97c66525d0dfcb077936aea5d50aae20cb2cc5d761d921189088501bcb03e44204bd88ddb8e7ff3935d02e3eba15f0c37bbf2c9ba641d9fc3c75a7f46fcd15ebed786ca6d780c0c45d062db297b9fa6211adb60eea462bbcdcda14131c445ccb66dd86064b85e9f7c09615f15f115f343ac63309a36d702c1d30376a8f39b6f05bccfe25f4ff30afee810d6a63575b5c26079d5a25201e0be7f237e827105435767a984aa9e06c11a816a7badca6fed8b2accbad75b51438514d8931dcebf57658f6f4dce905b2babcc852d1e7662d4a6dcfad208b86b2be239ed0b70b156be471c6b3eb42c1b87535f5c6bb77bf077c5dbf9d422d2690b646288abfa0df8d25c2dbd409049f09116362337219a66019f7402d326112bfeaada93f176cb76548016362a371668c2fa3b5f5d658ab74275768b5db3e34b8c57a9853f660358e4e1778efb94d59e808ec230e01b1d122133aa004b88da76400d791b88e5659d9033490ac9c7a2fb686ae5e6e8315ed4f6e4977fdddbdc754432b25b44ed37a0f4f632eee1ea53094bcfa72743b266c16ffd4d4d0ebe8a2bb7caee87474d38fa87e707704a78677e045c7d237ad950d56798d4448c75ed8e6477af871f5c2bf829efe334d16c6314a92a329f4016f396dabe7cb5a049b2e00223f5b93602108826315fccca277e7cd6d9234efefd19f73c699e5c2439b75cbe27ac250a98f60245398409aa9bb4e66a87e287a4567705ae3be9434ecb51f7b9de4452f360452041c02d7eeb978cdcab3142f1cf775af8d9a1259efce01617f3bb38b0a17d3a40f2a7ea834966acc567ccdd4f1c64cacfc804d77f45ee6b6df9fb5f614c91de6fdb9daa0c5d49758aede3685368d980479a52ff9680d759c47460eff7a3a86f92f532cd255b5c4bc008a1459636e64c33d8b0f8fca955f7e2cd032a267e3093b570477417ba76ba8661882dc9b0b2dcef2b92c2786efedb233bc20dce653f2f1d9bc57134a944d47cfa6de8fe9d10621f4bd65313df084375e68c2da93833b252ac977e6f14e04ccdeeea44cc5f7b77c65a86ab357f1c395f3b460c91d16ff26d5ea4031306b24088774f8227c2c4f8d39d7ff63ed105ecf87b8f6085a56305de7b2d9b2711ef268d938653617169c319c71ecb0f87a402b8ced51e4e7270de094fe61c6443190b9d6b5307a4781d7db216cea1cea61bcfa829ca5579492a5dad2be5c2281f8fef0c84201e8692d707d00f4f908d327e757435b88769ca344fe4d7a08919dd97302cbebfc03d5d2e6fb2187bbe2ad93e97d827a22684fc3a4f3125404ff4817ef478619f340a319b42b4f92a47bfa094fd0a83ea93b6af16406d1274ad8c3001ea338e11b8e5ffc40415f233355f1075ba18bfacb92ddbd4b167157ec534fe22019f459da3716b9f05224ff9e48d1d9f0bf488cd618c199865ffbd6206f5ade69a3dbbb879777b22455a0622e89f88e440a50016c6a173fecd22c370b4d7ab442a9612ae2ea0ac98f9e08ce7e34b70d4df28a1993f996381f1e94b26db9526f620d981f2241d4b9c781a72de42409e0a75c9c51788023d6e2fb2eb9ad84c5a6b023a200c51f9dfc02ffbd9053910f36187a8dac87301f6d7f749a03cce8c14bf5b10a588ba46d1253d29860d3f7609f3af33d7f76071ba976f526a02ff078185f40f9504f142e9c70a07360ccf85e2fcdcee63c10070ac000b1e429336a509261fdaedfc4e0c803f6ddac0120b2e6399d66ea46e195c9e6f670948bf5880ab6c45c2ca0542f01418188a180e7b6e8ae614dea26fb421a1ff548569c4119f03d8257d8cb687123ee68791927fda65e48909d60fb976eeb69a4fd12f876791e46d614b12e90563b1e60e08f9269483dfeeba0112404756e45eeba687fb47082bbd92be12e6559f04eb484c6ff66c5aa160556c2f9e84057d4df9c6be75f14902de82ed09573f5ad73641cd22d1d9a94247537dc98091f75ce59e9b29743c5af019ef2b2f3e39f47bb9f1ce586b3c4630177819f5c3d73cc7af2e7d1fa261829f05911a86efabd89f284986110bc1a513513e2dc9ea7e4a6d476435fd0824df15c209610e7257a357a3e00a6de32069237eaa558365561830d014358b493be8b5a3c6951e74ab667afe117f7506ea31bf43347d74e08a4f3a63594dda58030cdd7f6e767de679f5bcf4a44dafa173b223f0d2b968106d36287f53aa063ffc1a77cebc87f7c8af66a2caa0321454d688079e8620f7dc16e148634d1377be6b82a5e18dffaec5b1b2f5e9713b906c8864a737a21b8b74727f377aeaf5ae66ec0a314b9e01149915ff37b2a80ff997158a2d438392f3cff8b3499459153dd7b974fd6ced662be8313e9056c61b831cbfad2fdf4290b46ed79d766da34cf533f0534c50f10a0c19d112c93fb9a15b51e30f8d04df56220ef1e946bedb2520e9582c00259b6e3a2be44e0a9d434d3b361918409d6ad42981744e7b4eed80372c7f35287e8f4fde4dbc373d6df9aa42cacf45dc64d7ae8c8ee6560dea408b72741e6bb7b342d97276237406446"}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) syz_open_dev$loop(&(0x7f0000000180), 0x0, 0x100) connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e21}, 0x6e) openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYRESHEX, @ANYRES64=r5]) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x8004, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@fscache}, {@debug={'debug', 0x3d, 0x8}}, {@version_u}, {@posixacl}], [{@audit}, {@dont_measure}, {@obj_type={'obj_type', 0x3d, 'nl80211\x00'}}]}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) 23:59:25 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x300, 0x103) 23:59:25 executing program 6: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xf0, 0x103) [ 1665.454434] loop6: detected capacity change from 0 to 262144 [ 1665.464027] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 1665.497234] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 1665.510110] EXT4-fs error (device loop6): ext4_add_entry:2350: inode #2: comm syz-executor.6: Directory hole found for htree leaf block 0 [ 1665.520604] FAULT_INJECTION: forcing a failure. [ 1665.520604] name failslab, interval 1, probability 0, space 0, times 0 [ 1665.523292] CPU: 1 PID: 10730 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1665.524947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1665.526950] Call Trace: [ 1665.527596] dump_stack+0x107/0x167 [ 1665.528481] should_fail.cold+0x5/0xa [ 1665.529406] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1665.530780] should_failslab+0x5/0x20 [ 1665.531694] kmem_cache_alloc+0x5b/0x310 [ 1665.532678] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1665.534034] idr_get_free+0x4b5/0x8f0 [ 1665.534962] idr_alloc_u32+0x170/0x2d0 [ 1665.535902] ? __fprop_inc_percpu_max+0x130/0x130 [ 1665.537055] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1665.538348] ? lock_release+0x680/0x680 [ 1665.539310] idr_alloc+0xc2/0x130 [ 1665.540138] ? idr_alloc_u32+0x2d0/0x2d0 [ 1665.541099] ? rwlock_bug.part.0+0x90/0x90 [ 1665.542143] p9_client_prepare_req.part.0+0x612/0xac0 [ 1665.543387] p9_client_rpc+0x220/0x1370 [ 1665.544347] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1665.545629] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1665.546905] ? pipe_poll+0x21b/0x800 [ 1665.547789] ? p9_fd_close+0x4a0/0x4a0 [ 1665.548728] ? wait_for_partner+0x3c0/0x3c0 [ 1665.549761] ? p9_fd_poll+0x1e0/0x2c0 [ 1665.549789] ? p9_fd_create+0x357/0x4a0 [ 1665.549808] ? p9_conn_create+0x510/0x510 [ 1665.549828] ? p9_client_create+0x798/0x1230 [ 1665.549848] ? kfree+0xd7/0x340 [ 1665.549865] ? do_raw_spin_unlock+0x4f/0x220 [ 1665.549896] p9_client_create+0xa76/0x1230 [ 1665.549930] ? p9_client_flush+0x430/0x430 [ 1665.549953] ? trace_hardirqs_on+0x5b/0x180 [ 1665.549977] ? lockdep_init_map_type+0x2c7/0x780 [ 1665.550002] ? __raw_spin_lock_init+0x36/0x110 [ 1665.550031] v9fs_session_init+0x1dd/0x1680 [ 1665.550054] ? lock_release+0x680/0x680 [ 1665.550086] ? kmem_cache_alloc_trace+0x151/0x320 [ 1665.550107] ? v9fs_show_options+0x690/0x690 [ 1665.550140] ? trace_hardirqs_on+0x5b/0x180 [ 1665.550162] ? kasan_unpoison_shadow+0x33/0x50 [ 1665.550182] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1665.550206] v9fs_mount+0x79/0x8f0 [ 1665.550228] ? v9fs_write_inode+0x60/0x60 [ 1665.550252] legacy_get_tree+0x105/0x220 [ 1665.550275] vfs_get_tree+0x8e/0x300 [ 1665.550295] path_mount+0x1429/0x2120 [ 1665.550323] ? strncpy_from_user+0x9e/0x470 [ 1665.550345] ? finish_automount+0xa90/0xa90 [ 1665.550366] ? getname_flags.part.0+0x1dd/0x4f0 [ 1665.550387] ? _copy_from_user+0xfb/0x1b0 [ 1665.550418] __x64_sys_mount+0x282/0x300 [ 1665.550438] ? copy_mnt_ns+0xa00/0xa00 [ 1665.550473] do_syscall_64+0x33/0x40 [ 1665.550495] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1665.550510] RIP: 0033:0x7f535d26eb19 [ 1665.550531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1665.550543] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1665.550567] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1665.550580] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1665.550593] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1665.550606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1665.550618] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1665.613994] loop3: detected capacity change from 0 to 262144 23:59:25 executing program 6: setxattr$incfs_metadata(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000340), &(0x7f0000000440)="8a1b9abbc4612ecbfc6885", 0xb, 0x3) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xc02c2, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x1831c1, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000200)="af", 0x1}, {&(0x7f00000004c0)="1296ca6b2afc3278755b7cdfd45d8a59295daccda003be4aa322e04b03eb93b79518fc6ddc4a2c882d4cd9e332e158e7c6b37c", 0x33}, {&(0x7f0000000340)}, {&(0x7f0000000540)="021d4747028b47c14b5e1b661173253d1f3becb69e674943f82f6f535f425b165476b035d2ce9eda801c14d4e45721d17f56c5934bfd13dc76901ebed1a1183e507adbd279b8c00f7dbef739702be0c4b7b4ce2622cfef50026b5127918d1ddc96db6944d2d13e2ba79b13afba4d575fd8593e7c195343e3d3661a6adbe66f54310e81", 0x83}], 0x4) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x43, 0x6a08, 0x8) r3 = accept$inet6(r2, &(0x7f0000000980)={0xa, 0x0, 0x0, @private1}, &(0x7f00000009c0)=0x1c) lseek(r3, 0x6, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/stat\x00') openat$incfs(r4, &(0x7f0000000fc0)='.pending_reads\x00', 0x0, 0x0) r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000380), r0) sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000080)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c9b65ae5b5d5dee79000000000000226a2f0b3668df49fc6e2bb0d200ca89e4fa7634509807", @ANYRES16=r5, @ANYBLOB="87ce2abd7000ffdbdf250100000008000800000000000800090001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4008421}, 0x4002) fallocate(r2, 0x0, 0x0, 0x8000) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x4) lseek(0xffffffffffffffff, 0x6, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x24, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x78}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x8004) ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006}) r7 = perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x4000, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2}) ioctl$BTRFS_IOC_SUBVOL_CREATE(r7, 0x5000940e, &(0x7f0000001000)={{}, "6d71a70e3a1befe2056efc89d88318c4bca97b6329a607b5a7f892c9c4c41b9e682fa2f41dd166ff054adc6c1f3379d1b558c0ee22145c8afb9d91040478c9c00ee9bb59fa9d84e43876a9450a595ba33c160c86c2800e450f44251603ae95fb03e943b771905b23ed1782f97aceb20db4ef05e531a7ea3bee89ee2082cb57cdf272c6608b3b2763d08774c38e3215aa6fbecbba091beb624663c49857d6a0192f6e8e80a7a1af895c956a9f3102cd5360dd66baaadbb5428e27bb09945c75a310c44dc963e08bce6eaad241a180409ee7af141002ade617c2b2865cb4a267e97a71994fc6495c5d130e8390e0cf158458b693cd47c451f544bc30073ae50ba26f73de77eb009f504382c890c7d235a34b174148c2241a3a9164412ada5db4fde92443dc6cb0f2161ec6d63b1d9ac97989218c9e58fb64a217e73c2b5a1c6536ea6853055db8c9535baae6696b082eb91fdbf68c6372e7452361996b450beebf0d57d9014a8da78e268efe7edf5d37bb70f5b1ba9e87b0bac16ce58ed254fe56ff913cd9d0950046e2e06b57a2ed539c4930c4d2c0efd79ac3698eb4738a38b32d081286cafe4a658ed1b25e9c45fbc819f9324a13261935ed5eb1886539af19d7451df33341901ce0f7264d242b8e086ada446cee8d8d95be47dce7f3b097ef3ae9d5f1ca025f59322414afb2e59e0d5137692d71077ead821d88566634243f2ea2ece70848d2a246e1590cce36c01cc6eed5bea80a5db8f7497fca60f2bcb1867c23f67d794587e5a58c672a3e9d081133612f56694173a89eb8b2fdb7299317fd38fad829b41fd7d67c8bea8feee450c37c8be0dd264394f16aca4d48e29b2ac6ea31a85354ecb31fea72ee5dcfaa6889bb02a752434e86b858c342fbfc9fea12eace8b0486b5059dd905c14b25b4aebf805eed2d20fbe374e470d06cad6286048abf6f45d410116dae980dcf2e74ca3a8fd506d8445aa9b3e8b50d3241feb15cb1a3db6e4a064c6f582c5718466308dd2a4f9a1e7c7fa6cf17a9197cf9817a313bcfa715f15d1d320b6a19095b06ad06a3de0db564a5bdf6bd6c8552fecd7bdfb811cf2190db43edbdba583487851d955c97c3bd8a60ca01eaed6944dad0e113b7399f34d8cb62c98a214aa090a4619b8c26a4639107396c02400a9127187aab832779b2c755822b2e9981133b824aabca80bf291ef8dc08deb771f6315e572e3a688b7f2e6ac65c81319c82eb2db26c0fac55c28de651f549c5cfa35bb9ceac6528b29a6861155df3755d0c7586c177b143c9efa79d9d41c933222782101c02c4de17b6807ca6cadd4f78fe25cc3e7c91ee32578af871abd8f4a3fc8e3ccca33cd962ae676ae8a732c71344edb1f463164f2a8c290b7332fe2b80566e46f545b6fbe49a655f5f1227ba966d1942b13e03fcbf7fb0b4c6abe77ff552bd880fc08d6edd571bf3766f555ab2811a17c7ae29cb38e8567e3af47622f3084d5fca3b8890d854da6b57f14f0f19f74c45ab2680a6c62cc997133eb17ed1e18fcb8e368c562903bdc32c4d1bb425a89e784fe4d8f42ef8604a720a8195cda6536a243692d2c991cc65da3514adee3112f84d2cede372e93825b34527e123593372a9d6628d269a49738cde5d74036dac6cec2fdbbb92f40e11ffce0ff12c869f8c83fa72896c7e0f7f7419cdb4c2100bd2d4998da5bb3dfa156d10952b985a9a509328ad394187443e175c1dc65272a6f7c588a6e32ba5fdee23406a75c310e4d8c4de31a253b1412ea84d38c076a50a1c0675a3a428049649d44382f72644cf9f473cfe7341948fc2217543f44e23c787c39e95934622b2c4a65f25628cf37fcc747851053a82efa3ed9320cd3b3a6b553cf58a23af55d3813b6f9b688b1278c676e7f527bcb789e6ca1fa9cb882ce83dd13115990c8ea97abae9baa10724761a5807f5a716bfd4a33730c5dac9552b71ff80ce558f54f19666c4237ef1c802f40c05658c174bb59bef3e677282b4fd940d36fd06f1b7a283df8f1e67052b8526177057546e5a49903c2e6791046808e9374d7b31b28a77ec8752d13eaaf46f63010e011925e9a8c072ee4131ad83884cbca3d403fccf6d95336121ec69ad2b75a32ab1597e9406124b16b6c7813896a54f7521fb92fb4fdf7072815ae7f8b6271fcb53ba5ba8803c13b192fbf54b110d1bd82a30cbcb8c006df96ae7f1dc60932aff78f842ae8d9a6cd82738a679a5732f8bc77c91638d63d5ecbea024a981619af3f06ebd14b43293622932d5a4542a057ae3b5a76d6c5092b19e9e1d45b5f8fe5ea0f3f1278120ea0f446c22213c3dc882d32d906c3d0e97ad52b9e317b5f6ac8711a7aa6abf4987b5d43c753d0dae1a8cab2cb8e1e3c8daa0bd3854127f8bcb998c260aae7bced1fa43440fa4a4d50bf065864dcea4bc9bbec4353758d22d20ca1f44c27eef51219bffbf70bdedbc8feef274025e0f5c0699d0658be1f632231e30fb9e4642fa7390d52559161a18a47fe6434d8ca506e15a08e34e21c419a0c1fe8e79a17ac3f83d26446bf3cb8ac0ac700ff856beee4ca8dd2a558f9ba535c9126bb70f0aa35d8ac0bc5997d3251cd1e3a49d3f9cb0dbd64eea498a516951612e1b2dd39236b00dad35462ec687d63e981873535d8875165a4f76a4449b6604ed2449362f8ec6d6a6ecc2e5cd799693f2e615a3eb287f0f71d060a1eeb1b61a870daf7f0f2ba2b87b8ef34f6cf2eb36aac0fc7debfbb8231e5f4fee03839510b468e442c8ade7846c45653c5050bde13398b4b32935b88b9b4b6986befcdc00987b452172dcec60998d8b62c9d1adef1faf98b41456164519f08772b1f9c1f57a09bfb7fafe9a6d0c531988760368212522b240c9218992f8da50df3c3288fcd4549e961ce23548ec0d4b570bfc661bf3b119f18e0116ca7bd138da56cc99c1c696f9a11730dd8dda8aaededc57480acc0e3b25a53d057e772a69850c7750cd2a6138a451e8c7929ecf23df30a1df735cc0177db202a83168942efd56e5522af9f3c1f490713a08114f9b88b25f749134b8efd6379d8830bd97c92279f8790f8c3495a23e5700a648184905151e3c7e9619713de3e51761599f3775b007e5dba568d4b0af7f5ee155f304a31909fd78c55bd550925a5e86228a8b1b344eae5dd424bf36d31344fdf7be6da5c3877fb02e28e882300a893f197ca440597559bf96c91a58fd9c0cea828f2d9420cb866d2232eaa280d49f58a660669814419df44730d02e0f9a1bcdd7087ff4b44723ed8221234253b7a1f97e23651d842bc6855fb52f0942b09d1589eb8e2697e6ba8b35c8f408fd1dcaadf2666ca510007679056a547d2019cedba3d040849eb1f6361177eddeab3243cf75edf0e8f8d062de01d6629241ab40cf75d387f9871692c33af24a7fe2dc1a173367df362de82986fdecc8fa7a942848ed162e9c4895c95cb329733253192e4f9191a39b6f677f6a9ac4ec047393f3c496a0cefefc87467ef318bc32392596b831cb98483f800deb9c0f9205de59300472e56f5894cbe2a144e9c7ab5e5323b6cd585f5b567aa106bedea8f8add2c205cd0dcc113244ab047f92470554b5bf2a49d17e3117b5db3bd50674b24f68580b9e0b9db6e9d122d08cfce3f963c825b718408e3df19148bb69c742951e3f173a8709862eef321be635f86a445f58f5b706105e402058db3595f580ee06988bd6010ceee2a878219c9bb8ab1d9ea9acc6b6f4b07db627adca8bb00e0ac0e07b2fdcc145fbe45feb568f1ac8f0935775bca0aeaedec521d8585a339361afbf6af5a2e245bc8e76f2f69438126d387f139f73579c3b139863f3beeccec51a1aaccd1eb471d33c4edadc2bb1429f071bc55b59c49d25e44fb14071b50c4ca3732da708cc544aa8b31142a48ce6c9a26689ed9c3b07e8500dda6ed5d98c05035ff96bce175d757993f8381f301b8bddc5341ba505827c191820516d5343f685b297151e4e74973b152ea197ab57070daeee7b952927d204982ff7f54c32b70da8c51d7585e652c5704176e4514a729fa87f31b72b4adfa449f1b1b04f5067e16c42774733a47f0ca6c6fe68809801c3a5f0313767a40324466c69cc6ce6bab8ba7683cf35e864c4d91530ebaef261c161d9fa5242dfca27abe54b0bbf230aa0316cfea82fd446c480ac0e214f3b917e796d5d5b0f8755bd04eff860e9b53287065ab670b3db3aec0ace746babca79f85dea22ba0f9c69a39f2cdcb38e43834a47eb3b2fe1be243c7613ec32bc34ef29bd8b600ee8038233d2390e2e6c86605ecaaf7604cbd8507d1a6a8e98480be01f32ae8afd72b2ccdcf9fe92fd0c348f1fd089cabb74037e035f9614692a857c1b1b6bc8e0b697b4174800cbb12ab036603db361600482bb9de73973e1bdf8900a305f9375d5e13ccc6776ff558c49f74562ae4c3e833d7c24504d7143f755a41da1968c48c565bc34e8e29b05dd33e86a1cb08f3dd41d8ed54717f965b0664a83dd728fc45d73d9f50d957ef82e4411a1d99c6004d971cffc42911a437603836396e9720e0670f49ea0b64204a23d422909506e6949f12fcddea18bb00c0754db33cd10aa203192619ad4592479b58a5a738cc7e3ff0b80c88ff5bcf77b7ed7dac0048ce9debf844514cf6e1fc61de4ae94b22e4354a491f825c8ce4741dabedf716a22cea006ece8e10d287a660d26facbffcc3e6e45ef1bb7d529443fab3babe42ce38f5899e7ceb59f08c9767629f049c3739535013f67298ba45897f4539cea2a4f9d68edd3c978550e4d6dc3fbef049c2eaad34a5bd0c59f9630711826bc797d5351c0ff569544a1bbc587eedb57b4b6b4dbbd5da1d1638a7a465ce54097589746b864a62226043e0c46986873f249fbe815aaaf384a378479cf42a0e3ba200a548c4eb91518eef4416994dde5efa60d30a6b3867c9b649e1ec29da401e71a3b87d60e4d167639486df796c7bf0f52b79c469385f66c76cbc00817db77ec336edf09c3c9322baeda017b1a861f0947beacbbbe248304f223f0bd5b589c5e1cf10d3dcaa96296e81d28b7fc7362c53a28dbd6a9dbf3f6b75678d344e00683e5eeb9dbdad8e98e489388b887c2f583961f5bc44e7dd55ee2a1d2c4fd65a0e67caad25c98b73411a138ba11def7521d4c612f1a75b86bed3306ed57594de22d9d8f9aa05da02755ce579da3640037f7464439c7553e03b62b580ae54b0309f6c27d976b727175e9d12e3ba4f692457d4abaf84b3b1f44095f781fc93e2973a451dc71bdf7e77ca0c137d906193ae545686d48d7c9cbdd6566603839bf39fb86863256f60c6fba647e00a3fbf5850e1d98a9785cf49c225e8d33ad1e5de04a9d81e27bfab96d7a0301f5c3ee4c297c51889472b97a92c675bdc81d777e9ee9b5f2bacdb32cb3c323ba352893fb9d82a6ae8b5b572ffa76403773cd35be514f95934bd2fb073b3d8ecb117bf289cf3a7a10acd1b9e75ba17983048a04365f9db58722093a84d2c3ea2e50c099e2e2143499aaed260029af5ad96f7ffbec9dd7c3886f2fcf2062a14cfa5b8154657f48ae2d6ace08e64cbbde2af89cdc4e9fab1c2329d392613c0db8563421815c74f452ba3612cc6db2d99f757686d3984a2f30a8995761380ee8bd5e6dc68d8c3a1877407f87450853b7413f57674a1e40f75fc3bcbe08d7206021062125bf279a90b03d3a0e1454ad401eeef84700e0361c67b5df62dd0316c2269c99794686d1d3939869f825a9f2b7b2877bc4068f30e49d5b"}) [ 1665.624488] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:59:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xf5ffffff, @empty}, 0x1c) 23:59:25 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1665.676456] sysfs: cannot create duplicate filename '/class/ieee80211/€˜§°ÇÛ ”uòQÇC !' [ 1665.678774] CPU: 1 PID: 10732 Comm: syz-executor.0 Not tainted 5.10.235 #1 [ 1665.680263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1665.682042] Call Trace: [ 1665.682616] dump_stack+0x107/0x167 [ 1665.683393] sysfs_warn_dup.cold+0x1c/0x29 [ 1665.684304] sysfs_do_create_link_sd+0x122/0x140 [ 1665.685350] sysfs_create_link+0x5f/0xc0 [ 1665.686234] device_add+0x703/0x1c50 [ 1665.686882] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1665.687045] ? devlink_add_symlinks+0x970/0x970 [ 1665.687080] ? ieee80211_set_bitrate_flags+0x202/0x620 [ 1665.691076] wiphy_register+0x1da6/0x2850 [ 1665.691966] ? wiphy_unregister+0xb90/0xb90 [ 1665.692921] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 1665.694109] ieee80211_register_hw+0x23c5/0x38b0 [ 1665.695165] ? ieee80211_ifa6_changed+0x4d0/0x4d0 [ 1665.696213] ? net_generic+0xdb/0x2b0 [ 1665.697031] ? lockdep_init_map_type+0x2c7/0x780 [ 1665.698091] ? memset+0x20/0x50 [ 1665.698820] ? __hrtimer_init+0x12c/0x270 [ 1665.699707] mac80211_hwsim_new_radio+0x1d04/0x4290 [ 1665.700821] ? hwsim_send_nullfunc_ps+0x80/0x80 [ 1665.701855] ? hwsim_new_radio_nl+0x967/0x1080 [ 1665.702874] ? memcpy+0x39/0x60 [ 1665.703575] hwsim_new_radio_nl+0x991/0x1080 [ 1665.704548] ? mac80211_hwsim_new_radio+0x4290/0x4290 [ 1665.705722] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 1665.707165] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 1665.708604] genl_family_rcv_msg_doit+0x22d/0x330 [ 1665.709699] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1665.711159] ? cap_capable+0x1cd/0x230 [ 1665.712006] ? ns_capable+0xe2/0x110 [ 1665.712852] genl_rcv_msg+0x36a/0x5a0 [ 1665.713724] ? genl_get_cmd+0x480/0x480 [ 1665.714624] ? mac80211_hwsim_new_radio+0x4290/0x4290 [ 1665.715802] ? lock_release+0x680/0x680 [ 1665.716710] ? netlink_deliver_tap+0xf4/0xcc0 [ 1665.717742] netlink_rcv_skb+0x14b/0x430 [ 1665.718664] ? genl_get_cmd+0x480/0x480 [ 1665.719567] ? netlink_ack+0xab0/0xab0 [ 1665.720429] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1665.721448] ? is_vmalloc_addr+0x7b/0xb0 [ 1665.722388] genl_rcv+0x24/0x40 [ 1665.723137] netlink_unicast+0x54e/0x800 [ 1665.724024] ? netlink_attachskb+0x870/0x870 [ 1665.725067] netlink_sendmsg+0x90f/0xe00 [ 1665.726025] ? netlink_unicast+0x800/0x800 [ 1665.727001] ? netlink_unicast+0x800/0x800 [ 1665.727893] ? netlink_unicast+0x800/0x800 [ 1665.728889] __sock_sendmsg+0x154/0x190 [ 1665.729830] ____sys_sendmsg+0x70d/0x870 [ 1665.730778] ? sock_write_iter+0x3d0/0x3d0 [ 1665.731692] ? do_recvmmsg+0x6d0/0x6d0 [ 1665.732619] ___sys_sendmsg+0xf3/0x170 [ 1665.733550] ? sendmsg_copy_msghdr+0x160/0x160 [ 1665.734632] ? __fget_files+0x2cf/0x520 [ 1665.735507] ? lock_downgrade+0x6d0/0x6d0 [ 1665.736452] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1665.737758] ? trace_hardirqs_on+0x5b/0x180 [ 1665.738761] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1665.740018] ? __fget_files+0x2f8/0x520 [ 1665.740947] ? __fget_light+0xea/0x290 [ 1665.741862] __sys_sendmsg+0xe5/0x1b0 [ 1665.742733] ? __sys_sendmsg_sock+0x40/0x40 [ 1665.743738] ? io_schedule_timeout+0x140/0x140 [ 1665.744746] do_syscall_64+0x33/0x40 [ 1665.745604] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1665.746808] RIP: 0033:0x7f0133c71b19 [ 1665.747667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1665.751810] RSP: 002b:00007f01311e7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1665.753440] RAX: ffffffffffffffda RBX: 00007f0133d84f60 RCX: 00007f0133c71b19 [ 1665.755065] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 1665.756582] RBP: 00007f0133ccbf6d R08: 0000000000000000 R09: 0000000000000000 [ 1665.758133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1665.759752] R13: 00007ffe91d7a95f R14: 00007f01311e7300 R15: 0000000000022000 23:59:25 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 45) 23:59:25 executing program 5: r0 = syz_io_uring_setup(0x7f2, &(0x7f0000000280)={0x0, 0x0, 0x13}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000a9d000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180)) syz_io_uring_setup(0x4e1e, &(0x7f0000000000)={0x0, 0x51ca, 0x1, 0x3, 0xf7, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000a9a000/0x9000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x100000d, 0x100010, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x4, 0x2007, @fd_index=0x2, 0x0, 0x0, 0x0, 0x8, 0x1, {0x3}}, 0x9) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x13, 0x20000000, 0x2) 23:59:25 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock(r0, 0x8) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_AIE_ON(r1, 0x7002) socket$inet(0x2, 0x2, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0) lseek(0xffffffffffffffff, 0x7, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x2, r0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)={[{@noacl}]}) 23:59:25 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x408, 0x103) 23:59:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfc000000, @empty}, 0x1c) [ 1665.869477] FAULT_INJECTION: forcing a failure. [ 1665.869477] name failslab, interval 1, probability 0, space 0, times 0 [ 1665.872033] CPU: 0 PID: 10758 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1665.873605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1665.875500] Call Trace: [ 1665.876097] dump_stack+0x107/0x167 [ 1665.876928] should_fail.cold+0x5/0xa [ 1665.877811] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1665.879123] should_failslab+0x5/0x20 [ 1665.879994] kmem_cache_alloc+0x5b/0x310 [ 1665.880943] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1665.882223] idr_get_free+0x4b5/0x8f0 [ 1665.883097] idr_alloc_u32+0x170/0x2d0 [ 1665.883985] ? __fprop_inc_percpu_max+0x130/0x130 [ 1665.885089] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1665.886312] ? lock_release+0x680/0x680 [ 1665.887212] idr_alloc+0xc2/0x130 [ 1665.887997] ? idr_alloc_u32+0x2d0/0x2d0 [ 1665.888911] ? rwlock_bug.part.0+0x90/0x90 [ 1665.889894] p9_client_prepare_req.part.0+0x612/0xac0 [ 1665.891074] p9_client_rpc+0x220/0x1370 [ 1665.891980] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1665.893170] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1665.894400] ? pipe_poll+0x21b/0x800 [ 1665.895239] ? p9_fd_close+0x4a0/0x4a0 [ 1665.896116] ? wait_for_partner+0x3c0/0x3c0 [ 1665.897080] ? p9_fd_poll+0x1e0/0x2c0 [ 1665.897971] ? p9_fd_create+0x357/0x4a0 [ 1665.898871] ? p9_conn_create+0x510/0x510 [ 1665.899816] ? p9_client_create+0x798/0x1230 [ 1665.900809] ? kfree+0xd7/0x340 [ 1665.901561] ? do_raw_spin_unlock+0x4f/0x220 [ 1665.902561] p9_client_create+0xa76/0x1230 [ 1665.903526] ? p9_client_flush+0x430/0x430 [ 1665.904484] ? trace_hardirqs_on+0x5b/0x180 [ 1665.905475] ? lockdep_init_map_type+0x2c7/0x780 [ 1665.906542] ? __raw_spin_lock_init+0x36/0x110 [ 1665.907595] v9fs_session_init+0x1dd/0x1680 [ 1665.908566] ? lock_release+0x680/0x680 [ 1665.909493] ? kmem_cache_alloc_trace+0x151/0x320 [ 1665.910577] ? v9fs_show_options+0x690/0x690 [ 1665.911582] ? trace_hardirqs_on+0x5b/0x180 [ 1665.912561] ? kasan_unpoison_shadow+0x33/0x50 [ 1665.913609] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1665.914740] v9fs_mount+0x79/0x8f0 [ 1665.915541] ? v9fs_write_inode+0x60/0x60 [ 1665.916479] legacy_get_tree+0x105/0x220 [ 1665.917419] vfs_get_tree+0x8e/0x300 [ 1665.918269] path_mount+0x1429/0x2120 [ 1665.919138] ? strncpy_from_user+0x9e/0x470 [ 1665.920107] ? finish_automount+0xa90/0xa90 [ 1665.921085] ? getname_flags.part.0+0x1dd/0x4f0 [ 1665.922148] ? _copy_from_user+0xfb/0x1b0 [ 1665.923084] __x64_sys_mount+0x282/0x300 [ 1665.923993] ? copy_mnt_ns+0xa00/0xa00 [ 1665.924886] do_syscall_64+0x33/0x40 [ 1665.925733] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1665.926894] RIP: 0033:0x7f535d26eb19 [ 1665.927733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1665.931906] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1665.933627] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1665.935239] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1665.936851] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1665.938482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1665.940100] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:59:25 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1665.985043] loop3: detected capacity change from 0 to 262144 [ 1666.013297] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1666.053651] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1666.088089] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 [ 1666.129405] sysfs: cannot create duplicate filename '/class/ieee80211/€˜§°ÇÛ ”uòQÇC !' [ 1666.131549] CPU: 1 PID: 10774 Comm: syz-executor.0 Not tainted 5.10.235 #1 [ 1666.133044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1666.134814] Call Trace: [ 1666.135385] dump_stack+0x107/0x167 [ 1666.136170] sysfs_warn_dup.cold+0x1c/0x29 [ 1666.137062] sysfs_do_create_link_sd+0x122/0x140 [ 1666.138092] sysfs_create_link+0x5f/0xc0 [ 1666.138963] device_add+0x703/0x1c50 [ 1666.139747] ? devlink_add_symlinks+0x970/0x970 [ 1666.140742] ? ieee80211_set_bitrate_flags+0x202/0x620 [ 1666.141867] wiphy_register+0x1da6/0x2850 [ 1666.142753] ? wiphy_unregister+0xb90/0xb90 [ 1666.143680] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 1666.144830] ieee80211_register_hw+0x23c5/0x38b0 [ 1666.145874] ? ieee80211_ifa6_changed+0x4d0/0x4d0 [ 1666.146908] ? net_generic+0xdb/0x2b0 [ 1666.147732] ? lockdep_init_map_type+0x2c7/0x780 [ 1666.148750] ? memset+0x20/0x50 [ 1666.149468] ? __hrtimer_init+0x12c/0x270 [ 1666.150363] mac80211_hwsim_new_radio+0x1d04/0x4290 [ 1666.151451] ? hwsim_send_nullfunc_ps+0x80/0x80 [ 1666.152444] ? hwsim_new_radio_nl+0x967/0x1080 [ 1666.153435] ? memcpy+0x39/0x60 [ 1666.154154] hwsim_new_radio_nl+0x991/0x1080 [ 1666.155101] ? mac80211_hwsim_new_radio+0x4290/0x4290 [ 1666.156224] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 1666.157636] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 1666.159029] genl_family_rcv_msg_doit+0x22d/0x330 [ 1666.160063] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1666.161483] ? cap_capable+0x1cd/0x230 [ 1666.162329] ? ns_capable+0xe2/0x110 [ 1666.163131] genl_rcv_msg+0x36a/0x5a0 [ 1666.163952] ? genl_get_cmd+0x480/0x480 [ 1666.164802] ? mac80211_hwsim_new_radio+0x4290/0x4290 [ 1666.165915] ? lock_release+0x680/0x680 [ 1666.166759] ? netlink_deliver_tap+0xf4/0xcc0 [ 1666.167697] netlink_rcv_skb+0x14b/0x430 [ 1666.168566] ? genl_get_cmd+0x480/0x480 [ 1666.169429] ? netlink_ack+0xab0/0xab0 [ 1666.170258] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1666.171206] ? is_vmalloc_addr+0x7b/0xb0 [ 1666.172065] genl_rcv+0x24/0x40 [ 1666.172754] netlink_unicast+0x54e/0x800 [ 1666.173642] ? netlink_attachskb+0x870/0x870 [ 1666.174601] netlink_sendmsg+0x90f/0xe00 [ 1666.175482] ? netlink_unicast+0x800/0x800 [ 1666.176410] ? netlink_unicast+0x800/0x800 [ 1666.177323] __sock_sendmsg+0x154/0x190 [ 1666.178190] ____sys_sendmsg+0x70d/0x870 [ 1666.179071] ? sock_write_iter+0x3d0/0x3d0 [ 1666.179983] ? do_recvmmsg+0x6d0/0x6d0 [ 1666.180817] ___sys_sendmsg+0xf3/0x170 [ 1666.181651] ? sendmsg_copy_msghdr+0x160/0x160 [ 1666.182642] ? __fget_files+0x2cf/0x520 [ 1666.183500] ? lock_downgrade+0x6d0/0x6d0 [ 1666.184398] ? __fget_files+0x249/0x520 [ 1666.185257] ? __fget_files+0x2f8/0x520 [ 1666.186118] ? __fget_light+0xea/0x290 [ 1666.186953] __sys_sendmsg+0xe5/0x1b0 [ 1666.187764] ? __sys_sendmsg_sock+0x40/0x40 [ 1666.188673] ? trace_hardirqs_on+0x5b/0x180 [ 1666.189593] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1666.190750] ? __x64_sys_sendmsg+0xd/0xb0 [ 1666.191625] ? __sanitizer_cov_trace_pc+0x30/0x60 [ 1666.192629] do_syscall_64+0x33/0x40 [ 1666.193409] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1666.194483] RIP: 0033:0x7f0133c71b19 [ 1666.195257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1666.199082] RSP: 002b:00007f01311c6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1666.200695] RAX: ffffffffffffffda RBX: 00007f0133d85020 RCX: 00007f0133c71b19 [ 1666.202193] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 1666.203682] RBP: 00007f0133ccbf6d R08: 0000000000000000 R09: 0000000000000000 [ 1666.205274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1666.206764] R13: 00007ffe91d7a95f R14: 00007f01311c6300 R15: 0000000000022000 [ 1666.210271] audit: type=1326 audit(1744156765.946:273): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.233151] audit: type=1326 audit(1744156765.969:274): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.249808] audit: type=1326 audit(1744156765.977:275): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.280315] audit: type=1326 audit(1744156765.979:276): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.290849] audit: type=1326 audit(1744156765.979:277): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.302120] audit: type=1326 audit(1744156765.984:278): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.313663] audit: type=1326 audit(1744156766.006:279): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.327227] audit: type=1326 audit(1744156766.007:280): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 [ 1666.338701] audit: type=1326 audit(1744156766.008:281): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10759 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc5c0747b19 code=0x7ffc0000 23:59:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfe800000, @empty}, 0x1c) [ 1679.686939] FAULT_INJECTION: forcing a failure. [ 1679.686939] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.688445] CPU: 1 PID: 10787 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1679.689298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.690323] Call Trace: [ 1679.690668] dump_stack+0x107/0x167 [ 1679.691114] should_fail.cold+0x5/0xa [ 1679.691583] ? p9pdu_readf+0xadb/0x1d40 [ 1679.692070] should_failslab+0x5/0x20 [ 1679.692535] __kmalloc+0x72/0x390 [ 1679.692960] p9pdu_readf+0xadb/0x1d40 [ 1679.693430] ? pipe_poll+0x21b/0x800 [ 1679.693892] ? p9pdu_writef+0x100/0x100 [ 1679.694372] ? p9_fd_poll+0x1e0/0x2c0 [ 1679.694839] ? p9_fd_create+0x357/0x4a0 [ 1679.695319] ? p9_conn_create+0x510/0x510 [ 1679.695825] ? p9_client_create+0x798/0x1230 [ 1679.696359] ? kfree+0xd7/0x340 [ 1679.696764] ? do_raw_spin_unlock+0x4f/0x220 [ 1679.697305] p9_client_create+0xaee/0x1230 [ 1679.697832] ? p9_client_flush+0x430/0x430 [ 1679.698346] ? trace_hardirqs_on+0x5b/0x180 [ 1679.698873] ? lockdep_init_map_type+0x2c7/0x780 [ 1679.699447] ? __raw_spin_lock_init+0x36/0x110 [ 1679.700009] v9fs_session_init+0x1dd/0x1680 [ 1679.700537] ? lock_release+0x680/0x680 [ 1679.701033] ? kmem_cache_alloc_trace+0x151/0x320 [ 1679.701623] ? v9fs_show_options+0x690/0x690 [ 1679.702160] ? trace_hardirqs_on+0x5b/0x180 [ 1679.702686] ? kasan_unpoison_shadow+0x33/0x50 [ 1679.703242] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1679.703857] v9fs_mount+0x79/0x8f0 [ 1679.704289] ? v9fs_write_inode+0x60/0x60 [ 1679.704798] legacy_get_tree+0x105/0x220 [ 1679.705294] vfs_get_tree+0x8e/0x300 [ 1679.705756] path_mount+0x1429/0x2120 [ 1679.706224] ? strncpy_from_user+0x9e/0x470 [ 1679.706751] ? finish_automount+0xa90/0xa90 [ 1679.707276] ? getname_flags.part.0+0x1dd/0x4f0 [ 1679.707851] ? _copy_from_user+0xfb/0x1b0 [ 1679.708369] __x64_sys_mount+0x282/0x300 [ 1679.708864] ? copy_mnt_ns+0xa00/0xa00 [ 1679.709345] do_syscall_64+0x33/0x40 [ 1679.709821] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1679.710446] RIP: 0033:0x7f535d26eb19 [ 1679.710897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.713566] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1679.714482] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1679.715346] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1679.716206] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 23:59:39 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r1, 0xf504, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000780)=@updsa={0x13c, 0x1a, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in=@multicast1, 0x0, 0x33}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'sha256\x00'}, 0x0, 0x200}}]}, 0x13c}}, 0x0) getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000000), 0x2) 23:59:39 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000002f40), 0x80, 0x0) connect$inet6(r2, &(0x7f0000002f80)={0xa, 0x4e21, 0xb6, @private1, 0x7fffffff}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), r2) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000040)=0x8) fcntl$setstatus(r1, 0x4, 0xc00) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001) r3 = dup2(r0, r1) r4 = dup2(r2, r0) [ 1679.717368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1679.718313] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1679.735464] loop3: detected capacity change from 0 to 262144 [ 1679.750485] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1679.799683] loop5: detected capacity change from 0 to 2097152 [ 1679.803347] EXT4-fs (loop5): Unrecognized mount option "Ù—KئBvÉÜqL+ ð¸È)g§XΨ?“Âŧ)°‘Q¤Ìí­KíêN_ë‚«úy¤Zý£0"`‡OÐU°„˶#äfLlI6Ã¥8„<ÿBvtÈ [ 1679.803347] i¤*³¬ƒa ÌV‰ž­ï¸šžá éOj>oå3ùVa¶dê!…BHz#Gøë•¢d_×Ì3÷®0»@¨âÐ" or missing value [ 1679.812630] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue sendmmsg$inet6(r4, &(0x7f0000006b00)=[{{&(0x7f0000000580)={0xa, 0x4e20, 0x0, @local, 0x250b}, 0x1c, &(0x7f0000004600)=[{&(0x7f00000005c0)}, {&(0x7f00000030c0)="fb3881512d76da2e8b98d0e5a275f9db2c19178212433e0f450e8dfe2bef4878663bf5cd1466b57a13792c159c27c3a850bae60eb3273284522f89d34329db90779766522e0c25c855412e1f0bc7d01bc9c78db321e5fadbb838f593502b564ab3b2b72c5494a941d0bc89b4bf2206f0a3e3ce13a8f77d0c12af48283ceaf11439b2504cb4df34ed61dcd2f5dbac93d680b8a52d11b7a3aa95c0255b1325035f4aa2ed6e28fd351d17c2d17134ef937237416f8583c28fd983637068f1021eb43f4e57a19a2ba0ef1f7e4457e0566c06ebc9abe9cc5b3023d14bb7c09b39e6fafd269667691da9", 0xe7}, {&(0x7f00000031c0)="ebdeae42365368f5edcdd67199443ca931b652e3d02cfbdfe353f0ca0ab26b76b7c5f5835cab405c77a5a889209c78726e000a3e86b306b4c2e304317bd867b1043803866c32b98ee0717136cbd2b6a1f9df9aba3c321c727f1e117e9c333ada7510145f80d820864bc0294ae25aba4026cd8c161a35757cc15c09086608a8225b8a8fba859d1ec1bc73382221a418dbeca1db174d643fabd71970c7666f890cfada4a7f54f00fcefc7454ca89ce9e587e3eddae9f39b68c2d131ac0914a7760fb7db430958d9af6193241bebbf7d94b718fd77f1f0fc54de02d3a8b3f345ebf1a3e4ed02526443f7c8288d894abd9065e0ea947c90c233dcc57ba6c060c71130ba5e7e506ba8cea163ba670e18a30e5c9d2fbe8893fc33cd0761b93fa21226f4300f9b5f24ed2c7649f39b314f1368dc65d1433caa5a0f022a84e258fde09c2a2852aea858e3ee30346d12aa525f949f7c1dcc4c4c593621810ce5a4b5d4f26d73a262cd40219cfdc3ba8e744f560fb5eb3c12f477b10a1d8793603796ef28a25c84285f1474e8dffd4a04817ac173621877ad732ecd9148fd0d9ed9c341d45f089c89fc09d1e26b98a41a34cb89f12e03e042510cc8776202a817992df0fcc778a06aeca690143404ff8159b4a826cf34ba90a7a494051226dc6eaff8bb3620030b1dd70c2f394608825b79751e4a6e756283fe45ed9958b3061bdc6f588abfc3abb3c1d4ac4c86ade0e5e169bcd966e1ecaea45505c79593f38db8ef84d0257fdc18e5bc08133c25339ab6c7e8593d73503176a329d2968fecadaa234707be4a7b48039b66e4bdaee037e49612ac1823ebf10e583b4d54b6c637b167afce528a60312182cbb8130ee82689f880680dc291df759cfe1fc22cc06b299af6b18c153361eda88d88746810256a0f1e1618a2f07c839f8fb117003051c207e5d1b6e240de60aeb7bb9850006a4c053d517258b4304d2dd109e44ca08ddd687931523f59e85fd3052d336497464d34d1f359904a021e440e6c3a049575e1d436cdef783062ea8990bfdc45b90e78f1866a003dc48fe42b06dcaaed1508b27215edf8131d67d30f42cd50adffaeb8c654d07eadae95b75d4d7f2dc859ea0a88dfbc814224e6078e04676ab9bfdf3d26744bf912e7de19e200e6160fcdf78e0ca3d9fd12605293eae7119abf1d75e867c3bce8a8dee7d8d5cf33ba2955b0a8bba7435666924c5ca716dcb10f1dd44064660c6b7238f8d52dc698bf84b817d89c2f84a81d6df10452b96459c5b801aa4d03c3275d58701c37a79fa2f94a69235a9b483e7b51a8d5777dbfe57422eab4119c854dc4ae9d1ac9e4e93ca545b52020f79ac514bb71707ebacecd9ecb24dd33782f1c8e524e5000ed12b4c6d4deed2c6d845fedc89926833cde69740916f0b357a8e65715b391a81ad9acd9e482d1cad5d562acc7b099c60d62754ef749c44c7343f1d8556e649b76b4dff8b598dcb9b31c491f088b3c476171741d49a39ea2bfaef14bd2dc9aab83169e47286fd7e86ca44ef420ceda491b46ee986b477cac47124f6f965ea871744fc4a0dae9e540e27370845ca0cc852255e19b1f371a65951e35331546a1627eac70a48cc6c3d5449b7c378b2ea4ed30f2bdf31f7eefb0e55d08085ee4943e354fe436736234e144c21da2956c0b731c653e93313f0f35f6b36c2a6c5ff100c4d276bbbbe44253efef0fbe05d01fe67207e814cbcfadb099056d66f4310e7e8e8ceb9df9f4bfc3e4f4445fe03ff6ed99517ac4ec3ede0b327637405a5c38a64443ee99d5db2ee6850e8b272586525953a329bd4430880f2c482e26dd14ee6acfe1af15dcd4b23d7dc5834bc0a54179c8ba29774f02ddbebd1cbc931126df3ab39b7619833b77d5709f2721becd562b5b6f6c4745a1515e527cd2138414e9d125b633f3911db9928a3f255cc7695dfb4ec4edc45f93a03a1161111f1a03fe09f4401e3b8519cffa2226506a291cc4a5c9d9662083c9fd38113dae64059500a5c346f28bfaad7b938ae26f685ae2cf8b4fc00f01bc6bc9f89e3d6afc8a7e41dab6d69e8443e9faa6895d1a0e66c90707ed85d184900c48b8604b6148a6dafdd67f318ca03c946bcd353112cb580883c7d2d852a39fa441c3871c419cdffc679e8d3c5ac53e0f89794370e188e92fd3b66639c8117499fccb6bd2d339c43040373280587f7274518fa9f16ce9985d8399298d807a4aaa082a6c9a43d59a20b62e8c7d70fe462c2f4b330cfa852c37aa0c092d1f8f3073eedf7e56e63cd540756105083950da177c3733b519a9c41ddaf7439b053b3d656a2ce67c178acb3c04d4b01ecda36d3c5d63466a7029aa565b6f8b685d67df23cc7fa913723336c3c857cc68109e806ba269dc6031df22efee2bfca1ef5dc36749b2a5ca4205c7036443cb1470d9eb91acbc6c0ec1b79d56f364309871bdcb6e4f9fb4be803f45082b75b45e3a6e5b53d18d43dc82ec674bb82ec93d34ac1f2c55512a3d3971affc36b907c71ed605c4959685a4bee708db7f83f3bbdf9bf43d45802cafab5dd8ea30a888dcf583f5c6eddcba7b80d909d426c23f1aa5244f2024ea850758511aa6cc1226151b8a6efa7dfd1ea0fa3405810e4f8ff7326d3d242761c16a5d44d154edfe4ff7b6f55a5f6a73ee098e0bc32799c9143eb58d916226988f51ebf6bea2889ad8e2b0e20fefa2d7e269c7d8201ca5cd8ee9861ca63aeb0a7002fd814079811efaf181d09357093d0ec03521009cff13b738bf664fd1b9f4e6be73c5f41cc103e22095807b8cf9d3f1db27197f150ea308a8d8d07d9bdbce1d8d2debcb8b60e7a44ed3f6c78b6861b61528b95c19adf55f2a7ece28588be2caf230888177f17b75cbc92f498acfd043999594647f77768906c8db31dfbd33d3e09149554ab6266a92401375fed3cedd46be0226dfe21e2e6a6185804e8f4e281bb427b3f7aa9603cbcae1c8aaed6a2ba7c2b069ae6e9eea88c8ab2eb0be0509604dca307d1f8b8beacc607cc69d6ae2b2f34674b50b442818093b8f472ac646b133424c136ecc596cae2801f2e1c099ec4b8454324ba218695cfb9c181a0f72364f51f8e63b323b0fd7dc48c5862e177a8829c8ea758a3c1a80b25482267783e50d1a6175fdf42bf089897dbc18fdba005847d3cf04049ef75bd2f5d5a9d0400955f25573f9beb1d64c460ccaff12288da6c83216eaec5ff1b6b31a840b017528586f8d14717a6d7fc90f29dac26842fcd163786fa3ee2d65199c86933d75aa85af5ca7c8b3329b09e0b47cee8c294295a82e9058bee6cedc401b71c58e988d6d86031a5255a66c68c8bcd951dbc32aab082b736c2663d33867da0e1e0c1797651972bc90677666095ede7fc44743a9c84756a5a00113475b76c09db256ca1a8e00cc20a55d94211d9bff027d23d531c79a3d1662d5ade70e80ed4836ed66c7f24d562b104471c733e3cbe60a0528a06c6a54d30725bb397d6d14f06037479864bf697eb6d8c581e30fdb01cef6148101e0c031fb4f0222d18e2aeb9454985f95f706fa6c69ecf74fd96bc298bd9c4a17e1860efb31889847e2e270f7d57f25161ee731b335e5ddd1d25a1a13c109d1ba4958fc7c3828a31cd608d0e3cfa916c6b2c5703963861eb2e5951980673f40d1af1e71a66bbbeb73da5e4048ac99a6607173b9f130533592c317a6da2744adb626d21cc847a4d0eb26f115654496c55b3389a364e7ac2fac67b154cdee4fb13d098de22416e07d2ee480ae3cf81b344b01ac915bd66ba5976efcbf71812410d89037ac12b38bfe82932c4d81cb4be0f5ff5e34c108e979a1e059983591091e9ab2a70499bf3efa8fef127ca41f1e88fe369ac1f292b195f5ddd9eb8ddb19fa8bbb341e89fb00ed8b2e9f223c953cc5b4542cd3a0c7a87ed109901dcd64ee749b2a5b49360e8246543b7573dc982fc28969ea6c4a2d7c8870142bb80715ece9bd3fe7d1a74d61f05e9436dc409b44fedec4bacefa7054293c9653c4f9d189b97f0e9684844e028d7a95db7ac360b748a6d3f4927b652d9227b9e7194f6ac5275d28b38aa4ed9054ec55ed9ba1ebac6d0615a3e68e32a51499ea40cbd7cd978396beabf9474305014938fe54923398d55099a1469566a1fa6dd3516f3a663ab0dc69a1f540429537f5a2e0c24e0a0e9196dbaa89f1b92fe4b74f7c8e1954e5f6f91162ba5b34dc21e17bee67945d287e380d6f476c002548495e5ed6c3f7b8e6d044dc4ad305da0d1cb67b9c3257f5980b57dbd96c2e2c1e798a210c4601d7046ff17a9fb95eaea70fbe51c6fb342ce0c1f1457b9da7d5b63a10217f88f5489c3cde3ce191f556e9e595049bff4eae51a916be9eba7ccf550039a5f5d2551c56efaf06b61dfc9325a75781f81982212fa085f8f2fe61354256d65874386fbacf2a2cd2ffd3f40d65851a3adeeebe8feb46345a66c09abb72373660016cbbbd56b65f12102eb6e5c1ea92cb249b80e45e465c3ee56cdd61c7f6ee527ebbc1746a747f0b57a2514215d4bc239a1bc41cab225023a335a378380b0d49cae982b7c4b878f862c1a69a1b0bb854d1c2a01a413a72b4c7920754888992d0bc55d40e6577b5ff835e5c8d443cda0c9bdeef2bf3e87ce638113ebb617c1975fd1d6668ce3832f3fe9cf81caeb1a5c7a2d791f2cd03be363b9892c84087595697580452c79368f5ef3adca255954c9cd58ea78e36c2d7a02f74439b5cc7cf70927709492a0cdd254899bb5a5a739f5bd28b1f2ad0ab1c82a77db67b643f37755f5d07f6bc4a0bcf2f0170b7898ddc5a350c5832342904991d2d407c8d79b0d231f4dba83d1b2e1601b4228b1a066e12a09ca1aa9c1b712e0c8072d012684e57b4f6153a635cdce0b3236f5adc5dd26925ef630a2b3e790176cccfe379dfbbd562f4d0fb69c3d5dad880c5f8649de8a8ebb685ffcdda6c6f86a576bb24054c743caf6a23a10fe67c0c1aa708adc177e762efeeb95eff28fc84ea0056fb278e4936f21990086d9a72368ab676a1146cdbb4072bf80fa9d2bcf5b7ccdcd3fe2e23d0f7bd98ebde6678916064b4a9cc75b0eae480728ac4f2b061ef5014ebb3f42360cd478e5e8baf1273355e40b803436ba2ea7ca14471e8b69166b5d9d3d4a4aba1d452138ad215ac3c061c5d7b22910e609379e8c8bd9f775cd6d726f1a9af5bd33a54e46f1265f62b12843a62128e4cc170932d5143d9bcc08e73879b53ac63f4f5b9089a4b22273c0923a88769ea3671371744eae945dfdf2468a1b1b2b64691959a2234481178e57aca3578940a9ac42174bc31ae2e4cab634c383faafdea05a773ecb61cec8c8e4d8b38a5b6c0610fbd93b86a0d4ecbd8e98c6f0f9c23f6a33464492dde0a80aed63c162ba74b18550b0eb4c258914da7d9f2fe71be5e27c546cee0a078a2458eac41e7d88c52fff671120ec36e933e1a98c4fd4e4c9d2206cef2e5fa40b4860ece7ca441b5c090025fe94b66db61d733b1f0cfccc189308909533ad97775e7538973648b799c577343c72f2749085134dece6ce4d479285664e6318c31b37ea229893ccc4e4674ea7ab89bb746c2957a6ebdd0f2319310c3dab9cd3a3e7912568bd8ce0b2abf7eff042089b3a6cdd994e27497d7ceef4983893dd38ee6a874d15febf23f8e0ceb52f9c7de5b38d13e9625f757bf29663c8f9fd9b1d75fb43ff0cdee664e9dcdae86b7420008274af90cf12d9d90e41e856724f7f71546fdf1ff483468ccd1f549d6163e8f87a6df814d7ec9a5f5e78cbe1d35f67888a83", 0x1000}, {&(0x7f00000041c0)="dd2678c6a5749ee4b368ccb1cd838eaf55765ed14f08faf50a4c31ea9daaf48b1a172beb6340011f57851e5134d49601f1567cbd00ef7821beff1a9014d9851fa28a1d429ad3d47a50152e4bc347b9f20665752a9ad6d4f20dcb30d8dc199b1a99368395a95641ce6e771067ee2156df24e64f0c071a74221f91717565935cac8af65e4459d360b307c0e4f22f51a890c55ac92afc651534127bb5bd94309dfb14fffca68cd4fdd0d61f6911e5e055bb886dd9bdee9e025a7de26f0b13efc412a60596a4d7637bd22cd2b05b11c84be744579b9eb01b2a43fbfdc5b2a4e76f23099a5078b1a9", 0xe6}, {&(0x7f00000042c0)="9d2d05b16dd2657f9f61b832886df703862d7991fb4fc17b43239f07250df91e23816a6f4decd1aa602128a545ce15227ec99b7995676763e0d2cbd86004d33191ec05d75b388c520a10ed2bcd734863ea62fefa3ec2fac35311f16e8540290d0b24a3a4ee56254e8aa50225162740695b1db96f1b317d1083ed3b5a993ee513fa01190bbdc228696d1b4d68cac330fdcd1c1caf4f0d3ea96902ab15074073b6d6ff2793d9cf7cb886c276d86264f5e7b5585c50a48a40c70d1263ef739a52a604ef4542a87d89e1e24c4339123b4c34efe28449d003ed4e5432be253c46ade33956db346a96", 0xe6}, {&(0x7f00000043c0)="29afd5e3a0276f007598ed36300974240a46969f0b6c4c9738318f3d36976d87163e6c4ae190a51e8c988dff82d125a2984287e7b70974e93abb8c7b5eae37f636ba02d01f0b943c997dae6e5acbb70f4afd038eb1433622003e4a096579403def14b42ed25453a2e55ce5f650bcd2dfd82f42c82ed7305b64d0f60f16af9522b18abc4f58a0909596a7d941d5344cc7514b77c3fbdba8360ceb3cfecb87f46e553d44548f483144e59fc40049dc3f95587e8d69e91a", 0xb6}, {&(0x7f0000000600)="50f04650fe942626039b8e29fe72d167140018f87106d5c95d4aacddb50b15", 0x1f}, {&(0x7f0000004480)="099691a53d38ad3ac466a81dd6ddcc5edec317c06578f69a7ae0aac44456d0a69faf28d49e6139d9995e653f54aebc6f911620a64ffa83833596a7e753f2a5ea95c7f5643e4f07acabd41ee70254cd622d384a96692ea3136a1ab8af0e307279e2ba0a3efe5f86e0894135ece4f44dab518d05b4cd9a0d1d7ea34bdd4497aa45f9569e2352aefa182dd1ad40fbd5a425ba2d6f1491b5a1bdb0f6b8f281a897cab75ccf", 0xa3}, {&(0x7f0000004540)="0ab8afc0325d5ed5f6cc45d191f2b8c1b8afca4977c311ff05f5c61280946df0f69145d81d5972d18581a4652e67c6392d9d4927c0d91e49bcfbfd8d9ce74f82834c00b14c051719198eb2411352a6179588dbb7360a96750b02573e47fcacd8ee7372ec461028cf7036d587a6149378924778aa7aa21ff0e88921062c84dbb2e0c05dabdd77e0610620b3de5991d7497740190c153c3e", 0x97}], 0x9, &(0x7f00000046c0)=[@rthdrdstopts={{0x40, 0x29, 0x37, {0x89, 0x4, '\x00', [@calipso={0x7, 0x18, {0x1, 0x4, 0x2b, 0x5, [0xfff, 0x9]}}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x2}]}}}, @dstopts_2292={{0x38, 0x29, 0x4, {0x5c, 0x3, '\x00', [@jumbo={0xc2, 0x4, 0x9c97}, @hao={0xc9, 0x10, @local}, @ra={0x5, 0x2, 0x6}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x6, 0x2, '\x00', [@calipso={0x7, 0x10, {0x2, 0x2, 0x9, 0x2, [0xfffffffffffffffe]}}]}}}], 0xc0}}, {{&(0x7f0000000640)={0xa, 0x4e23, 0x7, @local, 0x80000000}, 0x1c, &(0x7f0000004ec0)=[{&(0x7f0000004780)="b9341c981a61712af408882973c489ced5ddb45c8fad744f91ca8fdf6af38442880e4059b01c8fe61ea66b56dbee5c709d7b63bf7b2eb24bb9607bbf7ec44c7ad7e2a86ae71028a561d6350330d3e5e17b48cba13e4f4dd88c8b0f4df74fb16e4d957c1c130b6e015c7b1569d1bce6", 0x6f}, {&(0x7f0000004800)="be87bfb5e9d3fe45c2dd5a3f4aa97860f89630514d70b2727fb8dae40669187ee7a4527c5a8fb014a571c6107fc29d36935d5b534ce0067bcc3b23db03e2ee1b52ffa3a77638f77780a4d947e295f97b93fe633919f1a5a5a7c1aa961e218c76791d002fbbce62a6cdb66100a687658d663ef8c71aa96c6608123545f06e42822099468f921ba5e70425cee38d0557f0aa07f093185157c780d17b57a732a5a61910e6c5b3ff30a9d5223690422c1ab3224c07d4a7caeeb41c3eda832156efc90916fed5d6bc55323821f8989e52288ffc0b5645e60f1a169512c936", 0xdc}, {&(0x7f0000004900)="35417d60b355f936548ff7bce09e2e593e59cba633155f5920f8004488958a8ca7074ea294afd430c4424f976f050e979bfb0843bab2776fe5944461a640fbf67d7812b0bf048e830419964e63bfbda023155caf55d499d7adc07d5f39836b09ae5e62cd9228d4861a0f44ce6a54ad5c913a42e82dc87c657b53328599a48d73705cf40583edf74a367cf139eab02b37c9b4f55e976dc89e0a0f938946e9d104c2ce1681423cf03870dda951b0", 0xad}, {&(0x7f00000049c0)="65596931bc6f4a36d2cbb18d83334454fe823d81320fe85bb7383d563d7ede5713ead83a9e07b47eeb875393264ee83f6706ffd0e94ba994b1e2b58274a8bc753442367be13127574c5e0843e337dfefff0d1540ed926f908c0a0b31bba62e41c9ce5bdfd2de4a01be7d02bb45af730b0d9be8791b83a629e90063f4c9cb1d99cd00b76a317bce7a9c1b1d3df3dfa289fa5a7637f6066cd7eaa41309ad2017de9ee76022d8646664b9084a6a33443b066bc454acfd2e6024e6fbb8cd11a8d10086ca726e3c94854f9c84e001b54115891b18faf8d200c6c22758ad71cf431cee6c078d4652f49f6ac9", 0xe9}, {&(0x7f0000004ac0)="3f54c8aa1e6d0772b9261edd437bd5a4080986079820296ace22426c04ab018554927b093b65fd10a7f566c2b677a4f870182cc0e7fde6779a23b58d0378e2d4755f0a54d031eb07f56d695a4ba1e85439adb476a6a5ffc6eb92b7109dc417fb72e2ea3e96cd89c50efdd70f5b722cecd1e98ed09907fda8583fea36115d8663d8ed4bd55adab42092d20ef3d7e1b493fe72ca262e59a2bd20e5715b4627dae71520bae7a2e3ff8d40eed101b2bd13b6dc4608328506b1bc1d0620826cfd6e4a7ebace4d1f1c481478d29abbf3b0c42b08629d795f36", 0xd6}, {&(0x7f0000004bc0)="5c88811de73f41629c347808d46c061e10c44992eb1b5006c3d9b084235cb4aa4970ab576cb953b2cb399a677eb84c4ae178a484603dba96fdf5ebc07b1d5d4752fdcb9ec0db0f2774133566fbeebc92a2a95c7b487a6cd901ef0c447e4d2ad8235ae215e8fc3e9dfd8c9d1cdb026964926eeb0af4b1cd84a197d409c68f8275be0b746adf2b2f3d0bb27644bc274102dbca27ee4616c88860cc5098fffe45355833a9da0dffaf1f153d8d53d78830b8419aa16f4eb4c4e1b7455fc03315532746", 0xc1}, {&(0x7f0000004cc0)="2b74dae2e7b2312d2d2a8c09ca7a233dfcaa4f8fd296ef2ad95fe1bf68461e5fbb01f6edbb35083f9b469e4e8c96ad8d782e29f0adfb981b7afc1bf3c2d45939f66c0ada7b6eab1548b0850b6886718280db090c80350178c03f9e82ec8b6064b0290f2fa94dd30bfa5a53bb17205a506a766774c9a9d882c7a1", 0x7a}, {&(0x7f0000004d40)="4531adceca71fed10360af14271a8ba776e3c6568eedb7f97599ffd8692a5018f245e05c492fadef8b0a253e76202b9fe6823ac35acb81baecf8a5a921545e04fd38db61cbf1224c4cb541103849a8939c4ef040833338c4134b966e26f5634447ced3efcc6b5b036a08b5950fa53a9b1bea207f066fc84cd6248a394f23546dcf9d1a51232a23ec0b1690ac3b0ac091a19b9c637fae88965e58d72cf3151ec0da17e854f81c327a102cbcb39f6dde9677", 0xb1}, {&(0x7f0000004e00)="a7d2df7c8bcf0f3d449fdd39c3a80b14db07173c835672cf9b8fed02b6ab3aed8a6a7da5a29c05b806d06b7cc3cd985c68f12ac767d8e5784d7f8c53ed3d1e7766055638dbd3dabcb77759db9a8d58bfb5f5214317c9f5cadc19634c6c39e272f9d3d39c4b63971a9de977132993cb0697f089ec717d6e6cdf883b15618431fcac50f386a00f2d82f32169", 0x8b}], 0x9, &(0x7f0000004f80)=ANY=[@ANYBLOB="2000000000ff000029000000040000000000000000000000050277d5000100002200000000000000290015e45d89c7afac9f66f55bdf6300"], 0x38}}, {{&(0x7f0000004fc0)={0xa, 0x4e22, 0x9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4}, 0x1c, &(0x7f0000005480)=[{&(0x7f0000005000)="8603bfe8c9957d30d31cbea46d54e9f2008ca3b3b6c259d992cc1fa7ccbac015dc202eb0c9cc060c7bc792bdb93a0ca314ff6df6f1e8e8c95efe1d807dfecaa82bbbf9d4c6113f52af903bc7e71d09dea7986dfde178da32f7bfd8bdbe5c9b438a8722c3d63dfd31d6afc76c522fd6cfc92f440f9ae59f01c943abf8c3c0b692b144590ce8d2714cf91f6e54c08b401b6f205b0504f089280586e8a6a21ddb3244f1e6cfdc37a5a5304e7cd44f41", 0xae}, {&(0x7f00000050c0)="479fa851fd85ab14a60fa471bfedea3ead0b6274c676c5355a0cdcf9405aab0a88d5ae388af69ca8655c8bd64093d71b18eea71d7b07564f63891932f178e7215979f927128a25909eb908a41ee5f952b0b07bd18a528220607d0995f85435edfd23ea88b018b8f42de8405e5a4c8f9c22e101b7b3fb353a5dbd41f4187001261469d744651bf64dfefbcb81cc86a3113bf4d13a39b7bcb82b6a7883e806803d3b613470e1fc60d1b50004", 0xab}, {&(0x7f0000005180)="9318f6bbc16ab015f5841aeafca9ca722cefc592e35577d99994565d5002b087aefcbd4562d075fd8756c25fdd72d4ec734551b237a25f7402d8a0f14ed04c5b5058", 0x42}, {&(0x7f0000005200)="3ec798943ce18e00e225744e02df81d3d293e3e092bab8fa79f1dd4d18b1180b2415cb1e087d973a6bd997d3628b2d97b56204943d9c5f6215", 0x39}, {&(0x7f0000005240)="67c1002f8ad3174e5b5d5b7dcfed0a89a2f83152f38ab5e9c849365db67d540f02be42f00d51a6552b288f43f4169b53663239eb", 0x34}, {&(0x7f0000005280)}, {&(0x7f00000052c0)="b1708f360882b7e11e8c85d3ed08ad0b3a7ffbb3aec3ec938f16d76034944d55beac582c25a2609494047da39f2bc39daaa3177b46cd293cf58cdedcfdce0a13d1d7c293978d83fd242bc9ee12cf7c90596e58fdb04220bba97284c489a8c1a3c2b6b769df4e4c1e765bb05b8454612613178b0f539cad69b3374bb93e5c867342dddc3d7c182f3f257849e2b124921368d96bd92b03e8c6b0a1b119fa8f54149e4c5c7e69fed625a35711cfc4ba8f5a260b2950c1a77c5cc1b2f1c4169461b4755afa226b4917bc98156a27af", 0xcd}, {&(0x7f00000053c0)="f020ee56ef8355c2c7041f13fb1dd54403fd9baa1f4f7a88c80e899930e538451e859efedd0057a26694ee92fdbbfb3bcd0002e200d9017194aeb206f944de8baaaab0eae1120b8d8f57177b70966e099711c08f8bc9dbdb3aad92dfb684f8d76ff09dd01446fcd98dbc1708c830c97ca64fc1fc75997dd9b7c716315e1d2f871c67d017c9848ba7e8acdbe2a706fd65d0b8c8a58c4d6501bc602580f9c4057fe4b6ce286b0563b5f6bac1cb", 0xac}], 0x8, &(0x7f0000005500)=ANY=[@ANYBLOB="78010000000000002900000036000000012b0000000000000875f787f0ebc5c5e3bdba549073965a464283d993177c97ad6d43f9a4871b51c70e7eaa3e104816cfaa59c36808f8cfea685810edaa29bbb1febd65c2bf9128ef4c6c57c192e82ee795b19ac9f43b75df29889ea6fac16c4aa6483715fc06ccb8a737ff6344a6220ff8222efc5b9aa16d79c2a0f13f9704010504010606da99b563652e094910b69b36e03dedbf7fc51f49d30bbc1a2a2fcacbf3c98766feca182dc20d2d2d3747c87ece2f35266ef2e017053eca9b0ebd5df35959c09a655d50dbcbb6c447fa26b5ddeae0f7ac9dd89a8065a9346d80c9ea551237e4cc6b766979e0f41894c15a14471ac42b3de3f3cacc99f8ba745e60f61570fd0009102bdedca1ce2e19ca6dd1800a58c8ad595c7141b878bc3d846c15bf133301707948f08dfea3160ce0db6fcf226cf5c7b1f61df67739c4b853533fca7e240535380f4dab2718f90b4a674bd2df999e6e25abffc4f0c0423e1e260300009800000000140000000000000029000000340000000500000000000000"], 0x190}}, {{&(0x7f00000056c0)={0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xd5}, 0x1c, &(0x7f0000005dc0)=[{&(0x7f0000005700)="5373229e50c04e11baaded6f5b45e2cc1ffe447471c0b34fe2d15ddc156f49750c9b0fdc2d254c9f0ff7c623101e1993b58a1bb7c7672d00c3ecb5d3244cf337b96cd3b82d0b78582e2659c37c6537514d5f64764ef46a9368948aa8977feaa50ef5014be9f05f585fa949a45cf74045541ba2aa7377de0d1f89b4c90df83ac6a627b5d17c2691c092164dc20685c45cb55995454a288b000727c098c522e1fce8a025981f2b731224e4ebca160696558ebb043c8cda9f754e0623c4ef1dfb81ac6ef48584a62592", 0xc8}, {&(0x7f0000005800)="e947ec74254d62076a0dc05ed2c3cb5f6452e366535563569c8461aadd50b483181308da4633960308742e46f23a5ce6c66f0ee5d1374fca2258d3bd37f6c8f0b71ae6f6898a12054b8d9c2da5d24c961c56f0f67d961439b9539b4852f6dd93ca26bcb7808b08a1dc94d55d4c0253dde9320940488f1125bd24402acdf202832c506f42a6a766f77d71de11b1eba35f335c31c89d8057a9752dea2a4bd156540a6eb6c8beb0ca0f2c7ab4bc5321e60f486f742402528249da", 0xb9}, {&(0x7f00000058c0)="ad3c54af23bced0f3f0570c3c38ed91aea1952b0b22056618f137aa1906b000575e0ffd35d705fa347a61c0ea5610980854a08b157407f7f764aa64fc596a121b9397a4406b8bae9957a66e252e67bbb9690277ac91425c816f47c7cd1d8df40692b8b78b9c1c3251ecc12a0da099920be105124fc600396d9ea4aa2e4e4e4fe685e2f2398bc8d045c0bfb081e76979d3c5bfbfe29c667911da2841d4fb2d96e0d3e71bbbbc856b5e63dd95258df5658e55976422e62734bc56842b5c0a3dcd1a8eab2f4427540d8881be27f8f224b494894ee6b6b657537951aca05473ebff0cb5ed813ba793ffee89bc4cb1a36e1390d1d2f3269", 0xf5}, {&(0x7f00000059c0)="d459c0a73d52c753cc4be80a20678908da8d6e3a1041203cb899f128d46faf25c8abd828f0ce073249107315", 0x2c}, {&(0x7f0000005a00)="a8aeee78f1ef84d6936e0a6ba86bdc5b04b23da768f796c062e02f93ad0d4e81c4d492ed51c23c75ae4143ee4351fef2818fbd2f385f79773b4dacdde9804fd8817d6f89c2c6fa63df4890eb233ddba2c00ebef1aabf067d", 0x58}, {&(0x7f0000005a80)="fc1b3b03f7592594ee862ebe83594d6f82f413b5b80fb0cb00808dc49c2ac3ad15e545153b8ddf80a9ef2b1011ab31d89ed50d9f2eaa0b4a9376d6b98a33a899dc8e55373cba7f5c6c4b2aefe9cf0c04d07864505a120fd8e505d762e083401084a585515cfec2a71f1593e36b64c317f5f56aaa6fbd95fcd57d1eb67e3330eab0f958253037b7dcfa9d3b13af13561f29d13d2aa8d297ecb22b5e506ced2ebb1d1d", 0xa2}, {&(0x7f0000005b40)="55cd2fa35699cfdfb81dec70a7725ee0f5280597ed1ed9af2164c45e751622a519b57d4cd4e2ac531483c63fdc1c8273841757dbc743fe3122ea95f311ff3f0e32860080f3c739936255a05c9009d7b16795f8101a2ec700d9c0486449949d7fea662acc970bc98703f64e53535cba836da3cbe4b31dd0df3d92c7b388acce9f4d8917ae5367087f32bbea27dff96bdd52815cfc7bc70b517ad7bc505797d1c54c771deb6e8070d94844f9bed9ef58cd16", 0xb1}, {&(0x7f0000005c00)="502f0fed512e3c286934f155b71e0be1037b6eff1ddf3b0ead6cede379a146c56fc86c5278a334d2b1bdc16056fa6e4e2d5d750e638ca62ddf5bcc71f6a0fa92bb4018e458fe08146b477d0330ed7a6b414eaa9ab4821d278983ee7b476f9734eb9459bfaa17f6002a20b25dc991ecd1b2230013bd3f94f7c8eecd4e797375248a26a9ff1f5f6cd15f43a58a4d118591eb09633beabbdbbdc780ae65d7de5f2871c1ce6bdc72c8b689a8618060560de9009f045a6ee32cf0cf26efa131270e92c42ecc2c67328afb61a2de7f58ff911da6ef927e2081800a05879f4f2f0bb94f0dccde43cdde98d4a82ed2ec5bc10b1fc3762aea990ac3e08e333a91d30b", 0xfe}, {&(0x7f0000005d00)="75fd1c1fea4015f9dce6b2f2aa92502d0eb3683ac1b0303c1fec0106831e8c6ec71899c3caf42153c2a87ac3f94b35f17fd9188450410ae050eb6c6ca18ee525e6e7a9b7fd693582169886f0520c45bdaa2ae7f15ccf8078bba2901308d28042a32f2ddac507c2addadfed3def8facc7cfffbd83c20ceb6bd5906ff3c56769ef69a23343a7ef8d4fed1f0405566e125f9dd6bd553f883d0e8aeb782239c4b1f03b75516aa6d9f9370b32", 0xaa}], 0x9, &(0x7f0000005e80)=[@dontfrag={{0x14, 0x29, 0x3e, 0x92}}, @rthdr_2292={{0x68, 0x29, 0x39, {0x21, 0xa, 0x2, 0x4, 0x0, [@remote, @remote, @dev={0xfe, 0x80, '\x00', 0x18}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1]}}}], 0x80}}, {{&(0x7f0000005f00)={0xa, 0x4e22, 0x6, @private0, 0xfffffffe}, 0x1c, &(0x7f00000062c0)=[{&(0x7f0000005f40)="e0398153d2264d8a7603abe26f0c742bb224f7fed800d374fd00136d3e9471b45f5456be8e466dfdeef0fb017438dc0abe3a8a1d3171f376474a54adf2d31abea0fafc1ff5c6fdfcd054ef41a199a1b11538e3898cfd6596c02fedb0bb4224dbe4af2aba515c75cc987c162d8538b56a1159ae1ee9d6fcb1a34c0d16d3b42f9a", 0x80}, {&(0x7f0000005fc0)="83b4fe7534217861b794bda92c35e76a621494c7657706c0ead4cee91c5f16a4ffe92a5378822ebb5e53f3848b8d1b659da405ff9ad52ad387ce627d25867974ca3a6c4a1b004c9e80ca0d90db4652e89536a11e08ed0c65532a0990d43f457dccd3ff091f70a1401cffd1a9be6e63741b41c661c5e10c7044743c13b9aa6daf3557fc6ee5b23cb36124c4d13f00", 0x8e}, {&(0x7f0000006080)="3cd3c551e4e5e7d7d33e3364cde44c06919c2f9fa064329e68a0364f33b754e7dc3536ff7b0f727c0c79c07b59ee45446d3f3dd2b91429ec829b02edabfbbc073fb83c28e76a5fb22130ccdb43e9444c51377262b3df1a2dc6b41e0b8ed75abd0b7e6b2835d23dc65dc157a26b17ddccab579d144a661601372777d7158153d9b9a67e4e4ca6c8a3c2740e9598a1", 0x8e}, {&(0x7f0000006140)="3a7bae0e2e042a1f57e582a24f69b145a6d57e60738b8adecbaf261ca024371ee7a92ec8b0efdb4a7b3d5d12c3680377023b4ad8830eab6c35e2204a391750fe260ac13c31b355", 0x47}, {&(0x7f00000061c0)="b0d9459cebdf329cdfdcc5e0c8590d5b9536919d38cd3102d7164bb3493eab4845bddc7331eb193d0f6c3c0696d14cad5a97a9a67e8945ad1477a4182879da30ff6e2493c1e9060db0805093a40481834cb2c9672f3f3ddb57b4e4c5e60e16be564d2e1dd0f083869d12528264165f1be3272d4f8e2e8c43b32c924dcebf965b7f003be71c4c24ac6f63c64c58c137687e5fe495e903797c591931d4b2ff3acb16dcf6340e3e9ecde55f9e1409d552e618d112a148a0b6a34fa33ce76a3c642624cd7b2b15f5acd03cddfbdfbf6c4433c931cd0abb0eba736dfa76a010c29435c080cabf0d0d1a984d7ad5c6c38f7916fcb6a0471d02ec", 0xf7}], 0x5, &(0x7f0000006340)=[@hoplimit={{0x14, 0x29, 0x34, 0x3}}, @tclass={{0x14, 0x29, 0x43, 0x77ae}}, @rthdr={{0x48, 0x29, 0x39, {0x0, 0x6, 0x0, 0x3f, 0x0, [@dev={0xfe, 0x80, '\x00', 0x15}, @mcast1, @mcast2]}}}, @rthdrdstopts={{0x60, 0x29, 0x37, {0x2b, 0x8, '\x00', [@padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x20, {0x1, 0x6, 0x1, 0x7, [0x4, 0x8, 0x4f]}}, @pad1, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x3}, @pad1, @enc_lim={0x4, 0x1, 0x8}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x400}}, @flowinfo={{0x14, 0x29, 0xb, 0x3}}, @rthdr_2292={{0x98, 0x29, 0x39, {0xa6, 0x10, 0x0, 0x80, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @empty}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}}}, @dstopts={{0x58, 0x29, 0x37, {0x3b, 0x7, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}, @generic={0x1f, 0xe, "831cf729a5738b4fc1a08c8a1539"}, @pad1, @ra={0x5, 0x2, 0x3}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast2}}, @enc_lim={0x4, 0x1, 0x5e}, @pad1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x800}}, @dstopts_2292={{0x98, 0x29, 0x4, {0x89, 0x10, '\x00', [@ra={0x5, 0x2, 0x40}, @padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @calipso={0x7, 0x18, {0x1, 0x4, 0x9, 0x835b, [0x7fff, 0x3]}}, @calipso={0x7, 0x18, {0x0, 0x4, 0x4, 0x2, [0x0, 0x7]}}, @padn={0x1, 0x1, [0x0]}, @generic={0xe3, 0x2a, "6989cbd432d9bd2aba88b4e1d6d1995cd201433389c6a1d14475834c5fb2daf8781908186e68e56b678d"}, @calipso={0x7, 0x10, {0x3, 0x2, 0x2, 0xee53, [0x82]}}]}}}], 0x2a8}}, {{&(0x7f0000006600)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x83}, 0x1c, &(0x7f0000006940)=[{&(0x7f0000006640)="2e72bcf6ea16045422f22b25d31983da7deca1f6c0bb66c0631c486d448f0a1d07d0aea0f68840a4f42e14a0f8d7714a6950eadddc09aea536758d8eb6d3fdda13ea3b399e3012970c6cd50933918e81c89aad50d120223e20521ab767d0debfeaf61a613e9c7875e5a6a38f379d5295908b937f13d28006b1eb3d45a058ac8132aae497352c868049e3e067c13676694fb5559714e6d084da45380ae7374248fb0d1f3d679e8a27c8f1b5038fab3287e75c57a554818106fa66ec04447be099676745a53abaf510b38e9d7fa6d17a03db991a24b53a27bfece5cc84", 0xdc}, {&(0x7f0000006740)="e131b100e71bcaefb603a656ef1ea92833c4f46feda9ac37543f5ecd1da4447e050afbaf18766ff4604b46d9acb1b6f651056896dec652d901b897c08a8e0cf4498e24158995dcdf1d7cef7e3c4a6c281e8828dda19b20ec8de66de7906445ac07af1f49e365783f6270a893c607ad3c8988f416fbf0c33434d1adb9517abb8b160d5e3f858f6334b0580154f696f28be0aef49023a1a7a98a3d61f20b9dbab949be35ff1eced5730c90c625b7284997e5be317dfecdd603e418b4488c97a4e907404ca05de94064d9fedb", 0xcb}, {&(0x7f0000006840)="6a3acd26f92597e861571bd5ab581577285cfeae233d60f38d28b2368492d7b6500d7aba6a67b1aaf144cae300b8867a3a596cc9f997053e98cc4ff50a95a604d108359859", 0x45}, {&(0x7f00000068c0)="8ef8b58640a98059a875fd669eb299a73261182b10f82aefa587b18ed19c805cebf241c0fe21d124cabe0ebf6e4d01455398102f0727caf96581d5a61417eccccca2a854c3c08c44a039d95a6c231a94046ee49a11ecadbca8e314411855c6289fdedd457b578d5835", 0x69}], 0x4, &(0x7f0000006980)=[@flowinfo={{0x14, 0x29, 0xb, 0x7fff}}, @hopopts_2292={{0x40, 0x29, 0x36, {0x2, 0x5, '\x00', [@pad1, @padn={0x1, 0x1, [0x0]}, @calipso={0x7, 0x20, {0x3, 0x6, 0x9, 0x81, [0x4, 0x7ff, 0xfff]}}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xe8}}, @tclass={{0x14, 0x29, 0x43, 0xbf}}, @dstopts_2292={{0xd8, 0x29, 0x4, {0x0, 0x18, '\x00', [@generic={0x3f, 0xb2, "a2ed9c717d0b7f852b1892708b232925c3405b633361d73cc2783a8fb3c9beec8a41a250337393d99e74c9322f63d140249f019cdd30718eaec4687abcf1a3a8221f91abec0e1da6952e157ddd46190443b8971e24f4b6c0a63b43382c8b2f5d59bd44061b29385b7e18153da6d03fef19d476d73b52fca6d05d7dc7a39fce9aa7da93033c6d1285f5fc8ceb13c446b286a7fb33b7bc83a54eaab2df366cd3fdcdc959ccc7cb59ad42682e90f13baded0ff1"}, @pad1, @jumbo={0xc2, 0x4, 0x80000001}, @enc_lim={0x4, 0x1, 0x6}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x861}}], 0x178}}], 0x6, 0x20000040) clock_gettime(0x0, &(0x7f0000002e40)={0x0, 0x0}) setsockopt$inet6_tcp_int(r1, 0x6, 0x10, &(0x7f0000002f00)=0x7, 0x4) recvmmsg(r3, &(0x7f0000002d80)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)=""/40, 0x28}, {&(0x7f00000000c0)=""/164, 0xa4}, {&(0x7f0000000180)=""/29, 0x1d}, {&(0x7f0000000240)=""/128, 0x80}, {&(0x7f00000002c0)=""/30, 0x1e}, {&(0x7f0000000300)=""/107, 0x6b}], 0x6, &(0x7f0000000400)=""/3, 0x3}, 0x101}, {{&(0x7f0000000440)=@rc, 0x80, &(0x7f0000000500)=[{&(0x7f0000002fc0)=""/214, 0xd6}, {&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/229, 0xe5}, {&(0x7f00000004c0)=""/10, 0xa}], 0x4, &(0x7f0000001800)=""/178, 0xb2}, 0x7}, {{&(0x7f00000018c0)=@xdp, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001940)=""/105, 0x69}, {&(0x7f00000019c0)=""/212, 0xd4}, {&(0x7f0000001ac0)=""/187, 0xbb}, {&(0x7f0000001b80)=""/140, 0x8c}, {&(0x7f0000000680)=""/11, 0xb}, {&(0x7f0000001c40)=""/39, 0x27}, {&(0x7f0000001c80)=""/93, 0x5d}], 0x7, &(0x7f0000001d80)=""/4096, 0x1000}, 0x4}], 0x3, 0x20000, &(0x7f0000002e80)={r5, r6+60000000}) recvfrom$inet6(r3, &(0x7f0000002ec0)=""/58, 0x3a, 0x12141, 0x0, 0x0) 23:59:39 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x6fccede7, 0x1b}) 23:59:39 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x480, 0x103) 23:59:39 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 46) 23:59:39 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x12}) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r4}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_ACCEPT={0xd, 0x6, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x800, 0x1, {0x0, r4}}, 0x1) 23:59:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1679.840870] loop5: detected capacity change from 0 to 2097152 [ 1679.843957] EXT4-fs (loop5): Unrecognized mount option "Ù—KئBvÉÜqL+ ð¸È)g§XΨ?“Âŧ)°‘Q¤Ìí­KíêN_ë‚«úy¤Zý£0"`‡OÐU°„˶#äfLlI6Ã¥8„<ÿBvtÈ [ 1679.843957] i¤*³¬ƒa ÌV‰ž­ï¸šžá éOj>oå3ùVa¶dê!…BHz#Gøë•¢d_×Ì3÷®0»@¨âÐ" or missing value 23:59:39 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x200000, 0x26, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c20000120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e31393337373136313800"/192, 0xc0, 0x400}, {&(0x7f0000000140)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040000c00000000000000daf4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000005500000000000000", 0x40, 0x3}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000daf4655fdaf4655fdaf4655f00"/8224, 0x2020, 0x2000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x4400}, {&(0x7f0000012700)="200000006c84f94f6c84f94f00000000daf4655f00"/32, 0x20, 0x447e}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030000000", 0x40, 0x4800}, {&(0x7f0000012900)="20000000000000000000000000000000daf4655f00"/32, 0x20, 0x4880}, {&(0x7f0000012a00)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040000000", 0x40, 0x4c00}, {&(0x7f0000012b00)="20000000000000000000000000000000daf4655f00"/32, 0x20, 0x4c80}, {&(0x7f0000012c00)="c041000000300000daf4655fdaf4655fdaf4655f00000000000002008000000000000800000000000af301000400000000000000000000000300000020000000", 0x40, 0x6800}, {&(0x7f0000012d00)="20000000000000000000000000000000daf4655f000000000000000000000000000002ea00"/64, 0x40, 0x6880}, {&(0x7f0000012e00)="ed4100003c000000dbf4655fdbf4655fdbf4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c653100000000000000000000000000000000000000000000000000000008224fd7000000000000000000000000000000000000000000000000200000006c84f94f6c84f94f6c84f94fdbf4655f6c84f94f0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x6c00}, {&(0x7f0000012f00)="ed8100001a040000dbf4655fdbf4655fdbf4655f00000000000001008000000000000800010000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000303a62f7000000000000000000000000000000000000000000000000200000006c84f94f6c84f94f6c84f94fdbf4655f6c84f94f0000000000000000", 0xa0, 0x7000}, {&(0x7f0000013000)="ffa1000026000000dbf4655fdbf4655fdbf4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3139333737313631382f66696c65302f66696c653000000000000000000000000000000000000000000000cb5c36a8000000000000000000000000000000000000000000000000200000006c84f94f6c84f94f6c84f94fdbf4655f6c84f94f0000000000000000", 0xa0, 0x7400}, {&(0x7f0000013100)="ed8100000a000000dbf4655fdbf4655fdbf4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005c413993000000000000000000000000000000000000000000000000200000006c84f94f6c84f94f6c84f94fdbf4655f6c84f94f0000000000000000000002ea040700000000000000000000000000006461746106015403000000000600000000000000786174747231000006014c0300000000060000000000000078617474723200"/256, 0x100, 0x7800}, {&(0x7f0000013200)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000dbf4655fdbf4655fdbf4655f00000000000002008000000000000800010000000af30100040000000000000000000000030000006000000002000000010000006200000002000000018000006200000000000000000000000000000015f2e0ab000000000000000000000000000000000000000000000000200000006c84f94f6c84f94f6c84f94fdbf4655f6c84f94f0000000000000000", 0xc0, 0x7be0}, {&(0x7f0000013300)="ed81000064000000dbf4655fdbf4655fdbf4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c704a6689000000000000000000000000000000000000000000000000200000006c84f94f6c84f94f6c84f94fdbf4655f6c84f94f0000000000000000000002ea04073403000000002800000000000000646174610000000000000000", 0xc0, 0x8000}, {&(0x7f0000013400)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x83c0}, {&(0x7f0000013500)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000013600)="0b0000000c0001022e000000020000000c0002022e2e000000000000e80f0000", 0x20, 0x20000}, {&(0x7f0000013700)="00000000001000"/32, 0x20, 0x21000}, {&(0x7f0000013800)="00000000001000"/32, 0x20, 0x22000}, {&(0x7f0000013900)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x30000}, {&(0x7f0000013a00)="0200"/32, 0x20, 0x30400}, {&(0x7f0000013b00)="0300"/32, 0x20, 0x30800}, {&(0x7f0000013c00)="0400"/32, 0x20, 0x30c00}, {&(0x7f0000013d00)="0500"/32, 0x20, 0x31000}, {&(0x7f0000000600)="000000000000000001000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000f90000000000c859be7e4cc79c2056b6cfcf8bfa3e300b0f6f81136a3b38135efce199de22ca19ac448772cce850e458e8f584d3f2c4e4062a8365d99c2b191bab3e77500203957a998327d13fc05670f1cdd21ba70cfcedd2e70fa29313ee31e1cb54fce08b755865204c60470ce2a69e53a29ec98425f38e6425c367a84f292d311ce3d26bee320e894737d18ad9ae1bbb12755b6658ab4d9b175e3f422a9c9eaf", 0xfc, 0x31400}, {&(0x7f0000013f00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x40003}, {&(0x7f0000014000)="0200"/32, 0x20, 0x40400}, {&(0x7f0000014100)="0300"/32, 0x20, 0x40800}, {&(0x7f0000014200)="0400"/32, 0x20, 0x40c00}, {&(0x7f0000014300)="0500"/32, 0x20, 0x41000}, {&(0x7f0000014400)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000400"/96, 0x60, 0x41400}, {&(0x7f0000014500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x50000}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="d9974bd8a64276c917dc714c2b09f0b8c82967a75817cea83f93c2c518a78d29b0910251a4ccedad4bedea4e135feb82abfa790da45afda3302260874fd055b084cbb623e4664c6c4936c33c67c53ea51e3805843cff427674c80a69a42ab3ac8361a0cc5608899eadefb89a9ee10ce94f6a7f3e6fe533f956618db6641907ea0621854248197a2347f8eb95a2645f7fd7cc33f7ae30bb40a8e2d00095607dc1fddc"]) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) mkdirat(r1, &(0x7f0000000180)='./file0\x00', 0x2c) 23:59:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x9, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:59:39 executing program 0: sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x44800) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="7e05e3fe6aec5c28d0f61a92dc3fc81503098511fbb6d6f99de7a5873ad804c976107cc3c1cdb0cae029eeb4a0bd578f46826eac912971df54dea2d1520c55178996f123ecd738bf82a5a6cf722640a57fac45f567664aba0000e93a5517e9de1f7fadc1a19d3e950d800b6fcece61dcd164569d67b80d70c6d07d7462a4fe8017a5fc995e680294845d1f1f254f5494020093ad6e575b5949137b67cc5be0c2819fe602c46440b7daf6cc86dd61d71b5c7320fff08967986e9e3a0e06fc2a0f0726206b90342bfa50c4c24c65582cfc47909db12b086f", @ANYRES16=0x0, @ANYBLOB="000826bd7000fddbdf256b0000000a801a0008021100000100000a000600ffffffffffff00000a001a0008021100000000000a001a00ffffffffffff00000a001a00ffffffffffff0000"], 0x50}, 0x1, 0x0, 0x0, 0x4048800}, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ppoll(&(0x7f0000000240)=[{r2, 0x19520}, {r3, 0x82}, {0xffffffffffffffff, 0xa109}, {0xffffffffffffffff, 0x4}], 0x4, &(0x7f00000002c0), &(0x7f0000000440)={[0xb9]}, 0x8) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140), 0x3) lseek(r1, 0x0, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0xf501, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) fstat(r1, 0x0) sendfile(r1, r5, 0x0, 0x100000001) 23:59:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfec00000, @empty}, 0x1c) 23:59:39 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001000010000000000000000000000000003000000", @ANYRES32, @ANYBLOB="c9558f6236"], 0x28}}, 0x0) ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000900)) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_setup(0x1f8, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x2c, r6, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x28, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x3ff, 0x3a}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0x40) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r8, r3, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x5, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x8001) socketpair(0x1a, 0x80000, 0x62, &(0x7f00000004c0)={0xffffffffffffffff}) sendmsg$NL80211_CMD_SET_CQM(r9, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="020026bd7005fbdbdf253f0000000c009900800000007d00000014005e800800060001800011336dcc00000000803c105e800800070068040000080002008000000008000200000400000800060000000100080005002d00000000080005001b0000000c005e8008000300000000dc"], 0x7c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000824) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1679.856631] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 1679.858644] device syz_tun entered promiscuous mode 23:59:39 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 47) [ 1679.921007] FAULT_INJECTION: forcing a failure. [ 1679.921007] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.922451] CPU: 1 PID: 10825 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1679.923245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.924194] Call Trace: [ 1679.924519] dump_stack+0x107/0x167 [ 1679.924940] should_fail.cold+0x5/0xa [ 1679.925377] ? p9pdu_readf+0xadb/0x1d40 [ 1679.925843] should_failslab+0x5/0x20 [ 1679.926277] __kmalloc+0x72/0x390 [ 1679.926680] p9pdu_readf+0xadb/0x1d40 [ 1679.927116] ? pipe_poll+0x21b/0x800 [ 1679.927542] ? p9pdu_writef+0x100/0x100 [ 1679.927999] ? wait_woken+0x250/0x250 [ 1679.928437] ? p9_fd_create+0x357/0x4a0 [ 1679.928888] ? p9_conn_create+0x510/0x510 [ 1679.929355] ? p9_client_create+0x798/0x1230 [ 1679.929863] ? kfree+0xd7/0x340 [ 1679.930239] ? do_raw_spin_unlock+0x4f/0x220 [ 1679.930744] p9_client_create+0xaee/0x1230 [ 1679.931228] ? p9_client_flush+0x430/0x430 [ 1679.931712] ? trace_hardirqs_on+0x5b/0x180 [ 1679.932203] ? lockdep_init_map_type+0x2c7/0x780 [ 1679.932745] ? __raw_spin_lock_init+0x36/0x110 [ 1679.933272] v9fs_session_init+0x1dd/0x1680 [ 1679.933772] ? lock_release+0x680/0x680 [ 1679.934227] ? kmem_cache_alloc_trace+0x151/0x320 [ 1679.934777] ? v9fs_show_options+0x690/0x690 [ 1679.935287] ? trace_hardirqs_on+0x5b/0x180 [ 1679.935784] ? kasan_unpoison_shadow+0x33/0x50 [ 1679.936303] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1679.936882] v9fs_mount+0x79/0x8f0 [ 1679.937286] ? v9fs_write_inode+0x60/0x60 [ 1679.937774] legacy_get_tree+0x105/0x220 [ 1679.938240] vfs_get_tree+0x8e/0x300 [ 1679.938665] path_mount+0x1429/0x2120 [ 1679.939108] ? strncpy_from_user+0x9e/0x470 [ 1679.939602] ? finish_automount+0xa90/0xa90 [ 1679.940097] ? getname_flags.part.0+0x1dd/0x4f0 [ 1679.940626] ? _copy_from_user+0xfb/0x1b0 [ 1679.941103] __x64_sys_mount+0x282/0x300 [ 1679.941572] ? copy_mnt_ns+0xa00/0xa00 [ 1679.942020] do_syscall_64+0x33/0x40 [ 1679.942446] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1679.943032] RIP: 0033:0x7f535d26eb19 [ 1679.943466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.945564] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1679.946429] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1679.947238] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1679.948050] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1679.948864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1679.949676] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:59:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:59:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000180)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) openat(r2, &(0x7f0000000040)='./file0\x00', 0x400702, 0x28) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x100000001) r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x24000, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r4, 0x0, 0x80000001) 23:59:39 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x500, 0x103) [ 1679.970157] loop5: detected capacity change from 0 to 33559552 [ 1680.014070] loop3: detected capacity change from 0 to 262144 [ 1680.034626] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1680.070947] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1680.079700] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:59:54 executing program 6: ftruncate(0xffffffffffffffff, 0x0) statx(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x80140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x6020, 0x0, 0x402, 0x1, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) creat(&(0x7f00000001c0)='./file0\x00', 0x0) io_setup(0x6, &(0x7f00000002c0)=0x0) r1 = inotify_init1(0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) inotify_add_watch(r1, &(0x7f0000000000)='./file0\x00', 0x43) dup3(r2, r1, 0x0) io_cancel(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x6, 0x427, r1, &(0x7f0000000080)="9b092f6d4da7d173fbc970301e3efff493a04ced5782a5cd6755bbcc95af47e62284", 0x22, 0x100000000}, &(0x7f0000000180)) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) io_submit(r0, 0x2, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}]) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000240)={'sit0\x00', 0x0, 0x29, 0x2, 0x6a, 0x101, 0x10, @private1, @private2, 0x20, 0x0, 0x61, 0x6}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) socket$inet6_udp(0xa, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000800)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24008004}, 0x0) 23:59:54 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffc0800}]}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0/file0\x00'}) epoll_wait(r1, 0x0, 0x0, 0x0) 23:59:54 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xff000000, @empty}, 0x1c) 23:59:54 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x6) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000340)={0x0, 0x0, 0x10, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) creat(&(0x7f0000000080)='./file0\x00', 0x0) openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x300) 23:59:54 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x900, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:59:54 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 48) 23:59:54 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x555, 0x103) 23:59:54 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x1c81, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}}, 0x0, 0x0, 0x4e, 0x0, "15bb6949bc674ed64133723aa6453b9d292123bebbcd37c5097fd53da62c01e266166394afb8d0aca105da30931d140a11973acb99cc0d8da3a4f6f42444a1948f422c8d8d2d8bdd069588783e32b713"}, 0xd8) tgkill(0x0, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000002040)=ANY=[], 0xaf2) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x9, 0x7, 0xe1, 0x0, 0x0, 0xbb, 0x10000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xcd01, 0x1, @perf_config_ext={0x0, 0x7}, 0x40204, 0x0, 0x0, 0x6, 0x1f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0x4, 0xffffffffffffffff, 0x1) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000900)={0x0, "72b65d47eda932bc406d3663094162a9"}) syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0xa2c0792771366ceb}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_io_uring_submit(r2, r6, &(0x7f0000000200)=@IORING_OP_CLOSE, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x13, r1, 0x8000000) syz_io_uring_submit(r8, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1694.304151] FAULT_INJECTION: forcing a failure. [ 1694.304151] name failslab, interval 1, probability 0, space 0, times 0 [ 1694.305743] CPU: 1 PID: 10853 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1694.306634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1694.307708] Call Trace: [ 1694.308062] dump_stack+0x107/0x167 [ 1694.308529] should_fail.cold+0x5/0xa [ 1694.309030] ? create_object.isra.0+0x3a/0xa20 [ 1694.309625] should_failslab+0x5/0x20 [ 1694.310128] kmem_cache_alloc+0x5b/0x310 [ 1694.310647] create_object.isra.0+0x3a/0xa20 [ 1694.311208] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.311887] __kmalloc+0x16e/0x390 [ 1694.312351] p9pdu_readf+0xadb/0x1d40 [ 1694.312851] ? pipe_poll+0x21b/0x800 [ 1694.313342] ? p9pdu_writef+0x100/0x100 [ 1694.313860] ? p9_fd_poll+0x1e0/0x2c0 [ 1694.314347] ? p9_fd_create+0x357/0x4a0 [ 1694.314855] ? p9_conn_create+0x510/0x510 [ 1694.315386] ? p9_client_create+0x798/0x1230 [ 1694.315949] ? kfree+0xd7/0x340 [ 1694.316370] ? do_raw_spin_unlock+0x4f/0x220 [ 1694.316937] p9_client_create+0xaee/0x1230 [ 1694.317485] ? p9_client_flush+0x430/0x430 [ 1694.318035] ? trace_hardirqs_on+0x5b/0x180 [ 1694.318594] ? lockdep_init_map_type+0x2c7/0x780 [ 1694.319203] ? __raw_spin_lock_init+0x36/0x110 [ 1694.319793] v9fs_session_init+0x1dd/0x1680 [ 1694.320339] ? lock_release+0x680/0x680 [ 1694.320853] ? kmem_cache_alloc_trace+0x151/0x320 [ 1694.321459] ? v9fs_show_options+0x690/0x690 [ 1694.322041] ? trace_hardirqs_on+0x5b/0x180 [ 1694.322594] ? kasan_unpoison_shadow+0x33/0x50 [ 1694.323183] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.323834] v9fs_mount+0x79/0x8f0 [ 1694.324294] ? v9fs_write_inode+0x60/0x60 [ 1694.324836] legacy_get_tree+0x105/0x220 [ 1694.325353] vfs_get_tree+0x8e/0x300 [ 1694.325833] path_mount+0x1429/0x2120 [ 1694.326323] ? strncpy_from_user+0x9e/0x470 [ 1694.326875] ? finish_automount+0xa90/0xa90 [ 1694.327420] ? getname_flags.part.0+0x1dd/0x4f0 [ 1694.328017] ? _copy_from_user+0xfb/0x1b0 [ 1694.328546] __x64_sys_mount+0x282/0x300 [ 1694.329070] ? copy_mnt_ns+0xa00/0xa00 [ 1694.329570] do_syscall_64+0x33/0x40 [ 1694.330052] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1694.330699] RIP: 0033:0x7f535d26eb19 [ 1694.331167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1694.333498] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1694.334466] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1694.335360] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1694.336255] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1694.337176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1694.338083] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1694.341516] audit: type=1400 audit(1744156794.077:282): avc: denied { watch_reads } for pid=10849 comm="syz-executor.6" path="/syzkaller-testdir568229262/syzkaller.5rVSYz/195/file0" dev="sda" ino=16034 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 [ 1694.348720] loop3: detected capacity change from 0 to 262144 [ 1694.398298] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 23:59:54 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 49) [ 1694.435992] audit: type=1326 audit(1744156794.172:283): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.441758] audit: type=1326 audit(1744156794.172:284): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.463484] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1694.468163] audit: type=1326 audit(1744156794.173:285): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 23:59:54 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xff0f0000, @empty}, 0x1c) 23:59:54 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x1020, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 23:59:54 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x600, 0x103) [ 1694.509919] audit: type=1326 audit(1744156794.173:286): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 23:59:54 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000340)=@ccm_128={{0x303}, "9850315eaaa8d6ff", "4fb1e07f22bc75af328889e570028705", "12a36ca7", "b2b03e7101a697ef"}, 0x28) setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000280)=0x1, 0x4) perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0xaf, 0x5, 0x1f, 0x40, 0x0, 0x0, 0x1200, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1}, 0x22, 0x9, 0x78cd3527, 0x9, 0x0, 0x1, 0x7, 0x0, 0x6, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x1) r3 = syz_io_uring_setup(0x4f1f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xffffffff}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000180)=0x0) r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000080)=@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "c9f8e650da8d1f569053e8984b83777318760a5238f6af85581608069a64b06b92de9de827a06da13dfd0a7244f9276114abb0c4ea0c40656d1732e262fd02"}}, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) syz_io_uring_submit(r7, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = memfd_create(&(0x7f0000000040)='\x00\'\'x\x0fV\xf7\xb7^\xc1\xa0\t|~\xe0\x1c\xaa\x00\x01\x00\x00\x00\xb0\x89`\xe4\xc6O\xca\x1d;6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r8, 0x0) getsockopt$bt_BT_DEFER_SETUP(r6, 0x112, 0x7, &(0x7f00000001c0), &(0x7f0000000240)=0x4) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001000010006e8e3c6f9a0a3ca5d800563b59800000000000000000000000500db1a3b00000000000010000080487fec864b245e0f3f9be149"], 0x2c}}, 0x0) [ 1694.526993] FAULT_INJECTION: forcing a failure. [ 1694.526993] name failslab, interval 1, probability 0, space 0, times 0 [ 1694.530306] CPU: 0 PID: 10883 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1694.531894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1694.533792] Call Trace: [ 1694.534400] dump_stack+0x107/0x167 [ 1694.535231] should_fail.cold+0x5/0xa [ 1694.536100] should_failslab+0x5/0x20 [ 1694.536976] __kmalloc_track_caller+0x79/0x370 [ 1694.538031] ? kasprintf+0xbb/0xf0 [ 1694.538845] ? __delete_object+0xb3/0x100 [ 1694.539782] kvasprintf+0xb5/0x150 [ 1694.540592] ? bust_spinlocks+0xe0/0xe0 [ 1694.541506] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1694.542711] kasprintf+0xbb/0xf0 [ 1694.543487] ? kvasprintf_const+0x1a0/0x1a0 [ 1694.544462] ? kmem_cache_free+0x249/0x2d0 [ 1694.545444] ? p9_client_create+0xbfa/0x1230 [ 1694.545748] loop3: detected capacity change from 0 to 262144 [ 1694.546459] p9_client_create+0xc1b/0x1230 [ 1694.546490] ? p9_client_flush+0x430/0x430 [ 1694.549101] ? trace_hardirqs_on+0x5b/0x180 [ 1694.550087] ? lockdep_init_map_type+0x2c7/0x780 [ 1694.550668] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1694.551165] ? __raw_spin_lock_init+0x36/0x110 [ 1694.553055] v9fs_session_init+0x1dd/0x1680 [ 1694.554049] ? lock_release+0x680/0x680 [ 1694.554963] ? kmem_cache_alloc_trace+0x151/0x320 [ 1694.556057] ? v9fs_show_options+0x690/0x690 [ 1694.557060] ? trace_hardirqs_on+0x5b/0x180 [ 1694.558044] ? kasan_unpoison_shadow+0x33/0x50 [ 1694.559069] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.560217] v9fs_mount+0x79/0x8f0 [ 1694.561026] ? v9fs_write_inode+0x60/0x60 [ 1694.561973] legacy_get_tree+0x105/0x220 [ 1694.562887] vfs_get_tree+0x8e/0x300 [ 1694.563726] path_mount+0x1429/0x2120 [ 1694.564596] ? strncpy_from_user+0x9e/0x470 [ 1694.565573] ? finish_automount+0xa90/0xa90 [ 1694.566554] ? getname_flags.part.0+0x1dd/0x4f0 [ 1694.567608] ? _copy_from_user+0xfb/0x1b0 [ 1694.568210] audit: type=1326 audit(1744156794.174:287): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.568548] __x64_sys_mount+0x282/0x300 [ 1694.568566] ? copy_mnt_ns+0xa00/0xa00 [ 1694.568598] do_syscall_64+0x33/0x40 [ 1694.571149] audit: type=1326 audit(1744156794.174:288): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.571935] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1694.571952] RIP: 0033:0x7f535d26eb19 [ 1694.572528] audit: type=1326 audit(1744156794.174:289): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.573240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1694.575808] audit: type=1326 audit(1744156794.174:290): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.576825] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1694.576846] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1694.576862] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1694.577367] audit: type=1326 audit(1744156794.174:291): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10862 comm="syz-executor.5" exe="/syz-executor.5" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7fc7c3783b19 code=0x7ffc0000 [ 1694.582088] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1694.582100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1694.582112] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 23:59:54 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x0, 0x1f, 0x3, 0x5}, {0x8, 0x0, 0x2, 0x7ff}]}) fcntl$setstatus(r0, 0x4, 0x40400) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000080)) [ 1694.605895] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1694.608405] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 23:59:54 executing program 7: fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000001180)=0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050884) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x1433, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x113}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000001300)) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4109, 0x100d}], 0x2) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000002a40)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0xfffffffffffffe14, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev}}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f00000011c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0xe60) io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r5 = syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0xfffffffe, 0x2, 0xfffffffe, 0x38c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r6, &(0x7f0000001200)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x5, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1}, 0x7) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r7) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) 23:59:54 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x700, 0x103) 23:59:54 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xffffff91, @empty}, 0x1c) 23:59:54 executing program 5: pread64(0xffffffffffffffff, &(0x7f00000010c0)=""/4088, 0xff8, 0x0) syz_open_pts(0xffffffffffffffff, 0x200) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x408c0, 0x0, 0x4}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r1], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000080) r2 = syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x401) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = syz_open_dev$vcsn(&(0x7f00000002c0), 0x1, 0x400000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r4 = perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x3, 0xa0, 0x3, 0x4, 0x0, 0x7, 0x428, 0xf, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x53, 0x4, @perf_config_ext={0x2000000000000, 0x10001}, 0x10808, 0x0, 0x6, 0x2, 0x8, 0x4, 0x5, 0x0, 0x7fff, 0x0, 0x68414394}, 0x0, 0xa, r0, 0x2) perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0x5, 0x7, 0x1, 0x40, 0x0, 0x5, 0x26100, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x10, 0x5, 0x6714, 0x2, 0x3f96, 0x1, 0x9, 0x0, 0x100, 0x0, 0xe0db}, r2, 0xf, r4, 0x2) 23:59:54 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 50) [ 1694.747463] loop3: detected capacity change from 0 to 262144 [ 1694.754907] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1694.780593] FAULT_INJECTION: forcing a failure. [ 1694.780593] name failslab, interval 1, probability 0, space 0, times 0 [ 1694.781945] CPU: 1 PID: 10902 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1694.782739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1694.783688] Call Trace: [ 1694.783994] dump_stack+0x107/0x167 [ 1694.784412] should_fail.cold+0x5/0xa [ 1694.784856] ? create_object.isra.0+0x3a/0xa20 [ 1694.785385] should_failslab+0x5/0x20 [ 1694.785836] kmem_cache_alloc+0x5b/0x310 [ 1694.786305] ? vsnprintf+0x4ba/0x1600 [ 1694.786750] create_object.isra.0+0x3a/0xa20 [ 1694.787248] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.787839] __kmalloc_track_caller+0x177/0x370 [ 1694.788369] ? kasprintf+0xbb/0xf0 [ 1694.788783] kvasprintf+0xb5/0x150 [ 1694.789193] ? bust_spinlocks+0xe0/0xe0 [ 1694.789645] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1694.790265] kasprintf+0xbb/0xf0 [ 1694.790661] ? kvasprintf_const+0x1a0/0x1a0 [ 1694.791162] ? kmem_cache_free+0x249/0x2d0 [ 1694.791653] ? p9_client_create+0xbfa/0x1230 [ 1694.792158] p9_client_create+0xc1b/0x1230 [ 1694.792646] ? p9_client_flush+0x430/0x430 [ 1694.793134] ? trace_hardirqs_on+0x5b/0x180 [ 1694.793630] ? lockdep_init_map_type+0x2c7/0x780 [ 1694.794183] ? __raw_spin_lock_init+0x36/0x110 [ 1694.794708] v9fs_session_init+0x1dd/0x1680 [ 1694.795198] ? lock_release+0x680/0x680 [ 1694.795656] ? kmem_cache_alloc_trace+0x151/0x320 [ 1694.796208] ? v9fs_show_options+0x690/0x690 [ 1694.796711] ? trace_hardirqs_on+0x5b/0x180 [ 1694.797207] ? kasan_unpoison_shadow+0x33/0x50 [ 1694.797738] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.798321] v9fs_mount+0x79/0x8f0 [ 1694.798730] ? v9fs_write_inode+0x60/0x60 [ 1694.799209] legacy_get_tree+0x105/0x220 [ 1694.799675] vfs_get_tree+0x8e/0x300 [ 1694.800100] path_mount+0x1429/0x2120 [ 1694.800540] ? strncpy_from_user+0x9e/0x470 [ 1694.801036] ? finish_automount+0xa90/0xa90 [ 1694.801531] ? getname_flags.part.0+0x1dd/0x4f0 [ 1694.802076] ? _copy_from_user+0xfb/0x1b0 [ 1694.802555] __x64_sys_mount+0x282/0x300 [ 1694.803020] ? copy_mnt_ns+0xa00/0xa00 [ 1694.803473] do_syscall_64+0x33/0x40 [ 1694.803910] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1694.804498] RIP: 0033:0x7f535d26eb19 [ 1694.804925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1694.807050] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1694.807928] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1694.808745] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1694.809564] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1694.810384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1694.811200] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1694.816191] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1694.825011] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 00:00:08 executing program 7: statx(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xedb6da9f1ab67ad8, 0x200, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) sendmmsg(r1, &(0x7f0000000200)=[{{&(0x7f0000000340)=@l2={0x1f, 0x42a1, @none, 0xd1b, 0x2}, 0x80, &(0x7f0000000140)=[{&(0x7f00000004c0)="6c0f01bb089d9d8d1322cb70961ec1fa8c5d2fd1e2e9c99e53b3ddb8005b725f9d237fa272d86998d0c666cecb943df46a5922e5ed6c58ba1be8660b18bd2b32e1177c6c8383776b36224ed4e205ff805574ad14a147c92a3eeb9a2ac49812216399cc597b99663796ccedeb7c46337be4a35482c41fa4bef28bb841f07a411d6ffbadc123909565ecd8f20de463d9748ba736a44cb90be8b0229726354d3bf7c69daedd2ef109734e742dc27c14f3abf74c9c41", 0xb4}, {&(0x7f0000000580)="a3055df1050ef507dfde9dbb80b8a78fa710ee354ba49e56955783da70d0956fc18d71eae473bdfe1669c743b14031e2dd1b5c947cda8b0bf9d86aed2211e4f5c9c3233ba60142ea11c61795c964fd78a1cd1f2f3b37e063c61f72e054258aa64cc5cdd032db9b2319c90f87ac8d29229eab971738c7dd8f2185458b8615604f814038a0982c79fc2956077678bf78c063d1c7d4763e6adcd42f353f3e3ecff029f290822a62f1c64b2ad270140563d32ed9040dd59ec03e4f348fa7fc192f7afed9fd0f4c85bb4e14092816f48002af15fde108df99ac8dd97b52df786d5b3ef00ebea6c576ad7a51dd8953", 0xec}, {&(0x7f0000000680)="a0fa87c4ffcde01c71bcecba96024d6181387d63dd66aac83e93e0acac841014027c4b898f89cff04b5ad4aebb1dcfa3259c790ed814e66adcbd4fa433c653a5f6b611b8e16a338bc764dd74546dae5b883bade3a56c92de966149f57d0ec23536f73397f8ef597d8dc9fa781637d0dbca27899330873d3e4070bffe09372e2a166e7d9effa4eafbeac24ab3c808ec2361eb8d1427c060c5fb88fa85d9068e96d6c945354e8f8996235dac0a8cc80b547c43371e61c831761f49e430f148dbdb5c044cbe01184923eb53a859a452fecf0227e1b6bd0d311120db73b4321ad483c84ac53fcbdb", 0xe6}, {&(0x7f0000000780)="b86d2c0d0361d8bdcbfd64ec219dc4df6ef1f8be63fbe5c774125c9288cb752ecfc68a9df4c6c811dfe622efc465f23dd555b813129bb39918046b4f5aacdd432337352f70a4b4d3f50804cb7f04100dba558270dfae640911746c1cbd78c0df686586497f7f5e8da7d8a8de17b76e828e028b51825fb8ced6b0dba6228085898eade5375966aed93b54249c07e4605c6c67b5f9cfdf6082da15beded52694d498f49a6fdacd9deba4e067827262e812", 0xb0}], 0x4}}], 0x1, 0x14) lstat(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736677c66200088020000400000004f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='smackfsro=00000000000000000020,mask=^MAY_READ,seclabel,euid>\x00\x00\x00', @ANYRESDEC=0xee01, @ANYBLOB=',subj_user=,fsmagic=0x0000000000000003,euid=', @ANYRES16, @ANYRESDEC=r0, @ANYRESDEC=r2, @ANYBLOB=',\x00']) 00:00:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x2000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:00:08 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {0x0, 0x0, 0x1600}], 0x0, &(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYRES64, @ANYRESDEC=r0, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r1, @ANYRESDEC=r1]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000140)='./file1\x00', &(0x7f0000000300)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc0) write(r2, &(0x7f0000000240)="01", 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) copy_file_range(r3, 0x0, 0xffffffffffffffff, &(0x7f0000000280)=0xfffe, 0x2000000c3a, 0x0) 00:00:08 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 51) 00:00:08 executing program 5: unshare(0xe040000) unshare(0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x4000, 0x0) semctl$IPC_SET(0x0, 0x0, 0x12, &(0x7f0000000340)={{0x0, 0x0, 0xee01}}) 00:00:08 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffc4, @empty}, 0x1c) 00:00:08 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x804, 0x103) 00:00:08 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = fcntl$dupfd(r1, 0x406, r1) clone3(&(0x7f00000011c0)={0x40000000, &(0x7f0000000040)=0xffffffffffffffff, &(0x7f0000001400), &(0x7f00000000c0), {0xffffffff}, &(0x7f0000000100)=""/4096, 0x1000, &(0x7f0000001100)=""/120, &(0x7f0000001180)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4, {r2}}, 0x58) pread64(r3, &(0x7f0000001240)=""/33, 0x21, 0xd2) futex(&(0x7f0000000000)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001380)={'ip6gre0\x00'}) r5 = fsopen(&(0x7f0000001440)='ceph\x00', 0x1) read(r5, &(0x7f0000001280)=""/202, 0xca) clock_gettime(0x2, &(0x7f00000013c0)) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001480)=0x2140, 0x4) [ 1709.175008] FAULT_INJECTION: forcing a failure. [ 1709.175008] name failslab, interval 1, probability 0, space 0, times 0 [ 1709.178112] CPU: 0 PID: 10933 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1709.179739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1709.181667] Call Trace: [ 1709.182364] dump_stack+0x107/0x167 [ 1709.183240] should_fail.cold+0x5/0xa [ 1709.184129] ? create_object.isra.0+0x3a/0xa20 [ 1709.185189] should_failslab+0x5/0x20 [ 1709.186083] kmem_cache_alloc+0x5b/0x310 [ 1709.187024] ? lock_acquire+0x197/0x470 [ 1709.187952] create_object.isra.0+0x3a/0xa20 [ 1709.188962] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1709.190152] __kmalloc_track_caller+0x177/0x370 [ 1709.191223] ? kstrdup_const+0x53/0x80 [ 1709.192129] ? kasprintf+0xbb/0xf0 [ 1709.192996] kstrdup+0x36/0x70 [ 1709.193748] kstrdup_const+0x53/0x80 [ 1709.194620] kmem_cache_create_usercopy+0x12f/0x2f0 [ 1709.195786] p9_client_create+0xc6a/0x1230 [ 1709.196771] ? p9_client_flush+0x430/0x430 [ 1709.197748] ? trace_hardirqs_on+0x5b/0x180 [ 1709.198761] ? lockdep_init_map_type+0x2c7/0x780 [ 1709.199859] ? __raw_spin_lock_init+0x36/0x110 [ 1709.200910] v9fs_session_init+0x1dd/0x1680 [ 1709.201906] ? lock_release+0x680/0x680 [ 1709.202826] ? kmem_cache_alloc_trace+0x151/0x320 [ 1709.203932] ? v9fs_show_options+0x690/0x690 [ 1709.204948] ? trace_hardirqs_on+0x5b/0x180 [ 1709.205947] ? kasan_unpoison_shadow+0x33/0x50 [ 1709.206990] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1709.208161] v9fs_mount+0x79/0x8f0 [ 1709.208986] ? v9fs_write_inode+0x60/0x60 [ 1709.209990] legacy_get_tree+0x105/0x220 [ 1709.210923] vfs_get_tree+0x8e/0x300 [ 1709.211774] path_mount+0x1429/0x2120 [ 1709.212651] ? strncpy_from_user+0x9e/0x470 [ 1709.213639] ? finish_automount+0xa90/0xa90 [ 1709.214633] ? getname_flags.part.0+0x1dd/0x4f0 [ 1709.215696] ? _copy_from_user+0xfb/0x1b0 [ 1709.216655] __x64_sys_mount+0x282/0x300 [ 1709.217581] ? copy_mnt_ns+0xa00/0xa00 [ 1709.218495] do_syscall_64+0x33/0x40 [ 1709.219354] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1709.220521] RIP: 0033:0x7f535d26eb19 [ 1709.221365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1709.225544] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1709.227277] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1709.228906] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1709.230529] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1709.232148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1709.233757] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 00:00:08 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xfffffff5, @empty}, 0x1c) [ 1709.261718] loop3: detected capacity change from 0 to 262144 [ 1709.279389] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 00:00:09 executing program 7: r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) statx(0xffffffffffffffff, &(0x7f0000001640)='./file1\x00', 0x100, 0x1, &(0x7f0000001300)) setxattr$trusted_overlay_opaque(&(0x7f0000001240)='./file1\x00', &(0x7f0000001280), &(0x7f00000012c0), 0x2, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) ioctl$NS_GET_OWNER_UID(r1, 0xb704, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000000) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_test', 0x122902, 0x0) writev(r2, &(0x7f00000006c0)=[{&(0x7f0000000180)="647732419e007299a0529351dc4964376692665510d40d35b770fd8d702d121d0600c90d08763cc1ed88fa0f438cb17d600a", 0x6441f794d5997d40}], 0x1) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00') pread64(r3, &(0x7f00000001c0)=""/4107, 0x100b, 0x0) move_mount(r2, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000380)='./file1\x00', 0x4) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) openat2(0xffffffffffffffff, &(0x7f0000001400)='./file1\x00', &(0x7f0000001440)={0x0, 0x84, 0x1e}, 0x18) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001200)={'wlan1\x00'}) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{@in6=@empty}, 0x0, @in6=@loopback}}, 0xe8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000014c0)=ANY=[@ANYBLOB="1c0000001d00210c00000000000000200400020008000c0000000000f485df9b2c14f996d983ce777fcf97789453ade7c2612bca185396985b15b76e1435d1e27abdb3245dcbd3a3c451bc0180909d082fcd8352f9911cf3e88403fffb8a75ee299a47d6320eb97b02941aa87f41fdd3655a12cb9106329bd0494c9ec59bc4a7d24e3fa3ca3aa283a680f40ce759e696ecaf1d38179f3145c687039a49b565e3a8a45ef94590f693cb71116f1e7a258d695d8f960e439b590f07eccbea528fc1424e1c5449f9d1b09c5bba257f63adccd63f11abcf6ac3fa16bd6bae6e9b5cf948808a3da4cf9a310e9ec0cdd88d2fe6bbba172f32d34db67e90fd66e9"], 0x1c}}, 0x0) 00:00:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x2010, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1709.361085] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:00:09 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000004) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="00000000000000002e2f66696c6530002c87af821976942a5ffe872c5237e05634de93ac3f8819dedb65c8fa8891ef2e1462c2cfba9e02ef30e546553ce5"]) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000100)=[0xffffffffffffffff, 0xffffffffffffffff, r0], 0x3) r1 = openat$hpet(0xffffffffffffff9c, 0x0, 0x2002, 0x0) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="34010000170001000000000000000000fe8800000000000000000000ce4190da000000010000000000000000e000000100000000000000000000000000000000000000000000000000000000fc00"/108, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="200100000000000000000000000000027f00000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c7ba67cb7d38793daf5bb8e"], 0x134}}, 0x0) close(r2) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x1e, 0xc21, 0x0, 0x0, {0x7}, [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x10000}]}, 0x1c}}, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f00000000c0)={0x6200, 0x1f, 0x1}) ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x2) ftruncate(0xffffffffffffffff, 0xd5) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r3, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 00:00:09 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c) 00:00:09 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x900, 0x103) 00:00:09 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 52) 00:00:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0xedc0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:00:09 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mknodat$loop(0xffffffffffffffff, &(0x7f0000000400)='./file0\x00', 0x504, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x20b00, 0x0) r3 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000600)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r2, 0x5000943f, &(0x7f0000000800)={{r0}, r5, 0x8, @unused=[0x2000000000000, 0x5, 0x9, 0x4e00], @devid}) r6 = fcntl$dupfd(r4, 0x0, r4) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) write$P9_RREADLINK(r6, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file1'}}, 0x10) dup3(r3, r3, 0x80000) r7 = openat(r3, &(0x7f00000000c0)='./file0\x00', 0x458080, 0xc4) sendto(r7, &(0x7f00000002c0), 0x0, 0x4801, &(0x7f0000000300)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @remote}, 0x4, 0x2, 0x0, 0x1}}, 0x80) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r8 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f00000000c0)=0x2) getsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000440)={{{@in6=@mcast1, @in6=@mcast1}}, {{@in6=@private2}, 0x0, @in6=@local}}, &(0x7f00000001c0)=0xe8) ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000000140)={0x0, 0x100000000}) 00:00:09 executing program 5: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto(r0, &(0x7f0000000040)="5ea18a99", 0x4, 0x0, &(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x3c7, 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f00000001c0)) recvmmsg(r0, &(0x7f0000001a00)=[{{0x0, 0x0, 0x0}}], 0x300, 0x10062, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x400, 0x4) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=ANY=[@ANYBLOB="b0000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000c0000000c00018008000100", @ANYRES32=r6, @ANYBLOB="900003808c0003809bfd0180040002000800110a0100000000000c000200657468746f6f6c00080002005a3a25001800018004000300080001000000000008000100a5302748080000000024000180080001000000000004000300080001000000014aa3883b93cb4864200ef90000080001e0ffffffff03000300280001800d0002002d2a21532d5b912e000000000800010000000000090002005d217d230000e44b4e154b8c323b0b0097e77c3645faedcc5bbe4f61270b525bbdaf7c75d2e940a9d0f95b99b64f54cd2808a49208c889331093566681119c429e5c3e3f5ce1872d7d0972df343d9f916462796df5dec7cfa331d829d269ad4b67de60ffda8bbb366156d9834eba524540b4043dcd5680dc82619f127d180a2007000068036b3e43950e207bc36220a38afa5b4b0e42b787fb94deab485c0c19f2"], 0xb0}}, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001500)={&(0x7f0000000bc0)={0x920, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x4}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xb7}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}, {{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8ffe}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x4, 0x0, 0x0, 0xae0e}, {0x8ed, 0x81, 0x4, 0x8001}, {0xfff, 0x4, 0x3, 0x8000}, {0x2, 0xf8, 0x9, 0x6}]}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x911}}, {0x8}}}]}}, {{0x8}, {0x260, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xafcd}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xbdf}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}]}}, {{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x94, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r6}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x920}, 0x1, 0x0, 0x0, 0x4}, 0x4000800) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000006c0)={'syztnl1\x00', &(0x7f0000000640)={'syztnl2\x00', 0x0, 0x29, 0x4e, 0xf9, 0x6, 0x4d, @ipv4={'\x00', '\xff\xff', @loopback}, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x8000, 0x8000, 0x80, 0x3}}) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000800)=[{{&(0x7f0000000200)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000240)="50f24beb948ad1aea919bb725dc64eb51719111467076f9a18249c3e42ae91f72e922ed32f491e9bab9f80896980797b9117af7babbd9400e37832c6bf2daaf23e4f6bd5b87bc0c077fe7c08e9cf567776c41af0af4754321edab29281787ed0e48331ad3f0a23f8fb74b50fddb58158ed9b526a1a4399487fa395650b24a786aacbc6d91c7c126b7e1530f20116ca0c5528aa100b4c1aa3c03094e673e244e63c2718370e0e6af5020ab7079ad368eb85ee127fa2", 0xb5}, {&(0x7f0000000300)="8882da39cea8b87389ef819889239916f3ddb24309cea5500a8e9d11896ad18598598c4ffa5a5e27411ed3a90ac3c3ff9085bf90978d68fe33fa0313ee49e99a236bd1aa6d280423105779414c3e4ed640d88b339e72681816db848fb90c01fa1f33f467c227bbd2681c9a3192ca09456fd3f754a6b2b7d4e3563f21a948454b8bc0d12b1fe0cac7bdc2ded584837d67070c0bf4f7a94acd48f8f017e60d37221d4a85db59d445435c3be71dfa003d82f4c16947a2653dcb8a511aee27", 0xbd}, {&(0x7f00000003c0)="59ccbb35fdd5f3d7c541e76d376dc3e5a43a2f15e6d91f38612f6d8300f72d8f4182dd823e5012f289e9386dea702b065d70a0ed200d14f240072e83e44084a92f2cf3ef7ce39ae0e631e090855266d4ee57d2ba04dfd8e5f07ce2af3f412ec0b87b3e7650c2cfa979db1e5c53a0cb86c220efdd0c51aadde7e790624f00b4f8d235c48a4593f2cb", 0x88}, {&(0x7f0000000480)="03a05e505324067fd54534d963eccfe4831a87cc88bf6fcc9a0a530f6b4818ddf1e828a68347eaccc90ad5459afcbf82beda36c2f4b417ad32b457aa03033dc034ff024bb55395517f478066adac29daefe93ac720fe1b645b9d725f9abf94e384a2b8bce13cd9bde2a2a7895d5c6d4f4f25699b55a691ffacf5335c6b5eb9254a3846e7fb27da5524b6765084ee75bd932acb6da75ed700ef4290cc5d88cc0425ffc1b7a58dbd8ac75294c789b6a4dae7b43fa24ae10f0222669fddf87672b46e8e0739801d", 0xc6}, {&(0x7f0000000580)}], 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="100000000000000000000000070000001c000000000000000000000008000000", @ANYRES32=r2, @ANYBLOB="7f000001640101000000000011000000000000000000000001000000d3000000000000001100000000000000000000000100000008000000000000001100000000000000000000000100000001000000000000001c000000000000000000000008000000", @ANYRES32=r7, @ANYBLOB="64010102ac14143e00000000440000000000000000000000070000002000000000000000000000550000000000000401e000000100000002ac14140d00400800ac1e010100007fff0000000000000d70000000001400000000000000000000000100"/108], 0xf8}}], 0x1, 0x40) getdents64(0xffffffffffffffff, &(0x7f0000000140)=""/112, 0x70) [ 1709.507332] FAULT_INJECTION: forcing a failure. [ 1709.507332] name failslab, interval 1, probability 0, space 0, times 0 [ 1709.510100] CPU: 0 PID: 10975 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1709.511685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1709.513579] Call Trace: [ 1709.514210] dump_stack+0x107/0x167 [ 1709.515055] should_fail.cold+0x5/0xa [ 1709.515932] ? create_object.isra.0+0x3a/0xa20 [ 1709.516998] should_failslab+0x5/0x20 [ 1709.517883] kmem_cache_alloc+0x5b/0x310 [ 1709.518826] create_object.isra.0+0x3a/0xa20 [ 1709.519837] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1709.521015] kmem_cache_alloc+0x159/0x310 [ 1709.521990] kmem_cache_create_usercopy+0x190/0x2f0 [ 1709.523144] p9_client_create+0xc6a/0x1230 [ 1709.524127] ? p9_client_flush+0x430/0x430 [ 1709.525143] ? trace_hardirqs_on+0x5b/0x180 [ 1709.526158] ? lockdep_init_map_type+0x2c7/0x780 [ 1709.527245] ? __raw_spin_lock_init+0x36/0x110 [ 1709.528299] v9fs_session_init+0x1dd/0x1680 [ 1709.529292] ? lock_release+0x680/0x680 [ 1709.530233] ? kmem_cache_alloc_trace+0x151/0x320 [ 1709.531338] ? v9fs_show_options+0x690/0x690 [ 1709.532367] ? trace_hardirqs_on+0x5b/0x180 [ 1709.533367] ? kasan_unpoison_shadow+0x33/0x50 [ 1709.534431] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1709.535604] v9fs_mount+0x79/0x8f0 [ 1709.536425] ? v9fs_write_inode+0x60/0x60 [ 1709.537379] legacy_get_tree+0x105/0x220 [ 1709.538323] vfs_get_tree+0x8e/0x300 [ 1709.539181] path_mount+0x1429/0x2120 [ 1709.540062] ? strncpy_from_user+0x9e/0x470 [ 1709.541047] ? finish_automount+0xa90/0xa90 [ 1709.542046] ? getname_flags.part.0+0x1dd/0x4f0 [ 1709.543106] ? _copy_from_user+0xfb/0x1b0 [ 1709.544065] __x64_sys_mount+0x282/0x300 [ 1709.544991] ? copy_mnt_ns+0xa00/0xa00 [ 1709.545904] do_syscall_64+0x33/0x40 [ 1709.546757] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1709.547929] RIP: 0033:0x7f535d26eb19 [ 1709.548781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1709.552966] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 00:00:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x80000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1709.554716] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1709.556609] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1709.558355] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1709.559978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 00:00:09 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x8020}) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) sendmsg$AUDIT_USER_TTY(r3, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0xd8, 0x464, 0x710, 0x70bd26, 0x25dfdbfb, "512a1a224fbbf7c7f689259f15ec48541f45b32e3c9f73a85b2e7772330843eb6d7199b3975c341b18d72b958c4c0e83010a188f6ab087b828cb144e1f71bf6731bc3d641a9ad747a62b51343102c3375e7fc59f0e0db9fd8bf27552d9f178de4a71374a1ad324568d79ccf542d348e8b811c57d5b02367225062f80f0c71e9d4ca2dd821cdd72bae6f0203b6b58b6f3e7c092891b0dba6ee0c4fd5b763a8f2c3447f5916c62fb8d7c7712b132b06044391d27de698be5a9c08460ae17fbf5827e192f47bbca", ["", "", "", ""]}, 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000001) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x101}}, './file1\x00'}) close(0xffffffffffffffff) execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0) [ 1709.561603] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1709.584038] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=279 sclass=netlink_route_socket pid=10991 comm=syz-executor.0 00:00:09 executing program 5: getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@random={'trusted.', '%][\x00'}, &(0x7f0000000140)=""/98, 0x62) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2e, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001000008000000d2420000120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e31313435383439333100"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000006856d49a00cc4371bd6a7c893f280045010040000c00000000000000ddf4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000003700000000000000", 0x40, 0x540}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="03000000040000000500000016000f000300040000000000000000000f00698c", 0x20, 0x800}, {&(0x7f0000010500)="ff030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000ddf4655fddf4655fddf4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010e00)="ed41000000040000ddf4655fddf4655fddf4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x1500}, {&(0x7f0000010f00)="2000000064e828b364e828b300000000ddf4655f00"/32, 0x20, 0x1580}, {&(0x7f0000011000)="8081000000180000ddf4655fddf4655fddf4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000300000000200000004000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000ddf4655f00"/160, 0xa0, 0x1600}, {&(0x7f0000011100)="8081000000180000ddf4655fddf4655fddf4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000400000000200000004000000420000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000ddf4655f00"/160, 0xa0, 0x1700}, {&(0x7f0000011200)="c041000000300000ddf4655fddf4655fddf4655f00000000000002002000000000000800000000000af301000400000000000000000000000c00000020000000", 0x40, 0x1e00}, {&(0x7f0000011300)="20000000000000000000000000000000ddf4655f00"/32, 0x20, 0x1e80}, {&(0x7f0000011400)="ed41000000040000ddf4655fddf4655fddf4655f00000000000002002000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000e736ebb30000000000000000000000000000000000000000000000002000000064e828b364e828b364e828b3ddf4655f64e828b30000000000000000", 0xa0, 0x1f00}, {&(0x7f0000011500)="ed8100001a040000ddf4655fddf4655fddf4655f00000000000001002000000000000800010000000af30100040000000000000000000000020000006000000000000000000000000000000000000000000000000000000000000000000000000000000068cf8b090000000000000000000000000000000000000000000000002000000064e828b364e828b364e828b3ddf4655f64e828b30000000000000000", 0xa0, 0x2000}, {&(0x7f0000011600)="ffa1000026000000ddf4655fddf4655fddf4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3131343538343933312f66696c65302f66696c653000000000000000000000000000000000000000000000b6c73cca0000000000000000000000000000000000000000000000002000000064e828b364e828b364e828b3ddf4655f64e828b30000000000000000", 0xa0, 0x2100}, {&(0x7f0000011700)="ed8100000a000000ddf4655fddf4655fddf4655f00000000000001002000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000a774d0c60000000000000000000000000000000000000000000000002000000064e828b364e828b364e828b3ddf4655f64e828b30000000000000000000002ea06015400000000000600000000000000786174747231000006014c0000000000060000000000000078617474723200000000000000000000000000000000000000000000000000000000000078617474723200007861747472310000ed81000028230000ddf4655fddf4655fddf4655f00000000000002002000000000000800010000000af3010004000000000000000000000009000000800000000000000000000000000000000000000000000000000000000000000000000000000000000586822d0000000000000000000000000000000000000000000000002000000064e828b364e828b364e828b3ddf4655f64e828b30000000000000000", 0x1a0, 0x2200}, {&(0x7f0000011900)="ed81000064000000ddf4655fddf4655fddf4655f00000000000001002000000000000800010000000af301000400000000000000000000000100000090000000000000000000000000000000000000000000000000000000000000000000000000000000802240f70000000000000000000000000000000000000000000000002000000064e828b364e828b364e828b3ddf4655f64e828b30000000000000000", 0xa0, 0x2400}, {&(0x7f0000011a00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000011b00)="0b0000000c0001022e00000002000000f40302022e2e00"/32, 0x20, 0x8000}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x8400}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x8800}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x8c00}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x9000}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x9400}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0x9800}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0x9c00}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0xa000}, {&(0x7f0000012400)="00000000000400"/32, 0x20, 0xa400}, {&(0x7f0000012500)="00000000000400"/32, 0x20, 0xa800}, {&(0x7f0000012600)="00000000000400"/32, 0x20, 0xac00}, {&(0x7f0000012700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0xc000}, {&(0x7f0000012800)="0200"/32, 0x20, 0xc400}, {&(0x7f0000012900)="0300"/32, 0x20, 0xc800}, {&(0x7f0000012a00)="0400"/32, 0x20, 0xcc00}, {&(0x7f0000012b00)="0500"/32, 0x20, 0xd000}, {&(0x7f0000012c00)="000000000000000001000000000000000000000032ed2fbf0000000000000000000000000000000008000000000000000000000000000000000000000000000000c00100"/96, 0x60, 0xd400}, {&(0x7f0000012d00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x10000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x10400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x10800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x10c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x11000}, {&(0x7f0000013200)="000000000000000001000000000000000000000032ed2fbf0000000000000000000000000000000008000000000000000000000000000000000000000000000000c00100"/96, 0x60, 0x11400}, {&(0x7f0000013300)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d803050766696c653100"/64, 0x40, 0x14000}, {&(0x7f0000013400)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x18000}, {&(0x7f0000013900)='syzkallers\x00'/32, 0x20, 0x1c000}, {&(0x7f0000013a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x24000}], 0x0, &(0x7f0000013b00)) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x540, 0x0) 00:00:09 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x1000000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1709.647193] loop5: detected capacity change from 0 to 524288 [ 1709.654068] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=279 sclass=netlink_route_socket pid=10991 comm=syz-executor.0 [ 1709.659469] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 00:00:09 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x2}, 0x1c) 00:00:22 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000400)) r0 = syz_io_uring_complete(0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000500)=ANY=[@ANYBLOB="0100f1ffff17000000000000", @ANYRES32, @ANYBLOB="006c6530000000d0d8219c7b8962a06046606f000000000000000000591dc688ad5daad3738b71efd240a7775342efd6e8e5010000000d8b16d4c3e2e5faf5446537e8e1f78e8416ba95ba6906011613471a3b8a9c4cbbdcab4aa1695bbe9bf1043339b045eee460c3efbeddafdce79ff931dbed8815d9b47940eef44198e0cd3bfb3dbb1a6c21"]) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000280)={0x0, 0x0}) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x65046, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f0000000140), 0x6}, 0x1420, 0x2, 0xfff, 0x8, 0x8, 0x0, 0x2, 0x0, 0x400, 0x0, 0x81}, r1, 0xe, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x80082, 0x0) readlinkat(r2, &(0x7f0000000180)='./file0\x00', &(0x7f0000000380)=""/137, 0x89) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]}) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r3, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', 0x82, 0x1) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x20000, 0xa0) 00:00:22 executing program 6: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000000000008445292e7cb3ab8cc3eebf340b75b494790db042b05e89d980800018d5e53349f8278f7cb16ea502e427b4eead8970a979f816494ef4b68e418a97a003d1a72228fcd36b82b9e5e8382b672ece71fa1dd432803791f8b1b4fcfd1ffe02bf1be26dbc5954d2e507ae59fce163679c52478c0656455203eda15aa8cab6f1f51efb46790195172b616de39ff8a9e441abbc2ca23011035c8a1f83f542343e581070dbd6fed9eaafdfc2ae789ff57b7d3ddd80acb20391a1634b62306267b7fd40887934158698a51202d798a24d9bb549952bf12b", @ANYRES64, @ANYRES32]) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f0000000040)) 00:00:22 executing program 7: sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5) fcntl$getown(r0, 0x9) r2 = gettid() getpgrp(r2) r3 = getpgrp(0x0) syz_open_procfs(r3, &(0x7f0000000180)='net/ip_tables_matches\x00') bind(0xffffffffffffffff, 0x0, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) pread64(r4, &(0x7f0000000500)=""/4096, 0x1000, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0) 00:00:22 executing program 5: ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2b, 0x0, 0x0, &(0x7f0000000000)=ANY=[]) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080), 0x4) dup3(r0, r1, 0x80000) 00:00:22 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 53) 00:00:22 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xa00, 0x103) 00:00:22 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x3}, 0x1c) 00:00:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x2000000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1723.190019] loop3: detected capacity change from 0 to 262144 [ 1723.193477] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1723.212942] FAULT_INJECTION: forcing a failure. [ 1723.212942] name failslab, interval 1, probability 0, space 0, times 0 [ 1723.215658] CPU: 0 PID: 11036 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1723.217259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1723.219160] Call Trace: [ 1723.219771] dump_stack+0x107/0x167 [ 1723.220597] should_fail.cold+0x5/0xa [ 1723.221463] ? __kmem_cache_create+0x10e/0x520 [ 1723.222513] should_failslab+0x5/0x20 [ 1723.223372] kmem_cache_alloc_node+0x55/0x330 [ 1723.224395] __kmem_cache_create+0x10e/0x520 [ 1723.225398] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1723.226653] p9_client_create+0xc6a/0x1230 [ 1723.227619] ? p9_client_flush+0x430/0x430 [ 1723.228580] ? trace_hardirqs_on+0x5b/0x180 [ 1723.229555] ? lockdep_init_map_type+0x2c7/0x780 [ 1723.230635] ? __raw_spin_lock_init+0x36/0x110 [ 1723.231679] v9fs_session_init+0x1dd/0x1680 [ 1723.232653] ? lock_release+0x680/0x680 [ 1723.233558] ? kmem_cache_alloc_trace+0x151/0x320 [ 1723.234654] ? v9fs_show_options+0x690/0x690 [ 1723.235656] ? trace_hardirqs_on+0x5b/0x180 [ 1723.236636] ? kasan_unpoison_shadow+0x33/0x50 [ 1723.237661] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1723.238822] v9fs_mount+0x79/0x8f0 [ 1723.239625] ? v9fs_write_inode+0x60/0x60 [ 1723.240560] legacy_get_tree+0x105/0x220 [ 1723.241479] vfs_get_tree+0x8e/0x300 [ 1723.242328] path_mount+0x1429/0x2120 [ 1723.243195] ? strncpy_from_user+0x9e/0x470 [ 1723.244168] ? finish_automount+0xa90/0xa90 [ 1723.245143] ? getname_flags.part.0+0x1dd/0x4f0 [ 1723.246199] ? _copy_from_user+0xfb/0x1b0 [ 1723.247139] __x64_sys_mount+0x282/0x300 [ 1723.248055] ? copy_mnt_ns+0xa00/0xa00 [ 1723.248949] do_syscall_64+0x33/0x40 [ 1723.249792] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1723.250960] RIP: 0033:0x7f535d26eb19 [ 1723.251799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1723.255964] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1723.257690] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1723.259313] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1723.260938] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1723.262562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1723.264176] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1723.265941] kmem_cache_create(9p-fcall-cache-77) failed with error -22 [ 1723.267476] CPU: 0 PID: 11036 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1723.269031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1723.270907] Call Trace: [ 1723.271500] dump_stack+0x107/0x167 [ 1723.272327] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1723.273525] p9_client_create+0xc6a/0x1230 [ 1723.274500] ? p9_client_flush+0x430/0x430 [ 1723.275458] ? trace_hardirqs_on+0x5b/0x180 [ 1723.276433] ? lockdep_init_map_type+0x2c7/0x780 [ 1723.277505] ? __raw_spin_lock_init+0x36/0x110 [ 1723.278554] v9fs_session_init+0x1dd/0x1680 [ 1723.279529] ? lock_release+0x680/0x680 [ 1723.280436] ? kmem_cache_alloc_trace+0x151/0x320 [ 1723.281540] ? v9fs_show_options+0x690/0x690 [ 1723.282549] ? trace_hardirqs_on+0x5b/0x180 [ 1723.283524] ? kasan_unpoison_shadow+0x33/0x50 [ 1723.284559] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1723.285709] v9fs_mount+0x79/0x8f0 [ 1723.286524] ? v9fs_write_inode+0x60/0x60 [ 1723.287463] legacy_get_tree+0x105/0x220 [ 1723.288387] vfs_get_tree+0x8e/0x300 [ 1723.289236] path_mount+0x1429/0x2120 [ 1723.290109] ? strncpy_from_user+0x9e/0x470 [ 1723.291080] ? finish_automount+0xa90/0xa90 [ 1723.292052] ? getname_flags.part.0+0x1dd/0x4f0 [ 1723.293116] ? _copy_from_user+0xfb/0x1b0 [ 1723.294066] __x64_sys_mount+0x282/0x300 [ 1723.294982] ? copy_mnt_ns+0xa00/0xa00 [ 1723.295872] do_syscall_64+0x33/0x40 [ 1723.296715] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1723.297871] RIP: 0033:0x7f535d26eb19 [ 1723.298719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1723.302878] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1723.304597] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1723.306236] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1723.307853] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1723.309470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1723.311090] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1723.325072] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:00:23 executing program 5: socket$inet6_udp(0xa, 0x2, 0x0) r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x281, 0x0) sendmmsg$inet6(r0, &(0x7f0000006640)=[{{&(0x7f0000006cc0)={0xa, 0x4e22, 0x0, @private0}, 0x1c, 0x0}}, {{&(0x7f0000000240)={0xa, 0x4e20, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}, @flowinfo={{0x14, 0x29, 0xb, 0x80}}, @rthdr={{0x28, 0x29, 0x39, {0x73, 0x2, 0x2, 0x60, 0x0, [@dev={0xfe, 0x80, '\x00', 0x20}]}}}, @hopopts_2292={{0x18, 0x29, 0x36, {0x5c}}}, @hopopts_2292={{0x30, 0x29, 0x36, {0x2c, 0x2, '\x00', [@hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}], 0xa0}}], 0x2, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x29) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000140)={@private=0xa010102, @loopback, 0x0, 0x1, [@empty]}, 0x14) 00:00:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x4}, 0x1c) 00:00:23 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000003000/0x1000)=nil, 0x1000, 0xd, 0x12, r0, 0x0) truncate(&(0x7f0000001040)='./file1\x00', 0x4) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) r2 = open_tree(r1, &(0x7f00000010c0)='./file1\x00', 0x0) fallocate(r2, 0x2, 0x9, 0x0) pipe2(&(0x7f0000001080)={0x0, 0x0}, 0x0) vmsplice(r3, &(0x7f00000012c0)=[{&(0x7f0000000040)="e419543f032efb3a595ee221e7282adf96dd152ddadd85e86b27042523e46c1a2e59e001551d59fb0e3a8b9f7518845a691cfc955a788df69eb0d60da8fe9f7cbf350479a3e0ce8f96c20530b12a34ce604b789e3340356f82df62888dbd47df8ddd4697a0c4f315c59ed293f6835d59b4f289cd0dc166c057390afff64f53f0060c75d12ed9a0e3e72bf3bf94e2d06b2a660eb4ea61be4765af733de0318e726e40e8dcf8063e79d8e6011a6deceacfa68dc0d79fefc9809624dc94b41dcde0b710c3ed9a0efa707bfc699face9c6024ab10472caabcc4c43190643e867b77c4ebedeb574b6c326a7bc997ceb800dffda8ba83407087a6303ffbfc42e03b7c415e1639fbb5fc89602a23575f9b292251c2bd9935c642b6c63e93448f6abe106773b41362cdeeecc9a252abf6dfc42658cb2d8b6fcaa3171b15c98043af017458d8d0e80548932a767a9eea23c2cd84a9f5dff2d2c2328f4c918e9ce63757cd69013e3318b49d2f240a6aa112fe7ee631a6eac1e661b05673cadb597a1a24745750d4e6538888dfc05ced1e85ec47727eafd4c7f905ef2aa7dd17f78e82fc0e2e54b795ac880bfd735842dfc16bf18457dd0de1b630e92450d1b22aae69be82a3b3c2f9096ff4efe59d5d4b7a5b07090b5bd805461c072e1d799971848ca1e3304160728f7bb28bf4480b01f8387d142ecb2bab30295e9f91281ae44bbdc2fb1406a21a372ea75ea63b174dc852243533de7d66d0ad663d928c4d9096c4e53c4e130afd8a69395928f3a06c2a436f7ee21f66260269af17a5a9474e9f4ec5322f5abcd9ff7b7402efcfa57e5a854c348f115e87d49fa0f830b663bc7fb5432bc64f39d025c285d8252ac39d1f78e5412b3a640bd0e11323e1a45cccdf59b011cbdfb6f023cbf1613a1c74c2baf26fcb06172a3a8ddc57f2cacdcdc7ae7fe41365dee77f0605fee896c830130a21cfd202d5eeaac9bfeef41b6980dbaba5d9fa523c3687fdf562357e4e0af182d44f59d1cc50a3c52fdbfa63763d5cb06f9a0779d2b8eae2d02a35a0dca592bfb1835499a12caf28ab5038d6fb7bd905111f94083d48fb2b9400fc2e0139c1c31a5abd53f0141c0933b6a0c0f3f4629f95202fb6301d5707b0447ded6926386f332519d75e5a3798373dfd8ac957def295bb345acffabd616eac09937f310606a02ec2eae9edfd5a8721b432ebbbe86e95f18d82a54b4a3dc1290112540dc34798e794ee73d87fa668794c06b87f4307cd894cb4ef5dd6d9cfcdecc63450439c937018ecf95b16cac6d31c8703acb861bc66b8a3d70f2f8310f6de6d59b7f19a6bf49e1935c1ca3138954b7a1565164a51ff38e34118f76f66ef130e861a93ca2a8c1b914cfe2ce9ae4bd5f049a7750ba75896aab6a2a42c5dffac474094c33907d218a75eaab1f0d20ad212b8c43415abbfb1a94136d9372498c38129cb4d4506a57771062eff2c04b861ddd02bd82b719cfe7126f91d7bfe239c3e2e4f7ecd96ae3b8b8e3553731eee61e786eaaab50116655b37c0e9a35ac3223595cb50176fb9d9ff867b3ad6c00e3d31ae538cc3c9ab32d98cf4152bf1e5c7ef5a39743a92db256c000c1be7a40ecb8d6fe494882cc525a7f97152e8dfc1a24fa7149986773c7b6c1b05504078e773860d82ff8251d5af7399c35a923ec9c2dc2c71f73dbdf0f5d9f25ed3bf24193784d10627b6ed97cadd5315e79cb700ba763db2749f3f931a73475cf9d8728ad0b75b42e9ed8a3c57eb584d21f8eb1f75e2750c52776b725ebdc4e130708440ca7a151833432d1b47e79ecda0b7ffba91aa42cbde65e58dc28797fc00891628b43d01f566e32ef0f7a3a79e1cf48e4a36afd8c1aebc7acb7ecad1cace3d57e887127b7affde579e181e447928239d448f4e9d199a5c4855b00677e6e9850383aa1db17ed0713703b217487196ded7cc2c3e6b7026972e870f22ed98fd58d2a2a6bbe3bcc9196ab28165795703dc3c11fc24a39843c7ad46ac740221199a16dd5c7ba786073f41ab873b66c876ceec827af2c71389afa124b08951972de1b3f30cbe9814e08d3f3b739b153c8ca4e8253b8b92945dc09e82763eb5d2bc5016031762e580ba42288c57f9c12e26b9a65f410517aedf8d6da32941466f17e8cbf796799f3d7e1ede241625bce464417752be142206a2af47bb348da9690ed95d3b34a71f691630552e6113908f5b677829373a47a5bf817f4a8244a1d477cb40544a80575dcd56050166256d75f71c3cf43fd7a74eb3f7b0704576b8f669fa3e7f674802c13f461bfa0f014d411e1e2dc704c3d8fec3d716be74c836479dab873999fc5a33aba8341cf8262c0b14fb8c7ee0c4fb527a5fb7a64e0f9adcca22ba9df9730f5e5d54ee1291d434ebd4646d4912e23707ad76e92bab0da691af46cd19b4295643d7434ae3fe4d7d76b32fc77bd256e80c5f736864a78397312430a3a3a29b70371c8a95b43a7fb018bb8c11c852ce878f17217e93e862ff216eafa129e55e88072131630d16c31490f156b29ed3c2fb867b3c0fc3fe188490a3886aaee78f2a49bd9037029887939105c5da07b1726993f845d36fa1b8608a67cde248e0928d318349cdc735ea81c3cd52dab646bf8ca9c528c853bf3b16adf67b6d077e54efda81d112f857d43459be69a4c019aa13e12714c3ee7196fd4dda2446d1f416b94fe1e2c81e522c56533c1bf5cde972be08f01663a2e7c9f0ea487ce403816c4ffb30d1fddfb48278b300676749dc968ca9aa95aaae1919cb2e60d7f80756c4611788d48aab32e38f4d607702e9581fa97ceaf5ca4a16ebd67adf95c27e37c613a125ba35e9ca10daab1d6042afd85623c40ec9c132383c90c9b2c2696e340a449ebe58dcf5df4f3b75f04b322c1cac6211b6d2662386786a4272b549bf4d6bd7dc13aa67836f135501358bbd963a8a23780a5c12bd414e5a4fe11bd8f17a96f313d610d22b5972d697440e2d335df8316ccef0ecf7187c5999bc995a613fd5fd0ac8935cee897c1f7aef7dde2b2b906b9279d99c5776013d43330ba4e97729132a118c4334f2122648a5524d8e1c4bcc78c1512d5a5303f0ce1e7c70404e40c07b5ef527d9d8454fe806856123eb38aaf3f2e14233466d78e2ad3ed6de81ef57bbefc69fb9af566ad94c9eaf0cdb3fc324ee9f82ff63692b1cf8f7b0acd5b25345151f12c27032f6fb665c04a34333288e00dd5073f964eda4cdc7fe4c12e7a48118ecdc63167d18753e101b7c507b01f205a774780375e0dabcbd64e64562f0495501b65460f3ff2d624a212c162578374f7c1f0f06f6548931e92f6021aab1400290104d2cf16715dc02e42bb002160a4544b4ba9e58944536f5381291e60f629e21fe03ba3d1d5ae06f283e342b6c6836c8674b070e0cc3034a2cb5ba45ea2932b0dc24ef199233091d03565bd0bd1b7fe4ebe4ed62ac8e16979b3e10997d4fb29f286334e4d7ce20e932b70fdafa85a42758e714eee33653638cef88cb033cd515e9aa178ac7375c51fef07895c08ed0b3a51150aca4350d9360a313847fb517b6ade52bb9bc6738fec5aa1f93bb436b88c1fa9c611d3f685a6f860f832e59600ead15067217fe0c3501dad29f815f16c39af57cd1ab894d26276240b1828ac68042a75b92c34151cfa6cd05eedfdb3f2f4bcd40476eceb334c858e239d69df17565e92fe1a161e9848907b6557eb009c3d24879cdcb19e835612825f490d453123a83f9c9de8490791144bef3f7b6450445747c247f80003a2e65aa1c077012ae4bd65e5c1f425ec0d0573fddcdf475456e2d734959835ed20e8dfd4ef4932c42004557c409e09c43daf92651f63c40af8630df9e8e84578b5a628cfce5b328f115d2532469d2b4218ea87fe46d8d06616d6fab54cdfa32f14b76199bcfd21b13f8a72376f549874b118ceed00d4106450100f92c87dad3b93f03ead01f1a488362aa4fec5913c4d98e4aceba87214aa241f3727f64c52ce30383ca2a5b7115b67d4a5be7aaf817fc22f2a213d6612a598fa61086bfcc49126c8c7f6933f4fa51f1cc003732d51ab7d80b8c0ab7e77b51f96f4e1d866f29e7c09bef6ad687ace636e8c59232f929f3b1b19337f6a67bc79a4e09daa48b41f55f56b7bf3d5cb80b58b6786b41e1da2156449b224346fc21bd52ccb2d5512b8e210201e11dc09485828b2eda5f3586330dbe80135939d7d10c9eadfc1940d5c4566cdf35b4945e3ea3407dece97ef37fb98e9de9552c7b904c1ce06ff77d2cd0e738fe6a0d904de2964c794d87d70746579746d6a74fc6f708e609cff51be1228932165c2fcfe02ea845f5c0eab8b416604eded565c341a16a77993322ac8751b90715d1e75c37245c598e39a6b1272bd38c299ab93c34cac7cde6f01ca88b889f468721c8fe27d84eab5fdcede8cb0ecc7c102abc9f7dbc4c9e3d2d76ab3f8a4de79eba6427f62866ffe1660b92a43bb2933b60b9fd4b37dbb3ca612b802f5165f27315b2bd36be7ef5d0cd2c064ae8b26545978a7c8c03c8a8fde739f516928a387e71b034cc621add347e14bed5a485e75770a1279466de0c48e9e4377af75b23b320e7bc5c1264f6687c70a9b9f7191560c6ec0998a3b32f64ed7ce9a911e563aa956967cac766aa68ffa2464e0d281716cc5e72e5ac000985c2c0e6a905c444e63b79d391c74c60ba03b0915fbc1baf841c88706f665f77d4745532340e78fd3bb4989ec45783bdabf315d6de15fa38eb736efdcda493f7ae4c23e9b26291fd17e97cc4402d61eb34ec49a3f3ad057e268472cf3328d937d7e7a7b191fa02a75c3f44f512e0569c7a86314b74bdc50ca225dbaeca382bd97f462b2875a7bf8ccd96e1dfa3c882379b7559437c424408065986dd16c6649f7c80997518a76531ce798c74ce7ddfd8d030bc54bcfeae164336693b96b5c158fabadd3e96964065523e085e0dcb5f93ae8be31e2b2ca8fe5ba9c76383f6606ed11d07b29f194dc0c49e23a404f15a3b9ab6cf571aff668085eddc6599881a335d4e40cdc46f0f3a08249cf30878373ee3e5084729a6b444683f7541b49e65fa5cc3449655b628fae538b0e6af12b6dd64bdf348b1fd9d16e680d1043f0064642d937032a7b54ef892f913acd053f10d3536233b2019f9d8d3bf2933cb59136bbb39f82ad67cdf2bda565452eddb7ecf08b2905bd80238e18cc1f286967d57efcf9d32c89d2dc4dade997212d32681aa13160742444933e91776c3169a6b866927b81de4dc1b98cb29df47aea56571b46c5a795473d523855c7b190a311b0c0cf656dbebdefae64cd0b75e5f53fda5a2bef64d816a59298bd61c2b4385e97f1a04da0c026f811f2c141e66fe21f2ec313bfd1352ab517e93585f0aafb7ddaa5812c4abe5e9a537d5024622a8c7a4654ea161fd16724a5666aab94c2169e6748018d81c733e84da77654febc1541994de66dd6d0e8d7ecb89b1c132598a62422bbae1a79c6aa75137ac5ff8abdb95aadd53cfe9be4fdfdc55b4f16bf948e06d86d0061cdc30e45ed0144d92bb0b17b9cd7f7bcb47e6f22c534852c6b3b94d5353435df4d46a410f74a62550b6de1a3af3e2d56400de8766a05e3d873fb7671e3ff6370fb9a4d6464bc2944b1343fc56cb45615c1181e189bf5f9c9e7ad78ead49ac041c1b5e868c7fb4a1702bea97a78693379", 0xfffffe90}], 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) creat(&(0x7f0000001140)='./file1/file0\x00', 0x1) sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) bind$inet(r5, &(0x7f0000001100)={0x2, 0x4e20, @loopback}, 0x10) r6 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000001180), 0x4) 00:00:23 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xb00, 0x103) 00:00:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x9000000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:00:23 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/diskstats\x00', 0x0, 0x0) openat(r1, &(0x7f00000002c0)='./file1\x00', 0x100, 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0}, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) creat(&(0x7f0000000300)='./file1\x00', 0xa0) mkdirat(r0, &(0x7f0000000200)='./file1\x00', 0x128) 00:00:23 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) io_uring_enter(r1, 0x72de, 0x4157, 0x0, &(0x7f0000000100)={[0x3825]}, 0x8) r2 = perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x10000, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d663f1afe8c4015d291", @ANYRESHEX, @ANYRESHEX=r2, @ANYRESDEC=0xee01, @ANYBLOB=',subj_user=,subj_user=oom_adj\x00,smackfstransmute=ccm-aes-c']) syz_io_uring_setup(0xfe7, &(0x7f00000001c0)={0x0, 0x4c76, 0x10, 0x3, 0x11f, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000140)=0x0) r4 = open_tree(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x1000) syz_io_uring_submit(0x0, r3, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4}, 0x2) r5 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x12) dup3(r5, r5, 0x80000) gettid() r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) syncfs(r6) 00:00:23 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 54) [ 1723.515027] loop3: detected capacity change from 0 to 262144 [ 1723.534168] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1723.622241] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1723.715177] FAULT_INJECTION: forcing a failure. [ 1723.715177] name failslab, interval 1, probability 0, space 0, times 0 [ 1723.717893] CPU: 0 PID: 11080 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1723.719487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1723.721538] Call Trace: [ 1723.722159] dump_stack+0x107/0x167 [ 1723.722976] should_fail.cold+0x5/0xa [ 1723.723837] ? __kmem_cache_create+0x10e/0x520 [ 1723.724864] should_failslab+0x5/0x20 [ 1723.725718] kmem_cache_alloc_node+0x55/0x330 [ 1723.726746] __kmem_cache_create+0x10e/0x520 [ 1723.727738] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1723.728863] p9_client_create+0xc6a/0x1230 [ 1723.729833] ? p9_client_flush+0x430/0x430 [ 1723.730789] ? trace_hardirqs_on+0x5b/0x180 [ 1723.731763] ? lockdep_init_map_type+0x2c7/0x780 [ 1723.732828] ? __raw_spin_lock_init+0x36/0x110 [ 1723.733860] v9fs_session_init+0x1dd/0x1680 [ 1723.734842] ? lock_release+0x680/0x680 [ 1723.735743] ? kmem_cache_alloc_trace+0x151/0x320 [ 1723.736820] ? v9fs_show_options+0x690/0x690 [ 1723.737817] ? trace_hardirqs_on+0x5b/0x180 [ 1723.738804] ? kasan_unpoison_shadow+0x33/0x50 [ 1723.739833] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1723.740981] v9fs_mount+0x79/0x8f0 [ 1723.741781] ? v9fs_write_inode+0x60/0x60 [ 1723.742729] legacy_get_tree+0x105/0x220 [ 1723.743648] vfs_get_tree+0x8e/0x300 [ 1723.744487] path_mount+0x1429/0x2120 [ 1723.745351] ? strncpy_from_user+0x9e/0x470 [ 1723.746336] ? finish_automount+0xa90/0xa90 [ 1723.747315] ? getname_flags.part.0+0x1dd/0x4f0 [ 1723.748367] ? _copy_from_user+0xfb/0x1b0 [ 1723.749311] __x64_sys_mount+0x282/0x300 [ 1723.750241] ? copy_mnt_ns+0xa00/0xa00 [ 1723.751134] do_syscall_64+0x33/0x40 [ 1723.751973] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1723.753134] RIP: 0033:0x7f535d26eb19 [ 1723.753976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1723.758150] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1723.759864] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1723.761475] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1723.763089] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1723.764695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1723.766308] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1723.768145] kmem_cache_create(9p-fcall-cache-80) failed with error -22 [ 1723.769919] CPU: 0 PID: 11080 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1723.771573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1723.773434] Call Trace: [ 1723.774041] dump_stack+0x107/0x167 [ 1723.774883] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1723.776068] p9_client_create+0xc6a/0x1230 [ 1723.777031] ? p9_client_flush+0x430/0x430 [ 1723.777977] ? trace_hardirqs_on+0x5b/0x180 [ 1723.778968] ? lockdep_init_map_type+0x2c7/0x780 [ 1723.780035] ? __raw_spin_lock_init+0x36/0x110 [ 1723.781070] v9fs_session_init+0x1dd/0x1680 [ 1723.782056] ? lock_release+0x680/0x680 [ 1723.782956] ? kmem_cache_alloc_trace+0x151/0x320 [ 1723.784038] ? v9fs_show_options+0x690/0x690 [ 1723.785034] ? trace_hardirqs_on+0x5b/0x180 [ 1723.786016] ? kasan_unpoison_shadow+0x33/0x50 [ 1723.787036] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1723.788170] v9fs_mount+0x79/0x8f0 [ 1723.788975] ? v9fs_write_inode+0x60/0x60 [ 1723.789906] legacy_get_tree+0x105/0x220 [ 1723.790831] vfs_get_tree+0x8e/0x300 [ 1723.791675] path_mount+0x1429/0x2120 [ 1723.792534] ? strncpy_from_user+0x9e/0x470 [ 1723.793501] ? finish_automount+0xa90/0xa90 [ 1723.794481] ? getname_flags.part.0+0x1dd/0x4f0 [ 1723.795529] ? _copy_from_user+0xfb/0x1b0 [ 1723.796467] __x64_sys_mount+0x282/0x300 [ 1723.797376] ? copy_mnt_ns+0xa00/0xa00 [ 1723.798269] do_syscall_64+0x33/0x40 [ 1723.799106] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1723.800256] RIP: 0033:0x7f535d26eb19 [ 1723.801092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1723.805230] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1723.806943] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1723.808545] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1723.810151] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1723.811755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1723.813351] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 00:00:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a7b, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000080)=0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @multicast1}}) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000004, 0x10010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5548, &(0x7f00000002c0)={0x0, 0xf22b, 0x2, 0x1, 0x3cc, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000400)) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x242e2, 0x0) copy_file_range(0xffffffffffffffff, &(0x7f0000000180), 0xffffffffffffffff, &(0x7f0000000280)=0x800, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x800, 0xe0) accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c) clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) 00:00:37 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 55) [ 1737.705128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11085 comm=syz-executor.0 [ 1737.710232] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11085 comm=syz-executor.0 00:00:37 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xd00, 0x103) 00:00:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x5}, 0x1c) 00:00:37 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x10000000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:00:37 executing program 5: prlimit64(0x0, 0xd, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10018, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x3, 0x0, 0xdb, 0x8, 0x0, 0x9, 0x3009, 0xd, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000240), 0xc}, 0xc00, 0x1, 0x4, 0x5, 0x8, 0xffffffff, 0x9, 0x0, 0xffff, 0x0, 0x20000000000}, 0x0, 0xe, 0xffffffffffffffff, 0x8) prlimit64(0x0, 0x1, &(0x7f0000000200)={0x9, 0x1}, &(0x7f0000000380)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) prlimit64(r1, 0x0, &(0x7f0000000100)={0x4, 0x9}, &(0x7f00000001c0)) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_group_source_req(r0, 0x0, 0x4, 0x0, 0x0) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000000, 0x40010, 0xffffffffffffffff, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000440)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x7) prlimit64(0xffffffffffffffff, 0x6, &(0x7f0000000080)={0x6d7b, 0xffffffffffffff7f}, &(0x7f00000000c0)) connect$inet(r0, &(0x7f0000000140)={0x2, 0xfffd, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10) prlimit64(r1, 0xd, &(0x7f00000002c0)={0x7f, 0x9}, &(0x7f0000000300)) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000180)) prlimit64(0x0, 0xc, 0x0, &(0x7f0000000140)) io_setup(0x2d47, &(0x7f0000000000)) signalfd4(0xffffffffffffffff, &(0x7f0000000280)={[0x7fffffff]}, 0x8, 0x0) 00:00:37 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000d00)=ANY=[@ANYBLOB="10be04650d957f1b39500ba8f8f84541602e2f66696c6530ca6b301430b5c66cffbb19c41617513911a06dd04c5e0788b6ba0ac0c67645db6b54ee42de08ad0817e4ebaf97cbb8bd2129f9de0860835d274890d680668f67178a77037448e55ad363280c4fb1db7573b0045768e972ab53ccaee808af3828c01017c8001709000000b4adf9a52898ca789bef633e5a7c1ff2fe69dce49dea582f7f597cebc2090000008572cfbd451af8bbd5a473fe1b4582298ea961f70000315f5aa341e6b6a4792042b65fec0b3c8bb4fecf95f96177f0e7b915ece45c43e1ad7aeec84afdea29b3f21b2f5c8ad88e3286a51b1414ba40213da52662fe"], 0x10) setxattr$trusted_overlay_opaque(&(0x7f0000000580)='./file1\x00', &(0x7f0000000e00), &(0x7f0000000e40), 0x2, 0x2) recvmmsg(r0, &(0x7f0000000c00)=[{{&(0x7f00000001c0)=@pptp={0x18, 0x2, {0x0, @broadcast}}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000300)=""/206, 0xce}, {&(0x7f0000000400)=""/188, 0xbc}, {&(0x7f00000005c0)=""/252, 0xfc}, {&(0x7f00000004c0)=""/162, 0xa2}], 0x4, &(0x7f0000000240)=""/15, 0xf}, 0xffff}, {{&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000740)=""/196, 0xc4}, {&(0x7f0000000280)=""/18, 0x12}, {&(0x7f0000000840)=""/141, 0x8d}, {&(0x7f0000000900)=""/118, 0x76}], 0x4}, 0x5ea1}, {{&(0x7f00000009c0)=@nfc, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000a40)=""/118, 0x76}], 0x1, &(0x7f0000000b00)=""/200, 0xc8}, 0x400}], 0x3, 0x40032001, &(0x7f0000000cc0)={0x0, 0x989680}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 00:00:37 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x5c, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3f}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16f3}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1f}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20044091}, 0x20000000) mkdirat(r1, &(0x7f0000000000)='./file0\x00', 0xf0261a2cff9aa493) socket$inet6(0xa, 0x3, 0x7fe) syz_genetlink_get_family_id$nl80211(&(0x7f0000004f80), 0xffffffffffffffff) [ 1737.753716] loop3: detected capacity change from 0 to 262144 [ 1737.756165] FAULT_INJECTION: forcing a failure. [ 1737.756165] name failslab, interval 1, probability 0, space 0, times 0 [ 1737.758585] CPU: 1 PID: 11103 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1737.760128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1737.762243] Call Trace: [ 1737.762804] dump_stack+0x107/0x167 [ 1737.763574] should_fail.cold+0x5/0xa [ 1737.764493] ? create_object.isra.0+0x3a/0xa20 [ 1737.765609] should_failslab+0x5/0x20 [ 1737.766547] kmem_cache_alloc+0x5b/0x310 [ 1737.767542] create_object.isra.0+0x3a/0xa20 [ 1737.768605] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1737.769849] kmem_cache_alloc_node+0x169/0x330 [ 1737.770979] __kmem_cache_create+0x10e/0x520 [ 1737.772051] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1737.773259] p9_client_create+0xc6a/0x1230 [ 1737.774309] ? p9_client_flush+0x430/0x430 [ 1737.775353] ? trace_hardirqs_on+0x5b/0x180 [ 1737.776406] ? lockdep_init_map_type+0x2c7/0x780 [ 1737.777555] ? __raw_spin_lock_init+0x36/0x110 [ 1737.778681] v9fs_session_init+0x1dd/0x1680 [ 1737.779731] ? lock_release+0x680/0x680 [ 1737.780707] ? kmem_cache_alloc_trace+0x151/0x320 [ 1737.781876] ? v9fs_show_options+0x690/0x690 [ 1737.782965] ? trace_hardirqs_on+0x5b/0x180 [ 1737.784008] ? kasan_unpoison_shadow+0x33/0x50 [ 1737.785117] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1737.786362] v9fs_mount+0x79/0x8f0 [ 1737.787229] ? v9fs_write_inode+0x60/0x60 [ 1737.788244] legacy_get_tree+0x105/0x220 [ 1737.789224] vfs_get_tree+0x8e/0x300 [ 1737.790120] path_mount+0x1429/0x2120 [ 1737.791056] ? strncpy_from_user+0x9e/0x470 [ 1737.792105] ? finish_automount+0xa90/0xa90 [ 1737.793144] ? getname_flags.part.0+0x1dd/0x4f0 [ 1737.794267] ? _copy_from_user+0xfb/0x1b0 [ 1737.795277] __x64_sys_mount+0x282/0x300 [ 1737.796253] ? copy_mnt_ns+0xa00/0xa00 [ 1737.797203] do_syscall_64+0x33/0x40 [ 1737.798100] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1737.799351] RIP: 0033:0x7f535d26eb19 [ 1737.800257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1737.802070] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1737.804715] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1737.807687] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1737.809434] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1737.811170] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1737.812879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1737.814589] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 00:00:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c) 00:00:37 executing program 0: r0 = syz_io_uring_setup(0x21, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x3938700}}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x2}, 0x6) r3 = io_uring_setup(0x669c, &(0x7f0000000240)={0x0, 0xb40c, 0x0, 0x2, 0x17d, 0x0, r0}) io_uring_enter(r3, 0x29f2, 0xb8be, 0x3, &(0x7f0000000140)={[0x20]}, 0x8) r4 = syz_io_uring_setup(0x21, &(0x7f0000000340), &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180), &(0x7f0000000080)) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x3d2c) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1737.882710] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:00:52 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 56) 00:00:52 executing program 6: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) sendfile(0xffffffffffffffff, r0, &(0x7f0000000000)=0x8, 0x67) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x20b00, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000140)={0x0, 0x100000000}) 00:00:52 executing program 7: ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f0000000180)={0x0, 0x8}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='tracefs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x20020, &(0x7f00000006c0)=ANY=[@ANYBLOB="67696494c1aea9805448375a1cb01e78383d", @ANYRESHEX=0x0, @ANYBLOB="2c0841538defc240384300ff2b1ebdf78140fc8ef1cb59e72eca3a176386ab9a9e0cbf649c40a04483418124b9321658bbd32b2754c8ff40d81d3f5d57485a0517f5a1249547bb00832c06e4ff0f000083785d198d01a3cf1a5f563adc3ad0ca9ac9b5af0000ec54c0f49b24b466dd36b2b512d7d98fe41a72edc011e490790d9eab32b40d28c342674d6a71ccb6eee4a2000000000000000000000088d689a5f09cd5ac4ef3aa99dc539583ed01e7614d96aee209407071bb87fca1c1b10ef7a753b7aa486bab9fc8c1665657d9e5e8d86fd1d20e230c2ec94ab78e27d6edb168c4302b1bdc54281db965c419190a8fc39d6642790fe0e731ea42716a0773307adbeae075b6c01e74a10753b01c3c3fd5d01b90f9bc174f92e46789cf947fc379"]) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="07000000d6838a9b3f27ff0100008030"]) syz_io_uring_setup(0x3167, &(0x7f0000000380)={0x0, 0x9b7a, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f00000002c0), &(0x7f0000000340)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) execveat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000440)=[&(0x7f0000000400)=']$-\x00'], 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000200)=0x3f, 0x1ff) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r1, 0x1000003) socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$full(0xffffffffffffff9c, 0x0, 0x101000, 0x0) r3 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x50, 0x0, &(0x7f0000000340)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000640)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="2e2f66696c6531006d80b461697d2d55e3655b9d34e9d485b7cbe1934e87fa968c75bb1b1a08516062e843d899b33bf7acbadf7212d503ea0b34b84c2559782160df82bab29cdd7817ef9e0214a6e0e2c5f1cb5f82153a6a606694bb7d811b369095a12761d3477cef2dc6008133521c09c45d087a3857978869a618d385edef8ecfb2088ac28edd6595af7567819489f65bbd658c421740a5ddd3c96c25e1895d7a626378747ce434dc7b5b52262585b5d711f742ad1556bd", @ANYRESDEC=r3, @ANYBLOB="cb18652cdce5e9978a8d0e5773f2bf5a16293df35068dfb16dd0f3a3e34ad9fa4e8e8261c106b784d7d739861e5a9dc8fd780bdf6ae53c639ac9695c5efc503109c3ff92b4631fe22a5ae6652feb44a1caa86035e8067c28e0b0470029899e230bea1dd8629e00000000", @ANYRESHEX=r2, @ANYRES32=r2, @ANYRES32=r2]) getsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000100)=0x7fffffff, &(0x7f0000000140)=0x4) pidfd_send_signal(r1, 0x30, &(0x7f00000005c0)={0x2f, 0x3ff, 0x70}, 0x0) 00:00:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080), &(0x7f0000000140)={'L+', 0x1f}, 0x16, 0x3) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000280)) 00:00:52 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0xf00, 0x103) 00:00:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x7}, 0x1c) 00:00:52 executing program 5: r0 = inotify_init() stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r1, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x208001, &(0x7f0000000200)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@privport}, {@noextend}, {@nodevmap}, {@access_any}, {@version_u}, {@dfltuid={'dfltuid', 0x3d, 0xffffffffffffffff}}, {@mmap}, {@access_any}], [{@fowner_eq={'fowner', 0x3d, r1}}]}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x3a7b, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000080)=0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @multicast1}}) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000004, 0x10010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5548, &(0x7f00000002c0)={0x0, 0xf22b, 0x2, 0x1, 0x3cc, 0x0, r2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000400)) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x242e2, 0x0) copy_file_range(0xffffffffffffffff, &(0x7f0000000180), 0xffffffffffffffff, &(0x7f0000000280)=0x800, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x800, 0xe0) accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c) clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) 00:00:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x20000000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1752.379588] loop3: detected capacity change from 0 to 262144 [ 1752.383140] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1752.387471] FAULT_INJECTION: forcing a failure. [ 1752.387471] name failslab, interval 1, probability 0, space 0, times 0 [ 1752.388789] CPU: 1 PID: 11126 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1752.389570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1752.390562] Call Trace: [ 1752.390877] dump_stack+0x107/0x167 [ 1752.391297] should_fail.cold+0x5/0xa [ 1752.391734] ? create_object.isra.0+0x3a/0xa20 [ 1752.392254] should_failslab+0x5/0x20 [ 1752.392712] kmem_cache_alloc+0x5b/0x310 [ 1752.393176] create_object.isra.0+0x3a/0xa20 [ 1752.393682] kmemleak_alloc_percpu+0xa0/0x100 [ 1752.394192] pcpu_alloc+0x4e2/0x1240 [ 1752.394633] __kmem_cache_create+0x35a/0x520 [ 1752.395134] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1752.395736] p9_client_create+0xc6a/0x1230 [ 1752.396227] ? p9_client_flush+0x430/0x430 [ 1752.396708] ? trace_hardirqs_on+0x5b/0x180 [ 1752.397227] ? lockdep_init_map_type+0x2c7/0x780 [ 1752.397766] ? __raw_spin_lock_init+0x36/0x110 [ 1752.398323] v9fs_session_init+0x1dd/0x1680 [ 1752.398813] ? lock_release+0x680/0x680 [ 1752.399268] ? kmem_cache_alloc_trace+0x151/0x320 [ 1752.399814] ? v9fs_show_options+0x690/0x690 [ 1752.400341] ? trace_hardirqs_on+0x5b/0x180 [ 1752.400834] ? kasan_unpoison_shadow+0x33/0x50 [ 1752.401350] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1752.401958] v9fs_mount+0x79/0x8f0 [ 1752.402373] ? v9fs_write_inode+0x60/0x60 [ 1752.402872] legacy_get_tree+0x105/0x220 [ 1752.403338] vfs_get_tree+0x8e/0x300 [ 1752.403765] path_mount+0x1429/0x2120 [ 1752.404223] ? strncpy_from_user+0x9e/0x470 [ 1752.404719] ? finish_automount+0xa90/0xa90 [ 1752.405242] ? getname_flags.part.0+0x1dd/0x4f0 [ 1752.405770] ? _copy_from_user+0xfb/0x1b0 [ 1752.406272] __x64_sys_mount+0x282/0x300 [ 1752.406736] ? copy_mnt_ns+0xa00/0xa00 [ 1752.407209] do_syscall_64+0x33/0x40 [ 1752.407633] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1752.408205] RIP: 0033:0x7f535d26eb19 [ 1752.408645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1752.410712] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1752.411568] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1752.412365] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1752.413165] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1752.413966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1752.414776] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1752.420705] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 1752.421247] loop6: detected capacity change from 0 to 33559552 [ 1752.445068] EXT4-fs error (device loop3): ext4_add_entry:2350: inode #2: comm syz-executor.3: Directory hole found for htree leaf block 0 00:00:52 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x1100, 0x103) 00:00:52 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 57) 00:00:52 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x8}, 0x1c) [ 1752.514141] loop3: detected capacity change from 0 to 262144 00:00:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x20100000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1752.555642] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1752.595051] FAULT_INJECTION: forcing a failure. [ 1752.595051] name failslab, interval 1, probability 0, space 0, times 0 [ 1752.596289] CPU: 1 PID: 11169 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1752.597006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1752.597921] Call Trace: [ 1752.598206] dump_stack+0x107/0x167 [ 1752.598594] should_fail.cold+0x5/0xa [ 1752.599001] should_failslab+0x5/0x20 [ 1752.599423] __kmalloc_track_caller+0x79/0x370 [ 1752.599908] ? kstrdup_const+0x53/0x80 [ 1752.600320] kstrdup+0x36/0x70 [ 1752.600677] kstrdup_const+0x53/0x80 [ 1752.601095] kvasprintf_const+0x10c/0x1a0 [ 1752.601533] kobject_set_name_vargs+0x56/0x150 [ 1752.602038] kobject_init_and_add+0xc9/0x160 [ 1752.602507] ? kobject_create_and_add+0xb0/0xb0 [ 1752.602994] ? wait_for_completion_io+0x270/0x270 [ 1752.603521] ? kernfs_name_hash+0xe7/0x110 [ 1752.603962] ? kernfs_find_ns+0x256/0x380 [ 1752.604420] sysfs_slab_add+0x172/0x200 [ 1752.604835] __kmem_cache_create+0x3db/0x520 [ 1752.605321] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1752.605845] p9_client_create+0xc6a/0x1230 [ 1752.606291] ? p9_client_flush+0x430/0x430 [ 1752.606739] ? trace_hardirqs_on+0x5b/0x180 [ 1752.607217] ? lockdep_init_map_type+0x2c7/0x780 [ 1752.607711] ? __raw_spin_lock_init+0x36/0x110 [ 1752.608216] v9fs_session_init+0x1dd/0x1680 [ 1752.608665] ? lock_release+0x680/0x680 [ 1752.609085] ? kmem_cache_alloc_trace+0x151/0x320 [ 1752.609614] ? v9fs_show_options+0x690/0x690 [ 1752.610077] ? trace_hardirqs_on+0x5b/0x180 [ 1752.610554] ? kasan_unpoison_shadow+0x33/0x50 [ 1752.611026] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1752.611555] v9fs_mount+0x79/0x8f0 [ 1752.611923] ? v9fs_write_inode+0x60/0x60 [ 1752.612381] legacy_get_tree+0x105/0x220 [ 1752.612808] vfs_get_tree+0x8e/0x300 [ 1752.613197] path_mount+0x1429/0x2120 [ 1752.613622] ? strncpy_from_user+0x9e/0x470 [ 1752.614078] ? finish_automount+0xa90/0xa90 [ 1752.614566] ? getname_flags.part.0+0x1dd/0x4f0 [ 1752.615050] ? _copy_from_user+0xfb/0x1b0 [ 1752.615511] __x64_sys_mount+0x282/0x300 [ 1752.615933] ? copy_mnt_ns+0xa00/0xa00 [ 1752.616341] do_syscall_64+0x33/0x40 [ 1752.616732] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1752.617294] RIP: 0033:0x7f535d26eb19 [ 1752.617704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1752.619600] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1752.620387] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1752.621117] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1752.621852] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1752.622589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1752.623321] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1752.624194] kobject: can not set name properly! [ 1752.624732] kmem_cache_create(9p-fcall-cache-83) failed with error -12 [ 1752.625411] CPU: 1 PID: 11169 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1752.626123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1752.626976] Call Trace: [ 1752.627246] dump_stack+0x107/0x167 [ 1752.627624] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1752.628162] p9_client_create+0xc6a/0x1230 [ 1752.628603] ? p9_client_flush+0x430/0x430 [ 1752.629039] ? trace_hardirqs_on+0x5b/0x180 [ 1752.629481] ? lockdep_init_map_type+0x2c7/0x780 [ 1752.629965] ? __raw_spin_lock_init+0x36/0x110 [ 1752.630437] v9fs_session_init+0x1dd/0x1680 [ 1752.630877] ? lock_release+0x680/0x680 [ 1752.631287] ? kmem_cache_alloc_trace+0x151/0x320 [ 1752.631783] ? v9fs_show_options+0x690/0x690 [ 1752.632236] ? trace_hardirqs_on+0x5b/0x180 [ 1752.632676] ? kasan_unpoison_shadow+0x33/0x50 [ 1752.633140] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1752.633656] v9fs_mount+0x79/0x8f0 [ 1752.634019] ? v9fs_write_inode+0x60/0x60 [ 1752.634479] legacy_get_tree+0x105/0x220 [ 1752.634903] vfs_get_tree+0x8e/0x300 [ 1752.635308] path_mount+0x1429/0x2120 [ 1752.635702] ? strncpy_from_user+0x9e/0x470 [ 1752.636143] ? finish_automount+0xa90/0xa90 [ 1752.636582] ? getname_flags.part.0+0x1dd/0x4f0 [ 1752.637056] ? _copy_from_user+0xfb/0x1b0 [ 1752.637481] __x64_sys_mount+0x282/0x300 [ 1752.637901] ? copy_mnt_ns+0xa00/0xa00 [ 1752.638302] do_syscall_64+0x33/0x40 [ 1752.638689] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1752.639214] RIP: 0033:0x7f535d26eb19 [ 1752.639620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1752.641499] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1752.642337] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1752.643110] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1752.643889] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1752.644665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1752.645444] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1752.649815] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:01:04 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 58) 00:01:04 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x2000, 0x103) 00:01:04 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000040)) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000004, 0x100010, r1, 0x80500000) r2 = inotify_init() ioctl$BTRFS_IOC_LOGICAL_INO(r2, 0xc0389424, &(0x7f0000000100)={0x800, 0x18, '\x00', 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_SNAP_CREATE(r1, 0x50009401, &(0x7f0000000140)={{r2}, "92e7ca27036ce404f66d5edd1b137c8800f64a163a62287788af90d629fbd7980ce72f0b4ba41b753bd6e373d93ee851ec153a6e3aaa4385deca53c769fd5647ce30ed3df36179f3674c9f3fef7cb4e64f6ea00c084d7d268b561a546efd980d994efadd5a35c0f6c67ed925492dd985fdad2fbdf6e820c82e56981f3e3da7eda38811ed5430860bf909f07ce6d01921b6a38057a4bb689b56f0ee851c786bec42ca5539a93c6aab6c8d3bd6176af5adf7d12850936b2d56806d59d601ba51bab412a3bcfae9861feca51f521fe5fbf663aec8e187816ad84bbacfc7bef5a4888f429bd7851f447f6b1db0e0650e3af2c849d25135f45852d383e70ef7aaf51684eae8b97553df3e02692789a6ef5ad7a8ac928f725ea73f903fd9e87d21310f3c6659a5c6250ccbc10ffddb89d6860c87048ad7e22d8a99089d2f56ad0b1b25ab94ac7746dfeaf83e2280a2206bdd662063ef9a462978c10320e8367cd3651940f68637c81a943e3e3b018471d566fc801e6ccb7b57ba5df35845392c6762f9ac76555ed1828dceb4f1a83d36a73b5c55256030b482775803ad56514d7230cc3819709e7fbf55639f83ae8180af651c0e3e120e291964c15c0095857b5af70d09b5b67d882f790bcea16866fe9376c0024e881d9531677c67d5f8792a5805444987c7f4227d2eaf677e010fdf47380440ab1934dd0f76519e11fd042a36afd2c47e57391158d394bac769c2d04b0727b1c28a555c1f8a67df1cc919b08b43a897a42ed93bbe7212ab99d0eefec0b5b7b9b4a0eb54dec52e6c768a34d7d27074e0d1b34fd4e5858f0c7390327db6e73f45b595a2b2685379c20894ad44b002704dea8bf3062a2d6f2e61fe034af85c650f8b0dc09af0911deecf112b80496d73e4af29b86f97ccf533d7cc1f7815b94e0fe6e48f0814086b9907b8113a8dee098d426253922e75dfa5a3ed45ce0159803bd82578ecfde5e0b9b9d81d7e19bdff6a091c6d44e90f2a3f3625dfb255e0f4ba3973ac65a9f8a76266c1a7a3a6801948133cdd4d1c3c60855851df4a4379bce7cadf6cb08b1885a055031d874a347ace96e5c37048bae3dedae7156e20e3a6a4edcfeba53eaf5401149e6b7d2106bb39547e853ee33f760dff6fe9feab82a7566086b65aa597becd7a618ee3a34844f9558c260a995d314b1c56f04311c538bdb322e8432d375813f38187dd73cd6b292d6e0bf691a756e2ea923a9d9e87aa1de07afe51ae69bdae08497c247b0898cb6930d3e6a6bb522cebaa9b020655f5776e870ce5fa30d493632d7a2b943a65e2bb5e2b6ff30c468d1aa9d97d17f30e6d7ddda87c0bef78008dd96919331a9a77c210ed92803c241bbb3e49f2e5153d1dd6d498c4fe47038385705246144f8d6b1098442ef277ac990aa3f74edf03d53fa844f15fc575400edcaa9e527b10b2d557695e2b05efb8084ed784cded6643b9e1a50edcd40917e3745f6370652ded5c5a6a581b1f4a7df66a7a9dfef4e1080ac27214b6a55fa64b0678994103efcc2e1d55a9338954fe3cce8940d61ca789f01389693581eafb4348208127f2e389b715ed344116c1f2207db651d3e49a7e2eb483cb2a81f98672ac0342c6e1461f4f4bb9b5bcc4c015577ff6483cda32c14d6c5485b2acd427c9b720816d727a36c62abd5cf16a8a3d482396ab3113d37f1a785e1094c36ccf4e21c8ee8a808841f9f970e3d3aa7a1edafe90246275992a258483aadd249e2af42de6be926058f9ed468e443090f47bda50a5e86700625e744f9fa058365d11b4521cde843de99018a1fcd71fd5a41ae3fc22789fabfc4c8afad0555c11e6a971e06b569d8becd04cd64ee9f8ecff494e085311b8505ae827cf06cf0113c6ace4b7111d447f0d2a1c469fc030f206e5fe9ce5c2ddbbc0d6960e8905344c0ef55440eb118a0b967520d5d6fab1f064c8d52b5e8ea10a98887786009272f06bc306bfe83373da9fd4d3ac39c2ae6af70786e19502ee49889c7fd501135a53828d8fb80edaeb851e2c16d9925f1f10dd1f441fa7639332ab38eae912018929c39d30caab731efe7ffdad898355a23b194fbae05c658c112ba52173f7c1913c672927247bb59f6b0e6593565869519877ca159ec8e9c5e855cf687453733f616587df08cad07ca165451ad27b0e93657ceb2b5d2c9af5784b570df54a78e20e4ea4a7bd663bacba45730e9be763d698350264af295e3bb3c80aa6216e13e840ef82cebe5b9a2608dec5f8bf1335c278c060b788af60fd47544dd36137fe85a53315c1a93b373eed6e952e006db50a230417432bc4b9fff14f5056c5e4b3cfbb08473c358ecef4cff8f5e2e1de1cb1bd6e612d805de72755e2a99645c0ef680d10420dfe7ad706dd15b7bad47f359daf52be5c19f8e5f6920f0f3fa043c8e0090b216865a1ce5577bc624ed71d53174b1be31ae61b7f57b97dadb23054aed69cc28bfbbe232246d3307af0db28b3865252bea81d6cb88fd12c5bd1e8dc0b1525c040813520365b401e1cfa25d044ddca9eaeab75b3fce3502180bd78e30fd20035cb0cf34cb61a7eb945507ed81d225c2d28a338e1c9b145e56bf89246c58874c2292f4b6dbcbf94acb65135669ea4ddbbc9d373a7c29a8866521598606c6c208a74b2d366339de6d86ceecf3856d42abf1612e321dbe33a3af890ff55c9c6f1cc75f7af826244ebc19b26a5aedc9fcf0556509046471f4fb81fc4e8b1e030786952183f9ea166357ffff03505f1e26ef20fdff2c15893c6b4acc544d9b381aba4a6fe482b83f08d082fe5159bf5b945d2e14cc6f342d9eeff33e94f6a9044820e21a303198f59f68d5059ebf20218cda3486d90c0116bce70b050f2ee830708e0e277b7f8583daefd43356448fb1bf34505602899b469077908050d265a6da167ce7856e8d2fb634ece0941ce864beb4fefab6859d8c84523dbb8483f6a5a8a85544c1fee8034bfaa79c251fb975eff3ed8c8f83433a41563142ba4a8a6ff09649ad29e44246400cd802591a7f3d2e80bb5d2df6e5cace93ee66239481a6522cf67d3781fce9629ae499478632b61fcf33125210ebd150df668bd95b8971c8e51d414ab2a6c50fd15b0dfd81e7459f0d820dac79f9be8ba82536027348a971584b4b81a2aff45015ce3ac32f9e4d786c2e8d2c3012a743fdd5ff4c9c96ab1c18c0e16db94e812d1e3e115c86b1c4db2e43ba200ea41e43ba024951adb5a0f2910b147e868c7ee81862a84cf278c3359c73cfb6f9ceeeb4cbe3de3782d29052714ae6a01f7ee2b2569c7e023613ea5888582b494d53f8b781000fe5df0a4230d774baecf8b9facf9c014b6e1fcc5bcac492e72b9d77d52611b7c619e5d11bd1e40bf0ee92f9073c2315e3afce886709eb8100f859a287485808bf909a179f407b418a91e9588da662e8f643b566a76934a739fb442d1137b94a6dbda3deba02426237c93ddcd51c2c4479d23335c74d8582547bc6dc5f5b64f2a493f458a94e3658bf441fb3d82c0277123987e08b5562c9798daf60e3a80faede202fbbfd5a3fbba985425461635db0305a3a66839b618dc9e5d23b337caf1a8cac6a89b94b705fc7a40a15077643b905a9b0bbec90239f0a30840fb8ea32d4b6e5d83a937d700c68427f28c7bf47ba3527f6ee66ed70961755d44d0dd2a5852164ab4a5c1b3aa2885ce232e3619c969ecf15f0972c655e4dc6ee0f76e1ca91106a56403ce9d8ec0e56a12152c50a450e1aa9a78040224a0e8a79d9897eccb376b61565627d86c3067f758968bc25389cdc78fec6543f7608102f75ecefd42e7d7a3a5b1f5fce897928d357690bef456f8d7719bebdefcee1cb0c681e2b5d7efeb46ca3366d9722bc38ce0d2c5c33674bcf03318739f99386a629da827c1a789aa6bb3e32b84beff10b7a88c37e8c98e65462e5dbbc9d421dca6123a540c9e9898bd3bc3f78b8a2d88c9ca73b14c7ad181e83a018c6dd8e0c41adc8a0bfab79bb88e25a2d44eb6f20bce0885fcea86da7d68425a2ffac0d289865166cc5853706c1cea1fa8fbe51f3c0a4656a2c00c6d1a82660258a5ef4c296f10086ad63d5f83c84b6f3383779ccc4436cf78f4472de12e31975c95d98a2f8159fd61ea8d88c90ed39f9f19b18ea2df95c8be00b3ac5acc9ffcdfac5b20c53c37e40f9bc352e6bd6cb2fadc8fa62f0ca2a3578f12f8c8d369625d3e2a5a51690b88d7ac3b56f555e82fba2b9e0ad84c403944131311ebd4cc3ad11eea82b05eb55457454f307d5d6a272027b8425700eb780e56500bc501d6297775f75db45288bc07cc8ea469a231ce81e1ed50b5b97363fd18543bbccc1aaf9b50b1d2e9f58ebf290077c410c673cfe4f2f9cc21c0585f4a326bdb343697dbf900e54ecc01dc4206f7d769dc792717fd2bb45827afcc679ca85c5813138424d6c1d8847d60bd7d209369d634c21dfbb95da26a8dcac0876ca56797fa8f8615726c731ba50c40c472a640b68b64d7696f5c5c5db1220ed4f1dd8de00738f54277a97b26ece6af72f31753caf60e7261b089d5e0eee96b6dfdd805af4346c7df794fc16b15100311c000a0189e2cd638ffecfe10c5637f37d87cfd1c0090ceed31decb86b175e4d726104a7f73422bf4133e4f517a09f44017abce1cf70d4acf6b188739454e5eb975503d28af6ab3cb265f0d89ebeac8197afb22877bdb3e1dac7dd009017b3b5619d4084081860080890e7b745fc9c75383607533b444dfe66f7d2a642fbf687f21f2bc1646e71ac35fb700f506758d142acf853daf0ad7e3e1d24c90ff3aea21733a40f4164fd67cb060ee604e47d36fc99b65eabf6fc3aa69913e67846954cb8224411f2620315b63285e7feaae923caef981be1ecdbf07642f2fe6e40289db2d454efafcf2579e3d5dc8b730323c513300846d4c5d11ca069fd6fe50fff1d6443b3789788fb6fa62f1ec8eaf4bdf7c06072e8247d0c433cdd9762e911e61e0226605c72ad4306e07e26c6d66473ea2d8d9bca54b123e0aa06e5e158eb1ed03dcdbfeb5da64c044abfabeb646e8f2b549874906fc18cd100a51b95ef3f772a0c6b55218dd640af8484b88a85541b57f692de6f4144ec1d29f73902cd2141e1f99d290f3911f6bff0d27c081641a3777d571fd81181d1191385615b5478f3195e0b974eee0e1d958c5ce23024a729de73ac776fdc130fe71cc6133d856dc07fd6f405f75b1323ea89c635d6027dcc99ffdedff7556befb2b5c48772b80c7f0993386635d3846e5bc3219885795b06a2583899e620d81162d5f15e14518eeaf5de59cd7b9306a59ca28a90963c910865d7cabd33218ffa42866d60c929aef0f522246bdb9e71f3a338f2a372751a0f253beb0460dff2016a7178209585416ba32b92ba4b3b4bd74ee94754e4dfefa1eebdbe18b42fca14339946d65d3c649f9b3b6eaa0e832d251cdfd09617fc1722f4b1dc3d252a9ab513bd614d23a1e3a19db8fb4ac59364042d410efc40b35c65436cb67ef8800dbeed617956105d0c3d4adc7139aaceccbe937f146e001a010a9ac910341f0c91eff86d696d7247d85c8b7bb4207f883c1b1888047d592a21d308a5ee57414ba9019ad25c6c78c1f905bea91ba04465d70815ae25c3e7ea00edb1b68b9c412680f2ac68f7faa87917fd2de60c47eb4b1e3fdc68e4e75308deb5d79f84a879628f414c35b66108ecd1edb0882bdcbfa524a5a0751c555f7402d2cbe4ca304dc86a6269e63bf101b2ada7b20980caa43ff56be5404e03a39"}) r3 = syz_open_dev$hidraw(&(0x7f0000001140), 0x10001, 0x111200) fcntl$setstatus(r3, 0x4, 0x6c00) r4 = accept4$inet6(r0, &(0x7f0000001180)={0xa, 0x0, 0x0, @private2}, &(0x7f00000011c0)=0x1c, 0x80800) getsockopt$IP_SET_OP_GET_BYINDEX(r4, 0x1, 0x53, &(0x7f0000001200)={0x7, 0x7, 0x2}, &(0x7f0000001240)=0x28) r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000001280), 0x400c00, 0x0) getsockopt$inet_mreqsrc(r5, 0x0, 0x28, &(0x7f00000012c0)={@local, @empty, @multicast1}, &(0x7f0000001300)=0xc) r6 = syz_open_dev$vcsa(&(0x7f0000001340), 0x7fff, 0x400) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001380), r5) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f0000001540)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001500)={&(0x7f0000001400)={0xd0, r7, 0x10, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3, 0x55}}}}, [@crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x14, 0x4c, [0xfac05, 0xfac12, 0xfac0d, 0xfac12]}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x9100}], @NL80211_ATTR_PBSS={0x4}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac0c}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_AKM_SUITES={0x8, 0x4c, [0x4]}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac06}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_AKM_SUITES={0x14, 0x4c, [0xfac0a, 0xfac0c, 0xfac10, 0xfac10]}, @NL80211_ATTR_AKM_SUITES={0x10, 0x4c, [0xfac07, 0xfac05, 0xfac14]}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x4}], @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @crypto_settings=[@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x7}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x10, 0x49, [0xfac05, 0xfac05, 0xfac06]}, @NL80211_ATTR_SOCKET_OWNER={0x4}], @NL80211_ATTR_SSID={0x19, 0x34, @random="19ef7b04cf44f63b27e84ca6f40092f9b296b77f35"}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0xd0}, 0x1, 0x0, 0x0, 0x44000}, 0x801) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001580)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) clock_gettime(0x0, &(0x7f0000005e80)={0x0, 0x0}) recvmmsg$unix(r8, &(0x7f0000005c40)=[{{&(0x7f00000015c0), 0x6e, &(0x7f0000002780)=[{&(0x7f0000001640)=""/4096, 0x1000}, {&(0x7f0000002640)=""/40, 0x28}, {&(0x7f0000002680)=""/156, 0x9c}, {&(0x7f0000002740)=""/19, 0x13}], 0x4, &(0x7f00000027c0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}, {{&(0x7f0000002840)=@abs, 0x6e, &(0x7f0000003b00)=[{&(0x7f00000028c0)=""/235, 0xeb}, {&(0x7f00000029c0)=""/37, 0x25}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/10, 0xa}, {&(0x7f0000003a40)=""/152, 0x98}], 0x5, &(0x7f0000003b80)=[@cred={{0x1c}}, @rights={{0x10}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x110}}, {{&(0x7f0000003cc0)=@abs, 0x6e, &(0x7f0000003e80)=[{&(0x7f0000003d40)}, {&(0x7f0000003d80)=""/99, 0x63}, {&(0x7f0000003e00)=""/14, 0xe}, {&(0x7f0000003e40)=""/59, 0x3b}], 0x4, &(0x7f0000003ec0)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000003f00)=@abs, 0x6e, &(0x7f0000003fc0)=[{&(0x7f0000003f80)=""/41, 0x29}], 0x1, &(0x7f0000004000)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x110}}, {{&(0x7f0000004140), 0x6e, &(0x7f00000042c0)=[{&(0x7f00000041c0)=""/213, 0xd5}], 0x1, &(0x7f0000004300)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x68}}, {{&(0x7f0000004380)=@abs, 0x6e, &(0x7f0000004600)=[{&(0x7f0000004400)=""/110, 0x6e}, {&(0x7f0000004480)=""/77, 0x4d}, {&(0x7f0000004500)=""/199, 0xc7}], 0x3, &(0x7f0000004640)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000004740), 0x6e, &(0x7f00000048c0)=[{&(0x7f00000047c0)=""/225, 0xe1}], 0x1}}, {{&(0x7f0000004900)=@abs, 0x6e, &(0x7f0000004980), 0x0, &(0x7f00000049c0)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}}, {{0x0, 0x0, &(0x7f0000005c00)=[{&(0x7f0000004a00)=""/255, 0xff}, {&(0x7f0000004b00)=""/4096, 0x1000}, {&(0x7f0000005b00)=""/217, 0xd9}], 0x3}}], 0x9, 0x2000, &(0x7f0000005ec0)={r9, r10+10000000}) close(r11) 00:01:04 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0xe}, 0x1c) 00:01:04 executing program 0: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000100), 0x6d7cf708bc06516e}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = getpgrp(0x0) pidfd_open(r2, 0x0) perf_event_open(&(0x7f0000001540)={0x2, 0x80, 0x9, 0x6, 0x7f, 0x4, 0x0, 0x26, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x74d0, 0x1, @perf_config_ext={0xfffffffffffffffa, 0x2000000000000}, 0x4002, 0x7, 0x1, 0x8, 0x1, 0xe5ab, 0xd206, 0x0, 0x7e, 0x0, 0xffffffffffff7fff}, r2, 0xb, r0, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000080)=@fragment={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x865}, 0x28) sendmmsg$inet6(r1, &(0x7f0000004d00), 0x400000000000070, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f00000003c0)={0x0, 0x0, "728f06e1403e29e59a2fd0106c237cd8af82bab25a1c717f333a97f86835084365c6d04e197249ef4928a6bddba179a4d2bd49994929201ddab9e0d4c484379128c2e91556e72804c5b31a762579f38341176ad50095d3b0cbfa370da617551a6a6c8e42f91a3a75012f7f55b54397e300a176cc02b34f1dc44ca43e4cf74f61f65ad179009b1cf0a13b71c1700d7eab96fd24e09be3b4abf976865369865573bfb79112bbb4ba2d8e50cef461731f2e3478d1ec64c4af5bac0976b7adae7d2a3b7707a8afc516d8854690b0980ea2c7f172eb1b4321e30371346100bc5911e273905afdba14af6aa1f8d9004fb7c91a21e70984f5977158c8a097ec18a16cc6", "71f201181a81fe3c035ca9fcfe5bf272be0ac9d4c92b1d447a14b1d6e416c0d548c68416c5d74fac4adc5b33c677371a2f29acceae795a2f974d3697677576c6c85bca10b491fbda56d947448e5ff5ec5781ca557ebcc9fe5a07c330ad3295abeb030f576d4bc38e638828be00e3ec19c44cbd9dc009299449ac1a0f3fcf7474fabe80bfb3d6c12652d40c5bd0d48866bf6f5b100802f9776bc240b09efbdbc4d5c795f48c94dc931bf17b25a53edd97f73c6985458264bcff7ba21c9a8a45c3b2d2c1600c4c334da349324e4d2b0db6808ee34da55df0ceecb2a2f236a258e132fb85b33178e429c242ca62d2837e9da6a7d175718c237e2e2af1b55af7ea7376ee417588be6d20e6041507f1734da87f766d49569407ae402a69a3b7ad482c3274857586078e0b109900f74a5aff78452b6b4cd659a8c55c9ed211421a1e52f52025949bcd7eee97cc345fe3f5bdc3f82ef909f95a4da931f5ad5eb61e66d62c96aab0efae8cda6b7d849ce030ed480607758f8ba8e2bcf799906c24c6b43b333695ace7e9b0e66fea26bee2fc190ebd24df9e996cb695ead70c9e8393bd9ebca79860d6bc1c6f9ce4b5c4f1b666b0c56b9a45bf87ccea3a3246968f11cd1f911176df877402ba724212861d3c0112c56622df2458f172999a989345a7fc87b61babd4efe1ceb13efa304e8933c7387d15b031ada7ff389349973d22891590585a61ff03c15a17dfa24a1fead2c9d6d83b9e9c21923425cd95814043687bf557458d46ce9d25b8474fcd319529986470545888e6ba698fc769aae36adab5fc325adad6eecf33a9141467ed332a24a2488c927d5d3c656b073939fa4d651d2eb6f946138af8975105daf2acbaa99124e0f66a74dc0cf207ee1c5468b2a005350e8a1e3b66da552c9853cd57e35be1e364df04442541194733a6828e3459c3e2698834932f95460c6f321b9afe797f151f87fc171ca0bb7777601562f7866251b4d4c3089083162f7263f147797c2b916c4eaf37e9b0084b678c52515692b0fcd04625d5b5e67e4446a6f56968cd0ebbf7112cb3d6e95839747faacf4a64f89d0012093cc58a3b1b290e6f3d7cff210cccc2e0a682687e5a9282bee5aa30957ba8999baae955dfd76effe3ce6b511efb843b9333a3be6b126ae94103d3ed0bca60f5078a01cbe32cd191cc7c67e8785ba404cf4c63114e61d306cac1e51d9e9b918a011b3ccb5c4b701c402a6e9b0d9da523429da892a7d77c6f7eaa5a02d5c399666bf07c6a1703a0ee139ec2b2184a607ad7f5940f9fb1ca6b64107201aed6048a74a011a42fb01367056683f21cbb1062912eed7d3e78021c90d2b9644facabca37ecc5a97a26f5fbfcf692e4cf68582a644eb1723f0dc902cf160d2db85ec701fa9620999778358d4b354e6fa06e20b0e4be416c7c681b524479fd266ccb638f710270f359f51e29449c86b015bd089a57c9c49274764d6fa5fe4e491fb21e43a2681b8422f09ca408dc21ab435be1cb79c002dbc779710793287667d8d4162f0f82147170aa0c9b38ca379a2688e01026b5310003767569cfee067c78d0b60503d30dbe282d031e25b494aef376d62f2723ad70f029e0f15c8492e99064e23269103acd4aee2649a013d3f3664517f1ee52abe5f9df6c4bd27e7978af4ba43b50c5c4c7b8b4c63258973a96a4f7639708d2dc771036e94d6252cba021d2b456751b2684ce4453f4c94a7b4a8830a2163e13f9b8b068434963af96971addf27765ca28069fd760965ab272ef111d3dcc4620d739e1ca1eb71b808e115109f6554313538878eb9a37ed42f37c3c8c525fa68da22b6ad055348b3c23e801c992cca3e84ddac2e6d93fb61e7b79db8b00cd7a8b1924cf897deef65f6ed1a714a106a02fa6811f0d1f6771fbf68523d0e643e3e66c6dabe42ab76b822f2f37269aea4dec3f6c1b2c85e4a64bee2788459396ac863b8c18bbb0c203cfe52a299c1072da10788d485e28c4c0c7d5b0e5159f75650dcfa6dfb5d8674d7301debdc63b1f7bef1d8f11cb7039c83966f2d3534f7487b3d713298cba90f43eb4d832368164b2449d38c280532a77d1edd83dc6f6f7f41eaece5c4ab3d19f234c500d21960d07ba7e11bb515757e82661afe27b57ca6cfadac8b76942c5a7ccb421c616a7b26c57c507e9f432241d9f73abcd616b8784319092017a082b09a6a64228e756894c6c371d515fcc522a1e21f2515af4f61a545b8ce78be9a856c44c34d8a38dfb639a24b09d0417c92345cf0e3fc8c485c5e29b23ea3b6064e16e226350865f574553d9c562ca0d6f53f13344ed40c1f2b4117eb4e2699b2ae3f4950dd9a78935ffc70a5e7cb460b89e247b28850b678932dcec3f07ba65bced372fae85fb45aff87a7f4051ec511032840e27669ed762d5adef200686343f28ceb5dfc289595347957200402caae04588eca84f0865a9875fb58d62a372afae09ba7e3d1ff960082eecf9bc829453e57216b3952513855fb29f78f0289c2ad5619e11fa87b7a88f31c1927c7e9c9b5ce163591829adaf8449cfd63dd3419576e83f947e82b8e1a3abb65fd6546fd27685f12f73cbfe949d4525e78694a92f01c1b53bcf44d159c1435afa644822435ac8b45e51156fd31c3bd4067bbbbc334ab1572117351e0799186b140e85724ea6d4ea5eefa2e606e5e87f4496b8fe99ab76da340e800c64db01eb409abca852495f6e7099da7404c118ecd9e8faa356180cf5233c271207b9d95e0b4d2722d7b8e3bc527f6b3f289564e72b247ba3bc9361b4464e0188244e141a0b4c8b6bda8b16f63e24562006d982218abbf0eeadb02bb316445f7b3fb9ffedfdeb8a68337684ba9f94dd955f6dd8d5ccae94eae1c7e651d47ad1448f747d41b143616164633b5371654afc3e5b6745ea1f370e90d911ba958f9a8e5ff32181925691fdb96664c17c5a7479acff517912a989250ef5c2d5fe510ad9054f1b56e039deeb9156637098b7270e3e539b0b1264a60dc9100fe97b74f8c8dc2be142bdfaaddfd9d2bd5c248383bca23829aa6c8f17b07cf54d171346462c32731d06d1a4620a29b7cc692b8f027627b9368dd3cc8464fe179693461426d5d89fe6c989deffc4c69ce71a35ec01add7e954fc4846ae8b0445da460dd8dfc3847c6f294af532eaf6adc7a6a2860ff43c35cdc9fd74e8b64ecf2023d0e5ae8c20cde3e19e3f1ba98cd22c533921abe8ad1ca53ff5b85146556aa5333f9bd98c8dd9ed1826b8ffa51d65d50eb87251331a3c649d473877a08933191b16fbbf9d43d3ce678517c9175419c5ba099ef54316bfa8aee335c940acc220e3ff9c54d582dbeb4a35953ddc0b810c766b24658f39b8ef934709d508c1f3f4756b206ecf9e70152e879100416aaa736802a421a84c25fab780903c4256c21151daa63b645f4dee8880c0ffe92601e67d8adf44dac97798058c654d910cea6d08396f605c376a1430f11beec8bfc7cbf4e45c84faf11373ec44449a330e78f308326b0a0846ef54680bcdb9fc32d9303836afbee5a96dfbb3bf02f4cb966d87fbb4229374d03d210e64b91d3b00ad3d91bcab5ab24d38b9bdc998e271c299c84f906034b3a1877bb18d1cdb28ff3827f8b2abda0122f1c1183ca15cbb397f1a1c5cb9fa76812f5770ead3a3512ca02a573f6d1cc577c6f45822760677c87fccdcfe681934fd16ada69a6e9efcb7307dc077dc31b3435ab0b8f8ca801fa4f2d2e1f13c69f404b6f9a0d6a86a3a6cfc4666dab61cad2b05b5004dbe9f911b7c6509f79d33819c6ea78c0e118ef6a8bb838eab4f20e864b1c600320ae60edfe9d7e4cf95b8492ae4ce793e6a51dfe7705b06c0607d9fb0d37527959828b7d8ceb14669dd246025d35630e7f1247305cbd5178bb527ac406f9ac0f7237e36f180f0447f7cdcf059c673cc58210d1d8363d6b38ab698ba2e06caf4dbe81d1b52964083a6e38032513302429bc85da90da9b3fd3b910d0b9df684c3f83ba7df6ed97f34d0916f5f7e911b0b0e6f8c53690025bca36cae37ac4ff854e4d28af1204dc3fb3deef93c925aa793973d20924af4d305feaa51c751a355a25fecb5f3675d64bd5c5169bf8d3072d670f8709d8479008a5342708331695341d84e49f46e85175d6199535f80f96c3b1817d6f4aae1366ea7ece14940451c8bc2d7513ab8c99f822bff24a3c450fbfc9670e7f18fec6043093424f10119781582147313d2dce5c7262f301c10c601fcb895da93624c37b4eb8a857186208bd6c124347b36171cb0bec71987fa2ff81b81f70da537d7fd7b23c357a568f1cbff32a6b31908f16b1022eb13d0254237bc0fc9b1dde31d8b25e02add7246c41f468735fb6b2201b2e668469a53fbf15f9091b237dab89e12b5e48f7719cc7944da0e023a22c0f1fcd9de36e17f74cd5e5c0d010d8a9f5edf80a697a047754c17702c7aafe32c12446466325df34ecc55e2be3a14b42c8e55176837538bb04e49af78ccb4aa1c9e955d444eb9f1b289d93e157ba0759598dd57cb7e5eca2675528eb21e8f9f7377bd34d7c121df5fedebb7f960d3096b358a175f5db367fd7408f4c7168f8be462cd5180722929a7fbb94fbded4edf101942bf7d42dc5c21c5c74fbb5826f50fc7562e511e0c22df2ead99e84f1add37baa6c8ffdfaf7e38c1302a256805ec8f0fbccc10db0d818a366a0a6a84859b8963f72c70a08bc3a39a6acd5438818aab9464f403048b03459df50738aca90136f7183d9b90f3dbc395b257b310e8285aa9e29132c080d0e040469dfc1b20be8597a4879077f10f853fc139442b1d6021e0e2856426caf27b778fb3398923bd8cdf0f80f6733dfbe9d3904d1d661a838eabc326a9d896d11ccb5a571e041f1daa425b38caf3856541aaddbe119f6dc1c259931b46c4baf125ce08eaccd3b1d993477cbbdf28887383b5904aa3af543a66cff2e668c91c4097704b79ec38b31404e5ec2194f0f55b92fb3d929d06e2bd652876a458d1a25c558d01df66924cd1d64536fe1b33684c67fcb970713a89d3a7d63dd1c8248273cf34bdc69a0c5a94d8ef52c50135cd0f9a024bec1edd9757786e2a1d5ba1bc9b8aa59722622ecbe4d6e2484f7f88761224d074b62b6c28df1853a7d705b518ed0abbb1344ec0b52000582506558966e8c2ac407943b03528aff1a7c772a4471652bdfbd102f508017dac06c2af419811b69abd17e935f445be3ec678c690c739ec496322005540d221a161a7b520f1634b61a668595926e00fa71b396fac72fa329f06ebc01f2a0d1fa1d939b2e70c303e3d3f34647bb6ddebd8abe2ee3d1cd740d8984e85b86480c9bbe65b1ebb54cd8fe120c345a1e2d0b39a42316f4de2a7e46b39520d3d7c775642804122b79c"}) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000001e00)={{r3, 0x7, 0x7, 0x2, 0x4, 0x0, 0x1, 0x4, 0x3f, 0x5, 0x7f, 0x8, 0x9553, 0x9, 0x7}}) sendmsg$inet6(r1, &(0x7f0000001500)={&(0x7f0000000180)={0xa, 0x4e24, 0x3e, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x805}, 0x1c, &(0x7f0000001440)=[{&(0x7f00000013c0)="bdfb58a2562c3806abd026b6b49f3bf22c8ce18f34b48d7199e9383fc865bf8d120ed30d24f5b22352c22a4bf27bfe3ed0e95ec606dda8c197da92e886afcfc507c5", 0x42}], 0x1, &(0x7f0000001480)=[@dontfrag={{0x14, 0x29, 0x3e, 0x3ac0d872}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x5c, 0x4, 0x1, 0x1, 0x0, [@mcast1, @private1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x5}}], 0x68}, 0x8000) r4 = syz_io_uring_setup(0x1841, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x0, 0x0, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x50}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2404c840}, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x14, 0x0, &(0x7f0000000000)) 00:01:04 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0xff, 0x40, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000180), 0xd}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f00000004c0), &(0x7f0000000500)=0x10) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000080), 0x4) shutdown(r2, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000200)=0xffffff01, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x8, &(0x7f00000000c0)=0x6, 0x4) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x31, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0xfffffdef}], 0x1}, 0x10044001) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x48901, 0x0) getpeername$inet6(r4, &(0x7f00000001c0)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000000)=0x1c) ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000380)) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r4, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc718d3f00"/15, @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf25410000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f707300000000"], 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x44040) 00:01:04 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x8cffffff, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:01:04 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000340)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x40000022}, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000080), 0x4) dup3(r0, r4, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x40012, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd_index=0x2}, 0x80000001) io_uring_enter(r0, 0x8058ab, 0x0, 0x3, 0x0, 0x0) [ 1764.886189] loop3: detected capacity change from 0 to 262144 [ 1764.890469] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1764.891841] FAULT_INJECTION: forcing a failure. [ 1764.891841] name failslab, interval 1, probability 0, space 0, times 0 [ 1764.895088] CPU: 1 PID: 11190 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1764.897005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1764.899322] Call Trace: [ 1764.900053] dump_stack+0x107/0x167 [ 1764.901061] should_fail.cold+0x5/0xa [ 1764.902117] ? create_object.isra.0+0x3a/0xa20 [ 1764.903406] should_failslab+0x5/0x20 [ 1764.904455] kmem_cache_alloc+0x5b/0x310 [ 1764.905564] ? lock_release+0x680/0x680 [ 1764.906685] create_object.isra.0+0x3a/0xa20 [ 1764.907731] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1764.908930] __kmalloc_track_caller+0x177/0x370 [ 1764.910020] ? kstrdup_const+0x53/0x80 [ 1764.910976] kstrdup+0x36/0x70 [ 1764.911743] kstrdup_const+0x53/0x80 [ 1764.912634] kvasprintf_const+0x10c/0x1a0 [ 1764.913618] kobject_set_name_vargs+0x56/0x150 [ 1764.914720] kobject_init_and_add+0xc9/0x160 [ 1764.915746] ? kobject_create_and_add+0xb0/0xb0 [ 1764.916837] ? wait_for_completion_io+0x270/0x270 [ 1764.917974] ? kernfs_name_hash+0xe7/0x110 [ 1764.918993] ? kernfs_find_ns+0x256/0x380 [ 1764.919971] sysfs_slab_add+0x172/0x200 [ 1764.920919] __kmem_cache_create+0x3db/0x520 [ 1764.921966] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1764.923172] p9_client_create+0xc6a/0x1230 [ 1764.924183] ? p9_client_flush+0x430/0x430 [ 1764.925159] ? trace_hardirqs_on+0x5b/0x180 [ 1764.926179] ? lockdep_init_map_type+0x2c7/0x780 [ 1764.927371] ? __raw_spin_lock_init+0x36/0x110 [ 1764.928466] v9fs_session_init+0x1dd/0x1680 [ 1764.929465] ? lock_release+0x680/0x680 [ 1764.930424] ? kmem_cache_alloc_trace+0x151/0x320 [ 1764.931573] ? v9fs_show_options+0x690/0x690 [ 1764.932625] ? trace_hardirqs_on+0x5b/0x180 [ 1764.933635] ? kasan_unpoison_shadow+0x33/0x50 [ 1764.934718] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1764.935910] v9fs_mount+0x79/0x8f0 [ 1764.936753] ? v9fs_write_inode+0x60/0x60 [ 1764.937715] legacy_get_tree+0x105/0x220 [ 1764.938691] vfs_get_tree+0x8e/0x300 [ 1764.939563] path_mount+0x1429/0x2120 [ 1764.940476] ? strncpy_from_user+0x9e/0x470 [ 1764.941501] ? finish_automount+0xa90/0xa90 [ 1764.942546] ? getname_flags.part.0+0x1dd/0x4f0 [ 1764.943649] ? _copy_from_user+0xfb/0x1b0 [ 1764.944643] __x64_sys_mount+0x282/0x300 [ 1764.945605] ? copy_mnt_ns+0xa00/0xa00 [ 1764.946548] do_syscall_64+0x33/0x40 [ 1764.947443] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1764.948659] RIP: 0033:0x7f535d26eb19 [ 1764.949558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1764.953953] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1764.955783] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1764.957496] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1764.959204] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1764.960919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1764.962634] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 00:01:04 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x48}, 0x1c) 00:01:04 executing program 5: syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0) sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x6c, 0x8, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x6c}}, 0x20000801) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3) syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2) r4 = socket$inet_udp(0x2, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r4) 00:01:04 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0xc0ed0000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:01:04 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x3a79, &(0x7f00000005c0)={0x0, 0x1, 0x0, 0x3, 0x0, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000080)=0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @multicast1}}) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000004, 0x30, r3, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x7d54c3, 0x5) syz_io_uring_setup(0x25b7, &(0x7f0000000540)={0x0, 0xf22b, 0x20, 0xffffffff, 0x3cc, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000400), &(0x7f0000000240)) r5 = inotify_init1(0x800) copy_file_range(r4, &(0x7f0000000180)=0x8, r5, &(0x7f0000000280)=0x714, 0x0, 0x0) accept$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000640)=@IORING_OP_OPENAT={0x12, 0x5, 0x0, r0, 0x0, &(0x7f00000001c0)='./file0\x00', 0x1, 0x307000, 0x12345}, 0x3) syz_io_uring_submit(r6, r2, &(0x7f0000000200)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, r4, 0x0, &(0x7f0000000440)="a5648e4d695b2551503cf7f8c076df64d065721731377049196fa5b7eab4da39106ece58b6c5c0f2f8d562b5001dee332a81c37cb91dabe4baec880fe68804965ac57c31dcfd0349e6ad16b81008158f3d075cb16d0214003783fe9f6b7c8afb540f48679c00efcedc1a271442e1edeaeb7c290085b455ec2f363a0ed5800b0d6006f4bba8f404763cec7500218f59851688a60651031ea939a3c59fd10f8dd0fc610c23fe940efaba7181c332c1edca6555e909984f4cd1baaff953b93c97c4c8c7667e721e9c7c18fa28ff315b4772edacec7806fadc4a744ef883b84e3aa4493278bc650407bd81cda70d", 0xec, 0x40002041, 0x1}, 0x4) clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) [ 1765.023821] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:01:04 executing program 7: sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x2400489c) sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x4, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040810}, 0x800) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r1, 0x2, 0x70bd27, 0x25dfdbfc, {{}, {}, {0x18, 0x17, {0x1c, 0x1, @udp='udp:syz0\x00'}}}, ["", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f00000006c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000680)={&(0x7f0000000400)={0x270, 0x0, 0x0, 0x70bd25, 0x800, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1}, @WGDEVICE_A_PEERS={0x24c, 0x8, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "9962e198742adc7522bb4ed1b86f0fdb6456639f754e87a46d07b47f10f86058"}]}, {0x180, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}, @WGPEER_A_ALLOWEDIPS={0x174, 0x9, 0x0, 0x1, [{0x148, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x3b}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x3}}]}]}]}, {0x5c, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x8000}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "fdaa2cd4cf37efcd9bd219fbb92269228de32904f92efa5afe98ef9c838d9f00"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24}]}, {0x38, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1aebdd24803674fae4393598a499ea0352bb51757e27774648582e55dfc1f009"}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}]}]}]}, 0x270}, 0x1, 0x0, 0x0, 0x4000}, 0x8000000) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f0000000700)) r2 = fsmount(r0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x12) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0xc0004000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x5c, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x40}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x50}, 0x80) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000880), 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x4c, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_LEVEL={0xc, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x1) fcntl$dupfd(0xffffffffffffffff, 0x406, r2) sendmsg$NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f00000009c0), 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x28, 0x0, 0x4, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000010}, 0x80000) pipe2(&(0x7f0000000ac0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80c00) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000b40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f0000000c00)={&(0x7f0000000b00), 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, 0x0, 0x8, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x805}, 0x40) sendmsg$NL80211_CMD_GET_MPP(r2, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x5c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8884}, 0x4000044) ioctl$BTRFS_IOC_QGROUP_LIMIT(r3, 0x8030942b, &(0x7f0000000d80)={0x5, {0x1, 0x1, 0x5, 0x0, 0x82}}) r7 = open_tree(r4, &(0x7f0000000dc0)='./file0\x00', 0x81000) sendmsg$NL80211_CMD_REQ_SET_REG(r7, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x802002}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4) 00:01:04 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x2400, 0x103) [ 1765.169147] loop3: detected capacity change from 0 to 262144 [ 1765.192661] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1765.207249] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:01:18 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x54}, 0x1c) 00:01:18 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0xf6ffffff, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:01:18 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x4000, 0x103) 00:01:18 executing program 7: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = msgget$private(0x0, 0x0) r1 = msgget(0x1, 0x84) msgrcv(r1, &(0x7f0000000040)={0x0, ""/56}, 0x40, 0x0, 0x2800) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000004000000"], 0x8, 0x0) msgctl$IPC_RMID(r0, 0x0) 00:01:18 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000480)='net/anycast6\x00') ioctl$sock_bt_hci(r0, 0x400448dc, &(0x7f00000004c0)="73780b80c8e2b3f7cd6b662c122064d0d77def2685a315dc340fa84d7ae041d657ce53d799b6b668a6beaebc7dfa1c1d8faf813cca7fb00d28f9148baea1b9466977af5dc0ab06d85144f5bacc17e769f729c4f827e12d") r1 = fsmount(0xffffffffffffffff, 0xa9ca3b33d30a9f61, 0x2) ioctl$sock_bt_hci(r1, 0x400448e3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f0000000080), 0x4) ioctl$sock_bt_hci(r3, 0x400448de, &(0x7f0000000080)="f086ce9985f338e6d2847bbcdff4db70b22accc3ae025f4cdab33ce45b8a8cb684e5911f7816c85f352c39f52662c47468e3bdf1ddc51d7d72b9e1d22129") r4 = fcntl$dupfd(r2, 0x0, r2) syncfs(r4) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000300000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000150700000900000004000000000000001f000000000000f9ac2a000000000000000800000000000000001f000000000000000000000000000000000000000000010001000600000078000000000000000500000000000000b005000000000000f300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0fb2b56072333a9c9ed91c3523aa319e09ac9b6b83b0ffb38c355c75c97bdad4f0386ec16764c24ce78a4d9e6762b7838011f99b022fa9a328cd61c766ec345b027780a4a0dc7e6c464a8cfb806b527f32770bce15fe07523eb9becdbe33169d4480fa02f8387872d235a4a9f6ca6c6d0e1e024c1da6b1fd93853d7e033afdc684ebe6a43866fdde6b1028826b09a287ae5afbe7ba11fff7f6001ad1c0001acd63ce4562977572c95530bda95dc3559887fe85440d0994241fd5457364a401540e6ad26acfed3ef82e320dbe9940efe4a76b23e8086011ad24b5cd4e08dea10db616a2911db1ee52cdee117fd0af892757b"]) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x1c, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="de"]}]}, 0x1c}}, 0x0) setsockopt$inet6_udp_int(r4, 0x11, 0xa, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x2, @remote, 0x5}, 0x1c) 00:01:18 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 59) 00:01:18 executing program 6: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x8]}, 0x8, 0x80000) recvmmsg$unix(r0, &(0x7f0000002200)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/146, 0x92}, {&(0x7f0000000380)=""/141, 0x8d}, {&(0x7f0000000440)=""/144, 0x90}], 0x3}}, {{&(0x7f0000000180), 0x6e, &(0x7f0000000800)=[{&(0x7f0000000500)=""/86, 0x56}, {&(0x7f0000000580)=""/52, 0x34}, {&(0x7f0000000600)=""/255, 0xff}, {&(0x7f0000000700)=""/246, 0xf6}], 0x4, &(0x7f0000000840)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f00000008c0), 0x6e, &(0x7f0000000c00)=[{&(0x7f0000000940)=""/100, 0x64}, {&(0x7f00000009c0)=""/136, 0x88}, {&(0x7f0000000a80)=""/225, 0xe1}, {&(0x7f0000000b80)=""/90, 0x5a}], 0x4, &(0x7f00000005c0)=[@rights={{0x10}}], 0x10}}, {{0x0, 0x0, &(0x7f00000023c0)=[{&(0x7f0000000c80)=""/71, 0x47}, {&(0x7f0000000d00)=""/244, 0xf4}, {&(0x7f0000000e00)=""/46, 0x2e}, {&(0x7f0000000e40)=""/199, 0xc7}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f0000001f40)=""/11, 0xb}, {&(0x7f0000001f80)}, {&(0x7f0000001fc0)=""/174, 0xae}, {&(0x7f0000002340)=""/121, 0x79}], 0x9, &(0x7f0000002100)}}], 0x4, 0x10002, &(0x7f0000002300)) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x41, 0x0) 00:01:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x3, 0xfffffffffffffd9b, 0x0, 0x0) timer_delete(0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f00000002c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000640)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df081650478277b5405e62aba026eb436609209c45f379b7476400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f06e73374ccc30d4fd279538bb65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499174110315288ea4eff39a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e373000000e5f3dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d2048b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b288c477a25e79eb3448c6a4e08a36402cd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6e011beb747919f888890f14b3fd7aec1f8bd4f3ae2327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee855c74363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d5335e9ac4bb0dc263680f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab410000000000000000000000000000000006cba800ed6b3e74bd60a62c0451865592a296d1bacd2d64fea549c907d61b8db3959d8e56c6631fa0f730533c29ff4cae02ef8f7df9a05125ff165784e28b43d0e0106619c5e810be3eb780746ed67eebdcb701f2fbd38bcdada4a634529272e3ed568c2392016217bb75606c0bd4be69c272968d9ce71bd5cc100f5003141c773ee0e84daceeec3b9a52b3779f38ad67c90f7677bd9a8fa9c098f6e508d4dea5f3270df7c2636d019ec1cb5b85602d6302831741435f02b75b1c7c8f842b44de589c8892c21f07be7e7c9767027ca5ac387917210e6bfe39f81689a3c33092615d43aa1"], 0x4, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) capset(&(0x7f0000000240)={0x20080522, r1}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r2}, &(0x7f0000000340)) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000f81500410d000000d081dcbef400dd23000000000000dd1822f9d4b22259bc2f0766848432f20432c634861790f42dd7a3675833d5e110"], 0x14}}, 0x0) timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600)) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1778.973617] FAULT_INJECTION: forcing a failure. [ 1778.973617] name failslab, interval 1, probability 0, space 0, times 0 [ 1778.975525] CPU: 1 PID: 11247 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1778.976557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1778.977783] Call Trace: [ 1778.978186] dump_stack+0x107/0x167 [ 1778.978747] should_fail.cold+0x5/0xa [ 1778.979331] should_failslab+0x5/0x20 [ 1778.979901] __kmalloc_track_caller+0x79/0x370 [ 1778.980586] ? kstrdup_const+0x53/0x80 [ 1778.981172] kstrdup+0x36/0x70 [ 1778.981649] kstrdup_const+0x53/0x80 [ 1778.982204] __kernfs_new_node+0x9d/0x860 [ 1778.982847] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1778.983566] ? lock_acquire+0x197/0x470 [ 1778.984157] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1778.984933] ? lock_release+0x680/0x680 [ 1778.985520] ? find_held_lock+0x2c/0x110 [ 1778.986134] kernfs_new_node+0x18d/0x250 [ 1778.986753] kernfs_create_dir_ns+0x49/0x160 [ 1778.987408] sysfs_create_dir_ns+0x127/0x290 [ 1778.988072] ? sysfs_create_mount_point+0xb0/0xb0 [ 1778.988790] ? rwlock_bug.part.0+0x90/0x90 [ 1778.989432] ? do_raw_spin_unlock+0x4f/0x220 [ 1778.990091] kobject_add_internal+0x25e/0xa30 [ 1778.990772] kobject_init_and_add+0x101/0x160 [ 1778.991441] ? kobject_create_and_add+0xb0/0xb0 [ 1778.992133] ? wait_for_completion_io+0x270/0x270 [ 1778.992855] ? kernfs_name_hash+0xe7/0x110 [ 1778.993494] ? kernfs_find_ns+0x256/0x380 [ 1778.994121] sysfs_slab_add+0x172/0x200 [ 1778.994631] __kmem_cache_create+0x3db/0x520 [ 1778.995299] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1778.996054] p9_client_create+0xc6a/0x1230 [ 1778.996690] ? p9_client_flush+0x430/0x430 [ 1778.997320] ? trace_hardirqs_on+0x5b/0x180 [ 1778.997969] ? lockdep_init_map_type+0x2c7/0x780 [ 1778.998699] ? __raw_spin_lock_init+0x36/0x110 [ 1778.999375] v9fs_session_init+0x1dd/0x1680 [ 1779.000021] ? lock_release+0x680/0x680 [ 1779.000622] ? kmem_cache_alloc_trace+0x151/0x320 [ 1779.001341] ? v9fs_show_options+0x690/0x690 [ 1779.002012] ? trace_hardirqs_on+0x5b/0x180 [ 1779.002666] ? kasan_unpoison_shadow+0x33/0x50 [ 1779.003298] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1779.003976] v9fs_mount+0x79/0x8f0 [ 1779.004438] ? v9fs_write_inode+0x60/0x60 [ 1779.004969] legacy_get_tree+0x105/0x220 [ 1779.005468] vfs_get_tree+0x8e/0x300 [ 1779.005922] path_mount+0x1429/0x2120 [ 1779.006369] ? strncpy_from_user+0x9e/0x470 [ 1779.006902] ? finish_automount+0xa90/0xa90 [ 1779.007404] ? getname_flags.part.0+0x1dd/0x4f0 [ 1779.007966] ? _copy_from_user+0xfb/0x1b0 [ 1779.008473] __x64_sys_mount+0x282/0x300 [ 1779.008967] ? copy_mnt_ns+0xa00/0xa00 [ 1779.009428] do_syscall_64+0x33/0x40 [ 1779.009884] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1779.010506] RIP: 0033:0x7f535d26eb19 [ 1779.010970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1779.013200] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1779.014081] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1779.014978] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1779.015814] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1779.016681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1779.017510] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 [ 1779.018454] kobject_add_internal failed for 9p-fcall-cache-85 (error: -12 parent: slab) [ 1779.019532] kmem_cache_create(9p-fcall-cache-85) failed with error -12 [ 1779.020339] CPU: 1 PID: 11247 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1779.021136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1779.022136] Call Trace: [ 1779.022454] dump_stack+0x107/0x167 [ 1779.022915] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1779.023549] p9_client_create+0xc6a/0x1230 [ 1779.024062] ? p9_client_flush+0x430/0x430 [ 1779.024575] ? trace_hardirqs_on+0x5b/0x180 [ 1779.025102] ? lockdep_init_map_type+0x2c7/0x780 [ 1779.025676] ? __raw_spin_lock_init+0x36/0x110 [ 1779.026234] v9fs_session_init+0x1dd/0x1680 [ 1779.026785] ? lock_release+0x680/0x680 [ 1779.027275] ? kmem_cache_alloc_trace+0x151/0x320 [ 1779.027861] ? v9fs_show_options+0x690/0x690 [ 1779.028392] ? trace_hardirqs_on+0x5b/0x180 [ 1779.028914] ? kasan_unpoison_shadow+0x33/0x50 [ 1779.029436] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1779.030054] v9fs_mount+0x79/0x8f0 [ 1779.030489] ? v9fs_write_inode+0x60/0x60 [ 1779.030983] legacy_get_tree+0x105/0x220 [ 1779.031483] vfs_get_tree+0x8e/0x300 [ 1779.031947] path_mount+0x1429/0x2120 [ 1779.032421] ? strncpy_from_user+0x9e/0x470 [ 1779.032966] ? finish_automount+0xa90/0xa90 [ 1779.033465] ? getname_flags.part.0+0x1dd/0x4f0 [ 1779.034032] ? _copy_from_user+0xfb/0x1b0 [ 1779.034514] __x64_sys_mount+0x282/0x300 [ 1779.035023] ? copy_mnt_ns+0xa00/0xa00 [ 1779.035500] do_syscall_64+0x33/0x40 [ 1779.035950] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1779.036580] RIP: 0033:0x7f535d26eb19 [ 1779.037008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1779.039262] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1779.040198] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1779.041012] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1779.041885] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1779.042723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1779.043532] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 00:01:18 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xf0, 0x34, 0x2, 0x70bd2b, 0x25dfdbff, {0x16}, [@generic="6975047df7ec9d51fc1242b158213cf7f908910974df70463b9dcb3ce987989d00ed044f00a33641287686973e8adb8e9f9fae11c5696a731df6f4149ebae5cc4ccd55e8f01f23480b046de4225dd53fd7295948dd4eddbd82e9c7e65f890cca977fa6c757590b6fcd81f3947f6ff6f651efdebcd06f7dada04cad451144f9fb6f2f3e990c5e1e0aeec30fd6978dd4b4894fa9d476a29231de24115a23a47a903f32f37cf7088ac49d498c26e1e0ed250773540c71bfdac6e24efd70027c52bcf1f79e4b9452d4289fe0aa9c1ebd44d978", @typed={0x8, 0xb, 0x0, 0x0, @fd=r0}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20008000}, 0x4) fcntl$setlease(r0, 0x400, 0x1) close(r0) 00:01:18 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0xffffff8c, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1779.055364] loop3: detected capacity change from 0 to 262144 [ 1779.070898] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 00:01:18 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,access=', @ANYRESDEC=0xee00]) (fail_nth: 60) 00:01:18 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x56}, 0x1c) [ 1779.150924] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:01:18 executing program 5: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x202803, 0x1) statx(r0, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000180)) r3 = openat(0xffffffffffffffff, &(0x7f00000001c0)='\x00', 0x125140, 0x28) fchownat(r3, &(0x7f0000000200)='./file0/file0\x00', r1, 0xee00, 0x800) lsetxattr(&(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000280)=@random={'trusted.', '*\x00'}, &(0x7f00000002c0)='\'#\x00', 0x3, 0x3) r4 = syz_io_uring_setup(0x4cd1, &(0x7f0000000300)={0x0, 0x3135, 0x1, 0x1, 0x51, 0x0, r3}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000380)=0x0, &(0x7f00000003c0)) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x2000003, 0x4010, r3, 0x10000000) syz_io_uring_submit(r5, r6, &(0x7f0000000400)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x9142fba7937144e5, @fd=r2, 0x2, 0xcdfa, 0x0, 0x12, 0x1, {0x3}}, 0x8) mknod(&(0x7f0000000440)='./file0\x00', 0x40, 0x7) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in6, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@remote}}, &(0x7f00000005c0)=0xe8) quotactl(0x9, &(0x7f0000000480)='./file0/file0\x00', r7, &(0x7f0000000600)="8d6f2e1bce9fd42b2fa20971ff8252e0d7f0e1782cf8aafca9949b191b09fcdb9fe2f7f44d412c991dccecd3d6a9c54f8625f4ca69b10529dfebdaab3d26dc491d3ec8cc") sendto$unix(r2, &(0x7f0000000680)="a1540cf95480190f90121dc9e72846dd24108cb5d924d1fcc4c7ef14dd5fc6b8469599d826a142d3455bc0666a4cddb666aae764bc24d50b10f4ad6a2b2de0e9fd5c001a704f89545e83f021d8ef3fe360096de9b3d4e859a47da71d5f1310ec30a24db01e3a673932d1be08c030cb862b03696790b8dc89e6caf8e8b175cdea5fe8cd85b49cab82661466bec4dc058fa25a58f034b676a5370fc50e2ee4823baa44dc46559c23f2b0244f00ca07a27a96be55c48cf516e866d8f3f812cc5c98cc77139baf4f77efb06bfe3a07ecfad375e3", 0xd2, 0x4010, &(0x7f0000000780)=@abs={0x0, 0x0, 0x4e21}, 0x6e) openat2(r3, &(0x7f0000000800)='./file1\x00', &(0x7f0000000840)={0x41, 0x155, 0x8}, 0x18) open(&(0x7f0000000880)='./file0/file0\x00', 0x20000, 0x20) creat(&(0x7f00000008c0)='./file1\x00', 0x8e) write$binfmt_elf32(r4, &(0x7f0000000900)={{0x7f, 0x45, 0x4c, 0x46, 0x81, 0x6, 0x75, 0xbc, 0x7, 0x3, 0x3e, 0x5, 0x2b5, 0x38, 0x317, 0x80000000, 0x7, 0x20, 0x1, 0x1, 0x9, 0x4}, [{0x7, 0x101, 0x9, 0xffff, 0x200, 0x5, 0x0, 0x7}, {0x0, 0x2, 0x7, 0xdcf, 0x0, 0x8, 0x0, 0x10001}], "14bff8cdbc5492e1e385fd6896ce5cb8783c38a61c26f6e7607c41819915f8494b1d2ce472a17c80e9c2f62c45c0d5db88ff6d4e5f56cffebbf293be66d32cbd82c7a65363103c71af120610b43e1b54ded7e4b5a13dd1958f40b894071f3458cda707d28e897413923b7256adb14a655f97ce4aea76bf639cc754dd6ed26b954a42312bb28e13a03537f3cc1b841463a03a224924c13834137f75935c641d90383837bbdd80788ae824b9971ffc7b47fabfa3b71b078b222247fe9a2aa126", ['\x00', '\x00', '\x00']}, 0x437) sendto$unix(r2, &(0x7f0000000d40)="7550b5402bd9995fe204a779117b7aef68d227297bd9ebfeb0a28da053db5a7cc595", 0x22, 0x48090, &(0x7f0000000d80)=@file={0x0, './file0/file0/file0\x00'}, 0x6e) io_uring_enter(r3, 0x6328, 0x453f, 0x2, &(0x7f0000000e00)={[0x8001]}, 0x8) rename(&(0x7f0000000e40)='./file0/file0\x00', &(0x7f0000000e80)='./file0\x00') [ 1779.160159] FAULT_INJECTION: forcing a failure. [ 1779.160159] name failslab, interval 1, probability 0, space 0, times 0 [ 1779.161525] CPU: 1 PID: 11274 Comm: syz-executor.1 Not tainted 5.10.235 #1 [ 1779.162307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1779.163271] Call Trace: [ 1779.163579] dump_stack+0x107/0x167 [ 1779.163994] should_fail.cold+0x5/0xa [ 1779.164433] ? create_object.isra.0+0x3a/0xa20 [ 1779.164960] should_failslab+0x5/0x20 [ 1779.165391] kmem_cache_alloc+0x5b/0x310 [ 1779.165870] create_object.isra.0+0x3a/0xa20 [ 1779.166370] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1779.166974] __kmalloc_track_caller+0x177/0x370 [ 1779.167508] ? kstrdup_const+0x53/0x80 [ 1779.167961] kstrdup+0x36/0x70 [ 1779.168327] kstrdup_const+0x53/0x80 [ 1779.168762] __kernfs_new_node+0x9d/0x860 [ 1779.169239] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1779.169785] ? lock_acquire+0x197/0x470 [ 1779.170247] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1779.170875] ? lock_release+0x680/0x680 [ 1779.171330] ? find_held_lock+0x2c/0x110 [ 1779.171803] kernfs_new_node+0x18d/0x250 [ 1779.172267] kernfs_create_dir_ns+0x49/0x160 [ 1779.172771] sysfs_create_dir_ns+0x127/0x290 [ 1779.173274] ? sysfs_create_mount_point+0xb0/0xb0 [ 1779.173835] ? rwlock_bug.part.0+0x90/0x90 [ 1779.174321] ? do_raw_spin_unlock+0x4f/0x220 [ 1779.174852] kobject_add_internal+0x25e/0xa30 [ 1779.175374] kobject_init_and_add+0x101/0x160 [ 1779.175898] ? kobject_create_and_add+0xb0/0xb0 [ 1779.176429] ? wait_for_completion_io+0x270/0x270 [ 1779.176986] ? kernfs_name_hash+0xe7/0x110 [ 1779.177474] ? kernfs_find_ns+0x256/0x380 [ 1779.177963] sysfs_slab_add+0x172/0x200 [ 1779.178426] __kmem_cache_create+0x3db/0x520 [ 1779.178964] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1779.179537] p9_client_create+0xc6a/0x1230 [ 1779.180022] ? p9_client_flush+0x430/0x430 [ 1779.180511] ? trace_hardirqs_on+0x5b/0x180 [ 1779.181008] ? lockdep_init_map_type+0x2c7/0x780 [ 1779.181549] ? __raw_spin_lock_init+0x36/0x110 [ 1779.182070] v9fs_session_init+0x1dd/0x1680 [ 1779.182564] ? lock_release+0x680/0x680 [ 1779.183049] ? kmem_cache_alloc_trace+0x151/0x320 [ 1779.183600] ? v9fs_show_options+0x690/0x690 [ 1779.184111] ? trace_hardirqs_on+0x5b/0x180 [ 1779.184609] ? kasan_unpoison_shadow+0x33/0x50 [ 1779.185130] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1779.185710] v9fs_mount+0x79/0x8f0 [ 1779.186120] ? v9fs_write_inode+0x60/0x60 [ 1779.186596] legacy_get_tree+0x105/0x220 [ 1779.187090] vfs_get_tree+0x8e/0x300 [ 1779.187517] path_mount+0x1429/0x2120 [ 1779.187962] ? strncpy_from_user+0x9e/0x470 [ 1779.188454] ? finish_automount+0xa90/0xa90 [ 1779.188957] ? getname_flags.part.0+0x1dd/0x4f0 [ 1779.189490] ? _copy_from_user+0xfb/0x1b0 [ 1779.189968] __x64_sys_mount+0x282/0x300 [ 1779.190433] ? copy_mnt_ns+0xa00/0xa00 [ 1779.190903] do_syscall_64+0x33/0x40 [ 1779.191330] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1779.191925] RIP: 0033:0x7f535d26eb19 [ 1779.192351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1779.194455] RSP: 002b:00007f535a7e4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1779.195350] RAX: ffffffffffffffda RBX: 00007f535d381f60 RCX: 00007f535d26eb19 [ 1779.196172] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 1779.197003] RBP: 00007f535a7e41d0 R08: 0000000020000100 R09: 0000000000000000 [ 1779.197824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1779.198650] R13: 00007ffc8251ba9f R14: 00007f535a7e4300 R15: 0000000000022000 00:01:18 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[]) mknodat$null(r0, &(0x7f0000000080)='./file0\x00', 0x4800, 0x103) 00:01:18 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x62}, 0x1c) 00:01:18 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = creat(&(0x7f0000000080)='./file1\x00', 0x21) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000280)=""/46, 0x2e) getdents64(r2, &(0x7f00000001c0)=""/76, 0x4c) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_mount_image$tmpfs(&(0x7f0000000400), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x800741, &(0x7f0000000000)) statfs(&(0x7f0000001c80)='./file0\x00', &(0x7f0000002e00)=""/255) stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x80186803, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="010002012e2f03006c655d36"]) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d91e31b7892f71f3ac842db783e431d605372ea606c253e7c4ff3d013e13614b38210b49077cca3b953d867fd849b8fe2ff2f49a2849f897aa0aa580d9181e218f7c241c047d0a0ef6ba946c262de8447d2ec926ffc3aaadd9660fff9cea9b11f2ff3704df391d2bdb33465bfa785d15ef405e901c59cb0dfc75ae84a5ce85db5f2f363979cb753db158729cd7ca20d8cb5989348", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',cache=mmap,cache=loose,noextend,nodevmap,dont_appraise,dont_measure,subj_type=,dont_measure,fscontext=system_u,fsmagic=0x000000000000008c,uid=', @ANYRESDEC=r3, @ANYBLOB=',audit,rootcontext=user_u']) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ppoll(&(0x7f0000000000)=[{r5, 0x108}], 0x1, 0x0, 0x0, 0x0) fcntl$dupfd(r0, 0x0, r5) socket$inet6_udplite(0xa, 0x2, 0x88) 00:01:18 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = perf_event_open$cgroup(&(0x7f0000001140)={0x1, 0x80, 0x4f, 0x15, 0xbe, 0x56, 0x0, 0x8, 0x30000, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000001100), 0x7}, 0x38a0, 0x0, 0x9, 0x4, 0x10000, 0x0, 0x40, 0x0, 0x10000, 0x0, 0x4340}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x5) flistxattr(r1, &(0x7f00000011c0)=""/4096, 0x1000) ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000000900)) dup3(r0, r0, 0x0) r2 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_setup(0x1f8, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x5, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) 00:01:18 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0xfffffff6, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) 00:01:18 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040), 0x0, 0x100) r1 = syz_io_uring_setup(0x203, &(0x7f0000000180)={0x0, 0x4000000, 0x10, 0x1, 0x3b7, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r4, 0x0}, 0x0) io_uring_enter(r1, 0x2271, 0x0, 0x0, 0x0, 0x0) [ 1779.258156] loop3: detected capacity change from 0 to 262144 [ 1779.279624] 9pnet: Insufficient options for proto=fd [ 1779.294027] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem 00:01:19 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0xedc000000000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0xee00]) [ 1779.357849] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 00:01:19 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0xfc}, 0x1c) [ 1780.103300] 9pnet: Insufficient options for proto=fd [ 1792.976008] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888008af08c0 (size 32): comm "syz-executor.1", pid 11247, jiffies 4296445956 (age 21.499s) hex dump (first 32 bytes): 39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 38 9p-fcall-cache-8 35 00 af 08 80 88 ff ff 10 00 00 00 00 00 00 00 5............... backtrace: [<0000000003097181>] kstrdup+0x36/0x70 [<0000000075136f55>] kstrdup_const+0x53/0x80 [<00000000a5545ccf>] kvasprintf_const+0x10c/0x1a0 [<0000000084ec23bd>] kobject_set_name_vargs+0x56/0x150 [<000000003f438b5f>] kobject_init_and_add+0xc9/0x160 [<0000000009feff9a>] sysfs_slab_add+0x172/0x200 [<00000000168d7a4a>] __kmem_cache_create+0x3db/0x520 [<00000000874b5be3>] kmem_cache_create_usercopy+0x1db/0x2f0 [<00000000e6d852cf>] p9_client_create+0xc6a/0x1230 [<00000000fc21a9b9>] v9fs_session_init+0x1dd/0x1680 [<00000000251a773e>] v9fs_mount+0x79/0x8f0 [<000000002300d830>] legacy_get_tree+0x105/0x220 [<00000000fdf22bbb>] vfs_get_tree+0x8e/0x300 [<000000006ece3bcb>] path_mount+0x1429/0x2120 [<00000000071c786b>] __x64_sys_mount+0x282/0x300 [<00000000e9597946>] do_syscall_64+0x33/0x40 BUG: leak checking failed VM DIAGNOSIS: 00:01:40 Registers: info registers vcpu 0 RAX=ffffffff83e8ce00 RBX=0000000000000000 RCX=ffffffff83e749ac RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e8d408 RBP=0000000000000000 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85678e48 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e8ce0e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffcf7d58b78 CR3=0000000017e4e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000dd060a EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e XMM02=3a29323320657a697328203063383066 XMM03=313120646970202c22312e726f747563 XMM04=6c6c6163662d70392020383320643220 XMM05=32206336206336203136203336203636 XMM06=73657479622032332074737269662820 XMM07=2e313220656761282036353935343436 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff83e8ce00 RBX=0000000000000001 RCX=ffffffff83e749ac RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e8d408 RBP=0000000000000001 RSP=ffff888008987e70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85678e48 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e8ce0e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe5e00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055e357a44678 CR3=0000000019e62000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000418e3a33c0000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000