th+0xe1/0x600 [ 1427.122227] ? perf_event_set_output+0x5b0/0x5b0 [ 1427.122760] ? wait_for_completion_io+0x270/0x270 [ 1427.123317] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1427.123916] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1427.124497] do_syscall_64+0x33/0x40 [ 1427.124918] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1427.125499] RIP: 0033:0x7fb95c3c3b19 [ 1427.125920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1427.128017] RSP: 002b:00007fb959939188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1427.128881] RAX: ffffffffffffffda RBX: 00007fb95c4d6f60 RCX: 00007fb95c3c3b19 [ 1427.129686] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020001d80 [ 1427.130491] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1427.131296] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1427.132108] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1427.201061] isofs_fill_super: bread failed, dev=loop4, iso_blknum=60, block=120 [ 1441.388750] FAULT_INJECTION: forcing a failure. [ 1441.388750] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.390129] CPU: 0 PID: 8962 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1441.390962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.391976] Call Trace: [ 1441.392313] dump_stack+0x107/0x167 [ 1441.392766] FAULT_INJECTION: forcing a failure. [ 1441.392766] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1441.394199] should_fail.cold+0x5/0xa [ 1441.394675] ? create_object.isra.0+0x3a/0xa20 [ 1441.395239] should_failslab+0x5/0x20 [ 1441.395710] kmem_cache_alloc+0x5b/0x310 [ 1441.396214] create_object.isra.0+0x3a/0xa20 [ 1441.396749] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1441.397365] kmem_cache_alloc+0x159/0x310 [ 1441.397872] ? trace_hardirqs_on+0x5b/0x180 [ 1441.398404] xas_alloc+0x336/0x440 [ 1441.398837] xas_create+0x34a/0x10d0 [ 1441.399302] xas_create_range+0x189/0x620 [ 1441.399818] shmem_add_to_page_cache+0x760/0x1130 [ 1441.400420] ? shmem_getattr+0x1a0/0x1a0 [ 1441.400931] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.401589] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.402128] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.402748] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.403378] shmem_write_begin+0xf7/0x1d0 [ 1441.403895] generic_perform_write+0x20a/0x4f0 [ 1441.404469] ? page_cache_prev_miss+0x310/0x310 [ 1441.405042] ? evict_inodes+0x470/0x470 [ 1441.405529] ? generic_write_checks+0x2ad/0x390 [ 1441.406099] __generic_file_write_iter+0x39d/0x5d0 [ 1441.406701] generic_file_write_iter+0xdb/0x230 [ 1441.407262] ? iov_iter_init+0x3c/0x130 [ 1441.407744] new_sync_write+0x42c/0x660 [ 1441.408238] ? new_sync_read+0x6f0/0x6f0 [ 1441.408736] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.409287] ? lock_release+0x680/0x680 [ 1441.409776] ? selinux_file_permission+0x92/0x520 [ 1441.410367] ? security_file_permission+0xb1/0xe0 [ 1441.410961] vfs_write+0x7c0/0xb10 [ 1441.411398] __x64_sys_pwrite64+0x201/0x260 [ 1441.411932] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.412435] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.413076] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.413709] do_syscall_64+0x33/0x40 [ 1441.414165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.414793] RIP: 0033:0x7f3b3a68eab7 [ 1441.415249] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.417492] RSP: 002b:00007f3b37c50f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.418409] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68eab7 [ 1441.419274] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000005 [ 1441.420143] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.421002] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000005 [ 1441.421859] R13: 0000000000000005 R14: 0000000020000200 R15: 0000000000000000 [ 1441.422747] CPU: 1 PID: 8964 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1441.424461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.426451] Call Trace: [ 1441.427086] dump_stack+0x107/0x167 [ 1441.427963] should_fail.cold+0x5/0xa [ 1441.428902] __alloc_pages_nodemask+0x182/0x600 14:30:24 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (fail_nth: 11) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:30:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f8", 0x16}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:30:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:30:24 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 16) 14:30:24 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 14) 14:30:24 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 16) [ 1441.430027] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1441.431919] ? lock_downgrade+0x6d0/0x6d0 [ 1441.432918] ? lock_acquire+0x197/0x470 [ 1441.433863] alloc_pages_vma+0xbb/0x410 [ 1441.434802] shmem_alloc_page+0x10f/0x1e0 [ 1441.435795] ? shmem_init_inode+0x20/0x20 [ 1441.436988] ? percpu_counter_add_batch+0x8b/0x140 [ 1441.438192] ? __vm_enough_memory+0x184/0x360 [ 1441.439256] shmem_getpage_gfp.constprop.0+0x512/0x1920 [ 1441.440556] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.441595] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.442826] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.444026] shmem_write_begin+0xf7/0x1d0 [ 1441.445024] generic_perform_write+0x20a/0x4f0 [ 1441.446110] ? page_cache_prev_miss+0x310/0x310 14:30:24 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 15) 14:30:24 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1441.447316] ? evict_inodes+0x470/0x470 [ 1441.448367] ? generic_write_checks+0x2ad/0x390 [ 1441.449499] __generic_file_write_iter+0x39d/0x5d0 [ 1441.450692] generic_file_write_iter+0xdb/0x230 [ 1441.451791] ? iov_iter_init+0x3c/0x130 [ 1441.452759] new_sync_write+0x42c/0x660 [ 1441.453716] ? new_sync_read+0x6f0/0x6f0 [ 1441.454690] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.455758] ? lock_release+0x680/0x680 [ 1441.456727] ? selinux_file_permission+0x92/0x520 [ 1441.457872] ? security_file_permission+0xb1/0xe0 [ 1441.459016] vfs_write+0x7c0/0xb10 [ 1441.459867] __x64_sys_pwrite64+0x201/0x260 [ 1441.460918] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.461891] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.463107] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.464296] do_syscall_64+0x33/0x40 [ 1441.465159] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.466353] RIP: 0033:0x7fd972f8cab7 [ 1441.467234] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.471567] RSP: 002b:00007fd97054ef20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.473360] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8cab7 [ 1441.475048] RDX: 0000000000000082 RSI: 0000000020010600 RDI: 0000000000000004 [ 1441.476736] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.478427] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1441.480106] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1441.482473] FAULT_INJECTION: forcing a failure. [ 1441.482473] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.485062] FAULT_INJECTION: forcing a failure. [ 1441.485062] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.485137] CPU: 1 PID: 8970 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1441.488033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.490040] Call Trace: [ 1441.490671] dump_stack+0x107/0x167 [ 1441.491550] should_fail.cold+0x5/0xa [ 1441.492496] ? xas_alloc+0x336/0x440 [ 1441.493400] should_failslab+0x5/0x20 [ 1441.494322] kmem_cache_alloc+0x5b/0x310 [ 1441.495300] ? trace_hardirqs_on+0x5b/0x180 [ 1441.496331] xas_alloc+0x336/0x440 [ 1441.497170] xas_create+0x34a/0x10d0 [ 1441.498089] xas_create_range+0x189/0x620 [ 1441.499118] shmem_add_to_page_cache+0x760/0x1130 [ 1441.500337] ? shmem_getattr+0x1a0/0x1a0 [ 1441.501356] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.502683] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.503761] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.505034] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.506263] shmem_write_begin+0xf7/0x1d0 [ 1441.507253] generic_perform_write+0x20a/0x4f0 [ 1441.508372] ? page_cache_prev_miss+0x310/0x310 [ 1441.509513] ? evict_inodes+0x470/0x470 [ 1441.510498] ? generic_write_checks+0x2ad/0x390 [ 1441.511657] __generic_file_write_iter+0x39d/0x5d0 [ 1441.512887] generic_file_write_iter+0xdb/0x230 [ 1441.514032] ? iov_iter_init+0x3c/0x130 [ 1441.515018] new_sync_write+0x42c/0x660 [ 1441.515979] ? new_sync_read+0x6f0/0x6f0 [ 1441.516964] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.517905] ? lock_release+0x680/0x680 [ 1441.518737] ? selinux_file_permission+0x92/0x520 [ 1441.519747] ? security_file_permission+0xb1/0xe0 [ 1441.520768] vfs_write+0x7c0/0xb10 [ 1441.521524] __x64_sys_pwrite64+0x201/0x260 [ 1441.522423] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.523274] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.524376] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.525438] do_syscall_64+0x33/0x40 [ 1441.526208] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.527277] RIP: 0033:0x7f744e8d0ab7 [ 1441.528053] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.531889] RSP: 002b:00007f744be92f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.533494] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0ab7 [ 1441.534987] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000004 [ 1441.536497] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.537988] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1441.539477] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1441.540999] CPU: 0 PID: 8983 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1441.541807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.542760] Call Trace: [ 1441.543077] dump_stack+0x107/0x167 [ 1441.543499] should_fail.cold+0x5/0xa [ 1441.543940] ? create_object.isra.0+0x3a/0xa20 [ 1441.544482] should_failslab+0x5/0x20 [ 1441.544922] kmem_cache_alloc+0x5b/0x310 [ 1441.545392] create_object.isra.0+0x3a/0xa20 [ 1441.545896] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1441.546485] kmem_cache_alloc+0x159/0x310 [ 1441.546963] ? trace_hardirqs_on+0x5b/0x180 [ 1441.547471] xas_alloc+0x336/0x440 [ 1441.547884] xas_create+0x34a/0x10d0 [ 1441.548329] xas_create_range+0x189/0x620 [ 1441.548815] shmem_add_to_page_cache+0x760/0x1130 [ 1441.549373] ? shmem_getattr+0x1a0/0x1a0 [ 1441.549850] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.550467] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.550978] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.551570] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.552165] shmem_write_begin+0xf7/0x1d0 [ 1441.552643] generic_perform_write+0x20a/0x4f0 [ 1441.553174] ? page_cache_prev_miss+0x310/0x310 [ 1441.553708] ? evict_inodes+0x470/0x470 [ 1441.553787] FAT-fs (loop3): bogus number of FAT sectors [ 1441.554161] ? generic_write_checks+0x2ad/0x390 [ 1441.554177] __generic_file_write_iter+0x39d/0x5d0 [ 1441.554191] generic_file_write_iter+0xdb/0x230 [ 1441.554209] ? iov_iter_init+0x3c/0x130 [ 1441.555349] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1441.555844] new_sync_write+0x42c/0x660 [ 1441.555856] ? new_sync_read+0x6f0/0x6f0 [ 1441.555868] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.555887] ? lock_release+0x680/0x680 [ 1441.560400] ? selinux_file_permission+0x92/0x520 [ 1441.560955] ? security_file_permission+0xb1/0xe0 [ 1441.561516] vfs_write+0x7c0/0xb10 [ 1441.561927] __x64_sys_pwrite64+0x201/0x260 [ 1441.562416] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.562882] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.563481] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.564080] do_syscall_64+0x33/0x40 [ 1441.564508] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.565092] RIP: 0033:0x7ff3728baab7 [ 1441.565520] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.567624] RSP: 002b:00007ff36fe7cf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.568501] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baab7 [ 1441.569310] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000004 [ 1441.570126] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.570942] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1441.571752] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1441.596450] FAULT_INJECTION: forcing a failure. [ 1441.596450] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.598015] CPU: 0 PID: 8986 Comm: syz-executor.0 Not tainted 5.10.230 #1 [ 1441.598027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.598033] Call Trace: [ 1441.598052] dump_stack+0x107/0x167 [ 1441.598065] should_fail.cold+0x5/0xa [ 1441.598078] ? create_object.isra.0+0x3a/0xa20 [ 1441.598091] should_failslab+0x5/0x20 [ 1441.598101] kmem_cache_alloc+0x5b/0x310 [ 1441.598113] create_object.isra.0+0x3a/0xa20 [ 1441.598121] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1441.598133] kmem_cache_alloc+0x159/0x310 [ 1441.598147] __d_alloc+0x2a/0x990 [ 1441.598158] d_alloc_pseudo+0x19/0x70 [ 1441.598167] alloc_file_pseudo+0xce/0x250 [ 1441.598176] ? alloc_file+0x5a0/0x5a0 [ 1441.598188] ? security_perf_event_alloc+0x79/0xa0 [ 1441.598199] ? ctx_sched_out+0xa00/0xa00 [ 1441.598219] anon_inode_getfile+0xc8/0x1f0 [ 1441.607770] __do_sys_perf_event_open+0xf59/0x2e60 [ 1441.608338] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1441.608889] ? perf_event_set_output+0x5b0/0x5b0 [ 1441.609424] ? wait_for_completion_io+0x270/0x270 [ 1441.609984] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.610578] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.611168] do_syscall_64+0x33/0x40 [ 1441.611588] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.612175] RIP: 0033:0x7fb95c3c3b19 [ 1441.612596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1441.614684] RSP: 002b:00007fb959939188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1441.615546] RAX: ffffffffffffffda RBX: 00007fb95c4d6f60 RCX: 00007fb95c3c3b19 [ 1441.616363] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020001d80 [ 1441.617173] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1441.617984] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1441.618790] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1441.631798] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1441.635172] isofs_fill_super: bread failed, dev=loop1, iso_blknum=34, block=68 14:30:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1441.650112] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1441.747540] FAULT_INJECTION: forcing a failure. [ 1441.747540] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.748821] CPU: 0 PID: 9087 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1441.749591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.750526] Call Trace: [ 1441.750827] dump_stack+0x107/0x167 [ 1441.751243] should_fail.cold+0x5/0xa [ 1441.751678] ? create_object.isra.0+0x3a/0xa20 [ 1441.752210] should_failslab+0x5/0x20 [ 1441.752643] kmem_cache_alloc+0x5b/0x310 [ 1441.753107] create_object.isra.0+0x3a/0xa20 [ 1441.753605] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1441.754184] kmem_cache_alloc+0x159/0x310 [ 1441.754651] ? trace_hardirqs_on+0x5b/0x180 [ 1441.755143] xas_alloc+0x336/0x440 [ 1441.755553] xas_create+0x34a/0x10d0 [ 1441.755984] xas_create_range+0x189/0x620 [ 1441.756473] shmem_add_to_page_cache+0x760/0x1130 [ 1441.757026] ? shmem_getattr+0x1a0/0x1a0 [ 1441.757499] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.758110] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.758612] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.759196] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.759773] shmem_write_begin+0xf7/0x1d0 [ 1441.760252] generic_perform_write+0x20a/0x4f0 [ 1441.760771] ? page_cache_prev_miss+0x310/0x310 [ 1441.761303] ? evict_inodes+0x470/0x470 [ 1441.761750] ? generic_write_checks+0x2ad/0x390 [ 1441.762289] __generic_file_write_iter+0x39d/0x5d0 [ 1441.762845] generic_file_write_iter+0xdb/0x230 [ 1441.763370] ? iov_iter_init+0x3c/0x130 [ 1441.763824] new_sync_write+0x42c/0x660 [ 1441.764282] ? new_sync_read+0x6f0/0x6f0 [ 1441.764745] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.765260] ? lock_release+0x680/0x680 [ 1441.765713] ? selinux_file_permission+0x92/0x520 [ 1441.766270] ? security_file_permission+0xb1/0xe0 [ 1441.766817] vfs_write+0x7c0/0xb10 [ 1441.767230] __x64_sys_pwrite64+0x201/0x260 [ 1441.767717] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.768188] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.768781] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.769361] do_syscall_64+0x33/0x40 [ 1441.769785] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.770366] RIP: 0033:0x7f744e8d0ab7 [ 1441.770789] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.772876] RSP: 002b:00007f744be92f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.773738] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0ab7 [ 1441.774549] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000004 [ 1441.775353] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.776161] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1441.776962] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1441.790694] FAULT_INJECTION: forcing a failure. [ 1441.790694] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.793041] CPU: 1 PID: 9091 Comm: syz-executor.2 Not tainted 5.10.230 #1 14:30:24 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 17) 14:30:24 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (fail_nth: 12) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:30:24 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 16) 14:30:24 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 17) 14:30:24 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 15) [ 1441.794457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.796499] Call Trace: [ 1441.797050] dump_stack+0x107/0x167 [ 1441.797801] should_fail.cold+0x5/0xa [ 1441.798591] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1441.799683] should_failslab+0x5/0x20 [ 1441.800493] __kmalloc_node+0x76/0x420 [ 1441.801311] ? lock_downgrade+0x6d0/0x6d0 [ 1441.802175] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1441.803241] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 1441.804282] ? do_raw_spin_unlock+0x4f/0x220 [ 1441.805209] kmem_cache_alloc+0x171/0x310 [ 1441.806079] ? trace_hardirqs_on+0x5b/0x180 [ 1441.806991] xas_alloc+0x336/0x440 [ 1441.807743] xas_create+0x34a/0x10d0 [ 1441.808549] xas_create_range+0x189/0x620 [ 1441.809429] shmem_add_to_page_cache+0x760/0x1130 [ 1441.810444] ? shmem_getattr+0x1a0/0x1a0 [ 1441.811319] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.812454] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.813379] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.814452] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.815524] shmem_write_begin+0xf7/0x1d0 [ 1441.816406] generic_perform_write+0x20a/0x4f0 [ 1441.817369] ? page_cache_prev_miss+0x310/0x310 [ 1441.818345] ? evict_inodes+0x470/0x470 [ 1441.819181] ? generic_write_checks+0x2ad/0x390 [ 1441.820158] __generic_file_write_iter+0x39d/0x5d0 [ 1441.821174] generic_file_write_iter+0xdb/0x230 [ 1441.822139] ? iov_iter_init+0x3c/0x130 [ 1441.822970] new_sync_write+0x42c/0x660 [ 1441.823793] ? new_sync_read+0x6f0/0x6f0 [ 1441.824644] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.825596] ? lock_release+0x680/0x680 [ 1441.826437] ? selinux_file_permission+0x92/0x520 [ 1441.827440] ? security_file_permission+0xb1/0xe0 [ 1441.828459] vfs_write+0x7c0/0xb10 [ 1441.829207] __x64_sys_pwrite64+0x201/0x260 [ 1441.830109] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.830958] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.832056] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.833147] do_syscall_64+0x33/0x40 [ 1441.833925] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.834993] RIP: 0033:0x7f3b3a68eab7 [ 1441.835764] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.839629] RSP: 002b:00007f3b37c50f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.841215] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68eab7 [ 1441.842699] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000005 [ 1441.844224] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.845863] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000005 [ 1441.847356] R13: 0000000000000005 R14: 0000000020000200 R15: 0000000000000000 [ 1441.862166] FAULT_INJECTION: forcing a failure. [ 1441.862166] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.863533] CPU: 0 PID: 9096 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1441.864310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.865238] Call Trace: [ 1441.865539] dump_stack+0x107/0x167 [ 1441.865954] should_fail.cold+0x5/0xa [ 1441.866387] ? xas_alloc+0x336/0x440 [ 1441.866811] should_failslab+0x5/0x20 [ 1441.867244] kmem_cache_alloc+0x5b/0x310 [ 1441.867710] ? trace_hardirqs_on+0x5b/0x180 [ 1441.868206] xas_alloc+0x336/0x440 [ 1441.868616] xas_create+0x34a/0x10d0 [ 1441.869053] xas_create_range+0x189/0x620 [ 1441.869530] shmem_add_to_page_cache+0x760/0x1130 [ 1441.870090] ? shmem_getattr+0x1a0/0x1a0 [ 1441.870563] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.871171] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.871681] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.872274] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.872849] shmem_write_begin+0xf7/0x1d0 [ 1441.873320] generic_perform_write+0x20a/0x4f0 [ 1441.873842] ? page_cache_prev_miss+0x310/0x310 [ 1441.874379] ? evict_inodes+0x470/0x470 [ 1441.874838] ? generic_write_checks+0x2ad/0x390 [ 1441.875375] __generic_file_write_iter+0x39d/0x5d0 [ 1441.875945] generic_file_write_iter+0xdb/0x230 [ 1441.876481] ? iov_iter_init+0x3c/0x130 [ 1441.876940] new_sync_write+0x42c/0x660 [ 1441.877397] ? new_sync_read+0x6f0/0x6f0 [ 1441.877870] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.878391] ? lock_release+0x680/0x680 [ 1441.878851] ? selinux_file_permission+0x92/0x520 [ 1441.879410] ? security_file_permission+0xb1/0xe0 [ 1441.879969] vfs_write+0x7c0/0xb10 [ 1441.880388] __x64_sys_pwrite64+0x201/0x260 [ 1441.880887] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.881358] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.881958] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.882551] do_syscall_64+0x33/0x40 [ 1441.882980] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.883571] RIP: 0033:0x7fd972f8cab7 [ 1441.884001] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.886148] RSP: 002b:00007fd97054ef20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.887033] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8cab7 [ 1441.887852] RDX: 0000000000000082 RSI: 0000000020010600 RDI: 0000000000000004 [ 1441.888684] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.889513] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1441.890352] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:30:24 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x0, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1441.901009] FAULT_INJECTION: forcing a failure. [ 1441.901009] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.903339] CPU: 1 PID: 9099 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1441.904759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.906481] Call Trace: [ 1441.907036] dump_stack+0x107/0x167 [ 1441.907798] should_fail.cold+0x5/0xa [ 1441.908607] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1441.909702] should_failslab+0x5/0x20 [ 1441.910503] __kmalloc_node+0x76/0x420 [ 1441.911312] ? lock_downgrade+0x6d0/0x6d0 [ 1441.912004] FAULT_INJECTION: forcing a failure. [ 1441.912004] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.912187] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1441.914514] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 1441.915655] ? do_raw_spin_unlock+0x4f/0x220 [ 1441.916686] kmem_cache_alloc+0x171/0x310 [ 1441.917643] ? trace_hardirqs_on+0x5b/0x180 [ 1441.918647] xas_alloc+0x336/0x440 [ 1441.919472] xas_create+0x34a/0x10d0 [ 1441.920361] xas_create_range+0x189/0x620 [ 1441.921338] shmem_add_to_page_cache+0x760/0x1130 [ 1441.922467] ? shmem_getattr+0x1a0/0x1a0 [ 1441.923437] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1441.924702] ? shmem_unuse_inode+0xf60/0xf60 [ 1441.925726] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1441.926918] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1441.928110] shmem_write_begin+0xf7/0x1d0 [ 1441.929078] generic_perform_write+0x20a/0x4f0 [ 1441.930146] ? page_cache_prev_miss+0x310/0x310 [ 1441.931223] ? evict_inodes+0x470/0x470 [ 1441.932151] ? generic_write_checks+0x2ad/0x390 [ 1441.933237] __generic_file_write_iter+0x39d/0x5d0 [ 1441.934378] generic_file_write_iter+0xdb/0x230 [ 1441.935450] ? iov_iter_init+0x3c/0x130 [ 1441.936382] new_sync_write+0x42c/0x660 [ 1441.937306] ? new_sync_read+0x6f0/0x6f0 [ 1441.938248] ? __x64_sys_pwrite64+0x201/0x260 [ 1441.939293] ? lock_release+0x680/0x680 [ 1441.940225] ? selinux_file_permission+0x92/0x520 [ 1441.941344] ? security_file_permission+0xb1/0xe0 [ 1441.942470] vfs_write+0x7c0/0xb10 [ 1441.943303] __x64_sys_pwrite64+0x201/0x260 [ 1441.944312] ? ksys_pwrite64+0x1b0/0x1b0 [ 1441.945261] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.946475] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.947670] do_syscall_64+0x33/0x40 [ 1441.948541] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.949726] RIP: 0033:0x7ff3728baab7 [ 1441.950587] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1441.954858] RSP: 002b:00007ff36fe7cf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1441.956627] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baab7 [ 1441.958279] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000004 [ 1441.959930] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1441.961587] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1441.963238] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1441.964936] CPU: 0 PID: 9092 Comm: syz-executor.0 Not tainted 5.10.230 #1 [ 1441.965768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.966741] Call Trace: [ 1441.967063] dump_stack+0x107/0x167 [ 1441.967493] should_fail.cold+0x5/0xa [ 1441.967945] ? __alloc_file+0x21/0x320 [ 1441.968413] should_failslab+0x5/0x20 [ 1441.968863] kmem_cache_alloc+0x5b/0x310 [ 1441.969363] __alloc_file+0x21/0x320 [ 1441.969852] alloc_empty_file+0x6d/0x170 [ 1441.970330] alloc_file+0x5e/0x5a0 [ 1441.970747] alloc_file_pseudo+0x16a/0x250 [ 1441.971252] ? alloc_file+0x5a0/0x5a0 [ 1441.971708] ? security_perf_event_alloc+0x79/0xa0 [ 1441.972315] ? ctx_sched_out+0xa00/0xa00 [ 1441.972329] anon_inode_getfile+0xc8/0x1f0 [ 1441.972341] __do_sys_perf_event_open+0xf59/0x2e60 [ 1441.972358] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1441.972375] ? perf_event_set_output+0x5b0/0x5b0 [ 1441.972384] ? wait_for_completion_io+0x270/0x270 [ 1441.972409] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.972420] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.972437] do_syscall_64+0x33/0x40 [ 1441.972454] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.972468] RIP: 0033:0x7fb95c3c3b19 [ 1441.972484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1441.972497] RSP: 002b:00007fb959939188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1441.972524] RAX: ffffffffffffffda RBX: 00007fb95c4d6f60 RCX: 00007fb95c3c3b19 [ 1441.972538] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020001d80 [ 1441.972551] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1441.972564] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1441.972578] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1441.998247] isofs_fill_super: get root inode failed [ 1442.011307] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1442.066811] audit: type=1400 audit(1733668224.871:270): avc: denied { read } for pid=9097 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 1442.078544] isofs_fill_super: root inode is not a directory. Corrupted media? 14:30:24 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 16) [ 1442.167809] FAULT_INJECTION: forcing a failure. [ 1442.167809] name failslab, interval 1, probability 0, space 0, times 0 [ 1442.169286] CPU: 0 PID: 9107 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1442.170080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1442.171035] Call Trace: [ 1442.171346] dump_stack+0x107/0x167 [ 1442.171764] should_fail.cold+0x5/0xa [ 1442.172211] ? create_object.isra.0+0x3a/0xa20 [ 1442.172735] should_failslab+0x5/0x20 [ 1442.173174] kmem_cache_alloc+0x5b/0x310 [ 1442.173643] create_object.isra.0+0x3a/0xa20 [ 1442.174148] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1442.174732] kmem_cache_alloc+0x159/0x310 [ 1442.175208] ? trace_hardirqs_on+0x5b/0x180 [ 1442.175712] xas_alloc+0x336/0x440 [ 1442.176133] xas_create+0x34a/0x10d0 [ 1442.176567] xas_create_range+0x189/0x620 [ 1442.177059] shmem_add_to_page_cache+0x760/0x1130 [ 1442.177625] ? shmem_getattr+0x1a0/0x1a0 [ 1442.178107] shmem_getpage_gfp.constprop.0+0x64a/0x1920 [ 1442.178725] ? shmem_unuse_inode+0xf60/0xf60 [ 1442.179234] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1442.179827] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1442.180420] shmem_write_begin+0xf7/0x1d0 [ 1442.180896] generic_perform_write+0x20a/0x4f0 [ 1442.181425] ? page_cache_prev_miss+0x310/0x310 [ 1442.181954] ? evict_inodes+0x470/0x470 [ 1442.182410] ? generic_write_checks+0x2ad/0x390 [ 1442.182950] __generic_file_write_iter+0x39d/0x5d0 [ 1442.183515] generic_file_write_iter+0xdb/0x230 [ 1442.184045] ? iov_iter_init+0x3c/0x130 [ 1442.184505] new_sync_write+0x42c/0x660 [ 1442.184960] ? new_sync_read+0x6f0/0x6f0 [ 1442.185426] ? __x64_sys_pwrite64+0x201/0x260 [ 1442.185939] ? lock_release+0x680/0x680 [ 1442.186399] ? selinux_file_permission+0x92/0x520 [ 1442.186953] ? security_file_permission+0xb1/0xe0 [ 1442.187510] vfs_write+0x7c0/0xb10 [ 1442.187925] __x64_sys_pwrite64+0x201/0x260 [ 1442.188422] ? ksys_pwrite64+0x1b0/0x1b0 [ 1442.188892] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1442.189495] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1442.190085] do_syscall_64+0x33/0x40 [ 1442.190510] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1442.191096] RIP: 0033:0x7fd972f8cab7 [ 1442.191518] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1442.193629] RSP: 002b:00007fd97054ef20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1442.194500] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8cab7 [ 1442.195324] RDX: 0000000000000082 RSI: 0000000020010600 RDI: 0000000000000004 [ 1442.196148] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 1442.196969] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1442.197785] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1442.312145] isofs_fill_super: get root inode failed [ 1457.720656] FAULT_INJECTION: forcing a failure. [ 1457.720656] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1457.722059] CPU: 0 PID: 9124 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1457.722839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1457.723772] Call Trace: [ 1457.724078] dump_stack+0x107/0x167 [ 1457.724493] should_fail.cold+0x5/0xa [ 1457.724940] iov_iter_copy_from_user_atomic+0x49b/0xdb0 [ 1457.725549] ? shmem_write_begin+0xf7/0x1d0 [ 1457.726038] ? shmem_write_begin+0x100/0x1d0 [ 1457.726543] generic_perform_write+0x279/0x4f0 [ 1457.727068] ? page_cache_prev_miss+0x310/0x310 [ 1457.727600] ? evict_inodes+0x470/0x470 [ 1457.728057] ? generic_write_checks+0x2ad/0x390 [ 1457.728593] __generic_file_write_iter+0x39d/0x5d0 [ 1457.729167] generic_file_write_iter+0xdb/0x230 [ 1457.729697] ? iov_iter_init+0x3c/0x130 [ 1457.730157] new_sync_write+0x42c/0x660 [ 1457.730611] ? new_sync_read+0x6f0/0x6f0 [ 1457.731077] ? __x64_sys_pwrite64+0x201/0x260 [ 1457.731382] FAULT_INJECTION: forcing a failure. [ 1457.731382] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1457.731605] ? lock_release+0x680/0x680 [ 1457.735028] ? selinux_file_permission+0x92/0x520 [ 1457.735573] ? security_file_permission+0xb1/0xe0 [ 1457.736114] vfs_write+0x7c0/0xb10 [ 1457.736525] __x64_sys_pwrite64+0x201/0x260 [ 1457.737022] ? ksys_pwrite64+0x1b0/0x1b0 [ 1457.737480] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1457.738071] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1457.738651] do_syscall_64+0x33/0x40 [ 1457.739069] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1457.739639] RIP: 0033:0x7f744e8d0ab7 [ 1457.740059] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1457.742134] RSP: 002b:00007f744be92f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1457.742992] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0ab7 [ 1457.743792] RDX: 000000000000009f RSI: 0000000020010600 RDI: 0000000000000004 [ 1457.744587] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1457.745390] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1457.746185] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1457.747018] CPU: 1 PID: 9125 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1457.748429] FAULT_INJECTION: forcing a failure. [ 1457.748429] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1457.748806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1457.748818] Call Trace: [ 1457.752942] dump_stack+0x107/0x167 [ 1457.753890] should_fail.cold+0x5/0xa [ 1457.754880] __alloc_pages_nodemask+0x182/0x600 [ 1457.756098] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1457.757691] ? lock_downgrade+0x6d0/0x6d0 [ 1457.758764] ? lock_acquire+0x197/0x470 [ 1457.759823] alloc_pages_vma+0xbb/0x410 [ 1457.760874] shmem_alloc_page+0x10f/0x1e0 [ 1457.761942] ? shmem_init_inode+0x20/0x20 [ 1457.763087] ? percpu_counter_add_batch+0x8b/0x140 [ 1457.764375] ? __vm_enough_memory+0x184/0x360 [ 1457.765571] shmem_getpage_gfp.constprop.0+0x512/0x1920 [ 1457.766960] ? shmem_unuse_inode+0xf60/0xf60 [ 1457.768118] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1457.769482] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1457.770801] shmem_write_begin+0xf7/0x1d0 [ 1457.771891] generic_perform_write+0x20a/0x4f0 [ 1457.773074] ? page_cache_prev_miss+0x310/0x310 [ 1457.774066] ? evict_inodes+0x470/0x470 [ 1457.774918] ? generic_write_checks+0x2ad/0x390 [ 1457.775935] __generic_file_write_iter+0x39d/0x5d0 [ 1457.777002] generic_file_write_iter+0xdb/0x230 [ 1457.778006] ? iov_iter_init+0x3c/0x130 [ 1457.778869] new_sync_write+0x42c/0x660 [ 1457.779739] ? new_sync_read+0x6f0/0x6f0 [ 1457.780628] ? __x64_sys_pwrite64+0x201/0x260 [ 1457.781605] ? lock_release+0x680/0x680 [ 1457.782533] ? selinux_file_permission+0x92/0x520 [ 1457.783818] ? security_file_permission+0xb1/0xe0 [ 1457.785117] vfs_write+0x7c0/0xb10 [ 1457.786066] __x64_sys_pwrite64+0x201/0x260 [ 1457.787213] ? ksys_pwrite64+0x1b0/0x1b0 [ 1457.788125] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1457.789259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1457.790362] do_syscall_64+0x33/0x40 [ 1457.791133] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1457.792230] RIP: 0033:0x7f3b3a68eab7 [ 1457.793026] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1457.796929] RSP: 002b:00007f3b37c50f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1457.798534] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68eab7 [ 1457.800040] RDX: 000000000000001a RSI: 0000000020011700 RDI: 0000000000000005 [ 1457.801555] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1457.803052] R10: 000000000000f000 R11: 0000000000000293 R12: 0000000000000005 [ 1457.804576] R13: 0000000000000005 R14: 0000000020000218 R15: 0000000000000001 [ 1457.806117] CPU: 0 PID: 9123 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1457.806898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1457.807825] Call Trace: [ 1457.808120] dump_stack+0x107/0x167 [ 1457.808526] should_fail.cold+0x5/0xa [ 1457.808960] __alloc_pages_nodemask+0x182/0x600 [ 1457.809476] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1457.810141] ? lock_downgrade+0x6d0/0x6d0 [ 1457.810604] ? lock_acquire+0x197/0x470 [ 1457.811084] alloc_pages_vma+0xbb/0x410 [ 1457.811548] shmem_alloc_page+0x10f/0x1e0 [ 1457.812028] ? shmem_init_inode+0x20/0x20 [ 1457.812503] ? percpu_counter_add_batch+0x8b/0x140 [ 1457.813070] ? __vm_enough_memory+0x184/0x360 [ 1457.813572] shmem_getpage_gfp.constprop.0+0x512/0x1920 [ 1457.814190] ? shmem_unuse_inode+0xf60/0xf60 [ 1457.814682] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1457.815270] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1457.815836] shmem_write_begin+0xf7/0x1d0 [ 1457.816313] generic_perform_write+0x20a/0x4f0 [ 1457.816832] ? page_cache_prev_miss+0x310/0x310 [ 1457.817350] ? evict_inodes+0x470/0x470 [ 1457.817790] ? generic_write_checks+0x2ad/0x390 [ 1457.818309] __generic_file_write_iter+0x39d/0x5d0 [ 1457.818855] generic_file_write_iter+0xdb/0x230 [ 1457.819383] ? iov_iter_init+0x3c/0x130 [ 1457.819827] new_sync_write+0x42c/0x660 [ 1457.820281] ? new_sync_read+0x6f0/0x6f0 [ 1457.820745] ? __x64_sys_pwrite64+0x201/0x260 [ 1457.821258] ? lock_release+0x680/0x680 [ 1457.821704] ? selinux_file_permission+0x92/0x520 [ 1457.822259] ? security_file_permission+0xb1/0xe0 [ 1457.823105] vfs_write+0x7c0/0xb10 [ 1457.823505] __x64_sys_pwrite64+0x201/0x260 [ 1457.823984] ? ksys_pwrite64+0x1b0/0x1b0 [ 1457.824446] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1457.825042] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1457.825618] do_syscall_64+0x33/0x40 [ 1457.826033] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1457.826604] RIP: 0033:0x7ff3728baab7 [ 1457.827016] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1457.829069] RSP: 002b:00007ff36fe7cf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1457.829922] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baab7 [ 1457.830717] RDX: 0000000000000001 RSI: 0000000020011700 RDI: 0000000000000004 [ 1457.831514] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1457.832312] R10: 000000000000f000 R11: 0000000000000293 R12: 0000000000000004 [ 1457.833117] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:30:40 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 18) 14:30:40 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f8", 0x16}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:30:40 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 17) 14:30:40 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 18) 14:30:40 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (fail_nth: 13) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:30:40 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x0, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:30:40 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:30:40 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 17) [ 1457.842646] FAULT_INJECTION: forcing a failure. [ 1457.842646] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1457.844040] CPU: 0 PID: 9135 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1457.844812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1457.845745] Call Trace: [ 1457.846041] dump_stack+0x107/0x167 [ 1457.846449] should_fail.cold+0x5/0xa [ 1457.846879] iov_iter_copy_from_user_atomic+0x49b/0xdb0 [ 1457.847478] ? shmem_write_begin+0xf7/0x1d0 [ 1457.847958] ? shmem_write_begin+0x100/0x1d0 [ 1457.848452] generic_perform_write+0x279/0x4f0 [ 1457.848979] ? page_cache_prev_miss+0x310/0x310 [ 1457.849497] ? evict_inodes+0x470/0x470 [ 1457.849942] ? generic_write_checks+0x2ad/0x390 [ 1457.850464] __generic_file_write_iter+0x39d/0x5d0 [ 1457.851016] generic_file_write_iter+0xdb/0x230 [ 1457.851539] ? iov_iter_init+0x3c/0x130 [ 1457.851985] new_sync_write+0x42c/0x660 [ 1457.852429] ? new_sync_read+0x6f0/0x6f0 [ 1457.852660] FAT-fs (loop3): bogus number of FAT sectors [ 1457.852892] ? __x64_sys_pwrite64+0x201/0x260 [ 1457.852905] ? lock_release+0x680/0x680 [ 1457.852927] ? selinux_file_permission+0x92/0x520 [ 1457.854113] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1457.854578] ? security_file_permission+0xb1/0xe0 [ 1457.857132] vfs_write+0x7c0/0xb10 [ 1457.857148] __x64_sys_pwrite64+0x201/0x260 [ 1457.857170] ? ksys_pwrite64+0x1b0/0x1b0 [ 1457.858840] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1457.859424] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1457.860000] do_syscall_64+0x33/0x40 [ 1457.860418] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1457.861002] RIP: 0033:0x7fd972f8cab7 [ 1457.861417] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1457.863473] RSP: 002b:00007fd97054ef20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1457.864322] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8cab7 [ 1457.865128] RDX: 0000000000000082 RSI: 0000000020010600 RDI: 0000000000000004 [ 1457.865927] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 1457.866723] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1457.867520] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1457.875737] FAULT_INJECTION: forcing a failure. [ 1457.875737] name failslab, interval 1, probability 0, space 0, times 0 [ 1457.877161] CPU: 0 PID: 9126 Comm: syz-executor.0 Not tainted 5.10.230 #1 [ 1457.877942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1457.878869] Call Trace: [ 1457.879165] dump_stack+0x107/0x167 [ 1457.879571] should_fail.cold+0x5/0xa [ 1457.880001] ? create_object.isra.0+0x3a/0xa20 [ 1457.880513] should_failslab+0x5/0x20 [ 1457.880958] kmem_cache_alloc+0x5b/0x310 [ 1457.881414] create_object.isra.0+0x3a/0xa20 [ 1457.881904] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1457.882484] kmem_cache_alloc+0x159/0x310 [ 1457.882950] __alloc_file+0x21/0x320 [ 1457.883377] alloc_empty_file+0x6d/0x170 [ 1457.883835] alloc_file+0x5e/0x5a0 [ 1457.884235] alloc_file_pseudo+0x16a/0x250 [ 1457.884715] ? alloc_file+0x5a0/0x5a0 [ 1457.885154] ? security_perf_event_alloc+0x79/0xa0 [ 1457.885708] ? ctx_sched_out+0xa00/0xa00 [ 1457.886178] anon_inode_getfile+0xc8/0x1f0 [ 1457.886655] __do_sys_perf_event_open+0xf59/0x2e60 [ 1457.887209] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1457.887750] ? perf_event_set_output+0x5b0/0x5b0 [ 1457.888281] ? wait_for_completion_io+0x270/0x270 [ 1457.888842] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1457.889431] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1457.890008] do_syscall_64+0x33/0x40 [ 1457.890423] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1457.890996] RIP: 0033:0x7fb95c3c3b19 [ 1457.891411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1457.893481] RSP: 002b:00007fb959939188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1457.894334] RAX: ffffffffffffffda RBX: 00007fb95c4d6f60 RCX: 00007fb95c3c3b19 [ 1457.895134] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020001d80 [ 1457.895932] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1457.896738] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1457.897537] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1457.914360] isofs_fill_super: get root inode failed [ 1457.920519] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1457.961361] isofs_fill_super: get root inode failed [ 1457.964335] isofs_fill_super: get root inode failed 14:30:40 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (fail_nth: 14) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:30:40 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 18) 14:30:40 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x0, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:30:40 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 19) 14:30:40 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 18) [ 1458.110050] FAULT_INJECTION: forcing a failure. [ 1458.110050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1458.112548] CPU: 1 PID: 9148 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1458.113992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.115727] Call Trace: [ 1458.116284] dump_stack+0x107/0x167 [ 1458.117064] should_fail.cold+0x5/0xa [ 1458.117866] iov_iter_copy_from_user_atomic+0x49b/0xdb0 [ 1458.118994] ? shmem_write_begin+0xf7/0x1d0 [ 1458.119896] ? shmem_write_begin+0x100/0x1d0 [ 1458.120842] generic_perform_write+0x279/0x4f0 [ 1458.121804] ? page_cache_prev_miss+0x310/0x310 [ 1458.122778] ? evict_inodes+0x470/0x470 [ 1458.123611] ? generic_write_checks+0x2ad/0x390 [ 1458.124598] __generic_file_write_iter+0x39d/0x5d0 [ 1458.125639] generic_file_write_iter+0xdb/0x230 [ 1458.126607] ? iov_iter_init+0x3c/0x130 [ 1458.127450] new_sync_write+0x42c/0x660 [ 1458.128285] ? new_sync_read+0x6f0/0x6f0 [ 1458.129160] ? __x64_sys_pwrite64+0x201/0x260 [ 1458.130107] ? lock_release+0x680/0x680 [ 1458.130938] ? selinux_file_permission+0x92/0x520 [ 1458.131957] ? security_file_permission+0xb1/0xe0 [ 1458.132989] vfs_write+0x7c0/0xb10 [ 1458.133741] __x64_sys_pwrite64+0x201/0x260 [ 1458.134643] ? ksys_pwrite64+0x1b0/0x1b0 [ 1458.135503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.136593] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1458.137686] do_syscall_64+0x33/0x40 [ 1458.138461] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1458.139527] RIP: 0033:0x7f3b3a68eab7 [ 1458.140307] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1458.144156] RSP: 002b:00007f3b37c50f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1458.145751] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68eab7 [ 1458.147237] RDX: 000000000000001a RSI: 0000000020011700 RDI: 0000000000000005 [ 1458.148750] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1458.150242] R10: 000000000000f000 R11: 0000000000000293 R12: 0000000000000005 [ 1458.151729] R13: 0000000000000005 R14: 0000000020000218 R15: 0000000000000001 14:30:40 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 19) [ 1458.168802] FAULT_INJECTION: forcing a failure. [ 1458.168802] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1458.171260] CPU: 1 PID: 9157 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1458.172688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.174422] Call Trace: [ 1458.174671] FAULT_INJECTION: forcing a failure. [ 1458.174671] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1458.174969] dump_stack+0x107/0x167 [ 1458.174990] should_fail.cold+0x5/0xa [ 1458.175015] iov_iter_copy_from_user_atomic+0x49b/0xdb0 [ 1458.178969] ? shmem_write_begin+0xf7/0x1d0 [ 1458.179870] ? shmem_write_begin+0x100/0x1d0 [ 1458.180797] generic_perform_write+0x279/0x4f0 [ 1458.181793] ? page_cache_prev_miss+0x310/0x310 [ 1458.182789] ? evict_inodes+0x470/0x470 [ 1458.183636] ? generic_write_checks+0x2ad/0x390 [ 1458.184656] __generic_file_write_iter+0x39d/0x5d0 [ 1458.185714] generic_file_write_iter+0xdb/0x230 [ 1458.186695] ? iov_iter_init+0x3c/0x130 [ 1458.187547] new_sync_write+0x42c/0x660 [ 1458.188401] ? new_sync_read+0x6f0/0x6f0 [ 1458.189290] ? __x64_sys_pwrite64+0x201/0x260 [ 1458.190245] ? lock_release+0x680/0x680 [ 1458.191088] ? selinux_file_permission+0x92/0x520 [ 1458.192122] ? security_file_permission+0xb1/0xe0 [ 1458.193179] vfs_write+0x7c0/0xb10 [ 1458.193937] __x64_sys_pwrite64+0x201/0x260 [ 1458.194856] ? ksys_pwrite64+0x1b0/0x1b0 [ 1458.195728] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.196860] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1458.197959] do_syscall_64+0x33/0x40 [ 1458.198750] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1458.199834] RIP: 0033:0x7fd972f8cab7 [ 1458.200654] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1458.204547] RSP: 002b:00007fd97054ef20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1458.206178] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8cab7 [ 1458.207676] RDX: 0000000000000082 RSI: 0000000020010600 RDI: 0000000000000004 [ 1458.209219] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 1458.210734] R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004 [ 1458.212257] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 1458.213802] CPU: 0 PID: 9158 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1458.214693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.215620] Call Trace: [ 1458.215926] dump_stack+0x107/0x167 [ 1458.216334] should_fail.cold+0x5/0xa [ 1458.216777] __alloc_pages_nodemask+0x182/0x600 [ 1458.217298] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1458.217814] FAULT_INJECTION: forcing a failure. [ 1458.217814] name failslab, interval 1, probability 0, space 0, times 0 [ 1458.217983] ? lock_downgrade+0x6d0/0x6d0 [ 1458.217994] ? lock_acquire+0x197/0x470 [ 1458.218016] alloc_pages_vma+0xbb/0x410 [ 1458.218031] shmem_alloc_page+0x10f/0x1e0 [ 1458.218041] ? shmem_init_inode+0x20/0x20 [ 1458.218066] ? percpu_counter_add_batch+0x8b/0x140 [ 1458.218086] ? __vm_enough_memory+0x184/0x360 [ 1458.223689] shmem_getpage_gfp.constprop.0+0x512/0x1920 [ 1458.224302] ? shmem_unuse_inode+0xf60/0xf60 [ 1458.224810] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1458.225391] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1458.225965] shmem_write_begin+0xf7/0x1d0 [ 1458.226439] generic_perform_write+0x20a/0x4f0 [ 1458.226964] ? page_cache_prev_miss+0x310/0x310 [ 1458.227490] ? evict_inodes+0x470/0x470 [ 1458.227939] ? generic_write_checks+0x2ad/0x390 [ 1458.228464] __generic_file_write_iter+0x39d/0x5d0 [ 1458.229027] generic_file_write_iter+0xdb/0x230 [ 1458.229547] ? iov_iter_init+0x3c/0x130 [ 1458.229998] new_sync_write+0x42c/0x660 [ 1458.230445] ? new_sync_read+0x6f0/0x6f0 [ 1458.230903] ? __x64_sys_pwrite64+0x201/0x260 [ 1458.231407] ? lock_release+0x680/0x680 [ 1458.231856] ? selinux_file_permission+0x92/0x520 [ 1458.232401] ? security_file_permission+0xb1/0xe0 [ 1458.232956] vfs_write+0x7c0/0xb10 [ 1458.233360] __x64_sys_pwrite64+0x201/0x260 [ 1458.233843] ? ksys_pwrite64+0x1b0/0x1b0 [ 1458.234305] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.234893] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1458.235473] do_syscall_64+0x33/0x40 [ 1458.235893] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1458.236467] RIP: 0033:0x7f744e8d0ab7 [ 1458.236898] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1458.238959] RSP: 002b:00007f744be92f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1458.239807] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0ab7 [ 1458.240608] RDX: 0000000000000001 RSI: 0000000020011700 RDI: 0000000000000004 [ 1458.241419] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1458.242215] R10: 000000000000f000 R11: 0000000000000293 R12: 0000000000000004 [ 1458.243019] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1458.244137] CPU: 1 PID: 9153 Comm: syz-executor.0 Not tainted 5.10.230 #1 [ 1458.245639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.246825] FAULT_INJECTION: forcing a failure. [ 1458.246825] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1458.247410] Call Trace: [ 1458.247431] dump_stack+0x107/0x167 [ 1458.247451] should_fail.cold+0x5/0xa [ 1458.250850] ? security_file_alloc+0x34/0x170 [ 1458.251806] should_failslab+0x5/0x20 [ 1458.252626] kmem_cache_alloc+0x5b/0x310 [ 1458.253523] security_file_alloc+0x34/0x170 [ 1458.254445] __alloc_file+0xb7/0x320 [ 1458.255223] alloc_empty_file+0x6d/0x170 [ 1458.256101] alloc_file+0x5e/0x5a0 [ 1458.256845] alloc_file_pseudo+0x16a/0x250 [ 1458.257745] ? alloc_file+0x5a0/0x5a0 [ 1458.258540] ? security_perf_event_alloc+0x79/0xa0 [ 1458.259670] ? ctx_sched_out+0xa00/0xa00 [ 1458.260776] anon_inode_getfile+0xc8/0x1f0 [ 1458.261908] __do_sys_perf_event_open+0xf59/0x2e60 [ 1458.263214] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1458.264411] ? perf_event_set_output+0x5b0/0x5b0 [ 1458.265436] ? wait_for_completion_io+0x270/0x270 [ 1458.266472] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.267575] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1458.268694] do_syscall_64+0x33/0x40 [ 1458.269467] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1458.270554] RIP: 0033:0x7fb95c3c3b19 [ 1458.271346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1458.275258] RSP: 002b:00007fb959939188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1458.276889] RAX: ffffffffffffffda RBX: 00007fb95c4d6f60 RCX: 00007fb95c3c3b19 [ 1458.278411] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020001d80 [ 1458.279918] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1458.281467] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1458.282978] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1458.284528] CPU: 0 PID: 9159 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1458.285325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.286251] Call Trace: [ 1458.286551] dump_stack+0x107/0x167 [ 1458.286962] should_fail.cold+0x5/0xa [ 1458.287495] iov_iter_copy_from_user_atomic+0x49b/0xdb0 [ 1458.288147] ? shmem_write_begin+0xf7/0x1d0 [ 1458.288643] ? shmem_write_begin+0x100/0x1d0 [ 1458.289144] generic_perform_write+0x279/0x4f0 [ 1458.289663] ? page_cache_prev_miss+0x310/0x310 [ 1458.290192] ? evict_inodes+0x470/0x470 [ 1458.290648] ? generic_write_checks+0x2ad/0x390 [ 1458.291173] __generic_file_write_iter+0x39d/0x5d0 [ 1458.291738] generic_file_write_iter+0xdb/0x230 [ 1458.292274] ? iov_iter_init+0x3c/0x130 [ 1458.292744] new_sync_write+0x42c/0x660 [ 1458.293199] ? new_sync_read+0x6f0/0x6f0 [ 1458.293653] ? __x64_sys_pwrite64+0x201/0x260 [ 1458.294160] ? lock_release+0x680/0x680 [ 1458.294606] ? selinux_file_permission+0x92/0x520 [ 1458.295148] ? security_file_permission+0xb1/0xe0 [ 1458.295692] vfs_write+0x7c0/0xb10 [ 1458.296093] __x64_sys_pwrite64+0x201/0x260 [ 1458.296574] ? ksys_pwrite64+0x1b0/0x1b0 [ 1458.297048] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.297634] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1458.298210] do_syscall_64+0x33/0x40 [ 1458.298629] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1458.299202] RIP: 0033:0x7ff3728baab7 14:30:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, 0xffffffffffffffff) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1458.299620] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1458.301884] RSP: 002b:00007ff36fe7cf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1458.302748] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baab7 [ 1458.303555] RDX: 0000000000000001 RSI: 0000000020011700 RDI: 0000000000000004 [ 1458.304362] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1458.305181] R10: 000000000000f000 R11: 0000000000000293 R12: 0000000000000004 [ 1458.305188] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1458.344664] isofs_fill_super: get root inode failed 14:30:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 1) [ 1458.444309] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1458.491670] FAULT_INJECTION: forcing a failure. [ 1458.491670] name failslab, interval 1, probability 0, space 0, times 0 [ 1458.494299] CPU: 1 PID: 9166 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1458.495803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.497651] Call Trace: [ 1458.498231] dump_stack+0x107/0x167 [ 1458.499076] should_fail.cold+0x5/0xa [ 1458.500121] should_failslab+0x5/0x20 [ 1458.501157] __kmalloc_track_caller+0x79/0x370 [ 1458.502372] ? strndup_user+0x74/0xe0 [ 1458.503394] memdup_user+0x22/0xd0 [ 1458.504350] strndup_user+0x74/0xe0 [ 1458.505186] __x64_sys_mount+0x133/0x300 [ 1458.506083] ? copy_mnt_ns+0xa00/0xa00 [ 1458.506942] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.508092] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1458.509245] do_syscall_64+0x33/0x40 [ 1458.510059] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1458.511173] RIP: 0033:0x7fb9df3c2b19 [ 1458.511994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1458.516034] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1458.517715] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1458.519275] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1458.520849] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1458.522420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1458.523968] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:30:58 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 19) 14:30:58 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 19) 14:30:58 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (fail_nth: 15) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:30:58 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f8", 0x16}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:30:58 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 20) 14:30:58 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 2) 14:30:58 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 20) 14:30:58 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, 0xffffffffffffffff) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1475.567974] FAULT_INJECTION: forcing a failure. [ 1475.567974] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.570422] CPU: 1 PID: 9174 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1475.571851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.573592] Call Trace: [ 1475.574147] dump_stack+0x107/0x167 [ 1475.574905] should_fail.cold+0x5/0xa [ 1475.575701] ? create_object.isra.0+0x3a/0xa20 [ 1475.576656] should_failslab+0x5/0x20 [ 1475.577458] kmem_cache_alloc+0x5b/0x310 [ 1475.578300] ? __generic_file_write_iter+0x1a4/0x5d0 [ 1475.579358] create_object.isra.0+0x3a/0xa20 [ 1475.580273] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1475.581346] kmem_cache_alloc+0x159/0x310 [ 1475.582210] ? new_sync_write+0x499/0x660 [ 1475.583073] getname_flags.part.0+0x50/0x4f0 [ 1475.583985] getname+0x8e/0xd0 [ 1475.584650] do_sys_openat2+0xf9/0x4d0 [ 1475.585465] ? build_open_flags+0x6f0/0x6f0 [ 1475.586371] ? rcu_read_lock_any_held+0x75/0xa0 [ 1475.587337] __x64_sys_openat+0x13f/0x1f0 [ 1475.588192] ? __ia32_sys_open+0x1c0/0x1c0 [ 1475.589079] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.590179] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.591249] do_syscall_64+0x33/0x40 [ 1475.592020] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.593080] RIP: 0033:0x7fd972f8ca04 [ 1475.593853] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1475.597668] RSP: 002b:00007fd97054eed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1475.599257] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8ca04 [ 1475.600737] RDX: 0000000000000002 RSI: 00007fd97054f000 RDI: 00000000ffffff9c [ 1475.602227] RBP: 00007fd97054f000 R08: 0000000000000000 R09: ffffffffffffffff [ 1475.603711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1475.605192] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1475.611030] FAULT_INJECTION: forcing a failure. [ 1475.611030] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.613417] CPU: 0 PID: 9183 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1475.614834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.616560] Call Trace: [ 1475.617106] dump_stack+0x107/0x167 [ 1475.617872] should_fail.cold+0x5/0xa [ 1475.618668] ? getname_flags.part.0+0x50/0x4f0 [ 1475.619620] should_failslab+0x5/0x20 [ 1475.620412] kmem_cache_alloc+0x5b/0x310 [ 1475.621269] ? new_sync_write+0x499/0x660 [ 1475.622139] getname_flags.part.0+0x50/0x4f0 [ 1475.623055] getname+0x8e/0xd0 [ 1475.623726] do_sys_openat2+0xf9/0x4d0 [ 1475.624536] ? build_open_flags+0x6f0/0x6f0 [ 1475.625455] ? rcu_read_lock_any_held+0x75/0xa0 [ 1475.626429] __x64_sys_openat+0x13f/0x1f0 [ 1475.627291] ? __ia32_sys_open+0x1c0/0x1c0 [ 1475.628186] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.629287] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.630358] do_syscall_64+0x33/0x40 [ 1475.631132] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.632208] RIP: 0033:0x7f3b3a68ea04 [ 1475.632987] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1475.636836] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1475.638433] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1475.639930] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1475.641430] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1475.642916] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1475.644401] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1475.649498] FAULT_INJECTION: forcing a failure. [ 1475.649498] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.651237] FAULT_INJECTION: forcing a failure. [ 1475.651237] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.651875] CPU: 0 PID: 9182 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1475.655500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.657238] Call Trace: [ 1475.657785] dump_stack+0x107/0x167 [ 1475.658546] should_fail.cold+0x5/0xa [ 1475.659339] ? create_object.isra.0+0x3a/0xa20 [ 1475.660290] should_failslab+0x5/0x20 [ 1475.661083] kmem_cache_alloc+0x5b/0x310 [ 1475.661942] create_object.isra.0+0x3a/0xa20 [ 1475.662852] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1475.663915] __kmalloc_track_caller+0x177/0x370 [ 1475.664885] ? strndup_user+0x74/0xe0 [ 1475.665689] memdup_user+0x22/0xd0 [ 1475.666426] strndup_user+0x74/0xe0 [ 1475.667185] __x64_sys_mount+0x133/0x300 [ 1475.668027] ? copy_mnt_ns+0xa00/0xa00 [ 1475.668841] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.669943] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.671019] do_syscall_64+0x33/0x40 [ 1475.671798] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.672864] RIP: 0033:0x7fb9df3c2b19 [ 1475.673646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1475.677486] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1475.679073] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1475.680559] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1475.682053] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1475.683536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1475.685022] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1475.686553] CPU: 1 PID: 9189 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1475.687995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.689726] Call Trace: [ 1475.690275] dump_stack+0x107/0x167 [ 1475.691032] should_fail.cold+0x5/0xa [ 1475.691821] ? getname_flags.part.0+0x50/0x4f0 [ 1475.692769] should_failslab+0x5/0x20 [ 1475.693561] kmem_cache_alloc+0x5b/0x310 [ 1475.694451] ? new_sync_write+0x499/0x660 [ 1475.695351] FAT-fs (loop3): bogus number of FAT sectors [ 1475.695450] getname_flags.part.0+0x50/0x4f0 [ 1475.696609] FAT-fs (loop3): Can't find a valid FAT filesystem [ 1475.697456] getname+0x8e/0xd0 [ 1475.697475] do_sys_openat2+0xf9/0x4d0 [ 1475.697497] ? build_open_flags+0x6f0/0x6f0 [ 1475.701028] ? rcu_read_lock_any_held+0x75/0xa0 [ 1475.702008] __x64_sys_openat+0x13f/0x1f0 [ 1475.702867] ? __ia32_sys_open+0x1c0/0x1c0 [ 1475.703756] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.704849] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.705929] do_syscall_64+0x33/0x40 [ 1475.706712] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.707780] RIP: 0033:0x7ff3728baa04 [ 1475.708552] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1475.712370] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1475.713965] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1475.715447] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1475.716930] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1475.718420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1475.719902] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1475.728094] FAULT_INJECTION: forcing a failure. [ 1475.728094] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1475.730654] CPU: 1 PID: 9192 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1475.732080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.733814] Call Trace: [ 1475.734363] dump_stack+0x107/0x167 [ 1475.735126] should_fail.cold+0x5/0xa [ 1475.735932] iov_iter_copy_from_user_atomic+0x49b/0xdb0 [ 1475.737044] ? shmem_write_begin+0xf7/0x1d0 [ 1475.737949] ? shmem_write_begin+0x100/0x1d0 [ 1475.738878] generic_perform_write+0x279/0x4f0 [ 1475.739837] ? page_cache_prev_miss+0x310/0x310 [ 1475.740802] ? evict_inodes+0x470/0x470 [ 1475.741634] ? generic_write_checks+0x2ad/0x390 [ 1475.742613] __generic_file_write_iter+0x39d/0x5d0 [ 1475.743638] generic_file_write_iter+0xdb/0x230 [ 1475.744598] ? iov_iter_init+0x3c/0x130 [ 1475.745437] new_sync_write+0x42c/0x660 [ 1475.746268] ? new_sync_read+0x6f0/0x6f0 [ 1475.747112] ? __x64_sys_pwrite64+0x201/0x260 [ 1475.748045] ? lock_release+0x680/0x680 [ 1475.748879] ? selinux_file_permission+0x92/0x520 [ 1475.749891] ? security_file_permission+0xb1/0xe0 [ 1475.750907] vfs_write+0x7c0/0xb10 [ 1475.751656] __x64_sys_pwrite64+0x201/0x260 [ 1475.752556] ? ksys_pwrite64+0x1b0/0x1b0 [ 1475.753415] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.754500] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.755572] do_syscall_64+0x33/0x40 [ 1475.756345] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.757416] RIP: 0033:0x7f744e8d0ab7 [ 1475.758184] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1475.762020] RSP: 002b:00007f744be92f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1475.763610] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0ab7 [ 1475.765088] RDX: 0000000000000001 RSI: 0000000020011700 RDI: 0000000000000004 [ 1475.766582] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1475.768069] R10: 000000000000f000 R11: 0000000000000293 R12: 0000000000000004 [ 1475.769581] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:30:58 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 21) [ 1475.808740] FAULT_INJECTION: forcing a failure. [ 1475.808740] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.811292] CPU: 1 PID: 9188 Comm: syz-executor.0 Not tainted 5.10.230 #1 [ 1475.812726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.814467] Call Trace: [ 1475.815022] dump_stack+0x107/0x167 [ 1475.815781] should_fail.cold+0x5/0xa [ 1475.816580] ? create_object.isra.0+0x3a/0xa20 [ 1475.817578] should_failslab+0x5/0x20 [ 1475.818525] kmem_cache_alloc+0x5b/0x310 [ 1475.819540] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1475.820904] create_object.isra.0+0x3a/0xa20 [ 1475.822055] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1475.823309] kmem_cache_alloc+0x159/0x310 [ 1475.824334] security_file_alloc+0x34/0x170 [ 1475.825414] __alloc_file+0xb7/0x320 [ 1475.826335] alloc_empty_file+0x6d/0x170 [ 1475.827339] alloc_file+0x5e/0x5a0 [ 1475.828221] alloc_file_pseudo+0x16a/0x250 [ 1475.829272] ? alloc_file+0x5a0/0x5a0 [ 1475.830210] ? security_perf_event_alloc+0x79/0xa0 [ 1475.831416] ? ctx_sched_out+0xa00/0xa00 [ 1475.832427] anon_inode_getfile+0xc8/0x1f0 [ 1475.833501] __do_sys_perf_event_open+0xf59/0x2e60 [ 1475.834719] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1475.835915] ? perf_event_set_output+0x5b0/0x5b0 [ 1475.837086] ? wait_for_completion_io+0x270/0x270 [ 1475.838314] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.839618] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.840893] do_syscall_64+0x33/0x40 [ 1475.841817] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.843094] RIP: 0033:0x7fb95c3c3b19 [ 1475.844011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1475.848569] RSP: 002b:00007fb959939188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1475.850463] RAX: ffffffffffffffda RBX: 00007fb95c4d6f60 RCX: 00007fb95c3c3b19 [ 1475.852228] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020001d80 [ 1475.854000] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1475.855772] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1475.857554] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1475.864342] FAULT_INJECTION: forcing a failure. [ 1475.864342] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.867123] CPU: 1 PID: 9199 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1475.868793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1475.870836] Call Trace: [ 1475.871481] dump_stack+0x107/0x167 [ 1475.872401] should_fail.cold+0x5/0xa [ 1475.873342] ? create_object.isra.0+0x3a/0xa20 [ 1475.874466] should_failslab+0x5/0x20 [ 1475.875398] kmem_cache_alloc+0x5b/0x310 [ 1475.876403] ? __generic_file_write_iter+0x1a4/0x5d0 [ 1475.877661] create_object.isra.0+0x3a/0xa20 [ 1475.878737] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1475.879998] kmem_cache_alloc+0x159/0x310 [ 1475.881011] ? new_sync_write+0x499/0x660 [ 1475.882060] getname_flags.part.0+0x50/0x4f0 [ 1475.883156] getname+0x8e/0xd0 [ 1475.883963] do_sys_openat2+0xf9/0x4d0 [ 1475.884919] ? build_open_flags+0x6f0/0x6f0 [ 1475.886015] ? rcu_read_lock_any_held+0x75/0xa0 [ 1475.887165] __x64_sys_openat+0x13f/0x1f0 [ 1475.888201] ? __ia32_sys_open+0x1c0/0x1c0 [ 1475.889260] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1475.890582] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1475.891859] do_syscall_64+0x33/0x40 [ 1475.892788] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1475.894058] RIP: 0033:0x7f3b3a68ea04 [ 1475.894986] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1475.899585] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1475.901475] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1475.903242] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1475.905024] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1475.906797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1475.908562] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:30:58 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 3) [ 1475.937631] isofs_fill_super: get root inode failed [ 1475.998581] FAULT_INJECTION: forcing a failure. [ 1475.998581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1476.001371] CPU: 1 PID: 9201 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1476.002972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.004926] Call Trace: [ 1476.005547] dump_stack+0x107/0x167 [ 1476.006394] should_fail.cold+0x5/0xa [ 1476.007285] _copy_from_user+0x2e/0x1b0 [ 1476.008230] memdup_user+0x65/0xd0 [ 1476.009047] strndup_user+0x74/0xe0 [ 1476.009917] __x64_sys_mount+0x133/0x300 [ 1476.010879] ? copy_mnt_ns+0xa00/0xa00 [ 1476.011808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.013053] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.014286] do_syscall_64+0x33/0x40 [ 1476.015169] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.016387] RIP: 0033:0x7fb9df3c2b19 [ 1476.017276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1476.021652] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1476.023443] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1476.025116] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1476.026797] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1476.028473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1476.030163] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:30:58 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 21) 14:30:58 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (fail_nth: 16) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1476.054865] isofs_fill_super: root inode is not a directory. Corrupted media? 14:30:58 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 20) 14:30:58 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 22) [ 1476.115066] FAULT_INJECTION: forcing a failure. [ 1476.115066] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.117751] CPU: 1 PID: 9207 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1476.119346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.121291] Call Trace: [ 1476.121910] dump_stack+0x107/0x167 [ 1476.122761] should_fail.cold+0x5/0xa [ 1476.123653] ? create_object.isra.0+0x3a/0xa20 [ 1476.124722] should_failslab+0x5/0x20 [ 1476.125614] kmem_cache_alloc+0x5b/0x310 [ 1476.126555] ? __generic_file_write_iter+0x1a4/0x5d0 [ 1476.127736] create_object.isra.0+0x3a/0xa20 [ 1476.128746] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1476.129925] kmem_cache_alloc+0x159/0x310 [ 1476.130880] ? new_sync_write+0x499/0x660 [ 1476.131839] getname_flags.part.0+0x50/0x4f0 [ 1476.132853] getname+0x8e/0xd0 [ 1476.133602] do_sys_openat2+0xf9/0x4d0 [ 1476.134501] ? build_open_flags+0x6f0/0x6f0 [ 1476.135506] ? rcu_read_lock_any_held+0x75/0xa0 [ 1476.136580] __x64_sys_openat+0x13f/0x1f0 [ 1476.137539] ? __ia32_sys_open+0x1c0/0x1c0 [ 1476.138521] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.139726] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.140914] do_syscall_64+0x33/0x40 [ 1476.141777] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.142159] FAULT_INJECTION: forcing a failure. [ 1476.142159] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1476.142951] RIP: 0033:0x7ff3728baa04 [ 1476.142970] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1476.142980] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1476.143000] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1476.143011] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1476.143022] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1476.143040] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1476.158354] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1476.160000] CPU: 0 PID: 9212 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1476.161282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.162818] Call Trace: [ 1476.163301] dump_stack+0x107/0x167 [ 1476.163971] should_fail.cold+0x5/0xa [ 1476.164788] strncpy_from_user+0x34/0x470 [ 1476.165562] getname_flags.part.0+0x95/0x4f0 [ 1476.166364] getname+0x8e/0xd0 [ 1476.166951] do_sys_openat2+0xf9/0x4d0 [ 1476.167663] ? build_open_flags+0x6f0/0x6f0 [ 1476.168455] ? rcu_read_lock_any_held+0x75/0xa0 [ 1476.169319] __x64_sys_openat+0x13f/0x1f0 [ 1476.170079] ? __ia32_sys_open+0x1c0/0x1c0 [ 1476.170858] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.171813] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.172757] do_syscall_64+0x33/0x40 [ 1476.173445] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.174371] RIP: 0033:0x7fd972f8ca04 [ 1476.175032] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1476.178289] RSP: 002b:00007fd97054eed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1476.179686] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8ca04 [ 1476.180994] RDX: 0000000000000002 RSI: 00007fd97054f000 RDI: 00000000ffffff9c [ 1476.182309] RBP: 00007fd97054f000 R08: 0000000000000000 R09: ffffffffffffffff [ 1476.183608] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1476.184919] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:30:58 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, 0xffffffffffffffff) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:30:58 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 20) [ 1476.209281] FAULT_INJECTION: forcing a failure. [ 1476.209281] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1476.211405] CPU: 0 PID: 9211 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1476.212632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.214136] Call Trace: [ 1476.214606] dump_stack+0x107/0x167 [ 1476.215261] should_fail.cold+0x5/0xa [ 1476.216020] strncpy_from_user+0x34/0x470 [ 1476.216812] getname_flags.part.0+0x95/0x4f0 [ 1476.217606] getname+0x8e/0xd0 [ 1476.218176] do_sys_openat2+0xf9/0x4d0 [ 1476.218877] ? build_open_flags+0x6f0/0x6f0 [ 1476.219650] ? rcu_read_lock_any_held+0x75/0xa0 [ 1476.220479] __x64_sys_openat+0x13f/0x1f0 [ 1476.221212] ? __ia32_sys_open+0x1c0/0x1c0 [ 1476.221974] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.222901] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.223811] do_syscall_64+0x33/0x40 [ 1476.224463] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.225376] RIP: 0033:0x7f3b3a68ea04 [ 1476.226033] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1476.229306] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1476.230651] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1476.231901] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1476.233118] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1476.234358] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1476.235570] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1476.243573] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1476.248874] FAULT_INJECTION: forcing a failure. 14:30:59 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 4) [ 1476.248874] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1476.252326] CPU: 1 PID: 9213 Comm: syz-executor.0 Not tainted 5.10.230 #1 [ 1476.253761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.255490] Call Trace: [ 1476.256037] dump_stack+0x107/0x167 [ 1476.256795] should_fail.cold+0x5/0xa [ 1476.257608] _copy_to_user+0x2e/0x180 [ 1476.258408] simple_read_from_buffer+0xcc/0x160 [ 1476.259383] proc_fail_nth_read+0x198/0x230 [ 1476.260282] ? proc_sessionid_read+0x230/0x230 [ 1476.261251] ? security_file_permission+0xb1/0xe0 [ 1476.262264] ? proc_sessionid_read+0x230/0x230 [ 1476.263213] vfs_read+0x228/0x620 [ 1476.263945] ksys_read+0x12d/0x260 [ 1476.264691] ? vfs_write+0xb10/0xb10 [ 1476.265478] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.266569] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.267720] do_syscall_64+0x33/0x40 [ 1476.268640] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.269935] RIP: 0033:0x7fb95c37669c [ 1476.270864] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1476.275450] RSP: 002b:00007fb959939170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1476.277357] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fb95c37669c [ 1476.279134] RDX: 000000000000000f RSI: 00007fb9599391e0 RDI: 0000000000000006 [ 1476.280917] RBP: 00007fb9599391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1476.282694] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1476.283177] FAULT_INJECTION: forcing a failure. [ 1476.283177] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.284445] R13: 00007ffdf0efb1bf R14: 00007fb959939300 R15: 0000000000022000 [ 1476.287761] CPU: 0 PID: 9216 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1476.288882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.290329] Call Trace: [ 1476.290764] dump_stack+0x107/0x167 [ 1476.291376] should_fail.cold+0x5/0xa [ 1476.291999] ? getname_flags.part.0+0x50/0x4f0 [ 1476.292759] should_failslab+0x5/0x20 [ 1476.293396] kmem_cache_alloc+0x5b/0x310 [ 1476.294056] ? new_sync_write+0x499/0x660 [ 1476.294730] getname_flags.part.0+0x50/0x4f0 [ 1476.295463] getname+0x8e/0xd0 [ 1476.295983] do_sys_openat2+0xf9/0x4d0 [ 1476.296619] ? build_open_flags+0x6f0/0x6f0 [ 1476.297338] ? rcu_read_lock_any_held+0x75/0xa0 [ 1476.298092] __x64_sys_openat+0x13f/0x1f0 [ 1476.298765] ? __ia32_sys_open+0x1c0/0x1c0 [ 1476.299448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.300297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.301142] do_syscall_64+0x33/0x40 [ 1476.301751] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.302579] RIP: 0033:0x7f744e8d0a04 [ 1476.303179] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1476.306180] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1476.307402] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1476.308556] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1476.309717] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1476.310877] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1476.312032] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:30:59 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1476.389946] FAULT_INJECTION: forcing a failure. [ 1476.389946] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.391691] CPU: 0 PID: 9220 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1476.392708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.393952] Call Trace: [ 1476.394348] dump_stack+0x107/0x167 [ 1476.394920] should_fail.cold+0x5/0xa [ 1476.395501] ? copy_mount_options+0x55/0x180 [ 1476.396152] should_failslab+0x5/0x20 [ 1476.396730] kmem_cache_alloc_trace+0x55/0x320 [ 1476.397423] ? _copy_from_user+0xfb/0x1b0 [ 1476.398048] copy_mount_options+0x55/0x180 [ 1476.398680] __x64_sys_mount+0x1a8/0x300 [ 1476.399281] ? copy_mnt_ns+0xa00/0xa00 [ 1476.399874] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.400642] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.401404] do_syscall_64+0x33/0x40 [ 1476.401957] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.402727] RIP: 0033:0x7fb9df3c2b19 [ 1476.403279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1476.405996] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1476.407116] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1476.408165] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1476.409228] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1476.410311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1476.411370] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:30:59 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 22) 14:30:59 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 23) [ 1476.460106] FAULT_INJECTION: forcing a failure. [ 1476.460106] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.461871] CPU: 0 PID: 9225 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1476.462842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.464018] Call Trace: [ 1476.464398] dump_stack+0x107/0x167 [ 1476.464918] should_fail.cold+0x5/0xa [ 1476.465478] ? create_object.isra.0+0x3a/0xa20 [ 1476.466130] should_failslab+0x5/0x20 [ 1476.466671] kmem_cache_alloc+0x5b/0x310 [ 1476.467249] ? __generic_file_write_iter+0x1a4/0x5d0 [ 1476.467974] create_object.isra.0+0x3a/0xa20 [ 1476.468603] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1476.469334] kmem_cache_alloc+0x159/0x310 [ 1476.469921] getname_flags.part.0+0x50/0x4f0 [ 1476.470548] getname+0x8e/0xd0 [ 1476.471002] do_sys_openat2+0xf9/0x4d0 [ 1476.471550] ? build_open_flags+0x6f0/0x6f0 [ 1476.472164] ? rcu_read_lock_any_held+0x75/0xa0 [ 1476.472818] __x64_sys_openat+0x13f/0x1f0 [ 1476.473415] ? __ia32_sys_open+0x1c0/0x1c0 [ 1476.474018] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.474766] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.475506] do_syscall_64+0x33/0x40 [ 1476.476040] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.476772] RIP: 0033:0x7ff3728baa04 [ 1476.477310] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1476.479899] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1476.480965] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1476.482007] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1476.483016] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1476.484031] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1476.485033] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1476.526445] FAULT_INJECTION: forcing a failure. [ 1476.526445] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.529165] CPU: 1 PID: 9227 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1476.530798] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.532762] Call Trace: [ 1476.533400] dump_stack+0x107/0x167 [ 1476.534269] should_fail.cold+0x5/0xa [ 1476.535169] ? __alloc_file+0x21/0x320 [ 1476.536097] should_failslab+0x5/0x20 [ 1476.537003] kmem_cache_alloc+0x5b/0x310 [ 1476.537983] __alloc_file+0x21/0x320 [ 1476.538868] alloc_empty_file+0x6d/0x170 [ 1476.539835] path_openat+0xe6/0x2770 [ 1476.540727] ? __lock_acquire+0x1657/0x5b00 [ 1476.541761] ? path_lookupat+0x860/0x860 [ 1476.542739] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1476.543981] ? lock_acquire+0x197/0x470 [ 1476.544939] ? find_held_lock+0x2c/0x110 [ 1476.545926] do_filp_open+0x190/0x3e0 [ 1476.546834] ? may_open_dev+0xf0/0xf0 [ 1476.547759] ? alloc_fd+0x2e7/0x670 [ 1476.548633] ? lock_downgrade+0x6d0/0x6d0 [ 1476.549634] ? do_raw_spin_lock+0x121/0x260 [ 1476.550667] ? rwlock_bug.part.0+0x90/0x90 [ 1476.551690] ? _raw_spin_unlock+0x1a/0x30 [ 1476.552683] ? alloc_fd+0x2e7/0x670 [ 1476.553573] do_sys_openat2+0x171/0x4d0 [ 1476.554523] ? build_open_flags+0x6f0/0x6f0 [ 1476.555561] ? rcu_read_lock_any_held+0x75/0xa0 [ 1476.556675] __x64_sys_openat+0x13f/0x1f0 [ 1476.557674] ? __ia32_sys_open+0x1c0/0x1c0 [ 1476.558689] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.559937] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.561164] do_syscall_64+0x33/0x40 [ 1476.562058] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1476.563277] RIP: 0033:0x7f3b3a68ea04 [ 1476.564162] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1476.568539] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1476.570355] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1476.572044] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1476.573740] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1476.573755] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1476.576428] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1476.580601] isofs_fill_super: root inode is not a directory. Corrupted media? 14:31:13 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 21) 14:31:13 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 24) 14:31:13 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 23) 14:31:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:31:13 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 21) 14:31:13 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 5) 14:31:13 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x4b68, 0x0) fcntl$dupfd(r2, 0x406, r0) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r3, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r4, r5+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:31:13 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1490.878057] FAULT_INJECTION: forcing a failure. [ 1490.878057] name failslab, interval 1, probability 0, space 0, times 0 [ 1490.880535] CPU: 0 PID: 9249 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1490.880910] FAULT_INJECTION: forcing a failure. [ 1490.880910] name failslab, interval 1, probability 0, space 0, times 0 [ 1490.881958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1490.881965] Call Trace: [ 1490.881987] dump_stack+0x107/0x167 [ 1490.882006] should_fail.cold+0x5/0xa [ 1490.882029] ? create_object.isra.0+0x3a/0xa20 [ 1490.889033] should_failslab+0x5/0x20 [ 1490.889836] kmem_cache_alloc+0x5b/0x310 [ 1490.890692] ? __generic_file_write_iter+0x1a4/0x5d0 [ 1490.891754] create_object.isra.0+0x3a/0xa20 [ 1490.892668] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1490.893752] kmem_cache_alloc+0x159/0x310 [ 1490.894624] getname_flags.part.0+0x50/0x4f0 [ 1490.895546] getname+0x8e/0xd0 [ 1490.896224] do_sys_openat2+0xf9/0x4d0 [ 1490.897032] ? build_open_flags+0x6f0/0x6f0 [ 1490.897943] ? rcu_read_lock_any_held+0x75/0xa0 [ 1490.898912] __x64_sys_openat+0x13f/0x1f0 [ 1490.899773] ? __ia32_sys_open+0x1c0/0x1c0 [ 1490.900660] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1490.901760] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1490.902837] do_syscall_64+0x33/0x40 [ 1490.903622] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1490.904682] RIP: 0033:0x7f744e8d0a04 [ 1490.905452] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1490.909297] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1490.910879] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1490.912363] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1490.913855] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1490.915332] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1490.916815] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1490.918338] CPU: 1 PID: 9251 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1490.919774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1490.921500] Call Trace: [ 1490.922066] dump_stack+0x107/0x167 [ 1490.922828] should_fail.cold+0x5/0xa [ 1490.923624] ? create_object.isra.0+0x3a/0xa20 [ 1490.924577] should_failslab+0x5/0x20 [ 1490.925370] kmem_cache_alloc+0x5b/0x310 [ 1490.926234] create_object.isra.0+0x3a/0xa20 [ 1490.927149] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1490.928207] kmem_cache_alloc+0x159/0x310 [ 1490.929077] __alloc_file+0x21/0x320 [ 1490.929869] alloc_empty_file+0x6d/0x170 [ 1490.930717] path_openat+0xe6/0x2770 [ 1490.931488] ? __lock_acquire+0x1657/0x5b00 [ 1490.932397] ? path_lookupat+0x860/0x860 [ 1490.933244] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1490.934353] ? lock_acquire+0x197/0x470 [ 1490.935178] ? find_held_lock+0x2c/0x110 [ 1490.936034] do_filp_open+0x190/0x3e0 [ 1490.936824] ? may_open_dev+0xf0/0xf0 [ 1490.937622] ? alloc_fd+0x2e7/0x670 [ 1490.938392] ? lock_downgrade+0x6d0/0x6d0 [ 1490.939252] ? do_raw_spin_lock+0x121/0x260 [ 1490.940156] ? rwlock_bug.part.0+0x90/0x90 [ 1490.941049] ? _raw_spin_unlock+0x1a/0x30 [ 1490.941921] ? alloc_fd+0x2e7/0x670 [ 1490.942694] do_sys_openat2+0x171/0x4d0 [ 1490.943526] ? build_open_flags+0x6f0/0x6f0 [ 1490.944438] ? rcu_read_lock_any_held+0x75/0xa0 [ 1490.945417] __x64_sys_openat+0x13f/0x1f0 [ 1490.946295] ? __ia32_sys_open+0x1c0/0x1c0 [ 1490.947190] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1490.948282] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1490.949356] do_syscall_64+0x33/0x40 [ 1490.950140] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1490.951208] RIP: 0033:0x7f3b3a68ea04 [ 1490.951981] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1490.955835] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1490.957436] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1490.958940] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1490.960436] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1490.961936] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1490.963427] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1490.971381] FAULT_INJECTION: forcing a failure. [ 1490.971381] name failslab, interval 1, probability 0, space 0, times 0 [ 1490.971746] FAULT_INJECTION: forcing a failure. [ 1490.971746] name failslab, interval 1, probability 0, space 0, times 0 [ 1490.973765] CPU: 1 PID: 9246 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1490.973774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1490.973780] Call Trace: [ 1490.973798] dump_stack+0x107/0x167 [ 1490.973823] should_fail.cold+0x5/0xa [ 1490.973839] ? __alloc_file+0x21/0x320 [ 1490.973859] should_failslab+0x5/0x20 [ 1490.973876] kmem_cache_alloc+0x5b/0x310 [ 1490.973897] __alloc_file+0x21/0x320 [ 1490.973920] alloc_empty_file+0x6d/0x170 [ 1490.985911] path_openat+0xe6/0x2770 [ 1490.986687] ? __lock_acquire+0x1657/0x5b00 [ 1490.987597] ? path_lookupat+0x860/0x860 [ 1490.988447] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1490.989553] ? lock_acquire+0x197/0x470 [ 1490.990384] ? find_held_lock+0x2c/0x110 [ 1490.991248] do_filp_open+0x190/0x3e0 [ 1490.992048] ? may_open_dev+0xf0/0xf0 [ 1490.992847] ? alloc_fd+0x2e7/0x670 [ 1490.993611] ? lock_downgrade+0x6d0/0x6d0 [ 1490.994484] ? do_raw_spin_lock+0x121/0x260 [ 1490.995388] ? rwlock_bug.part.0+0x90/0x90 [ 1490.996282] ? _raw_spin_unlock+0x1a/0x30 [ 1490.997154] ? alloc_fd+0x2e7/0x670 [ 1490.997945] do_sys_openat2+0x171/0x4d0 [ 1490.998773] ? build_open_flags+0x6f0/0x6f0 [ 1490.999685] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.000658] __x64_sys_openat+0x13f/0x1f0 [ 1491.001526] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.002428] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.003533] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.004620] do_syscall_64+0x33/0x40 [ 1491.005397] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.006468] RIP: 0033:0x7ff3728baa04 [ 1491.007250] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.011087] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.012679] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1491.014183] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1491.015672] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.017158] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.018653] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1491.020172] CPU: 0 PID: 9245 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1491.020448] FAULT_INJECTION: forcing a failure. [ 1491.020448] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.021604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.021609] Call Trace: [ 1491.021629] dump_stack+0x107/0x167 [ 1491.021648] should_fail.cold+0x5/0xa [ 1491.021669] ? create_object.isra.0+0x3a/0xa20 [ 1491.028649] should_failslab+0x5/0x20 [ 1491.029445] kmem_cache_alloc+0x5b/0x310 [ 1491.030306] create_object.isra.0+0x3a/0xa20 [ 1491.031220] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1491.032279] kmem_cache_alloc_trace+0x151/0x320 [ 1491.033241] ? _copy_from_user+0xfb/0x1b0 [ 1491.034115] copy_mount_options+0x55/0x180 [ 1491.035000] __x64_sys_mount+0x1a8/0x300 [ 1491.035839] ? copy_mnt_ns+0xa00/0xa00 [ 1491.036660] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.037760] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.038832] do_syscall_64+0x33/0x40 [ 1491.039609] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.040666] RIP: 0033:0x7fb9df3c2b19 [ 1491.041434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.045282] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1491.046864] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1491.048354] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1491.049842] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1491.051319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1491.052802] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1491.054321] CPU: 1 PID: 9250 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1491.055762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.055767] Call Trace: [ 1491.055786] dump_stack+0x107/0x167 [ 1491.055805] should_fail.cold+0x5/0xa [ 1491.055821] ? __alloc_file+0x21/0x320 [ 1491.055841] should_failslab+0x5/0x20 [ 1491.055858] kmem_cache_alloc+0x5b/0x310 [ 1491.055881] __alloc_file+0x21/0x320 [ 1491.055898] alloc_empty_file+0x6d/0x170 [ 1491.055916] path_openat+0xe6/0x2770 [ 1491.055933] ? __lock_acquire+0x1657/0x5b00 [ 1491.055959] ? path_lookupat+0x860/0x860 [ 1491.055980] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1491.055996] ? lock_acquire+0x197/0x470 [ 1491.056012] ? find_held_lock+0x2c/0x110 [ 1491.056040] do_filp_open+0x190/0x3e0 [ 1491.056056] ? may_open_dev+0xf0/0xf0 [ 1491.056076] ? alloc_fd+0x2e7/0x670 [ 1491.056094] ? lock_downgrade+0x6d0/0x6d0 [ 1491.056109] ? do_raw_spin_lock+0x121/0x260 [ 1491.056125] ? rwlock_bug.part.0+0x90/0x90 [ 1491.056149] ? _raw_spin_unlock+0x1a/0x30 [ 1491.056173] ? alloc_fd+0x2e7/0x670 [ 1491.056200] do_sys_openat2+0x171/0x4d0 [ 1491.056221] ? build_open_flags+0x6f0/0x6f0 [ 1491.056247] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.056268] __x64_sys_openat+0x13f/0x1f0 [ 1491.056287] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.056312] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.056330] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.056349] do_syscall_64+0x33/0x40 [ 1491.056366] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.056377] RIP: 0033:0x7fd972f8ca04 [ 1491.056393] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.056402] RSP: 002b:00007fd97054eed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.056421] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8ca04 [ 1491.056439] RDX: 0000000000000002 RSI: 00007fd97054f000 RDI: 00000000ffffff9c [ 1491.056450] RBP: 00007fd97054f000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.056459] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.056469] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1491.084914] isofs_fill_super: root inode is not a directory. Corrupted media? 14:31:14 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:31:14 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 22) 14:31:14 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 24) 14:31:14 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 22) 14:31:14 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x4b68, 0x0) fcntl$dupfd(r2, 0x406, r0) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r3, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r4, r5+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:31:14 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 25) [ 1491.288803] FAULT_INJECTION: forcing a failure. [ 1491.288803] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.291391] CPU: 0 PID: 9263 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1491.292881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.294619] Call Trace: [ 1491.295167] dump_stack+0x107/0x167 [ 1491.295926] should_fail.cold+0x5/0xa [ 1491.296727] ? create_object.isra.0+0x3a/0xa20 [ 1491.297685] should_failslab+0x5/0x20 [ 1491.298489] kmem_cache_alloc+0x5b/0x310 [ 1491.299334] create_object.isra.0+0x3a/0xa20 [ 1491.300249] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1491.301306] kmem_cache_alloc+0x159/0x310 [ 1491.302181] __alloc_file+0x21/0x320 [ 1491.302960] alloc_empty_file+0x6d/0x170 [ 1491.303814] path_openat+0xe6/0x2770 [ 1491.304591] ? __lock_acquire+0x1657/0x5b00 [ 1491.305501] ? path_lookupat+0x860/0x860 [ 1491.306354] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1491.307443] ? lock_acquire+0x197/0x470 [ 1491.308272] ? find_held_lock+0x2c/0x110 [ 1491.309125] do_filp_open+0x190/0x3e0 [ 1491.309925] ? may_open_dev+0xf0/0xf0 [ 1491.310722] ? alloc_fd+0x2e7/0x670 [ 1491.311485] ? lock_downgrade+0x6d0/0x6d0 [ 1491.312344] ? do_raw_spin_lock+0x121/0x260 [ 1491.313240] ? rwlock_bug.part.0+0x90/0x90 [ 1491.314140] ? _raw_spin_unlock+0x1a/0x30 [ 1491.314999] ? alloc_fd+0x2e7/0x670 [ 1491.315770] do_sys_openat2+0x171/0x4d0 [ 1491.316606] ? build_open_flags+0x6f0/0x6f0 [ 1491.317515] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.318495] __x64_sys_openat+0x13f/0x1f0 [ 1491.319362] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.320248] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.321342] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.322424] do_syscall_64+0x33/0x40 [ 1491.323198] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.324267] RIP: 0033:0x7fd972f8ca04 [ 1491.325038] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.328893] RSP: 002b:00007fd97054eed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.330480] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8ca04 [ 1491.331965] RDX: 0000000000000002 RSI: 00007fd97054f000 RDI: 00000000ffffff9c [ 1491.333455] RBP: 00007fd97054f000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.334964] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.336447] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1491.400894] FAULT_INJECTION: forcing a failure. [ 1491.400894] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.403272] CPU: 1 PID: 9268 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1491.404701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.406440] Call Trace: [ 1491.406987] dump_stack+0x107/0x167 [ 1491.407744] should_fail.cold+0x5/0xa [ 1491.408539] ? create_object.isra.0+0x3a/0xa20 [ 1491.409497] should_failslab+0x5/0x20 [ 1491.410299] kmem_cache_alloc+0x5b/0x310 [ 1491.411143] create_object.isra.0+0x3a/0xa20 [ 1491.412059] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1491.413127] kmem_cache_alloc+0x159/0x310 [ 1491.413993] __alloc_file+0x21/0x320 [ 1491.414761] alloc_empty_file+0x6d/0x170 [ 1491.415604] path_openat+0xe6/0x2770 [ 1491.416380] ? __lock_acquire+0x1657/0x5b00 [ 1491.417281] ? path_lookupat+0x860/0x860 [ 1491.418138] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1491.419226] ? lock_acquire+0x197/0x470 [ 1491.420045] ? find_held_lock+0x2c/0x110 [ 1491.420904] do_filp_open+0x190/0x3e0 [ 1491.421696] ? may_open_dev+0xf0/0xf0 [ 1491.422496] ? alloc_fd+0x2e7/0x670 [ 1491.423250] ? lock_downgrade+0x6d0/0x6d0 [ 1491.424103] ? do_raw_spin_lock+0x121/0x260 [ 1491.424645] FAULT_INJECTION: forcing a failure. [ 1491.424645] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.424998] ? rwlock_bug.part.0+0x90/0x90 [ 1491.425023] ? _raw_spin_unlock+0x1a/0x30 [ 1491.425045] ? alloc_fd+0x2e7/0x670 [ 1491.429788] do_sys_openat2+0x171/0x4d0 [ 1491.430622] ? build_open_flags+0x6f0/0x6f0 [ 1491.431524] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.432489] __x64_sys_openat+0x13f/0x1f0 [ 1491.433352] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.434248] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.435328] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.436396] do_syscall_64+0x33/0x40 [ 1491.437163] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.438239] RIP: 0033:0x7ff3728baa04 [ 1491.439014] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.442852] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.444442] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1491.445934] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1491.447419] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.448893] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.450397] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1491.451903] CPU: 0 PID: 9272 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1491.453337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.455095] Call Trace: [ 1491.455845] dump_stack+0x107/0x167 [ 1491.456745] should_fail.cold+0x5/0xa [ 1491.457684] ? security_file_alloc+0x34/0x170 [ 1491.458816] should_failslab+0x5/0x20 [ 1491.459752] kmem_cache_alloc+0x5b/0x310 [ 1491.460759] security_file_alloc+0x34/0x170 [ 1491.461009] FAULT_INJECTION: forcing a failure. [ 1491.461009] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.461829] __alloc_file+0xb7/0x320 [ 1491.461851] alloc_empty_file+0x6d/0x170 [ 1491.461872] path_openat+0xe6/0x2770 [ 1491.461899] ? __lock_acquire+0x1657/0x5b00 [ 1491.468055] ? path_lookupat+0x860/0x860 [ 1491.469065] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1491.470364] ? lock_acquire+0x197/0x470 [ 1491.471340] ? find_held_lock+0x2c/0x110 [ 1491.472358] do_filp_open+0x190/0x3e0 [ 1491.473291] ? may_open_dev+0xf0/0xf0 [ 1491.474251] ? alloc_fd+0x2e7/0x670 [ 1491.475146] ? lock_downgrade+0x6d0/0x6d0 [ 1491.476166] ? do_raw_spin_lock+0x121/0x260 [ 1491.477230] ? rwlock_bug.part.0+0x90/0x90 [ 1491.478285] ? _raw_spin_unlock+0x1a/0x30 [ 1491.479308] ? alloc_fd+0x2e7/0x670 [ 1491.480218] do_sys_openat2+0x171/0x4d0 [ 1491.481200] ? build_open_flags+0x6f0/0x6f0 [ 1491.482286] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.483438] __x64_sys_openat+0x13f/0x1f0 [ 1491.484464] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.485517] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.486813] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.488086] do_syscall_64+0x33/0x40 [ 1491.489005] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.490278] RIP: 0033:0x7f3b3a68ea04 [ 1491.491196] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.495759] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.497643] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1491.499404] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1491.501157] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.502896] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.504633] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1491.506409] CPU: 1 PID: 9273 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1491.507822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.509508] Call Trace: [ 1491.510055] dump_stack+0x107/0x167 [ 1491.510799] should_fail.cold+0x5/0xa [ 1491.511582] strncpy_from_user+0x34/0x470 [ 1491.512430] getname_flags.part.0+0x95/0x4f0 [ 1491.513330] getname+0x8e/0xd0 [ 1491.513994] do_sys_openat2+0xf9/0x4d0 [ 1491.514789] ? build_open_flags+0x6f0/0x6f0 [ 1491.515675] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.516628] __x64_sys_openat+0x13f/0x1f0 [ 1491.517466] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.518353] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.519417] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.520467] do_syscall_64+0x33/0x40 [ 1491.521223] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.522275] RIP: 0033:0x7f744e8d0a04 [ 1491.523040] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.526827] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.528387] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1491.529856] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1491.531317] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.532779] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.534246] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1491.625268] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1491.659362] isofs_fill_super: get root inode failed 14:31:14 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 6) 14:31:14 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 23) [ 1491.812147] FAULT_INJECTION: forcing a failure. [ 1491.812147] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.814670] CPU: 0 PID: 9279 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1491.816176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.818018] Call Trace: [ 1491.818602] dump_stack+0x107/0x167 [ 1491.819404] should_fail.cold+0x5/0xa [ 1491.820233] ? __alloc_file+0x21/0x320 [ 1491.821084] should_failslab+0x5/0x20 [ 1491.821927] kmem_cache_alloc+0x5b/0x310 [ 1491.822817] __alloc_file+0x21/0x320 [ 1491.823627] alloc_empty_file+0x6d/0x170 [ 1491.824512] path_openat+0xe6/0x2770 [ 1491.825327] ? __lock_acquire+0x1657/0x5b00 [ 1491.826282] ? path_lookupat+0x860/0x860 [ 1491.827169] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1491.828307] ? lock_acquire+0x197/0x470 [ 1491.829168] ? find_held_lock+0x2c/0x110 [ 1491.830068] do_filp_open+0x190/0x3e0 [ 1491.830901] ? may_open_dev+0xf0/0xf0 [ 1491.831734] ? alloc_fd+0x2e7/0x670 [ 1491.832526] ? lock_downgrade+0x6d0/0x6d0 [ 1491.833424] ? do_raw_spin_lock+0x121/0x260 [ 1491.834368] ? rwlock_bug.part.0+0x90/0x90 [ 1491.835296] ? _raw_spin_unlock+0x1a/0x30 [ 1491.836195] ? alloc_fd+0x2e7/0x670 [ 1491.836999] do_sys_openat2+0x171/0x4d0 [ 1491.837871] ? build_open_flags+0x6f0/0x6f0 [ 1491.838808] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.839811] __x64_sys_openat+0x13f/0x1f0 [ 1491.840705] ? __ia32_sys_open+0x1c0/0x1c0 [ 1491.841622] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.842760] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.843875] do_syscall_64+0x33/0x40 [ 1491.844675] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.845781] RIP: 0033:0x7f744e8d0a04 [ 1491.846584] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1491.850547] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1491.852184] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1491.853717] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1491.855252] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1491.856766] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1491.858291] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1491.872054] FAULT_INJECTION: forcing a failure. [ 1491.872054] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.874573] CPU: 0 PID: 9282 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1491.876021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.877779] Call Trace: [ 1491.878331] dump_stack+0x107/0x167 [ 1491.879092] should_fail.cold+0x5/0xa [ 1491.879914] _copy_from_user+0x2e/0x1b0 [ 1491.880753] copy_mount_options+0x76/0x180 [ 1491.881641] __x64_sys_mount+0x1a8/0x300 [ 1491.882501] ? copy_mnt_ns+0xa00/0xa00 [ 1491.883330] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1491.884437] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.885523] do_syscall_64+0x33/0x40 [ 1491.886321] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.887398] RIP: 0033:0x7fb9df3c2b19 [ 1491.888177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.891996] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1491.893584] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1491.895073] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1491.896562] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1491.898051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1491.899533] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:31:27 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 7) 14:31:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x8, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:31:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 24) 14:31:27 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x4b68, 0x0) fcntl$dupfd(r2, 0x406, r0) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r3, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r4, r5+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1504.906251] FAULT_INJECTION: forcing a failure. [ 1504.906251] name failslab, interval 1, probability 0, space 0, times 0 [ 1504.907882] CPU: 1 PID: 9295 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1504.908845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1504.910002] Call Trace: [ 1504.910380] dump_stack+0x107/0x167 [ 1504.910876] should_fail.cold+0x5/0xa [ 1504.911378] ? create_object.isra.0+0x3a/0xa20 [ 1504.911993] should_failslab+0x5/0x20 [ 1504.912507] kmem_cache_alloc+0x5b/0x310 [ 1504.913060] create_object.isra.0+0x3a/0xa20 [ 1504.913645] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1504.914331] kmem_cache_alloc+0x159/0x310 [ 1504.914802] __alloc_file+0x21/0x320 [ 1504.915221] alloc_empty_file+0x6d/0x170 [ 1504.915681] path_openat+0xe6/0x2770 [ 1504.916099] ? __lock_acquire+0x1657/0x5b00 [ 1504.916591] ? path_lookupat+0x860/0x860 [ 1504.917055] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1504.917651] ? lock_acquire+0x197/0x470 [ 1504.918097] ? find_held_lock+0x2c/0x110 [ 1504.918567] do_filp_open+0x190/0x3e0 [ 1504.918994] ? may_open_dev+0xf0/0xf0 [ 1504.919433] ? alloc_fd+0x2e7/0x670 [ 1504.919840] ? lock_downgrade+0x6d0/0x6d0 [ 1504.920306] ? do_raw_spin_lock+0x121/0x260 [ 1504.920789] ? rwlock_bug.part.0+0x90/0x90 [ 1504.921269] ? _raw_spin_unlock+0x1a/0x30 [ 1504.921730] ? alloc_fd+0x2e7/0x670 [ 1504.922143] do_sys_openat2+0x171/0x4d0 [ 1504.922596] ? build_open_flags+0x6f0/0x6f0 [ 1504.923084] ? rcu_read_lock_any_held+0x75/0xa0 [ 1504.923609] __x64_sys_openat+0x13f/0x1f0 [ 1504.924079] ? __ia32_sys_open+0x1c0/0x1c0 [ 1504.924558] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1504.925147] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1504.925727] do_syscall_64+0x33/0x40 [ 1504.926147] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1504.926732] RIP: 0033:0x7f744e8d0a04 [ 1504.927149] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1504.929216] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1504.930077] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1504.930889] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1504.931692] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1504.932503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1504.933304] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:31:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 25) 14:31:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 26) 14:31:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:31:27 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 23) [ 1504.947475] FAULT_INJECTION: forcing a failure. [ 1504.947475] name failslab, interval 1, probability 0, space 0, times 0 [ 1504.950380] CPU: 0 PID: 9303 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1504.952109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1504.954234] Call Trace: [ 1504.954898] dump_stack+0x107/0x167 [ 1504.955821] should_fail.cold+0x5/0xa [ 1504.956791] ? security_file_alloc+0x34/0x170 [ 1504.957927] should_failslab+0x5/0x20 [ 1504.958895] kmem_cache_alloc+0x5b/0x310 [ 1504.959930] security_file_alloc+0x34/0x170 [ 1504.961022] __alloc_file+0xb7/0x320 [ 1504.961966] alloc_empty_file+0x6d/0x170 [ 1504.963003] path_openat+0xe6/0x2770 [ 1504.963829] ? __lock_acquire+0x1657/0x5b00 [ 1504.964801] ? path_lookupat+0x860/0x860 [ 1504.965705] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1504.966877] ? lock_acquire+0x197/0x470 [ 1504.967914] ? find_held_lock+0x2c/0x110 [ 1504.968044] FAULT_INJECTION: forcing a failure. [ 1504.968044] name failslab, interval 1, probability 0, space 0, times 0 [ 1504.968831] do_filp_open+0x190/0x3e0 [ 1504.968848] ? may_open_dev+0xf0/0xf0 [ 1504.971769] ? alloc_fd+0x2e7/0x670 [ 1504.972577] ? lock_downgrade+0x6d0/0x6d0 [ 1504.973498] ? do_raw_spin_lock+0x121/0x260 [ 1504.974471] ? rwlock_bug.part.0+0x90/0x90 [ 1504.975418] ? _raw_spin_unlock+0x1a/0x30 [ 1504.976336] ? alloc_fd+0x2e7/0x670 [ 1504.977155] do_sys_openat2+0x171/0x4d0 [ 1504.978045] ? build_open_flags+0x6f0/0x6f0 [ 1504.979019] ? rcu_read_lock_any_held+0x75/0xa0 [ 1504.980060] __x64_sys_openat+0x13f/0x1f0 [ 1504.980982] ? __ia32_sys_open+0x1c0/0x1c0 [ 1504.981928] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1504.983096] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1504.984245] do_syscall_64+0x33/0x40 [ 1504.985072] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1504.986224] RIP: 0033:0x7ff3728baa04 [ 1504.987056] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1504.991170] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1504.992865] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1504.994462] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1504.996057] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1504.997648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1504.999240] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1505.000844] CPU: 1 PID: 9301 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1505.001644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.002604] Call Trace: [ 1505.002901] dump_stack+0x107/0x167 [ 1505.003309] should_fail.cold+0x5/0xa [ 1505.003738] ? create_object.isra.0+0x3a/0xa20 [ 1505.004251] should_failslab+0x5/0x20 [ 1505.004517] FAULT_INJECTION: forcing a failure. [ 1505.004517] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.004679] kmem_cache_alloc+0x5b/0x310 [ 1505.004697] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1505.008200] create_object.isra.0+0x3a/0xa20 [ 1505.008694] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1505.009272] kmem_cache_alloc+0x159/0x310 [ 1505.009738] security_file_alloc+0x34/0x170 [ 1505.010227] __alloc_file+0xb7/0x320 [ 1505.010646] alloc_empty_file+0x6d/0x170 [ 1505.011102] path_openat+0xe6/0x2770 [ 1505.011522] ? __lock_acquire+0x1657/0x5b00 [ 1505.012013] ? path_lookupat+0x860/0x860 [ 1505.012472] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1505.013063] ? lock_acquire+0x197/0x470 [ 1505.013509] ? find_held_lock+0x2c/0x110 [ 1505.013972] do_filp_open+0x190/0x3e0 [ 1505.014411] ? may_open_dev+0xf0/0xf0 [ 1505.014841] ? alloc_fd+0x2e7/0x670 [ 1505.015250] ? lock_downgrade+0x6d0/0x6d0 [ 1505.015710] ? do_raw_spin_lock+0x121/0x260 [ 1505.016194] ? rwlock_bug.part.0+0x90/0x90 [ 1505.016672] ? _raw_spin_unlock+0x1a/0x30 [ 1505.017134] ? alloc_fd+0x2e7/0x670 [ 1505.017545] do_sys_openat2+0x171/0x4d0 [ 1505.017995] ? build_open_flags+0x6f0/0x6f0 [ 1505.018489] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.019008] __x64_sys_openat+0x13f/0x1f0 [ 1505.019474] ? __ia32_sys_open+0x1c0/0x1c0 [ 1505.019949] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.020533] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.021111] do_syscall_64+0x33/0x40 [ 1505.021530] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.022102] RIP: 0033:0x7f3b3a68ea04 [ 1505.022526] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1505.024587] RSP: 002b:00007f3b37c50ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1505.025441] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a68ea04 [ 1505.026243] RDX: 0000000000000002 RSI: 00007f3b37c51000 RDI: 00000000ffffff9c [ 1505.027040] RBP: 00007f3b37c51000 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.027837] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1505.028635] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1505.029456] CPU: 0 PID: 9306 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1505.030993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.032832] Call Trace: [ 1505.032852] dump_stack+0x107/0x167 [ 1505.032872] should_fail.cold+0x5/0xa [ 1505.034792] ? security_file_alloc+0x34/0x170 [ 1505.035783] ? security_file_alloc+0x34/0x170 [ 1505.036778] should_failslab+0x5/0x20 [ 1505.037620] kmem_cache_alloc+0x5b/0x310 [ 1505.038537] security_file_alloc+0x34/0x170 [ 1505.039494] __alloc_file+0xb7/0x320 [ 1505.040319] alloc_empty_file+0x6d/0x170 [ 1505.041218] path_openat+0xe6/0x2770 [ 1505.042041] ? __lock_acquire+0x1657/0x5b00 [ 1505.043016] ? path_lookupat+0x860/0x860 [ 1505.043922] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1505.045080] ? lock_acquire+0x197/0x470 [ 1505.045963] ? find_held_lock+0x2c/0x110 [ 1505.046882] do_filp_open+0x190/0x3e0 [ 1505.047726] ? may_open_dev+0xf0/0xf0 [ 1505.048575] ? alloc_fd+0x2e7/0x670 [ 1505.049383] ? lock_downgrade+0x6d0/0x6d0 [ 1505.050305] ? do_raw_spin_lock+0x121/0x260 [ 1505.051257] ? rwlock_bug.part.0+0x90/0x90 [ 1505.052202] ? _raw_spin_unlock+0x1a/0x30 [ 1505.053118] ? alloc_fd+0x2e7/0x670 [ 1505.053939] do_sys_openat2+0x171/0x4d0 [ 1505.054828] ? build_open_flags+0x6f0/0x6f0 [ 1505.055793] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.056830] __x64_sys_openat+0x13f/0x1f0 [ 1505.057749] ? __ia32_sys_open+0x1c0/0x1c0 [ 1505.058706] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.059871] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.061016] do_syscall_64+0x33/0x40 [ 1505.061842] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.062984] RIP: 0033:0x7fd972f8ca04 [ 1505.063810] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1505.067907] RSP: 002b:00007fd97054eed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1505.069603] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8ca04 [ 1505.071190] RDX: 0000000000000002 RSI: 00007fd97054f000 RDI: 00000000ffffff9c [ 1505.072771] RBP: 00007fd97054f000 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.074360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1505.075942] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1505.079560] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1505.086839] FAULT_INJECTION: forcing a failure. [ 1505.086839] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.088101] CPU: 1 PID: 9300 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1505.088863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.089791] Call Trace: [ 1505.090085] dump_stack+0x107/0x167 [ 1505.090505] should_fail.cold+0x5/0xa [ 1505.090931] ? getname_flags.part.0+0x50/0x4f0 [ 1505.091443] should_failslab+0x5/0x20 [ 1505.091873] kmem_cache_alloc+0x5b/0x310 [ 1505.092333] getname_flags.part.0+0x50/0x4f0 [ 1505.092832] ? _copy_from_user+0xfb/0x1b0 [ 1505.093299] user_path_at_empty+0xa1/0x100 [ 1505.093778] __x64_sys_mount+0x1e9/0x300 [ 1505.094247] ? copy_mnt_ns+0xa00/0xa00 [ 1505.094688] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.095278] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.095859] do_syscall_64+0x33/0x40 [ 1505.096281] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.096861] RIP: 0033:0x7fb9df3c2b19 [ 1505.097282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.099371] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1505.100230] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1505.101036] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1505.101842] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1505.102657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1505.103473] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:31:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 25) 14:31:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 26) 14:31:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 27) 14:31:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x600, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:31:28 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:31:28 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 24) [ 1505.294247] FAULT_INJECTION: forcing a failure. [ 1505.294247] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.299018] CPU: 0 PID: 9319 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1505.300604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.302463] Call Trace: [ 1505.303054] dump_stack+0x107/0x167 [ 1505.303863] should_fail.cold+0x5/0xa [ 1505.304708] ? security_file_alloc+0x34/0x170 [ 1505.305715] should_failslab+0x5/0x20 [ 1505.306570] kmem_cache_alloc+0x5b/0x310 [ 1505.307477] security_file_alloc+0x34/0x170 [ 1505.308434] __alloc_file+0xb7/0x320 [ 1505.309264] alloc_empty_file+0x6d/0x170 [ 1505.310168] path_openat+0xe6/0x2770 [ 1505.311007] ? __lock_acquire+0x1657/0x5b00 [ 1505.311974] ? path_lookupat+0x860/0x860 [ 1505.312880] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1505.314040] ? lock_acquire+0x197/0x470 [ 1505.314932] ? find_held_lock+0x2c/0x110 [ 1505.315847] do_filp_open+0x190/0x3e0 [ 1505.316692] ? may_open_dev+0xf0/0xf0 [ 1505.317547] ? alloc_fd+0x2e7/0x670 [ 1505.318365] ? lock_downgrade+0x6d0/0x6d0 [ 1505.319286] ? do_raw_spin_lock+0x121/0x260 [ 1505.320241] ? rwlock_bug.part.0+0x90/0x90 [ 1505.321198] ? _raw_spin_unlock+0x1a/0x30 [ 1505.322116] ? alloc_fd+0x2e7/0x670 [ 1505.322943] do_sys_openat2+0x171/0x4d0 [ 1505.323831] ? build_open_flags+0x6f0/0x6f0 [ 1505.324804] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.325841] __x64_sys_openat+0x13f/0x1f0 [ 1505.326769] ? __ia32_sys_open+0x1c0/0x1c0 [ 1505.327716] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.328885] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.330029] do_syscall_64+0x33/0x40 [ 1505.330865] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.332004] RIP: 0033:0x7f744e8d0a04 [ 1505.332832] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1505.336942] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1505.338645] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1505.340240] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1505.341826] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.343420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1505.345005] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1505.356828] FAULT_INJECTION: forcing a failure. [ 1505.356828] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.359519] CPU: 0 PID: 9321 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1505.361110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.361117] Call Trace: [ 1505.361138] dump_stack+0x107/0x167 [ 1505.361158] should_fail.cold+0x5/0xa [ 1505.361178] ? create_object.isra.0+0x3a/0xa20 [ 1505.361203] should_failslab+0x5/0x20 [ 1505.361221] kmem_cache_alloc+0x5b/0x310 [ 1505.361241] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1505.361263] create_object.isra.0+0x3a/0xa20 [ 1505.361279] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1505.361303] kmem_cache_alloc+0x159/0x310 [ 1505.361326] security_file_alloc+0x34/0x170 [ 1505.361344] __alloc_file+0xb7/0x320 [ 1505.361364] alloc_empty_file+0x6d/0x170 [ 1505.361383] path_openat+0xe6/0x2770 [ 1505.361401] ? __lock_acquire+0x1657/0x5b00 [ 1505.361429] ? path_lookupat+0x860/0x860 [ 1505.361451] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1505.361468] ? lock_acquire+0x197/0x470 [ 1505.361484] ? find_held_lock+0x2c/0x110 [ 1505.361514] do_filp_open+0x190/0x3e0 [ 1505.361531] ? may_open_dev+0xf0/0xf0 [ 1505.361553] ? alloc_fd+0x2e7/0x670 [ 1505.361571] ? lock_downgrade+0x6d0/0x6d0 [ 1505.361587] ? do_raw_spin_lock+0x121/0x260 [ 1505.361604] ? rwlock_bug.part.0+0x90/0x90 [ 1505.361629] ? _raw_spin_unlock+0x1a/0x30 [ 1505.361646] ? alloc_fd+0x2e7/0x670 [ 1505.361675] do_sys_openat2+0x171/0x4d0 [ 1505.361696] ? build_open_flags+0x6f0/0x6f0 [ 1505.361723] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.361747] __x64_sys_openat+0x13f/0x1f0 [ 1505.361766] ? __ia32_sys_open+0x1c0/0x1c0 [ 1505.361795] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.361814] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.361834] do_syscall_64+0x33/0x40 [ 1505.361855] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.361867] RIP: 0033:0x7ff3728baa04 [ 1505.361884] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1505.361894] RSP: 002b:00007ff36fe7ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1505.361914] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3728baa04 [ 1505.361925] RDX: 0000000000000002 RSI: 00007ff36fe7d000 RDI: 00000000ffffff9c [ 1505.361936] RBP: 00007ff36fe7d000 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.361946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1505.361957] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1505.369556] FAULT_INJECTION: forcing a failure. 14:31:28 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1505.369556] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.369575] CPU: 0 PID: 9326 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1505.369585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.369590] Call Trace: [ 1505.369610] dump_stack+0x107/0x167 [ 1505.369631] should_fail.cold+0x5/0xa [ 1505.369649] ? security_file_alloc+0x34/0x170 [ 1505.369671] should_failslab+0x5/0x20 [ 1505.369690] kmem_cache_alloc+0x5b/0x310 [ 1505.369714] security_file_alloc+0x34/0x170 [ 1505.369733] __alloc_file+0xb7/0x320 [ 1505.369751] alloc_empty_file+0x6d/0x170 [ 1505.369771] path_openat+0xe6/0x2770 [ 1505.369790] ? __lock_acquire+0x1657/0x5b00 [ 1505.369828] ? path_lookupat+0x860/0x860 [ 1505.369851] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1505.369874] ? lock_acquire+0x197/0x470 [ 1505.369892] ? find_held_lock+0x2c/0x110 [ 1505.369922] do_filp_open+0x190/0x3e0 [ 1505.369940] ? may_open_dev+0xf0/0xf0 [ 1505.369963] ? alloc_fd+0x2e7/0x670 [ 1505.369983] ? lock_downgrade+0x6d0/0x6d0 [ 1505.369999] ? do_raw_spin_lock+0x121/0x260 [ 1505.370017] ? rwlock_bug.part.0+0x90/0x90 [ 1505.370043] ? _raw_spin_unlock+0x1a/0x30 [ 1505.370061] ? alloc_fd+0x2e7/0x670 [ 1505.370091] do_sys_openat2+0x171/0x4d0 [ 1505.370114] ? build_open_flags+0x6f0/0x6f0 [ 1505.370142] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.370166] __x64_sys_openat+0x13f/0x1f0 [ 1505.370186] ? __ia32_sys_open+0x1c0/0x1c0 [ 1505.370229] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.370249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.370277] do_syscall_64+0x33/0x40 [ 1505.448467] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.449606] RIP: 0033:0x7fd972f8ca04 [ 1505.450445] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1505.454586] RSP: 002b:00007fd97054eed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1505.456278] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972f8ca04 [ 1505.457863] RDX: 0000000000000002 RSI: 00007fd97054f000 RDI: 00000000ffffff9c [ 1505.459452] RBP: 00007fd97054f000 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.461037] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1505.462625] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1505.489894] isofs_fill_super: root inode is not a directory. Corrupted media? 14:31:28 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 25) 14:31:28 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 8) [ 1505.520007] FAULT_INJECTION: forcing a failure. [ 1505.520007] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.522863] CPU: 0 PID: 9325 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1505.524461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.526325] Call Trace: [ 1505.526916] dump_stack+0x107/0x167 [ 1505.527732] should_fail.cold+0x5/0xa [ 1505.528586] ? __kthread_create_on_node+0xd1/0x400 [ 1505.529684] should_failslab+0x5/0x20 [ 1505.530542] kmem_cache_alloc_trace+0x55/0x320 [ 1505.531569] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1505.532624] __kthread_create_on_node+0xd1/0x400 [ 1505.533679] ? __kthread_parkme+0x1d0/0x1d0 [ 1505.534662] ? __mutex_lock+0x4fe/0x10b0 [ 1505.535568] ? loop_configure+0xcb9/0x1490 [ 1505.536508] ? do_raw_spin_unlock+0x4f/0x220 [ 1505.537489] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1505.538634] kthread_create_on_node+0xbb/0x100 [ 1505.538675] ? __kthread_create_on_node+0x400/0x400 [ 1505.538700] ? lockdep_init_map_type+0x2c7/0x780 [ 1505.538723] ? lockdep_init_map_type+0x2c7/0x780 [ 1505.538753] loop_configure+0x3e7/0x1490 [ 1505.538786] lo_ioctl+0xa72/0x1760 [ 1505.538809] ? avc_has_extended_perms+0x7f1/0xf40 [ 1505.538831] ? loop_set_status_old+0x250/0x250 [ 1505.538855] ? avc_ss_reset+0x180/0x180 [ 1505.538876] ? find_held_lock+0x2c/0x110 [ 1505.538909] ? __lock_acquire+0xbb1/0x5b00 [ 1505.538976] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1505.538996] ? generic_block_fiemap+0x60/0x60 [ 1505.539015] ? lock_downgrade+0x6d0/0x6d0 [ 1505.539033] ? build_open_flags+0x6f0/0x6f0 [ 1505.539059] ? loop_set_status_old+0x250/0x250 [ 1505.539075] blkdev_ioctl+0x291/0x710 [ 1505.539095] ? blkdev_common_ioctl+0x1930/0x1930 [ 1505.539120] ? selinux_file_ioctl+0xb6/0x270 [ 1505.539145] block_ioctl+0xf9/0x140 [ 1505.539162] ? blkdev_read_iter+0x1c0/0x1c0 [ 1505.539182] __x64_sys_ioctl+0x19a/0x210 [ 1505.539204] do_syscall_64+0x33/0x40 [ 1505.539222] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.539235] RIP: 0033:0x7f3b3a6db8d7 [ 1505.539253] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.539264] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1505.539285] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1505.539297] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1505.539308] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.539318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1505.539329] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1505.540055] FAULT_INJECTION: forcing a failure. [ 1505.540055] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.540066] CPU: 1 PID: 9336 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1505.540071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.540073] Call Trace: [ 1505.540084] dump_stack+0x107/0x167 [ 1505.540095] should_fail.cold+0x5/0xa [ 1505.540107] ? __kthread_create_on_node+0xd1/0x400 [ 1505.540118] should_failslab+0x5/0x20 [ 1505.540128] kmem_cache_alloc_trace+0x55/0x320 [ 1505.540140] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1505.540151] __kthread_create_on_node+0xd1/0x400 [ 1505.540163] ? __kthread_parkme+0x1d0/0x1d0 [ 1505.540180] ? __mutex_lock+0x4fe/0x10b0 [ 1505.540191] ? loop_configure+0xcb9/0x1490 [ 1505.540199] ? do_raw_spin_unlock+0x4f/0x220 [ 1505.540211] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1505.540222] kthread_create_on_node+0xbb/0x100 [ 1505.540233] ? __kthread_create_on_node+0x400/0x400 [ 1505.540245] ? lockdep_init_map_type+0x2c7/0x780 [ 1505.540257] ? lockdep_init_map_type+0x2c7/0x780 [ 1505.540273] loop_configure+0x3e7/0x1490 [ 1505.540290] lo_ioctl+0xa72/0x1760 [ 1505.540301] ? avc_has_extended_perms+0x7f1/0xf40 [ 1505.540313] ? loop_set_status_old+0x250/0x250 [ 1505.540325] ? avc_ss_reset+0x180/0x180 [ 1505.540336] ? find_held_lock+0x2c/0x110 [ 1505.540353] ? __lock_acquire+0xbb1/0x5b00 [ 1505.540387] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1505.540397] ? generic_block_fiemap+0x60/0x60 [ 1505.540407] ? lock_downgrade+0x6d0/0x6d0 [ 1505.540416] ? build_open_flags+0x6f0/0x6f0 [ 1505.540429] ? loop_set_status_old+0x250/0x250 [ 1505.540438] blkdev_ioctl+0x291/0x710 [ 1505.540448] ? blkdev_common_ioctl+0x1930/0x1930 [ 1505.540460] ? selinux_file_ioctl+0xb6/0x270 [ 1505.540472] block_ioctl+0xf9/0x140 [ 1505.540481] ? blkdev_read_iter+0x1c0/0x1c0 [ 1505.540492] __x64_sys_ioctl+0x19a/0x210 [ 1505.540503] do_syscall_64+0x33/0x40 [ 1505.540513] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.540519] RIP: 0033:0x7fd972fd98d7 [ 1505.540528] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.540533] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1505.540544] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1505.540550] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1505.540556] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1505.540561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1505.540567] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1505.563278] FAULT_INJECTION: forcing a failure. [ 1505.563278] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.563298] CPU: 0 PID: 9335 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1505.563307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.563313] Call Trace: [ 1505.563337] dump_stack+0x107/0x167 [ 1505.563358] should_fail.cold+0x5/0xa [ 1505.563377] ? create_object.isra.0+0x3a/0xa20 [ 1505.563398] should_failslab+0x5/0x20 [ 1505.563415] kmem_cache_alloc+0x5b/0x310 [ 1505.563440] create_object.isra.0+0x3a/0xa20 [ 1505.563455] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1505.563479] kmem_cache_alloc+0x159/0x310 [ 1505.563503] getname_flags.part.0+0x50/0x4f0 [ 1505.563522] ? _copy_from_user+0xfb/0x1b0 [ 1505.563544] user_path_at_empty+0xa1/0x100 [ 1505.563564] __x64_sys_mount+0x1e9/0x300 [ 1505.563581] ? copy_mnt_ns+0xa00/0xa00 [ 1505.563605] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1505.563624] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.563644] do_syscall_64+0x33/0x40 [ 1505.563662] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.563674] RIP: 0033:0x7fb9df3c2b19 [ 1505.563691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.563701] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1505.563721] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1505.563732] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1505.563742] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1505.563753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1505.563764] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:31:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 26) 14:31:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:31:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 27) 14:31:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:31:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x77, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:31:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 26) [ 1518.593583] FAULT_INJECTION: forcing a failure. [ 1518.593583] name failslab, interval 1, probability 0, space 0, times 0 14:31:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 28) 14:31:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 9) [ 1518.595028] CPU: 0 PID: 9352 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1518.595979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.596986] Call Trace: [ 1518.597311] dump_stack+0x107/0x167 [ 1518.597752] should_fail.cold+0x5/0xa [ 1518.598217] ? create_object.isra.0+0x3a/0xa20 [ 1518.598784] should_failslab+0x5/0x20 [ 1518.599247] kmem_cache_alloc+0x5b/0x310 [ 1518.599738] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1518.600403] create_object.isra.0+0x3a/0xa20 [ 1518.600932] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1518.601558] kmem_cache_alloc+0x159/0x310 [ 1518.602062] security_file_alloc+0x34/0x170 [ 1518.602586] __alloc_file+0xb7/0x320 [ 1518.603044] alloc_empty_file+0x6d/0x170 [ 1518.603536] path_openat+0xe6/0x2770 [ 1518.603988] ? __lock_acquire+0x1657/0x5b00 [ 1518.604524] ? path_lookupat+0x860/0x860 [ 1518.605016] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1518.605648] ? lock_acquire+0x197/0x470 [ 1518.606129] ? find_held_lock+0x2c/0x110 [ 1518.606623] do_filp_open+0x190/0x3e0 [ 1518.607088] ? may_open_dev+0xf0/0xf0 [ 1518.607552] ? alloc_fd+0x2e7/0x670 [ 1518.607988] ? lock_downgrade+0x6d0/0x6d0 [ 1518.608485] ? do_raw_spin_lock+0x121/0x260 [ 1518.609001] ? rwlock_bug.part.0+0x90/0x90 [ 1518.609516] ? _raw_spin_unlock+0x1a/0x30 [ 1518.610014] ? alloc_fd+0x2e7/0x670 [ 1518.610457] do_sys_openat2+0x171/0x4d0 [ 1518.610954] ? build_open_flags+0x6f0/0x6f0 [ 1518.611480] ? rcu_read_lock_any_held+0x75/0xa0 [ 1518.612049] __x64_sys_openat+0x13f/0x1f0 [ 1518.612550] ? __ia32_sys_open+0x1c0/0x1c0 [ 1518.613069] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1518.613708] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.614335] do_syscall_64+0x33/0x40 [ 1518.614792] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.615410] RIP: 0033:0x7f744e8d0a04 [ 1518.615862] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1518.618109] RSP: 002b:00007f744be92ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1518.619042] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e8d0a04 [ 1518.619897] RDX: 0000000000000002 RSI: 00007f744be93000 RDI: 00000000ffffff9c [ 1518.620754] RBP: 00007f744be93000 R08: 0000000000000000 R09: ffffffffffffffff [ 1518.621614] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1518.622476] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1518.624775] FAULT_INJECTION: forcing a failure. [ 1518.624775] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.626489] CPU: 0 PID: 9355 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1518.627319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.628311] Call Trace: [ 1518.628624] dump_stack+0x107/0x167 [ 1518.629061] should_fail.cold+0x5/0xa [ 1518.629518] ? __kthread_create_on_node+0xd1/0x400 [ 1518.630108] should_failslab+0x5/0x20 [ 1518.630563] kmem_cache_alloc_trace+0x55/0x320 [ 1518.631123] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1518.631686] __kthread_create_on_node+0xd1/0x400 [ 1518.632252] ? __kthread_parkme+0x1d0/0x1d0 [ 1518.632777] ? __mutex_lock+0x4fe/0x10b0 [ 1518.633271] ? loop_configure+0xcb9/0x1490 [ 1518.633775] ? do_raw_spin_unlock+0x4f/0x220 [ 1518.634311] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1518.634888] kthread_create_on_node+0xbb/0x100 [ 1518.635441] ? __kthread_create_on_node+0x400/0x400 [ 1518.636037] ? lockdep_init_map_type+0x2c7/0x780 [ 1518.636617] ? lockdep_init_map_type+0x2c7/0x780 [ 1518.637190] loop_configure+0x3e7/0x1490 [ 1518.637685] lo_ioctl+0xa72/0x1760 [ 1518.638111] ? avc_has_extended_perms+0x7f1/0xf40 [ 1518.638704] ? loop_set_status_old+0x250/0x250 [ 1518.638952] FAULT_INJECTION: forcing a failure. [ 1518.638952] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1518.639256] ? avc_ss_reset+0x180/0x180 [ 1518.642095] ? find_held_lock+0x2c/0x110 [ 1518.642588] ? __lock_acquire+0xbb1/0x5b00 [ 1518.643134] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1518.643764] ? generic_block_fiemap+0x60/0x60 [ 1518.644309] ? lock_downgrade+0x6d0/0x6d0 [ 1518.644808] ? build_open_flags+0x6f0/0x6f0 [ 1518.645328] ? loop_set_status_old+0x250/0x250 [ 1518.645877] blkdev_ioctl+0x291/0x710 [ 1518.646340] ? blkdev_common_ioctl+0x1930/0x1930 [ 1518.646922] ? selinux_file_ioctl+0xb6/0x270 [ 1518.647449] block_ioctl+0xf9/0x140 [ 1518.647883] ? blkdev_read_iter+0x1c0/0x1c0 [ 1518.648398] __x64_sys_ioctl+0x19a/0x210 [ 1518.648887] do_syscall_64+0x33/0x40 [ 1518.649331] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.649948] RIP: 0033:0x7ff3729078d7 [ 1518.650393] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.652631] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1518.653544] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1518.654406] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1518.655281] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1518.656146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1518.656996] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1518.657866] CPU: 1 PID: 9362 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1518.659303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.661031] Call Trace: [ 1518.661577] dump_stack+0x107/0x167 [ 1518.662334] should_fail.cold+0x5/0xa [ 1518.663137] strncpy_from_user+0x34/0x470 [ 1518.664002] getname_flags.part.0+0x95/0x4f0 [ 1518.665033] ? _copy_from_user+0xfb/0x1b0 [ 1518.666005] user_path_at_empty+0xa1/0x100 [ 1518.667023] __x64_sys_mount+0x1e9/0x300 [ 1518.667973] ? copy_mnt_ns+0xa00/0xa00 [ 1518.668907] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1518.670134] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.671370] do_syscall_64+0x33/0x40 [ 1518.672254] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.673454] RIP: 0033:0x7fb9df3c2b19 [ 1518.674337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.678634] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1518.680433] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1518.682101] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1518.683789] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1518.685434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1518.687092] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1518.689804] FAULT_INJECTION: forcing a failure. [ 1518.689804] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.691217] CPU: 0 PID: 9358 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1518.692033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.693015] Call Trace: [ 1518.693326] dump_stack+0x107/0x167 [ 1518.693754] should_fail.cold+0x5/0xa [ 1518.694200] ? create_object.isra.0+0x3a/0xa20 [ 1518.694746] should_failslab+0x5/0x20 [ 1518.695195] kmem_cache_alloc+0x5b/0x310 [ 1518.695677] create_object.isra.0+0x3a/0xa20 [ 1518.696196] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1518.696800] kmem_cache_alloc_trace+0x151/0x320 [ 1518.697343] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1518.697899] __kthread_create_on_node+0xd1/0x400 [ 1518.698456] ? __kthread_parkme+0x1d0/0x1d0 [ 1518.698971] ? __mutex_lock+0x4fe/0x10b0 [ 1518.699454] ? loop_configure+0xcb9/0x1490 [ 1518.699949] ? do_raw_spin_unlock+0x4f/0x220 [ 1518.700465] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1518.701015] kthread_create_on_node+0xbb/0x100 [ 1518.701546] ? __kthread_create_on_node+0x400/0x400 [ 1518.702128] ? lockdep_init_map_type+0x2c7/0x780 [ 1518.702690] ? lockdep_init_map_type+0x2c7/0x780 [ 1518.703246] loop_configure+0x3e7/0x1490 [ 1518.703724] lo_ioctl+0xa72/0x1760 [ 1518.704135] ? avc_has_extended_perms+0x7f1/0xf40 [ 1518.704701] ? loop_set_status_old+0x250/0x250 [ 1518.705232] ? avc_ss_reset+0x180/0x180 [ 1518.705693] ? find_held_lock+0x2c/0x110 [ 1518.706170] ? __lock_acquire+0xbb1/0x5b00 [ 1518.706693] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1518.707303] ? generic_block_fiemap+0x60/0x60 [ 1518.707824] ? lock_downgrade+0x6d0/0x6d0 [ 1518.708308] ? build_open_flags+0x6f0/0x6f0 [ 1518.708812] ? loop_set_status_old+0x250/0x250 [ 1518.709358] blkdev_ioctl+0x291/0x710 [ 1518.709802] ? blkdev_common_ioctl+0x1930/0x1930 [ 1518.710368] ? selinux_file_ioctl+0xb6/0x270 [ 1518.710894] block_ioctl+0xf9/0x140 [ 1518.711314] ? blkdev_read_iter+0x1c0/0x1c0 [ 1518.711816] __x64_sys_ioctl+0x19a/0x210 [ 1518.712285] do_syscall_64+0x33/0x40 [ 1518.712717] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.713313] RIP: 0033:0x7fd972fd98d7 [ 1518.713745] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.715900] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1518.716784] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1518.717618] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1518.718445] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1518.719278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1518.720103] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1518.753294] FAULT_INJECTION: forcing a failure. [ 1518.753294] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.754616] CPU: 0 PID: 9363 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1518.755410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.756357] Call Trace: [ 1518.756661] dump_stack+0x107/0x167 [ 1518.757075] should_fail.cold+0x5/0xa [ 1518.757516] ? create_object.isra.0+0x3a/0xa20 [ 1518.758040] should_failslab+0x5/0x20 [ 1518.758476] kmem_cache_alloc+0x5b/0x310 [ 1518.758947] create_object.isra.0+0x3a/0xa20 [ 1518.759454] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1518.760035] kmem_cache_alloc_trace+0x151/0x320 [ 1518.760571] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1518.761111] __kthread_create_on_node+0xd1/0x400 [ 1518.761650] ? __kthread_parkme+0x1d0/0x1d0 [ 1518.762149] ? __mutex_lock+0x4fe/0x10b0 [ 1518.762613] ? loop_configure+0xcb9/0x1490 [ 1518.763101] ? do_raw_spin_unlock+0x4f/0x220 [ 1518.763604] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1518.764144] kthread_create_on_node+0xbb/0x100 [ 1518.764664] ? __kthread_create_on_node+0x400/0x400 [ 1518.765234] ? lockdep_init_map_type+0x2c7/0x780 [ 1518.765777] ? lockdep_init_map_type+0x2c7/0x780 [ 1518.766322] loop_configure+0x3e7/0x1490 [ 1518.766797] lo_ioctl+0xa72/0x1760 [ 1518.767202] ? avc_has_extended_perms+0x7f1/0xf40 [ 1518.767747] ? loop_set_status_old+0x250/0x250 [ 1518.768266] ? avc_ss_reset+0x180/0x180 [ 1518.768722] ? find_held_lock+0x2c/0x110 [ 1518.769187] ? __lock_acquire+0xbb1/0x5b00 [ 1518.769691] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1518.770286] ? generic_block_fiemap+0x60/0x60 [ 1518.770802] ? lock_downgrade+0x6d0/0x6d0 [ 1518.771274] ? build_open_flags+0x6f0/0x6f0 [ 1518.771764] ? loop_set_status_old+0x250/0x250 [ 1518.772287] blkdev_ioctl+0x291/0x710 [ 1518.772719] ? blkdev_common_ioctl+0x1930/0x1930 [ 1518.773257] ? selinux_file_ioctl+0xb6/0x270 [ 1518.773757] block_ioctl+0xf9/0x140 [ 1518.774173] ? blkdev_read_iter+0x1c0/0x1c0 [ 1518.774673] __x64_sys_ioctl+0x19a/0x210 [ 1518.775134] do_syscall_64+0x33/0x40 [ 1518.775560] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.776140] RIP: 0033:0x7f3b3a6db8d7 [ 1518.776563] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.778679] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1518.779542] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1518.780359] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1518.781170] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1518.781981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1518.782802] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1518.824425] isofs_fill_super: get root inode failed [ 1518.856434] isofs_fill_super: root inode is not a directory. Corrupted media? 14:31:54 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 10) 14:31:54 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(0x0) pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:31:54 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 27) 14:31:54 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 28) [ 1532.030230] FAULT_INJECTION: forcing a failure. [ 1532.030230] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.031674] CPU: 0 PID: 9380 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1532.032513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.033689] Call Trace: [ 1532.034025] dump_stack+0x107/0x167 [ 1532.034472] should_fail.cold+0x5/0xa [ 1532.034952] ? alloc_fs_context+0x57/0x840 [ 1532.035490] should_failslab+0x5/0x20 [ 1532.035901] FAULT_INJECTION: forcing a failure. [ 1532.035901] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.035977] kmem_cache_alloc_trace+0x55/0x320 [ 1532.035998] alloc_fs_context+0x57/0x840 [ 1532.039555] path_mount+0xaa3/0x2120 [ 1532.040023] ? strncpy_from_user+0x9e/0x470 [ 1532.040567] ? finish_automount+0xa90/0xa90 [ 1532.041105] ? getname_flags.part.0+0x1dd/0x4f0 [ 1532.041678] ? _copy_from_user+0xfb/0x1b0 [ 1532.042193] __x64_sys_mount+0x282/0x300 [ 1532.042693] ? copy_mnt_ns+0xa00/0xa00 [ 1532.043183] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1532.043824] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1532.044455] do_syscall_64+0x33/0x40 [ 1532.044910] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.045537] RIP: 0033:0x7fb9df3c2b19 [ 1532.045993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.048251] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1532.049183] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1532.050052] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1532.050920] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1532.051797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1532.052664] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:31:54 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x78, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:31:54 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 29) 14:31:54 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 27) 14:31:54 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1532.053558] CPU: 1 PID: 9388 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1532.055337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.057203] Call Trace: [ 1532.057798] dump_stack+0x107/0x167 [ 1532.058613] should_fail.cold+0x5/0xa [ 1532.059484] ? __kthread_create_on_node+0xd1/0x400 [ 1532.060590] should_failslab+0x5/0x20 [ 1532.061445] kmem_cache_alloc_trace+0x55/0x320 [ 1532.062473] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.063545] __kthread_create_on_node+0xd1/0x400 [ 1532.064609] ? __kthread_parkme+0x1d0/0x1d0 [ 1532.065590] ? __mutex_lock+0x4fe/0x10b0 [ 1532.066487] ? loop_configure+0xcb9/0x1490 [ 1532.067443] ? do_raw_spin_unlock+0x4f/0x220 [ 1532.068431] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.069495] kthread_create_on_node+0xbb/0x100 [ 1532.070522] ? __kthread_create_on_node+0x400/0x400 [ 1532.071654] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.072720] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.073795] loop_configure+0x3e7/0x1490 [ 1532.074714] lo_ioctl+0xa72/0x1760 [ 1532.075520] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.076604] ? loop_set_status_old+0x250/0x250 [ 1532.077633] ? avc_ss_reset+0x180/0x180 [ 1532.078524] ? find_held_lock+0x2c/0x110 [ 1532.079455] ? __lock_acquire+0xbb1/0x5b00 [ 1532.080456] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.081636] ? generic_block_fiemap+0x60/0x60 [ 1532.082645] ? lock_downgrade+0x6d0/0x6d0 [ 1532.083584] ? build_open_flags+0x6f0/0x6f0 [ 1532.084556] ? loop_set_status_old+0x250/0x250 [ 1532.085578] blkdev_ioctl+0x291/0x710 [ 1532.086422] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.087495] ? selinux_file_ioctl+0xb6/0x270 [ 1532.088473] block_ioctl+0xf9/0x140 [ 1532.089288] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.090239] __x64_sys_ioctl+0x19a/0x210 [ 1532.091146] do_syscall_64+0x33/0x40 [ 1532.091966] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.093094] RIP: 0033:0x7f744e91d8d7 [ 1532.093916] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.097949] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.099622] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1532.101174] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.102724] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.104287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.105840] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1532.111506] FAULT_INJECTION: forcing a failure. [ 1532.111506] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.112898] CPU: 0 PID: 9385 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1532.113722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.114720] Call Trace: [ 1532.115053] dump_stack+0x107/0x167 [ 1532.115500] should_fail.cold+0x5/0xa [ 1532.115969] ? create_object.isra.0+0x3a/0xa20 [ 1532.116525] should_failslab+0x5/0x20 [ 1532.116994] kmem_cache_alloc+0x5b/0x310 [ 1532.117485] create_object.isra.0+0x3a/0xa20 [ 1532.118011] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1532.118624] kmem_cache_alloc_trace+0x151/0x320 [ 1532.119204] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.119773] __kthread_create_on_node+0xd1/0x400 [ 1532.120343] ? __kthread_parkme+0x1d0/0x1d0 [ 1532.120870] ? __mutex_lock+0x4fe/0x10b0 [ 1532.121355] ? loop_configure+0xcb9/0x1490 [ 1532.121863] ? do_raw_spin_unlock+0x4f/0x220 [ 1532.122387] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.122960] kthread_create_on_node+0xbb/0x100 [ 1532.123518] ? __kthread_create_on_node+0x400/0x400 [ 1532.124119] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.124680] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.125251] loop_configure+0x3e7/0x1490 [ 1532.125738] lo_ioctl+0xa72/0x1760 [ 1532.126168] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.126745] ? loop_set_status_old+0x250/0x250 [ 1532.127298] ? avc_ss_reset+0x180/0x180 [ 1532.127775] ? find_held_lock+0x2c/0x110 [ 1532.128265] ? __lock_acquire+0xbb1/0x5b00 [ 1532.128795] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.129424] ? generic_block_fiemap+0x60/0x60 [ 1532.129963] ? lock_downgrade+0x6d0/0x6d0 [ 1532.130457] ? build_open_flags+0x6f0/0x6f0 [ 1532.130971] ? loop_set_status_old+0x250/0x250 [ 1532.131549] blkdev_ioctl+0x291/0x710 [ 1532.132008] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.132579] ? selinux_file_ioctl+0xb6/0x270 [ 1532.133136] block_ioctl+0xf9/0x140 [ 1532.133566] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.134088] __x64_sys_ioctl+0x19a/0x210 [ 1532.134574] do_syscall_64+0x33/0x40 [ 1532.135016] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.135632] RIP: 0033:0x7fd972fd98d7 [ 1532.136085] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.138281] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.139192] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1532.140049] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.140902] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.141749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.142622] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1532.166614] FAULT_INJECTION: forcing a failure. [ 1532.166614] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.169105] CPU: 1 PID: 9386 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1532.170594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.172417] Call Trace: [ 1532.172998] dump_stack+0x107/0x167 [ 1532.173792] should_fail.cold+0x5/0xa [ 1532.174624] ? create_object.isra.0+0x3a/0xa20 [ 1532.175627] should_failslab+0x5/0x20 [ 1532.176455] kmem_cache_alloc+0x5b/0x310 [ 1532.177348] create_object.isra.0+0x3a/0xa20 [ 1532.178300] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1532.179420] kmem_cache_alloc_trace+0x151/0x320 [ 1532.180434] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.181466] __kthread_create_on_node+0xd1/0x400 [ 1532.182498] ? __kthread_parkme+0x1d0/0x1d0 [ 1532.183460] ? __mutex_lock+0x4fe/0x10b0 [ 1532.184343] ? loop_configure+0xcb9/0x1490 [ 1532.185260] ? do_raw_spin_unlock+0x4f/0x220 [ 1532.186207] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.187234] kthread_create_on_node+0xbb/0x100 [ 1532.188213] ? __kthread_create_on_node+0x400/0x400 [ 1532.189288] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.190307] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.191347] loop_configure+0x3e7/0x1490 [ 1532.192230] lo_ioctl+0xa72/0x1760 [ 1532.192983] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.194010] ? loop_set_status_old+0x250/0x250 [ 1532.194984] ? avc_ss_reset+0x180/0x180 [ 1532.195852] ? __lock_acquire+0xbb1/0x5b00 [ 1532.196792] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.197906] ? generic_block_fiemap+0x60/0x60 [ 1532.198843] ? lock_downgrade+0x6d0/0x6d0 [ 1532.199771] ? loop_set_status_old+0x250/0x250 [ 1532.200736] blkdev_ioctl+0x291/0x710 [ 1532.201553] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.202560] ? selinux_file_ioctl+0xb6/0x270 [ 1532.203516] block_ioctl+0xf9/0x140 [ 1532.204296] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.205223] __x64_sys_ioctl+0x19a/0x210 [ 1532.206094] do_syscall_64+0x33/0x40 [ 1532.206894] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.208000] RIP: 0033:0x7ff3729078d7 [ 1532.208787] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.212718] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.214338] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1532.215859] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.217377] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.218891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.220416] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:31:55 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 28) [ 1532.235933] FAULT_INJECTION: forcing a failure. [ 1532.235933] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.238339] CPU: 1 PID: 9392 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1532.239792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.241537] Call Trace: [ 1532.242100] dump_stack+0x107/0x167 [ 1532.242871] should_fail.cold+0x5/0xa [ 1532.243701] ? __kernfs_new_node+0xd4/0x860 [ 1532.244612] should_failslab+0x5/0x20 [ 1532.245423] kmem_cache_alloc+0x5b/0x310 [ 1532.246289] __kernfs_new_node+0xd4/0x860 [ 1532.247181] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1532.248175] ? lock_acquire+0x197/0x470 [ 1532.249014] ? lock_chain_count+0x20/0x20 [ 1532.249891] ? lock_acquire+0x197/0x470 [ 1532.250725] ? task_rq_lock+0xab/0x270 [ 1532.251562] ? lock_release+0x680/0x680 [ 1532.252404] ? find_held_lock+0x2c/0x110 [ 1532.253264] kernfs_new_node+0x18d/0x250 [ 1532.254121] kernfs_create_dir_ns+0x49/0x160 [ 1532.255050] internal_create_group+0x793/0xb30 [ 1532.256022] ? set_user_nice.part.0+0x2fd/0x760 [ 1532.257139] ? sysfs_remove_group+0x170/0x170 [ 1532.258244] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.259410] ? blk_queue_flag_set+0x22/0x30 [ 1532.260467] ? __loop_update_dio+0x2d2/0x690 [ 1532.261539] loop_configure+0x958/0x1490 [ 1532.262551] lo_ioctl+0xa72/0x1760 [ 1532.263420] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.264608] ? loop_set_status_old+0x250/0x250 [ 1532.265732] ? avc_ss_reset+0x180/0x180 [ 1532.266706] ? find_held_lock+0x2c/0x110 [ 1532.267723] ? __lock_acquire+0xbb1/0x5b00 [ 1532.268808] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.270093] ? generic_block_fiemap+0x60/0x60 [ 1532.271200] ? lock_downgrade+0x6d0/0x6d0 [ 1532.272211] ? build_open_flags+0x6f0/0x6f0 [ 1532.273272] ? loop_set_status_old+0x250/0x250 [ 1532.274385] blkdev_ioctl+0x291/0x710 [ 1532.275323] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.276486] ? selinux_file_ioctl+0xb6/0x270 [ 1532.277562] block_ioctl+0xf9/0x140 [ 1532.278442] ? blkdev_read_iter+0x1c0/0x1c0 14:31:55 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 11) [ 1532.279523] __x64_sys_ioctl+0x19a/0x210 [ 1532.280696] do_syscall_64+0x33/0x40 [ 1532.281601] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.282841] RIP: 0033:0x7f3b3a6db8d7 [ 1532.283756] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.288222] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.290074] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1532.291816] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1532.293549] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.295271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1532.296961] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:31:55 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1532.345179] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1532.347133] isofs_fill_super: get root inode failed [ 1532.364344] FAULT_INJECTION: forcing a failure. [ 1532.364344] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.367014] CPU: 1 PID: 9405 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1532.368619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.370529] Call Trace: [ 1532.371147] dump_stack+0x107/0x167 [ 1532.371988] should_fail.cold+0x5/0xa [ 1532.372861] ? create_object.isra.0+0x3a/0xa20 [ 1532.373912] should_failslab+0x5/0x20 [ 1532.374787] kmem_cache_alloc+0x5b/0x310 [ 1532.375730] create_object.isra.0+0x3a/0xa20 [ 1532.376736] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1532.377907] kmem_cache_alloc_trace+0x151/0x320 [ 1532.378981] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.380079] __kthread_create_on_node+0xd1/0x400 [ 1532.381167] ? __kthread_parkme+0x1d0/0x1d0 [ 1532.382097] ? __mutex_lock+0x4fe/0x10b0 [ 1532.382950] ? loop_configure+0xcb9/0x1490 [ 1532.383920] ? do_raw_spin_unlock+0x4f/0x220 [ 1532.384926] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1532.385964] kthread_create_on_node+0xbb/0x100 [ 1532.386924] ? __kthread_create_on_node+0x400/0x400 [ 1532.388085] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.389178] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.390196] loop_configure+0x3e7/0x1490 [ 1532.391145] lo_ioctl+0xa72/0x1760 [ 1532.391971] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.393102] ? loop_set_status_old+0x250/0x250 [ 1532.394087] ? avc_ss_reset+0x180/0x180 [ 1532.394986] ? find_held_lock+0x2c/0x110 [ 1532.395958] ? __lock_acquire+0xbb1/0x5b00 [ 1532.396996] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.398137] ? generic_block_fiemap+0x60/0x60 [ 1532.399166] ? lock_downgrade+0x6d0/0x6d0 [ 1532.400127] ? build_open_flags+0x6f0/0x6f0 [ 1532.401138] ? loop_set_status_old+0x250/0x250 [ 1532.402119] blkdev_ioctl+0x291/0x710 [ 1532.402979] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.404088] ? selinux_file_ioctl+0xb6/0x270 [ 1532.405122] block_ioctl+0xf9/0x140 [ 1532.405917] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.406876] __x64_sys_ioctl+0x19a/0x210 [ 1532.407841] do_syscall_64+0x33/0x40 [ 1532.408714] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.409861] RIP: 0033:0x7f744e91d8d7 [ 1532.410671] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.414827] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.416636] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1532.418225] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.419928] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.421613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.423128] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1532.445387] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1532.459334] FAULT_INJECTION: forcing a failure. [ 1532.459334] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.461948] CPU: 1 PID: 9408 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1532.463396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.465148] Call Trace: [ 1532.465709] dump_stack+0x107/0x167 [ 1532.466485] should_fail.cold+0x5/0xa [ 1532.467294] ? create_object.isra.0+0x3a/0xa20 [ 1532.468266] should_failslab+0x5/0x20 [ 1532.469078] kmem_cache_alloc+0x5b/0x310 [ 1532.469961] create_object.isra.0+0x3a/0xa20 [ 1532.470892] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1532.472016] kmem_cache_alloc_trace+0x151/0x320 [ 1532.473013] alloc_fs_context+0x57/0x840 [ 1532.473879] path_mount+0xaa3/0x2120 [ 1532.474675] ? strncpy_from_user+0x9e/0x470 [ 1532.475597] ? finish_automount+0xa90/0xa90 [ 1532.476511] ? getname_flags.part.0+0x1dd/0x4f0 [ 1532.477493] ? _copy_from_user+0xfb/0x1b0 [ 1532.478431] __x64_sys_mount+0x282/0x300 [ 1532.479352] ? copy_mnt_ns+0xa00/0xa00 [ 1532.480181] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1532.481294] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1532.482384] do_syscall_64+0x33/0x40 [ 1532.483184] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.484244] RIP: 0033:0x7fb9df3c2b19 [ 1532.485029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.488881] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1532.490486] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1532.492005] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1532.493511] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1532.495020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1532.496538] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:31:55 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:31:55 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 30) 14:31:55 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 29) 14:31:55 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 28) 14:31:55 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:31:55 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 29) [ 1532.659299] FAULT_INJECTION: forcing a failure. [ 1532.659299] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.661687] CPU: 1 PID: 9419 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1532.663113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.664856] Call Trace: [ 1532.665417] dump_stack+0x107/0x167 [ 1532.666182] should_fail.cold+0x5/0xa [ 1532.666992] ? create_object.isra.0+0x3a/0xa20 [ 1532.667964] should_failslab+0x5/0x20 [ 1532.668759] kmem_cache_alloc+0x5b/0x310 [ 1532.669614] create_object.isra.0+0x3a/0xa20 [ 1532.670525] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1532.671721] kmem_cache_alloc+0x159/0x310 [ 1532.672604] __kernfs_new_node+0xd4/0x860 [ 1532.673474] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1532.674470] ? lock_acquire+0x197/0x470 [ 1532.675310] ? lock_chain_count+0x20/0x20 [ 1532.676195] ? lock_acquire+0x197/0x470 [ 1532.677035] ? task_rq_lock+0xab/0x270 [ 1532.677847] ? lock_release+0x680/0x680 [ 1532.678682] ? find_held_lock+0x2c/0x110 [ 1532.679548] kernfs_new_node+0x18d/0x250 [ 1532.680410] kernfs_create_dir_ns+0x49/0x160 [ 1532.681343] internal_create_group+0x793/0xb30 [ 1532.682305] ? set_user_nice.part.0+0x2fd/0x760 [ 1532.683291] ? sysfs_remove_group+0x170/0x170 [ 1532.684237] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.685247] ? blk_queue_flag_set+0x22/0x30 [ 1532.686153] ? __loop_update_dio+0x2d2/0x690 [ 1532.687082] loop_configure+0x958/0x1490 [ 1532.687963] lo_ioctl+0xa72/0x1760 [ 1532.688715] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.689734] ? loop_set_status_old+0x250/0x250 [ 1532.690697] ? avc_ss_reset+0x180/0x180 [ 1532.691554] ? find_held_lock+0x2c/0x110 [ 1532.692422] ? __lock_acquire+0xbb1/0x5b00 [ 1532.693368] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.694474] ? generic_block_fiemap+0x60/0x60 [ 1532.695429] ? lock_downgrade+0x6d0/0x6d0 [ 1532.696303] ? build_open_flags+0x6f0/0x6f0 [ 1532.697220] ? loop_set_status_old+0x250/0x250 [ 1532.698182] blkdev_ioctl+0x291/0x710 [ 1532.698987] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.699983] ? selinux_file_ioctl+0xb6/0x270 [ 1532.700975] block_ioctl+0xf9/0x140 [ 1532.701821] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.702819] __x64_sys_ioctl+0x19a/0x210 [ 1532.703765] do_syscall_64+0x33/0x40 [ 1532.704613] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.705776] RIP: 0033:0x7f3b3a6db8d7 [ 1532.706618] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.710825] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.712599] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1532.714255] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1532.715920] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.717589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1532.719264] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1532.760536] FAULT_INJECTION: forcing a failure. [ 1532.760536] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.761983] CPU: 0 PID: 9422 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1532.762876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.763890] Call Trace: [ 1532.764212] dump_stack+0x107/0x167 [ 1532.764637] should_fail.cold+0x5/0xa [ 1532.765077] ? create_object.isra.0+0x3a/0xa20 [ 1532.765605] should_failslab+0x5/0x20 [ 1532.766043] kmem_cache_alloc+0x5b/0x310 [ 1532.766507] create_object.isra.0+0x3a/0xa20 [ 1532.767005] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1532.767589] kmem_cache_alloc+0x159/0x310 [ 1532.768074] __kernfs_new_node+0xd4/0x860 [ 1532.768547] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1532.769089] ? lock_chain_count+0x20/0x20 [ 1532.769577] ? update_load_avg+0x162/0x1870 [ 1532.770074] ? find_held_lock+0x2c/0x110 [ 1532.770547] kernfs_new_node+0x18d/0x250 [ 1532.771050] kernfs_create_dir_ns+0x49/0x160 [ 1532.771570] internal_create_group+0x793/0xb30 [ 1532.772099] ? set_user_nice.part.0+0x2fd/0x760 [ 1532.772641] ? sysfs_remove_group+0x170/0x170 [ 1532.773153] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.773696] ? blk_queue_flag_set+0x22/0x30 [ 1532.774192] ? __loop_update_dio+0x2d2/0x690 [ 1532.774691] loop_configure+0x958/0x1490 [ 1532.775206] lo_ioctl+0xa72/0x1760 [ 1532.775621] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.776191] ? loop_set_status_old+0x250/0x250 [ 1532.776719] ? avc_ss_reset+0x180/0x180 [ 1532.777170] ? find_held_lock+0x2c/0x110 [ 1532.777646] ? __lock_acquire+0xbb1/0x5b00 [ 1532.778158] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.778754] ? generic_block_fiemap+0x60/0x60 [ 1532.779273] ? lock_downgrade+0x6d0/0x6d0 [ 1532.779753] ? build_open_flags+0x6f0/0x6f0 [ 1532.780264] ? loop_set_status_old+0x250/0x250 [ 1532.780783] blkdev_ioctl+0x291/0x710 [ 1532.781218] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.781772] ? selinux_file_ioctl+0xb6/0x270 [ 1532.782285] block_ioctl+0xf9/0x140 [ 1532.782708] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.783211] __x64_sys_ioctl+0x19a/0x210 [ 1532.783686] do_syscall_64+0x33/0x40 [ 1532.784115] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.784702] RIP: 0033:0x7fd972fd98d7 [ 1532.785122] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.787266] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.788130] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1532.788951] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.789755] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.790573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.791399] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:31:55 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 12) [ 1532.823735] FAULT_INJECTION: forcing a failure. [ 1532.823735] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.825078] CPU: 0 PID: 9424 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1532.825947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.826977] Call Trace: [ 1532.827293] dump_stack+0x107/0x167 [ 1532.827711] should_fail.cold+0x5/0xa [ 1532.828149] ? __kernfs_new_node+0xd4/0x860 [ 1532.828643] should_failslab+0x5/0x20 [ 1532.829080] kmem_cache_alloc+0x5b/0x310 [ 1532.829548] __kernfs_new_node+0xd4/0x860 [ 1532.830025] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1532.830567] ? lock_acquire+0x197/0x470 [ 1532.831024] ? lock_chain_count+0x20/0x20 [ 1532.831500] ? lock_acquire+0x197/0x470 [ 1532.831955] ? task_rq_lock+0xab/0x270 [ 1532.832398] ? lock_release+0x680/0x680 [ 1532.832855] ? find_held_lock+0x2c/0x110 [ 1532.833321] kernfs_new_node+0x18d/0x250 [ 1532.833788] kernfs_create_dir_ns+0x49/0x160 [ 1532.834297] internal_create_group+0x793/0xb30 [ 1532.834818] ? set_user_nice.part.0+0x2fd/0x760 [ 1532.835349] ? sysfs_remove_group+0x170/0x170 [ 1532.835864] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.836406] ? blk_queue_flag_set+0x22/0x30 [ 1532.836899] ? __loop_update_dio+0x2d2/0x690 [ 1532.837400] loop_configure+0x958/0x1490 [ 1532.837878] lo_ioctl+0xa72/0x1760 [ 1532.838294] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.838847] ? loop_set_status_old+0x250/0x250 [ 1532.839386] ? avc_ss_reset+0x180/0x180 [ 1532.839846] ? find_held_lock+0x2c/0x110 [ 1532.840312] ? __lock_acquire+0xbb1/0x5b00 [ 1532.840817] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.841423] ? generic_block_fiemap+0x60/0x60 [ 1532.841932] ? lock_downgrade+0x6d0/0x6d0 [ 1532.842405] ? build_open_flags+0x6f0/0x6f0 [ 1532.842898] ? loop_set_status_old+0x250/0x250 [ 1532.843419] blkdev_ioctl+0x291/0x710 [ 1532.843853] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.844394] ? selinux_file_ioctl+0xb6/0x270 [ 1532.844902] block_ioctl+0xf9/0x140 [ 1532.845316] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.845806] __x64_sys_ioctl+0x19a/0x210 [ 1532.846275] do_syscall_64+0x33/0x40 [ 1532.846702] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.847301] RIP: 0033:0x7f744e91d8d7 [ 1532.847726] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.849823] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.850698] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1532.851524] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.852345] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.853161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.853981] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1532.868749] FAULT_INJECTION: forcing a failure. [ 1532.868749] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.871552] CPU: 1 PID: 9423 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1532.873153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1532.875090] Call Trace: [ 1532.875720] dump_stack+0x107/0x167 [ 1532.876566] should_fail.cold+0x5/0xa [ 1532.877463] ? __kernfs_new_node+0xd4/0x860 [ 1532.878471] should_failslab+0x5/0x20 [ 1532.879368] kmem_cache_alloc+0x5b/0x310 [ 1532.880321] __kernfs_new_node+0xd4/0x860 [ 1532.881301] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1532.882397] ? lock_acquire+0x197/0x470 [ 1532.883332] ? lock_chain_count+0x20/0x20 [ 1532.884312] ? lock_acquire+0x197/0x470 [ 1532.885240] ? task_rq_lock+0xab/0x270 [ 1532.886149] ? lock_release+0x680/0x680 [ 1532.887075] ? find_held_lock+0x2c/0x110 [ 1532.888034] kernfs_new_node+0x18d/0x250 [ 1532.888988] kernfs_create_dir_ns+0x49/0x160 [ 1532.890017] internal_create_group+0x793/0xb30 [ 1532.891086] ? set_user_nice.part.0+0x2fd/0x760 [ 1532.892180] ? sysfs_remove_group+0x170/0x170 [ 1532.893231] ? lockdep_init_map_type+0x2c7/0x780 [ 1532.894340] ? blk_queue_flag_set+0x22/0x30 [ 1532.895357] ? __loop_update_dio+0x2d2/0x690 [ 1532.896382] loop_configure+0x958/0x1490 [ 1532.897338] lo_ioctl+0xa72/0x1760 [ 1532.898172] ? avc_has_extended_perms+0x7f1/0xf40 [ 1532.899307] ? loop_set_status_old+0x250/0x250 [ 1532.900375] ? avc_ss_reset+0x180/0x180 [ 1532.901306] ? find_held_lock+0x2c/0x110 [ 1532.902267] ? __lock_acquire+0xbb1/0x5b00 [ 1532.903315] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1532.904535] ? generic_block_fiemap+0x60/0x60 [ 1532.905584] ? lock_downgrade+0x6d0/0x6d0 [ 1532.906548] ? build_open_flags+0x6f0/0x6f0 [ 1532.907568] ? loop_set_status_old+0x250/0x250 [ 1532.908635] blkdev_ioctl+0x291/0x710 [ 1532.909520] ? blkdev_common_ioctl+0x1930/0x1930 [ 1532.910633] ? selinux_file_ioctl+0xb6/0x270 [ 1532.911668] block_ioctl+0xf9/0x140 [ 1532.912512] ? blkdev_read_iter+0x1c0/0x1c0 [ 1532.913518] __x64_sys_ioctl+0x19a/0x210 [ 1532.914469] do_syscall_64+0x33/0x40 [ 1532.915341] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1532.916529] RIP: 0033:0x7ff3729078d7 [ 1532.917399] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.921685] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1532.923468] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1532.925139] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1532.926800] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1532.928483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1532.930153] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1532.951494] isofs_fill_super: get root inode failed [ 1532.958350] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1532.962265] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1533.008980] FAULT_INJECTION: forcing a failure. [ 1533.008980] name failslab, interval 1, probability 0, space 0, times 0 [ 1533.011601] CPU: 1 PID: 9434 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1533.013162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1533.015052] Call Trace: [ 1533.015666] dump_stack+0x107/0x167 [ 1533.016504] should_fail.cold+0x5/0xa [ 1533.017389] ? legacy_init_fs_context+0x44/0xe0 [ 1533.018456] should_failslab+0x5/0x20 [ 1533.019334] kmem_cache_alloc_trace+0x55/0x320 [ 1533.020376] ? lockdep_init_map_type+0x2c7/0x780 [ 1533.021466] legacy_init_fs_context+0x44/0xe0 [ 1533.022496] ? generic_parse_monolithic+0x1f0/0x1f0 [ 1533.023652] alloc_fs_context+0x4fd/0x840 [ 1533.024610] path_mount+0xaa3/0x2120 [ 1533.025471] ? strncpy_from_user+0x9e/0x470 [ 1533.026453] ? finish_automount+0xa90/0xa90 [ 1533.027448] ? getname_flags.part.0+0x1dd/0x4f0 [ 1533.028512] ? _copy_from_user+0xfb/0x1b0 [ 1533.029463] __x64_sys_mount+0x282/0x300 [ 1533.030386] ? copy_mnt_ns+0xa00/0xa00 [ 1533.031283] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1533.032481] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1533.033664] do_syscall_64+0x33/0x40 [ 1533.034513] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1533.035693] RIP: 0033:0x7fb9df3c2b19 [ 1533.036545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.040751] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1533.042491] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1533.044130] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1533.045748] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1533.047370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1533.048975] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:32:10 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 13) 14:32:10 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 29) 14:32:10 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:32:10 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x2, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(0x0) pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:32:10 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 31) 14:32:10 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 30) 14:32:10 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 30) [ 1547.532807] FAULT_INJECTION: forcing a failure. [ 1547.532807] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.535265] CPU: 1 PID: 9450 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1547.536697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.538423] Call Trace: [ 1547.538979] dump_stack+0x107/0x167 [ 1547.539744] should_fail.cold+0x5/0xa [ 1547.540541] ? create_object.isra.0+0x3a/0xa20 [ 1547.541497] should_failslab+0x5/0x20 [ 1547.542298] kmem_cache_alloc+0x5b/0x310 [ 1547.543145] create_object.isra.0+0x3a/0xa20 [ 1547.544069] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1547.545127] kmem_cache_alloc_trace+0x151/0x320 [ 1547.546095] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.547088] legacy_init_fs_context+0x44/0xe0 [ 1547.548030] ? generic_parse_monolithic+0x1f0/0x1f0 [ 1547.549076] alloc_fs_context+0x4fd/0x840 [ 1547.549952] path_mount+0xaa3/0x2120 [ 1547.549981] ? strncpy_from_user+0x9e/0x470 [ 1547.549999] ? finish_automount+0xa90/0xa90 [ 1547.550018] ? getname_flags.part.0+0x1dd/0x4f0 [ 1547.550036] ? _copy_from_user+0xfb/0x1b0 [ 1547.550060] __x64_sys_mount+0x282/0x300 [ 1547.550076] ? copy_mnt_ns+0xa00/0xa00 [ 1547.550098] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1547.550117] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1547.550137] do_syscall_64+0x33/0x40 [ 1547.550155] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.550166] RIP: 0033:0x7fb9df3c2b19 [ 1547.550184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.550194] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1547.550213] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1547.550223] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1547.550233] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 14:32:10 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 31) [ 1547.550243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1547.550253] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1547.556221] FAULT_INJECTION: forcing a failure. [ 1547.556221] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.556239] CPU: 0 PID: 9458 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1547.556248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.556253] Call Trace: [ 1547.556271] dump_stack+0x107/0x167 [ 1547.556290] should_fail.cold+0x5/0xa [ 1547.556312] ? __kernfs_new_node+0xd4/0x860 [ 1547.556332] should_failslab+0x5/0x20 [ 1547.556348] kmem_cache_alloc+0x5b/0x310 [ 1547.556374] __kernfs_new_node+0xd4/0x860 [ 1547.556398] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.556411] ? kernfs_add_one+0x36e/0x4d0 [ 1547.556441] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.556466] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.556486] kernfs_new_node+0x18d/0x250 [ 1547.556510] __kernfs_create_file+0x51/0x350 [ 1547.556532] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.556560] internal_create_group+0x324/0xb30 [ 1547.556593] ? sysfs_remove_group+0x170/0x170 [ 1547.556614] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.556637] ? blk_queue_flag_set+0x22/0x30 [ 1547.556654] ? __loop_update_dio+0x2d2/0x690 [ 1547.556676] loop_configure+0x958/0x1490 [ 1547.556706] lo_ioctl+0xa72/0x1760 [ 1547.556727] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.556749] ? loop_set_status_old+0x250/0x250 [ 1547.556770] ? avc_ss_reset+0x180/0x180 [ 1547.556790] ? find_held_lock+0x2c/0x110 [ 1547.556820] ? __lock_acquire+0xbb1/0x5b00 [ 1547.556882] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.556899] ? generic_block_fiemap+0x60/0x60 [ 1547.556917] ? lock_downgrade+0x6d0/0x6d0 [ 1547.556934] ? build_open_flags+0x6f0/0x6f0 [ 1547.556957] ? loop_set_status_old+0x250/0x250 [ 1547.556972] blkdev_ioctl+0x291/0x710 [ 1547.556990] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.557011] ? selinux_file_ioctl+0xb6/0x270 [ 1547.557033] block_ioctl+0xf9/0x140 [ 1547.557048] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.557067] __x64_sys_ioctl+0x19a/0x210 [ 1547.557086] do_syscall_64+0x33/0x40 [ 1547.557104] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.557115] RIP: 0033:0x7fd972fd98d7 [ 1547.557131] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:32:10 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 31) 14:32:10 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x4, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:10 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 30) 14:32:10 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 32) [ 1547.557146] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:32:10 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 32) [ 1547.557165] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1547.557175] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:32:10 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x6, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1547.557185] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.557195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.557205] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:32:10 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 14) 14:32:10 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 31) [ 1547.563230] FAULT_INJECTION: forcing a failure. [ 1547.563230] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.563248] CPU: 1 PID: 9453 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1547.563258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.563262] Call Trace: [ 1547.563281] dump_stack+0x107/0x167 14:32:10 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 32) [ 1547.563299] should_fail.cold+0x5/0xa [ 1547.563318] ? create_object.isra.0+0x3a/0xa20 [ 1547.563337] should_failslab+0x5/0x20 [ 1547.563354] kmem_cache_alloc+0x5b/0x310 [ 1547.563377] create_object.isra.0+0x3a/0xa20 [ 1547.563392] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1547.563415] kmem_cache_alloc+0x159/0x310 [ 1547.563440] __kernfs_new_node+0xd4/0x860 [ 1547.563464] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.563484] ? lock_chain_count+0x20/0x20 [ 1547.563511] ? update_load_avg+0x162/0x1870 [ 1547.563529] ? find_held_lock+0x2c/0x110 [ 1547.563549] kernfs_new_node+0x18d/0x250 [ 1547.563571] kernfs_create_dir_ns+0x49/0x160 [ 1547.563591] internal_create_group+0x793/0xb30 [ 1547.563614] ? set_user_nice.part.0+0x2fd/0x760 [ 1547.563647] ? sysfs_remove_group+0x170/0x170 [ 1547.563667] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.563689] ? blk_queue_flag_set+0x22/0x30 [ 1547.563703] ? __loop_update_dio+0x2d2/0x690 [ 1547.563725] loop_configure+0x958/0x1490 [ 1547.563755] lo_ioctl+0xa72/0x1760 [ 1547.563774] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.563802] ? loop_set_status_old+0x250/0x250 [ 1547.563823] ? avc_ss_reset+0x180/0x180 [ 1547.563847] ? find_held_lock+0x2c/0x110 [ 1547.563877] ? __lock_acquire+0xbb1/0x5b00 [ 1547.563938] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.563955] ? generic_block_fiemap+0x60/0x60 [ 1547.563972] ? lock_downgrade+0x6d0/0x6d0 [ 1547.563988] ? build_open_flags+0x6f0/0x6f0 [ 1547.564012] ? loop_set_status_old+0x250/0x250 [ 1547.564026] blkdev_ioctl+0x291/0x710 [ 1547.564045] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.564066] ? selinux_file_ioctl+0xb6/0x270 [ 1547.564088] block_ioctl+0xf9/0x140 [ 1547.564103] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.564122] __x64_sys_ioctl+0x19a/0x210 [ 1547.564141] do_syscall_64+0x33/0x40 [ 1547.564158] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.564170] RIP: 0033:0x7f744e91d8d7 [ 1547.564187] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.564196] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.564215] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1547.564225] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1547.564235] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.564244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.564253] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1547.571270] FAULT_INJECTION: forcing a failure. [ 1547.571270] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.571288] CPU: 0 PID: 9460 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1547.571296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.571302] Call Trace: [ 1547.571320] dump_stack+0x107/0x167 [ 1547.571352] should_fail.cold+0x5/0xa [ 1547.571371] ? create_object.isra.0+0x3a/0xa20 [ 1547.571391] should_failslab+0x5/0x20 [ 1547.571408] kmem_cache_alloc+0x5b/0x310 [ 1547.571431] create_object.isra.0+0x3a/0xa20 [ 1547.571445] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1547.571468] kmem_cache_alloc+0x159/0x310 [ 1547.571494] __kernfs_new_node+0xd4/0x860 [ 1547.571518] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.571538] ? lock_chain_count+0x20/0x20 [ 1547.571565] ? update_load_avg+0x162/0x1870 [ 1547.571582] ? find_held_lock+0x2c/0x110 [ 1547.571602] kernfs_new_node+0x18d/0x250 [ 1547.571640] kernfs_create_dir_ns+0x49/0x160 [ 1547.571664] internal_create_group+0x793/0xb30 [ 1547.571687] ? set_user_nice.part.0+0x2fd/0x760 [ 1547.571704] ? sysfs_remove_group+0x170/0x170 [ 1547.571724] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.571746] ? blk_queue_flag_set+0x22/0x30 [ 1547.571761] ? __loop_update_dio+0x2d2/0x690 [ 1547.571783] loop_configure+0x958/0x1490 [ 1547.571820] lo_ioctl+0xa72/0x1760 [ 1547.571839] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.571861] ? loop_set_status_old+0x250/0x250 [ 1547.571882] ? avc_ss_reset+0x180/0x180 [ 1547.571902] ? find_held_lock+0x2c/0x110 [ 1547.571932] ? __lock_acquire+0xbb1/0x5b00 [ 1547.571993] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.572011] ? generic_block_fiemap+0x60/0x60 [ 1547.572029] ? lock_downgrade+0x6d0/0x6d0 [ 1547.572045] ? build_open_flags+0x6f0/0x6f0 [ 1547.572069] ? loop_set_status_old+0x250/0x250 [ 1547.572083] blkdev_ioctl+0x291/0x710 [ 1547.572102] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.572123] ? selinux_file_ioctl+0xb6/0x270 [ 1547.572144] block_ioctl+0xf9/0x140 [ 1547.572160] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.572179] __x64_sys_ioctl+0x19a/0x210 [ 1547.572198] do_syscall_64+0x33/0x40 [ 1547.572216] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.572227] RIP: 0033:0x7ff3729078d7 [ 1547.572243] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.572252] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.572271] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1547.572281] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1547.572291] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.572301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.572310] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1547.579271] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1547.582133] FAULT_INJECTION: forcing a failure. [ 1547.582133] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.582151] CPU: 0 PID: 9461 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1547.582160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.582165] Call Trace: [ 1547.582183] dump_stack+0x107/0x167 [ 1547.582202] should_fail.cold+0x5/0xa [ 1547.582222] ? __kernfs_new_node+0xd4/0x860 [ 1547.582242] should_failslab+0x5/0x20 [ 1547.582259] kmem_cache_alloc+0x5b/0x310 [ 1547.582284] __kernfs_new_node+0xd4/0x860 [ 1547.582309] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.582322] ? kernfs_add_one+0x36e/0x4d0 [ 1547.582352] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.582367] ? lock_acquire+0x197/0x470 [ 1547.582399] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.582418] kernfs_new_node+0x18d/0x250 [ 1547.582441] __kernfs_create_file+0x51/0x350 [ 1547.582463] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.582490] internal_create_group+0x324/0xb30 [ 1547.582516] ? sysfs_remove_group+0x170/0x170 [ 1547.582537] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.582558] ? blk_queue_flag_set+0x22/0x30 [ 1547.582573] ? __loop_update_dio+0x2d2/0x690 [ 1547.582595] loop_configure+0x958/0x1490 [ 1547.582625] lo_ioctl+0xa72/0x1760 [ 1547.582644] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.582666] ? loop_set_status_old+0x250/0x250 [ 1547.582687] ? avc_ss_reset+0x180/0x180 [ 1547.582707] ? find_held_lock+0x2c/0x110 [ 1547.582737] ? __lock_acquire+0xbb1/0x5b00 [ 1547.582798] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.582815] ? generic_block_fiemap+0x60/0x60 [ 1547.582832] ? lock_downgrade+0x6d0/0x6d0 [ 1547.582848] ? build_open_flags+0x6f0/0x6f0 [ 1547.582872] ? loop_set_status_old+0x250/0x250 [ 1547.582886] blkdev_ioctl+0x291/0x710 [ 1547.582904] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.582925] ? selinux_file_ioctl+0xb6/0x270 [ 1547.582946] block_ioctl+0xf9/0x140 [ 1547.582962] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.582981] __x64_sys_ioctl+0x19a/0x210 [ 1547.583000] do_syscall_64+0x33/0x40 [ 1547.583017] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.583038] RIP: 0033:0x7f3b3a6db8d7 [ 1547.583054] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.583064] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.583083] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1547.583093] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1547.583104] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.583113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1547.583123] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1547.596995] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1547.605726] isofs_fill_super: get root inode failed [ 1547.707520] FAULT_INJECTION: forcing a failure. [ 1547.707520] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.707540] CPU: 1 PID: 9470 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1547.707550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.707556] Call Trace: [ 1547.707581] dump_stack+0x107/0x167 [ 1547.707600] should_fail.cold+0x5/0xa [ 1547.707636] ? __kernfs_new_node+0xd4/0x860 [ 1547.707658] should_failslab+0x5/0x20 [ 1547.707677] kmem_cache_alloc+0x5b/0x310 [ 1547.707702] __kernfs_new_node+0xd4/0x860 [ 1547.707726] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.707739] ? kernfs_add_one+0x36e/0x4d0 [ 1547.707770] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.707801] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.707821] kernfs_new_node+0x18d/0x250 [ 1547.707844] __kernfs_create_file+0x51/0x350 [ 1547.707865] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.707893] internal_create_group+0x324/0xb30 [ 1547.707918] ? sysfs_remove_group+0x170/0x170 [ 1547.707941] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.707966] ? blk_queue_flag_set+0x22/0x30 [ 1547.707984] ? __loop_update_dio+0x2d2/0x690 [ 1547.708006] loop_configure+0x958/0x1490 [ 1547.708036] lo_ioctl+0xa72/0x1760 [ 1547.708056] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.708078] ? loop_set_status_old+0x250/0x250 [ 1547.708100] ? avc_ss_reset+0x180/0x180 [ 1547.708120] ? find_held_lock+0x2c/0x110 [ 1547.708150] ? __lock_acquire+0xbb1/0x5b00 [ 1547.708212] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.708231] ? generic_block_fiemap+0x60/0x60 [ 1547.708248] ? lock_downgrade+0x6d0/0x6d0 [ 1547.708266] ? build_open_flags+0x6f0/0x6f0 [ 1547.708290] ? loop_set_status_old+0x250/0x250 [ 1547.708305] blkdev_ioctl+0x291/0x710 [ 1547.708323] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.708345] ? selinux_file_ioctl+0xb6/0x270 [ 1547.708367] block_ioctl+0xf9/0x140 [ 1547.708383] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.708402] __x64_sys_ioctl+0x19a/0x210 [ 1547.708422] do_syscall_64+0x33/0x40 [ 1547.708440] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.708452] RIP: 0033:0x7f744e91d8d7 [ 1547.708468] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.708478] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.708498] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1547.708508] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1547.708518] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.708528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.708538] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1547.715607] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1547.779606] FAULT_INJECTION: forcing a failure. [ 1547.779606] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.779645] CPU: 1 PID: 9473 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1547.779655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.779662] Call Trace: [ 1547.779687] dump_stack+0x107/0x167 [ 1547.779707] should_fail.cold+0x5/0xa [ 1547.779731] ? __kernfs_new_node+0xd4/0x860 [ 1547.779753] should_failslab+0x5/0x20 [ 1547.779771] kmem_cache_alloc+0x5b/0x310 [ 1547.779797] __kernfs_new_node+0xd4/0x860 [ 1547.779822] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.779835] ? kernfs_add_one+0x36e/0x4d0 [ 1547.779867] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.779884] ? lock_acquire+0x197/0x470 [ 1547.779909] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.779928] kernfs_new_node+0x18d/0x250 [ 1547.779951] __kernfs_create_file+0x51/0x350 [ 1547.779973] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.780002] internal_create_group+0x324/0xb30 [ 1547.780028] ? sysfs_remove_group+0x170/0x170 [ 1547.780049] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.780072] ? blk_queue_flag_set+0x22/0x30 [ 1547.780091] ? __loop_update_dio+0x2d2/0x690 [ 1547.780113] loop_configure+0x958/0x1490 [ 1547.780143] lo_ioctl+0xa72/0x1760 [ 1547.780163] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.780184] ? loop_set_status_old+0x250/0x250 [ 1547.780206] ? avc_ss_reset+0x180/0x180 [ 1547.780226] ? find_held_lock+0x2c/0x110 [ 1547.780256] ? __lock_acquire+0xbb1/0x5b00 [ 1547.780318] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.780337] ? generic_block_fiemap+0x60/0x60 [ 1547.780354] ? lock_downgrade+0x6d0/0x6d0 [ 1547.780372] ? build_open_flags+0x6f0/0x6f0 [ 1547.780396] ? loop_set_status_old+0x250/0x250 [ 1547.780411] blkdev_ioctl+0x291/0x710 [ 1547.780429] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.780450] ? selinux_file_ioctl+0xb6/0x270 [ 1547.780473] block_ioctl+0xf9/0x140 [ 1547.780488] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.780507] __x64_sys_ioctl+0x19a/0x210 [ 1547.780527] do_syscall_64+0x33/0x40 [ 1547.780545] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.780556] RIP: 0033:0x7ff3729078d7 [ 1547.780574] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.780584] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.780605] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1547.780615] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1547.780625] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.780636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.780646] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1547.825980] FAULT_INJECTION: forcing a failure. [ 1547.825980] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.826003] CPU: 1 PID: 9478 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1547.826013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.826018] Call Trace: [ 1547.826042] dump_stack+0x107/0x167 [ 1547.826062] should_fail.cold+0x5/0xa [ 1547.826084] ? create_object.isra.0+0x3a/0xa20 [ 1547.826105] should_failslab+0x5/0x20 [ 1547.826123] kmem_cache_alloc+0x5b/0x310 [ 1547.826146] create_object.isra.0+0x3a/0xa20 [ 1547.826161] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1547.826184] kmem_cache_alloc+0x159/0x310 [ 1547.826212] __kernfs_new_node+0xd4/0x860 [ 1547.826236] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.826249] ? kernfs_add_one+0x36e/0x4d0 [ 1547.826280] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.826297] ? lock_acquire+0x197/0x470 [ 1547.826322] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.826341] kernfs_new_node+0x18d/0x250 [ 1547.826364] __kernfs_create_file+0x51/0x350 [ 1547.826386] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.826414] internal_create_group+0x324/0xb30 [ 1547.826439] ? sysfs_remove_group+0x170/0x170 [ 1547.826460] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.826484] ? blk_queue_flag_set+0x22/0x30 [ 1547.826501] ? __loop_update_dio+0x2d2/0x690 [ 1547.826523] loop_configure+0x958/0x1490 [ 1547.826553] lo_ioctl+0xa72/0x1760 [ 1547.826574] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.826596] ? loop_set_status_old+0x250/0x250 [ 1547.826617] ? avc_ss_reset+0x180/0x180 [ 1547.826637] ? find_held_lock+0x2c/0x110 [ 1547.826667] ? __lock_acquire+0xbb1/0x5b00 [ 1547.826730] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.826749] ? generic_block_fiemap+0x60/0x60 [ 1547.826766] ? lock_downgrade+0x6d0/0x6d0 [ 1547.826783] ? build_open_flags+0x6f0/0x6f0 [ 1547.826817] ? loop_set_status_old+0x250/0x250 [ 1547.826833] blkdev_ioctl+0x291/0x710 [ 1547.826852] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.826873] ? selinux_file_ioctl+0xb6/0x270 [ 1547.826895] block_ioctl+0xf9/0x140 [ 1547.826910] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.826929] __x64_sys_ioctl+0x19a/0x210 [ 1547.826949] do_syscall_64+0x33/0x40 [ 1547.826966] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.826979] RIP: 0033:0x7fd972fd98d7 [ 1547.826995] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.827005] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.827025] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1547.827035] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1547.827045] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.827055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.827065] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1547.838316] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1547.865414] FAULT_INJECTION: forcing a failure. [ 1547.865414] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.865433] CPU: 1 PID: 9481 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1547.865447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.865453] Call Trace: [ 1547.865475] dump_stack+0x107/0x167 [ 1547.865495] should_fail.cold+0x5/0xa [ 1547.865514] ? create_object.isra.0+0x3a/0xa20 [ 1547.865535] should_failslab+0x5/0x20 [ 1547.865553] kmem_cache_alloc+0x5b/0x310 [ 1547.865575] create_object.isra.0+0x3a/0xa20 [ 1547.865590] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1547.865613] kmem_cache_alloc+0x159/0x310 [ 1547.865640] __kernfs_new_node+0xd4/0x860 [ 1547.865664] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.865677] ? kernfs_add_one+0x36e/0x4d0 [ 1547.865708] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.865725] ? lock_acquire+0x197/0x470 [ 1547.865749] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.865768] kernfs_new_node+0x18d/0x250 [ 1547.865797] __kernfs_create_file+0x51/0x350 [ 1547.865819] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.865846] internal_create_group+0x324/0xb30 [ 1547.865874] ? sysfs_remove_group+0x170/0x170 [ 1547.865896] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.865920] ? blk_queue_flag_set+0x22/0x30 [ 1547.865936] ? __loop_update_dio+0x2d2/0x690 [ 1547.865958] loop_configure+0x958/0x1490 [ 1547.865988] lo_ioctl+0xa72/0x1760 [ 1547.866009] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.866030] ? loop_set_status_old+0x250/0x250 [ 1547.866052] ? avc_ss_reset+0x180/0x180 [ 1547.866087] ? __lock_acquire+0xbb1/0x5b00 [ 1547.866149] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.866167] ? generic_block_fiemap+0x60/0x60 [ 1547.866184] ? lock_downgrade+0x6d0/0x6d0 [ 1547.866209] ? loop_set_status_old+0x250/0x250 [ 1547.866223] blkdev_ioctl+0x291/0x710 [ 1547.866241] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.866263] ? selinux_file_ioctl+0xb6/0x270 [ 1547.866286] block_ioctl+0xf9/0x140 [ 1547.866301] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.866321] __x64_sys_ioctl+0x19a/0x210 [ 1547.866340] do_syscall_64+0x33/0x40 [ 1547.866358] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.866369] RIP: 0033:0x7f744e91d8d7 [ 1547.866387] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.866396] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.866416] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1547.866426] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1547.866436] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.866446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1547.866456] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1547.882177] isofs_fill_super: get root inode failed [ 1547.914385] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1547.950769] FAULT_INJECTION: forcing a failure. [ 1547.950769] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.950789] CPU: 0 PID: 9486 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1547.950804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1547.950810] Call Trace: [ 1547.950832] dump_stack+0x107/0x167 [ 1547.950852] should_fail.cold+0x5/0xa [ 1547.950874] ? __kernfs_new_node+0xd4/0x860 [ 1547.950895] should_failslab+0x5/0x20 [ 1547.950912] kmem_cache_alloc+0x5b/0x310 [ 1547.950938] __kernfs_new_node+0xd4/0x860 [ 1547.950962] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1547.950975] ? kernfs_add_one+0x36e/0x4d0 [ 1547.951006] ? mutex_lock_io_nested+0xf30/0xf30 [ 1547.951031] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1547.951051] kernfs_new_node+0x18d/0x250 [ 1547.951074] __kernfs_create_file+0x51/0x350 [ 1547.951096] sysfs_add_file_mode_ns+0x221/0x560 [ 1547.951123] internal_create_group+0x324/0xb30 [ 1547.951149] ? sysfs_remove_group+0x170/0x170 [ 1547.951170] ? lockdep_init_map_type+0x2c7/0x780 [ 1547.951193] ? blk_queue_flag_set+0x22/0x30 [ 1547.951210] ? __loop_update_dio+0x2d2/0x690 [ 1547.951232] loop_configure+0x958/0x1490 [ 1547.951266] lo_ioctl+0xa72/0x1760 [ 1547.951287] ? avc_has_extended_perms+0x7f1/0xf40 [ 1547.951309] ? loop_set_status_old+0x250/0x250 [ 1547.951330] ? avc_ss_reset+0x180/0x180 [ 1547.951350] ? find_held_lock+0x2c/0x110 [ 1547.951380] ? __lock_acquire+0xbb1/0x5b00 [ 1547.951441] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1547.951459] ? generic_block_fiemap+0x60/0x60 [ 1547.951476] ? lock_downgrade+0x6d0/0x6d0 [ 1547.951493] ? build_open_flags+0x6f0/0x6f0 [ 1547.951517] ? loop_set_status_old+0x250/0x250 [ 1547.951531] blkdev_ioctl+0x291/0x710 [ 1547.951549] ? blkdev_common_ioctl+0x1930/0x1930 [ 1547.951570] ? selinux_file_ioctl+0xb6/0x270 [ 1547.951593] block_ioctl+0xf9/0x140 [ 1547.951608] ? blkdev_read_iter+0x1c0/0x1c0 [ 1547.951627] __x64_sys_ioctl+0x19a/0x210 [ 1547.951659] do_syscall_64+0x33/0x40 [ 1547.951676] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1547.951688] RIP: 0033:0x7f3b3a6db8d7 [ 1547.951705] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1547.951714] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.951734] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1547.951744] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1547.951754] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1547.951764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1547.951774] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1548.042946] FAULT_INJECTION: forcing a failure. [ 1548.042946] name failslab, interval 1, probability 0, space 0, times 0 [ 1548.042967] CPU: 0 PID: 9492 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1548.042976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1548.042982] Call Trace: [ 1548.043004] dump_stack+0x107/0x167 [ 1548.043023] should_fail.cold+0x5/0xa [ 1548.043044] ? v9fs_mount+0x5a/0x8f0 [ 1548.043065] should_failslab+0x5/0x20 [ 1548.043084] kmem_cache_alloc_trace+0x55/0x320 [ 1548.043106] ? v9fs_write_inode+0x60/0x60 [ 1548.043131] v9fs_mount+0x5a/0x8f0 [ 1548.043153] ? v9fs_write_inode+0x60/0x60 [ 1548.043173] legacy_get_tree+0x105/0x220 [ 1548.043193] vfs_get_tree+0x8e/0x300 [ 1548.043209] path_mount+0x1429/0x2120 [ 1548.043233] ? strncpy_from_user+0x9e/0x470 [ 1548.043250] ? finish_automount+0xa90/0xa90 [ 1548.043267] ? getname_flags.part.0+0x1dd/0x4f0 [ 1548.043285] ? _copy_from_user+0xfb/0x1b0 [ 1548.043309] __x64_sys_mount+0x282/0x300 [ 1548.043324] ? copy_mnt_ns+0xa00/0xa00 [ 1548.043346] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1548.043365] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1548.043384] do_syscall_64+0x33/0x40 [ 1548.043401] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1548.043413] RIP: 0033:0x7fb9df3c2b19 [ 1548.043430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1548.043440] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1548.043459] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1548.043469] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1548.043479] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1548.043489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1548.043499] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1548.095886] FAULT_INJECTION: forcing a failure. [ 1548.095886] name failslab, interval 1, probability 0, space 0, times 0 [ 1548.095906] CPU: 0 PID: 9496 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1548.095916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1548.095921] Call Trace: [ 1548.095944] dump_stack+0x107/0x167 [ 1548.095963] should_fail.cold+0x5/0xa [ 1548.095989] ? create_object.isra.0+0x3a/0xa20 [ 1548.096009] should_failslab+0x5/0x20 [ 1548.096027] kmem_cache_alloc+0x5b/0x310 [ 1548.096050] create_object.isra.0+0x3a/0xa20 [ 1548.096064] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1548.096088] kmem_cache_alloc+0x159/0x310 [ 1548.096114] __kernfs_new_node+0xd4/0x860 [ 1548.096139] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1548.096151] ? kernfs_add_one+0x36e/0x4d0 [ 1548.096182] ? mutex_lock_io_nested+0xf30/0xf30 [ 1548.096206] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1548.096225] kernfs_new_node+0x18d/0x250 [ 1548.096248] __kernfs_create_file+0x51/0x350 [ 1548.096269] sysfs_add_file_mode_ns+0x221/0x560 [ 1548.096296] internal_create_group+0x324/0xb30 [ 1548.096322] ? sysfs_remove_group+0x170/0x170 [ 1548.096344] ? lockdep_init_map_type+0x2c7/0x780 [ 1548.096366] ? blk_queue_flag_set+0x22/0x30 [ 1548.096383] ? __loop_update_dio+0x2d2/0x690 [ 1548.096405] loop_configure+0x958/0x1490 [ 1548.096434] lo_ioctl+0xa72/0x1760 [ 1548.096454] ? avc_has_extended_perms+0x7f1/0xf40 [ 1548.096476] ? loop_set_status_old+0x250/0x250 [ 1548.096497] ? avc_ss_reset+0x180/0x180 [ 1548.096520] ? find_held_lock+0x2c/0x110 [ 1548.575550] ? __lock_acquire+0xbb1/0x5b00 [ 1548.576330] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1548.577223] ? generic_block_fiemap+0x60/0x60 [ 1548.577985] ? lock_downgrade+0x6d0/0x6d0 [ 1548.578687] ? build_open_flags+0x6f0/0x6f0 [ 1548.579443] ? loop_set_status_old+0x250/0x250 [ 1548.580233] blkdev_ioctl+0x291/0x710 [ 1548.580886] ? blkdev_common_ioctl+0x1930/0x1930 [ 1548.581697] ? selinux_file_ioctl+0xb6/0x270 [ 1548.582453] block_ioctl+0xf9/0x140 [ 1548.583073] ? blkdev_read_iter+0x1c0/0x1c0 [ 1548.583815] __x64_sys_ioctl+0x19a/0x210 [ 1548.584508] do_syscall_64+0x33/0x40 [ 1548.585143] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1548.586016] RIP: 0033:0x7ff3729078d7 [ 1548.586652] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1548.589783] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1548.591076] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1548.592309] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1548.593515] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1548.594722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1548.595993] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1548.616529] FAULT_INJECTION: forcing a failure. [ 1548.616529] name failslab, interval 1, probability 0, space 0, times 0 [ 1548.618510] CPU: 0 PID: 9497 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1548.619687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1548.621075] Call Trace: [ 1548.621511] dump_stack+0x107/0x167 [ 1548.622121] should_fail.cold+0x5/0xa [ 1548.622753] ? __kernfs_new_node+0xd4/0x860 [ 1548.623488] should_failslab+0x5/0x20 [ 1548.624131] kmem_cache_alloc+0x5b/0x310 [ 1548.624809] __kernfs_new_node+0xd4/0x860 [ 1548.625499] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1548.626295] ? kernfs_add_one+0x36e/0x4d0 [ 1548.627002] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1548.627814] ? wait_for_completion_io+0x270/0x270 [ 1548.628617] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1548.629512] kernfs_new_node+0x18d/0x250 [ 1548.630195] __kernfs_create_file+0x51/0x350 [ 1548.630928] sysfs_add_file_mode_ns+0x221/0x560 [ 1548.631732] internal_create_group+0x324/0xb30 [ 1548.632497] ? sysfs_remove_group+0x170/0x170 [ 1548.633257] ? lockdep_init_map_type+0x2c7/0x780 [ 1548.634051] ? blk_queue_flag_set+0x22/0x30 [ 1548.634774] ? __loop_update_dio+0x2d2/0x690 [ 1548.635509] loop_configure+0x958/0x1490 [ 1548.636214] lo_ioctl+0xa72/0x1760 [ 1548.636817] ? avc_has_extended_perms+0x7f1/0xf40 [ 1548.637627] ? loop_set_status_old+0x250/0x250 [ 1548.638387] ? avc_ss_reset+0x180/0x180 [ 1548.639053] ? find_held_lock+0x2c/0x110 [ 1548.639757] ? __lock_acquire+0xbb1/0x5b00 [ 1548.640497] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1548.641366] ? generic_block_fiemap+0x60/0x60 [ 1548.642119] ? lock_downgrade+0x6d0/0x6d0 [ 1548.642811] ? build_open_flags+0x6f0/0x6f0 [ 1548.643539] ? loop_set_status_old+0x250/0x250 [ 1548.644302] blkdev_ioctl+0x291/0x710 [ 1548.644939] ? blkdev_common_ioctl+0x1930/0x1930 [ 1548.645729] ? selinux_file_ioctl+0xb6/0x270 [ 1548.646459] block_ioctl+0xf9/0x140 [ 1548.647064] ? blkdev_read_iter+0x1c0/0x1c0 [ 1548.647793] __x64_sys_ioctl+0x19a/0x210 [ 1548.648472] do_syscall_64+0x33/0x40 [ 1548.649094] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1548.649939] RIP: 0033:0x7fd972fd98d7 [ 1548.650564] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1548.653601] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1548.654862] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1548.656035] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1548.657191] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1548.658347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1548.659513] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1548.664139] isofs_fill_super: get root inode failed [ 1548.705422] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:24 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 33) 14:32:24 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 15) 14:32:24 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 33) 14:32:24 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 32) 14:32:24 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0xc, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:24 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 33) 14:32:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(0x0) pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:32:24 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, 0x0, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1561.974500] FAULT_INJECTION: forcing a failure. [ 1561.974500] name failslab, interval 1, probability 0, space 0, times 0 [ 1561.976377] CPU: 1 PID: 9517 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1561.977272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1561.978336] Call Trace: [ 1561.978676] dump_stack+0x107/0x167 [ 1561.979146] should_fail.cold+0x5/0xa [ 1561.979646] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1561.980390] should_failslab+0x5/0x20 [ 1561.980874] kmem_cache_alloc+0x5b/0x310 [ 1561.981403] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1561.982109] idr_get_free+0x4b5/0x8f0 [ 1561.982612] idr_alloc_u32+0x170/0x2d0 [ 1561.983103] ? __fprop_inc_percpu_max+0x130/0x130 [ 1561.983698] ? lock_acquire+0x197/0x470 [ 1561.984229] ? __kernfs_new_node+0xff/0x860 [ 1561.984752] idr_alloc_cyclic+0x102/0x230 [ 1561.985284] ? idr_alloc+0x130/0x130 [ 1561.985750] ? rwlock_bug.part.0+0x90/0x90 [ 1561.986310] __kernfs_new_node+0x117/0x860 [ 1561.986853] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1561.987460] ? lock_chain_count+0x20/0x20 [ 1561.987990] ? update_load_avg+0x162/0x1870 [ 1561.988556] ? find_held_lock+0x2c/0x110 [ 1561.989068] kernfs_new_node+0x18d/0x250 [ 1561.989592] kernfs_create_dir_ns+0x49/0x160 [ 1561.990123] internal_create_group+0x793/0xb30 [ 1561.990722] ? set_user_nice.part.0+0x2fd/0x760 [ 1561.991318] ? sysfs_remove_group+0x170/0x170 [ 1561.991887] ? lockdep_init_map_type+0x2c7/0x780 [ 1561.992477] ? blk_queue_flag_set+0x22/0x30 [ 1561.993021] ? __loop_update_dio+0x2d2/0x690 [ 1561.993589] loop_configure+0x958/0x1490 [ 1561.994113] lo_ioctl+0xa72/0x1760 [ 1561.994567] ? avc_has_extended_perms+0x7f1/0xf40 [ 1561.995194] ? loop_set_status_old+0x250/0x250 [ 1561.995801] ? avc_ss_reset+0x180/0x180 [ 1561.996331] ? find_held_lock+0x2c/0x110 [ 1561.996862] ? __lock_acquire+0xbb1/0x5b00 [ 1561.997432] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1561.998104] ? generic_block_fiemap+0x60/0x60 [ 1561.998681] ? lock_downgrade+0x6d0/0x6d0 [ 1561.999229] ? build_open_flags+0x6f0/0x6f0 [ 1561.999780] ? loop_set_status_old+0x250/0x250 [ 1562.000385] blkdev_ioctl+0x291/0x710 [ 1562.000863] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.001480] ? selinux_file_ioctl+0xb6/0x270 [ 1562.002045] block_ioctl+0xf9/0x140 [ 1562.002515] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.003075] __x64_sys_ioctl+0x19a/0x210 [ 1562.003600] do_syscall_64+0x33/0x40 [ 1562.004075] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.004740] RIP: 0033:0x7f3b3a6db8d7 [ 1562.005196] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.007535] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.008506] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1562.009423] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1562.010283] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.011186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1562.012110] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1562.018805] FAULT_INJECTION: forcing a failure. [ 1562.018805] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.021642] CPU: 0 PID: 9519 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1562.023304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.025344] Call Trace: [ 1562.025997] dump_stack+0x107/0x167 [ 1562.026897] should_fail.cold+0x5/0xa [ 1562.027843] ? create_object.isra.0+0x3a/0xa20 [ 1562.028966] should_failslab+0x5/0x20 [ 1562.029892] kmem_cache_alloc+0x5b/0x310 [ 1562.030876] ? cred_has_capability.isra.0+0x152/0x2b0 [ 1562.032143] create_object.isra.0+0x3a/0xa20 [ 1562.033194] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1562.034429] kmem_cache_alloc_trace+0x151/0x320 [ 1562.035553] ? v9fs_write_inode+0x60/0x60 [ 1562.036568] v9fs_mount+0x5a/0x8f0 [ 1562.037427] ? v9fs_write_inode+0x60/0x60 [ 1562.038447] legacy_get_tree+0x105/0x220 [ 1562.039432] vfs_get_tree+0x8e/0x300 [ 1562.040338] path_mount+0x1429/0x2120 [ 1562.041258] ? strncpy_from_user+0x9e/0x470 [ 1562.042307] ? finish_automount+0xa90/0xa90 [ 1562.043346] ? getname_flags.part.0+0x1dd/0x4f0 [ 1562.044495] ? _copy_from_user+0xfb/0x1b0 [ 1562.045492] __x64_sys_mount+0x282/0x300 [ 1562.046475] ? copy_mnt_ns+0xa00/0xa00 [ 1562.047425] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1562.048697] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1562.049955] do_syscall_64+0x33/0x40 [ 1562.050867] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.052125] RIP: 0033:0x7fb9df3c2b19 [ 1562.053021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.057463] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1562.059291] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1562.061017] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1562.062739] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1562.064464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1562.066159] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:32:24 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0xff, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:24 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1562.086872] FAULT_INJECTION: forcing a failure. [ 1562.086872] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.089754] CPU: 0 PID: 9520 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1562.091501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.093486] Call Trace: [ 1562.094113] dump_stack+0x107/0x167 [ 1562.094980] should_fail.cold+0x5/0xa [ 1562.095898] ? __kernfs_new_node+0xd4/0x860 [ 1562.096938] should_failslab+0x5/0x20 [ 1562.097855] kmem_cache_alloc+0x5b/0x310 [ 1562.098836] __kernfs_new_node+0xd4/0x860 [ 1562.099844] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.100978] ? kernfs_add_one+0x36e/0x4d0 [ 1562.101978] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.103131] ? wait_for_completion_io+0x270/0x270 [ 1562.104293] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.105535] kernfs_new_node+0x18d/0x250 [ 1562.106506] __kernfs_create_file+0x51/0x350 [ 1562.107552] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.108672] internal_create_group+0x324/0xb30 [ 1562.109772] ? sysfs_remove_group+0x170/0x170 [ 1562.110843] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.111977] ? blk_queue_flag_set+0x22/0x30 [ 1562.113007] ? __loop_update_dio+0x2d2/0x690 [ 1562.114052] loop_configure+0x958/0x1490 [ 1562.115025] lo_ioctl+0xa72/0x1760 [ 1562.115867] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.117020] ? loop_set_status_old+0x250/0x250 [ 1562.118107] ? avc_ss_reset+0x180/0x180 [ 1562.119052] ? find_held_lock+0x2c/0x110 [ 1562.120025] ? __lock_acquire+0xbb1/0x5b00 [ 1562.121087] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.122333] ? generic_block_fiemap+0x60/0x60 [ 1562.123388] ? lock_downgrade+0x6d0/0x6d0 [ 1562.124377] ? build_open_flags+0x6f0/0x6f0 [ 1562.125397] ? loop_set_status_old+0x250/0x250 [ 1562.126461] blkdev_ioctl+0x291/0x710 [ 1562.127351] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.128468] ? selinux_file_ioctl+0xb6/0x270 [ 1562.129505] block_ioctl+0xf9/0x140 [ 1562.130353] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.131360] __x64_sys_ioctl+0x19a/0x210 [ 1562.132324] do_syscall_64+0x33/0x40 [ 1562.133196] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.134394] RIP: 0033:0x7ff3729078d7 [ 1562.135262] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.139570] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.141361] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1562.143025] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1562.144697] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.146345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1562.148005] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1562.159746] FAULT_INJECTION: forcing a failure. [ 1562.159746] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.162524] CPU: 0 PID: 9521 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1562.164169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.166146] Call Trace: [ 1562.166773] dump_stack+0x107/0x167 [ 1562.167648] should_fail.cold+0x5/0xa [ 1562.168572] ? create_object.isra.0+0x3a/0xa20 [ 1562.169670] should_failslab+0x5/0x20 [ 1562.170577] kmem_cache_alloc+0x5b/0x310 [ 1562.171549] create_object.isra.0+0x3a/0xa20 [ 1562.172609] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1562.173825] kmem_cache_alloc+0x159/0x310 [ 1562.174825] __kernfs_new_node+0xd4/0x860 [ 1562.175821] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.176968] ? kernfs_add_one+0x36e/0x4d0 [ 1562.177961] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.179115] ? wait_for_completion_io+0x270/0x270 [ 1562.180295] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.181556] kernfs_new_node+0x18d/0x250 [ 1562.182541] __kernfs_create_file+0x51/0x350 [ 1562.183604] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.184741] internal_create_group+0x324/0xb30 [ 1562.185837] ? sysfs_remove_group+0x170/0x170 [ 1562.186904] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.188034] ? blk_queue_flag_set+0x22/0x30 [ 1562.189060] ? __loop_update_dio+0x2d2/0x690 [ 1562.190108] loop_configure+0x958/0x1490 [ 1562.191086] lo_ioctl+0xa72/0x1760 [ 1562.191929] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.193100] ? loop_set_status_old+0x250/0x250 [ 1562.194190] ? avc_ss_reset+0x180/0x180 [ 1562.195135] ? find_held_lock+0x2c/0x110 [ 1562.196121] ? __lock_acquire+0xbb1/0x5b00 [ 1562.197173] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.198418] ? generic_block_fiemap+0x60/0x60 [ 1562.199479] ? lock_downgrade+0x6d0/0x6d0 [ 1562.200473] ? build_open_flags+0x6f0/0x6f0 [ 1562.201496] ? loop_set_status_old+0x250/0x250 [ 1562.202568] blkdev_ioctl+0x291/0x710 [ 1562.203467] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.204595] ? selinux_file_ioctl+0xb6/0x270 [ 1562.205634] block_ioctl+0xf9/0x140 [ 1562.206490] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.207503] __x64_sys_ioctl+0x19a/0x210 [ 1562.208458] do_syscall_64+0x33/0x40 [ 1562.209337] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.210533] RIP: 0033:0x7fd972fd98d7 [ 1562.211397] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.215692] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.217479] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1562.219148] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1562.220831] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.222492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1562.224168] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:32:25 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 16) 14:32:25 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, 0x0, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1562.236595] FAULT_INJECTION: forcing a failure. [ 1562.236595] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.239255] CPU: 0 PID: 9523 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1562.240834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.242739] Call Trace: [ 1562.243345] dump_stack+0x107/0x167 [ 1562.244192] should_fail.cold+0x5/0xa [ 1562.245068] ? __kernfs_new_node+0xd4/0x860 [ 1562.246064] should_failslab+0x5/0x20 [ 1562.246936] kmem_cache_alloc+0x5b/0x310 [ 1562.247875] __kernfs_new_node+0xd4/0x860 [ 1562.248829] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.249906] ? kernfs_add_one+0x36e/0x4d0 [ 1562.250851] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.251955] ? wait_for_completion_io+0x270/0x270 [ 1562.253066] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.254263] kernfs_new_node+0x18d/0x250 [ 1562.255187] __kernfs_create_file+0x51/0x350 [ 1562.256200] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.257263] internal_create_group+0x324/0xb30 [ 1562.258302] ? sysfs_remove_group+0x170/0x170 [ 1562.259319] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.260407] ? blk_queue_flag_set+0x22/0x30 [ 1562.261383] ? __loop_update_dio+0x2d2/0x690 [ 1562.262383] loop_configure+0x958/0x1490 [ 1562.263316] lo_ioctl+0xa72/0x1760 [ 1562.264138] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.265233] ? loop_set_status_old+0x250/0x250 [ 1562.266256] ? avc_ss_reset+0x180/0x180 [ 1562.267150] ? find_held_lock+0x2c/0x110 [ 1562.268066] ? __lock_acquire+0xbb1/0x5b00 [ 1562.269067] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.270241] ? generic_block_fiemap+0x60/0x60 [ 1562.271241] ? lock_downgrade+0x6d0/0x6d0 [ 1562.272197] ? build_open_flags+0x6f0/0x6f0 [ 1562.273168] ? loop_set_status_old+0x250/0x250 [ 1562.274191] blkdev_ioctl+0x291/0x710 [ 1562.275047] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.276123] ? selinux_file_ioctl+0xb6/0x270 [ 1562.277113] block_ioctl+0xf9/0x140 [ 1562.277922] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.278884] __x64_sys_ioctl+0x19a/0x210 [ 1562.279793] do_syscall_64+0x33/0x40 [ 1562.280632] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.281778] RIP: 0033:0x7f744e91d8d7 [ 1562.282611] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.286721] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.288419] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1562.290005] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1562.291577] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.293124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1562.294658] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1562.316546] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1562.352553] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1562.355728] isofs_fill_super: get root inode failed [ 1562.393150] FAULT_INJECTION: forcing a failure. [ 1562.393150] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.394647] CPU: 1 PID: 9541 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1562.395446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.396421] Call Trace: [ 1562.396737] dump_stack+0x107/0x167 [ 1562.397167] should_fail.cold+0x5/0xa [ 1562.397620] should_failslab+0x5/0x20 [ 1562.398081] __kmalloc_track_caller+0x79/0x370 [ 1562.398618] ? v9fs_session_init+0xa7/0x1680 [ 1562.399135] ? kernel_text_address+0xf2/0x120 [ 1562.399667] kstrdup+0x36/0x70 [ 1562.400041] v9fs_session_init+0xa7/0x1680 [ 1562.400544] ? lock_release+0x680/0x680 [ 1562.401006] ? find_held_lock+0x2c/0x110 [ 1562.401510] ? kmem_cache_alloc_trace+0x151/0x320 [ 1562.402074] ? v9fs_show_options+0x690/0x690 [ 1562.402592] ? trace_hardirqs_on+0x5b/0x180 [ 1562.403093] ? kasan_unpoison_shadow+0x33/0x50 [ 1562.403620] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1562.404221] v9fs_mount+0x79/0x8f0 [ 1562.404636] ? v9fs_write_inode+0x60/0x60 [ 1562.405121] legacy_get_tree+0x105/0x220 [ 1562.405623] vfs_get_tree+0x8e/0x300 [ 1562.406067] path_mount+0x1429/0x2120 [ 1562.406514] ? strncpy_from_user+0x9e/0x470 [ 1562.407016] ? finish_automount+0xa90/0xa90 [ 1562.407520] ? getname_flags.part.0+0x1dd/0x4f0 [ 1562.408062] ? _copy_from_user+0xfb/0x1b0 [ 1562.408551] __x64_sys_mount+0x282/0x300 [ 1562.409022] ? copy_mnt_ns+0xa00/0xa00 [ 1562.409475] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1562.410089] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1562.410736] do_syscall_64+0x33/0x40 [ 1562.411175] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.411804] RIP: 0033:0x7fb9df3c2b19 [ 1562.412248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.414382] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1562.415270] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1562.416119] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1562.416950] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1562.417782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1562.418613] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:32:25 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 33) 14:32:25 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 34) 14:32:25 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 34) 14:32:25 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 34) [ 1562.505293] FAULT_INJECTION: forcing a failure. [ 1562.505293] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.508045] CPU: 0 PID: 9548 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1562.509639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.511497] Call Trace: [ 1562.512089] dump_stack+0x107/0x167 [ 1562.512915] should_fail.cold+0x5/0xa [ 1562.513776] ? __kernfs_new_node+0xd4/0x860 [ 1562.514747] should_failslab+0x5/0x20 [ 1562.515596] kmem_cache_alloc+0x5b/0x310 [ 1562.516520] __kernfs_new_node+0xd4/0x860 [ 1562.517442] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.518488] ? kernfs_add_one+0x36e/0x4d0 [ 1562.519425] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.520503] ? wait_for_completion_io+0x270/0x270 [ 1562.521584] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.522757] kernfs_new_node+0x18d/0x250 [ 1562.523665] __kernfs_create_file+0x51/0x350 [ 1562.524655] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.525694] internal_create_group+0x324/0xb30 [ 1562.526716] ? sysfs_remove_group+0x170/0x170 [ 1562.527716] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.528780] ? blk_queue_flag_set+0x22/0x30 [ 1562.529733] ? __loop_update_dio+0x2d2/0x690 [ 1562.530706] loop_configure+0x958/0x1490 [ 1562.531609] lo_ioctl+0xa72/0x1760 [ 1562.532398] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.533459] ? loop_set_status_old+0x250/0x250 [ 1562.534462] ? avc_ss_reset+0x180/0x180 [ 1562.535339] ? find_held_lock+0x2c/0x110 [ 1562.536248] ? __lock_acquire+0xbb1/0x5b00 [ 1562.537221] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.538368] ? generic_block_fiemap+0x60/0x60 [ 1562.539343] ? lock_downgrade+0x6d0/0x6d0 [ 1562.540274] ? build_open_flags+0x6f0/0x6f0 [ 1562.541222] ? loop_set_status_old+0x250/0x250 [ 1562.542218] blkdev_ioctl+0x291/0x710 [ 1562.543042] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.544077] ? selinux_file_ioctl+0xb6/0x270 [ 1562.545043] block_ioctl+0xf9/0x140 [ 1562.545826] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.546759] __x64_sys_ioctl+0x19a/0x210 [ 1562.547640] do_syscall_64+0x33/0x40 [ 1562.548461] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.549574] RIP: 0033:0x7fd972fd98d7 [ 1562.550380] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.554381] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.556021] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1562.557562] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1562.559098] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.560634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1562.562160] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 14:32:25 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x2, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1562.580107] isofs_fill_super: get root inode failed [ 1562.611691] FAULT_INJECTION: forcing a failure. [ 1562.611691] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.613130] CPU: 1 PID: 9556 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1562.613928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.614889] Call Trace: [ 1562.615200] dump_stack+0x107/0x167 [ 1562.615643] should_fail.cold+0x5/0xa [ 1562.616105] ? create_object.isra.0+0x3a/0xa20 [ 1562.616665] should_failslab+0x5/0x20 [ 1562.617126] kmem_cache_alloc+0x5b/0x310 [ 1562.617619] create_object.isra.0+0x3a/0xa20 [ 1562.618114] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1562.618694] kmem_cache_alloc+0x159/0x310 [ 1562.619174] __kernfs_new_node+0xd4/0x860 [ 1562.619647] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.620182] ? kernfs_add_one+0x36e/0x4d0 [ 1562.620681] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.621229] ? wait_for_completion_io+0x270/0x270 [ 1562.621804] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.622397] kernfs_new_node+0x18d/0x250 [ 1562.622885] __kernfs_create_file+0x51/0x350 [ 1562.623383] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.623946] internal_create_group+0x324/0xb30 [ 1562.624495] ? sysfs_remove_group+0x170/0x170 [ 1562.625026] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.625593] ? blk_queue_flag_set+0x22/0x30 [ 1562.626114] ? __loop_update_dio+0x2d2/0x690 [ 1562.626644] loop_configure+0x958/0x1490 [ 1562.627131] lo_ioctl+0xa72/0x1760 [ 1562.627562] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.628151] ? loop_set_status_old+0x250/0x250 [ 1562.628692] ? avc_ss_reset+0x180/0x180 [ 1562.629162] ? find_held_lock+0x2c/0x110 [ 1562.629668] ? __lock_acquire+0xbb1/0x5b00 [ 1562.630201] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.630826] ? generic_block_fiemap+0x60/0x60 [ 1562.631354] ? lock_downgrade+0x6d0/0x6d0 [ 1562.631853] ? build_open_flags+0x6f0/0x6f0 [ 1562.632377] ? loop_set_status_old+0x250/0x250 [ 1562.632941] blkdev_ioctl+0x291/0x710 [ 1562.633389] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.633952] ? selinux_file_ioctl+0xb6/0x270 [ 1562.634446] block_ioctl+0xf9/0x140 [ 1562.634874] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.635384] __x64_sys_ioctl+0x19a/0x210 [ 1562.635868] do_syscall_64+0x33/0x40 [ 1562.636296] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.636900] RIP: 0033:0x7ff3729078d7 [ 1562.637341] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.639525] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.640438] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1562.641314] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1562.642149] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.643004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1562.643847] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1562.652027] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1562.653199] FAULT_INJECTION: forcing a failure. [ 1562.653199] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.654492] CPU: 1 PID: 9558 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1562.655238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.656154] Call Trace: [ 1562.656445] dump_stack+0x107/0x167 [ 1562.656847] should_fail.cold+0x5/0xa [ 1562.657274] ? create_object.isra.0+0x3a/0xa20 [ 1562.657781] should_failslab+0x5/0x20 [ 1562.658197] kmem_cache_alloc+0x5b/0x310 [ 1562.658648] create_object.isra.0+0x3a/0xa20 [ 1562.659127] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1562.659688] kmem_cache_alloc+0x159/0x310 [ 1562.660164] __kernfs_new_node+0xd4/0x860 [ 1562.660622] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.661139] ? kernfs_add_one+0x36e/0x4d0 [ 1562.661600] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.662134] ? wait_for_completion_io+0x270/0x270 [ 1562.662663] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.663242] kernfs_new_node+0x18d/0x250 [ 1562.663690] __kernfs_create_file+0x51/0x350 [ 1562.664183] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.664704] internal_create_group+0x324/0xb30 [ 1562.665211] ? sysfs_remove_group+0x170/0x170 [ 1562.665702] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.666234] ? blk_queue_flag_set+0x22/0x30 [ 1562.666719] ? __loop_update_dio+0x2d2/0x690 [ 1562.667207] loop_configure+0x958/0x1490 [ 1562.667659] lo_ioctl+0xa72/0x1760 [ 1562.668051] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.668593] ? loop_set_status_old+0x250/0x250 [ 1562.669099] ? avc_ss_reset+0x180/0x180 [ 1562.669541] ? find_held_lock+0x2c/0x110 [ 1562.669994] ? __lock_acquire+0xbb1/0x5b00 [ 1562.670485] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.671064] ? generic_block_fiemap+0x60/0x60 [ 1562.671554] ? lock_downgrade+0x6d0/0x6d0 [ 1562.672011] ? build_open_flags+0x6f0/0x6f0 [ 1562.672497] ? loop_set_status_old+0x250/0x250 [ 1562.673000] blkdev_ioctl+0x291/0x710 [ 1562.673427] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.673953] ? selinux_file_ioctl+0xb6/0x270 [ 1562.674445] block_ioctl+0xf9/0x140 [ 1562.674844] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.675330] __x64_sys_ioctl+0x19a/0x210 [ 1562.675783] do_syscall_64+0x33/0x40 [ 1562.676202] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.676762] RIP: 0033:0x7f3b3a6db8d7 [ 1562.677168] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.679195] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.680031] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1562.680820] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1562.681601] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.682387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1562.683176] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1562.686752] FAULT_INJECTION: forcing a failure. [ 1562.686752] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.688005] CPU: 1 PID: 9552 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1562.688874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1562.689811] Call Trace: [ 1562.690097] dump_stack+0x107/0x167 [ 1562.690485] should_fail.cold+0x5/0xa [ 1562.690890] ? create_object.isra.0+0x3a/0xa20 [ 1562.691375] should_failslab+0x5/0x20 [ 1562.691778] kmem_cache_alloc+0x5b/0x310 [ 1562.692229] create_object.isra.0+0x3a/0xa20 [ 1562.692709] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1562.693277] kmem_cache_alloc+0x159/0x310 [ 1562.693737] __kernfs_new_node+0xd4/0x860 [ 1562.694197] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1562.694730] ? kernfs_add_one+0x36e/0x4d0 [ 1562.695201] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1562.695733] ? wait_for_completion_io+0x270/0x270 [ 1562.696277] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1562.696863] kernfs_new_node+0x18d/0x250 [ 1562.697317] __kernfs_create_file+0x51/0x350 [ 1562.697803] sysfs_add_file_mode_ns+0x221/0x560 [ 1562.698324] internal_create_group+0x324/0xb30 [ 1562.698840] ? sysfs_remove_group+0x170/0x170 [ 1562.699340] ? lockdep_init_map_type+0x2c7/0x780 [ 1562.699865] ? blk_queue_flag_set+0x22/0x30 [ 1562.700346] ? __loop_update_dio+0x2d2/0x690 [ 1562.700834] loop_configure+0x958/0x1490 [ 1562.701293] lo_ioctl+0xa72/0x1760 [ 1562.701689] ? avc_has_extended_perms+0x7f1/0xf40 [ 1562.702234] ? loop_set_status_old+0x250/0x250 [ 1562.702739] ? avc_ss_reset+0x180/0x180 [ 1562.703178] ? find_held_lock+0x2c/0x110 [ 1562.703643] ? __lock_acquire+0xbb1/0x5b00 [ 1562.704143] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1562.704723] ? generic_block_fiemap+0x60/0x60 [ 1562.705221] ? lock_downgrade+0x6d0/0x6d0 [ 1562.705675] ? build_open_flags+0x6f0/0x6f0 [ 1562.706151] ? loop_set_status_old+0x250/0x250 [ 1562.706648] blkdev_ioctl+0x291/0x710 [ 1562.707069] ? blkdev_common_ioctl+0x1930/0x1930 [ 1562.707599] ? selinux_file_ioctl+0xb6/0x270 [ 1562.708087] block_ioctl+0xf9/0x140 [ 1562.708495] ? blkdev_read_iter+0x1c0/0x1c0 [ 1562.708968] __x64_sys_ioctl+0x19a/0x210 [ 1562.709421] do_syscall_64+0x33/0x40 [ 1562.709835] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1562.710396] RIP: 0033:0x7f744e91d8d7 [ 1562.710806] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.712846] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1562.713681] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1562.714461] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1562.715254] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1562.716043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1562.716831] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1562.792317] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 35) 14:32:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:32:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 34) 14:32:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 17) 14:32:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 35) 14:32:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 35) 14:32:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x4, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, 0x0, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1578.565628] FAULT_INJECTION: forcing a failure. [ 1578.565628] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.567277] CPU: 0 PID: 9578 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1578.568211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.569363] Call Trace: [ 1578.569731] dump_stack+0x107/0x167 [ 1578.570231] should_fail.cold+0x5/0xa [ 1578.570750] ? create_object.isra.0+0x3a/0xa20 [ 1578.571389] should_failslab+0x5/0x20 [ 1578.571912] kmem_cache_alloc+0x5b/0x310 [ 1578.572472] create_object.isra.0+0x3a/0xa20 [ 1578.573079] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1578.573776] __kmalloc_track_caller+0x177/0x370 [ 1578.574422] ? v9fs_session_init+0xa7/0x1680 [ 1578.575028] ? kernel_text_address+0xf2/0x120 [ 1578.575644] kstrdup+0x36/0x70 [ 1578.576084] v9fs_session_init+0xa7/0x1680 [ 1578.576676] ? lock_release+0x680/0x680 [ 1578.577224] ? find_held_lock+0x2c/0x110 [ 1578.577782] ? kmem_cache_alloc_trace+0x151/0x320 [ 1578.578440] ? v9fs_show_options+0x690/0x690 [ 1578.579045] ? trace_hardirqs_on+0x5b/0x180 [ 1578.579631] ? kasan_unpoison_shadow+0x33/0x50 [ 1578.580259] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1578.580963] v9fs_mount+0x79/0x8f0 [ 1578.581449] ? v9fs_write_inode+0x60/0x60 [ 1578.582021] legacy_get_tree+0x105/0x220 [ 1578.582571] vfs_get_tree+0x8e/0x300 [ 1578.583084] path_mount+0x1429/0x2120 [ 1578.583610] ? strncpy_from_user+0x9e/0x470 [ 1578.584194] ? finish_automount+0xa90/0xa90 [ 1578.584791] ? getname_flags.part.0+0x1dd/0x4f0 [ 1578.585420] ? _copy_from_user+0xfb/0x1b0 [ 1578.585984] __x64_sys_mount+0x282/0x300 [ 1578.586535] ? copy_mnt_ns+0xa00/0xa00 [ 1578.587064] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1578.587783] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1578.588481] do_syscall_64+0x33/0x40 [ 1578.588992] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1578.589683] RIP: 0033:0x7fb9df3c2b19 [ 1578.590187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.592719] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1578.593757] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1578.594724] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1578.595692] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1578.596667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1578.597645] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1578.599106] FAULT_INJECTION: forcing a failure. [ 1578.599106] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.600680] CPU: 0 PID: 9577 Comm: syz-executor.1 Not tainted 5.10.230 #1 [ 1578.601611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.602737] Call Trace: [ 1578.603095] dump_stack+0x107/0x167 [ 1578.603584] should_fail.cold+0x5/0xa [ 1578.604095] ? create_object.isra.0+0x3a/0xa20 [ 1578.604719] should_failslab+0x5/0x20 [ 1578.605234] kmem_cache_alloc+0x5b/0x310 [ 1578.605787] create_object.isra.0+0x3a/0xa20 [ 1578.606385] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1578.607089] kmem_cache_alloc+0x159/0x310 [ 1578.607662] __kernfs_new_node+0xd4/0x860 [ 1578.608227] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1578.608879] ? kernfs_add_one+0x36e/0x4d0 [ 1578.609453] ? mutex_lock_io_nested+0xf30/0xf30 [ 1578.610087] ? lock_acquire+0x197/0x470 [ 1578.610639] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1578.611299] kernfs_new_node+0x18d/0x250 [ 1578.611860] __kernfs_create_file+0x51/0x350 [ 1578.612461] sysfs_add_file_mode_ns+0x221/0x560 [ 1578.613101] internal_create_group+0x324/0xb30 [ 1578.613723] ? sysfs_remove_group+0x170/0x170 [ 1578.614333] ? lockdep_init_map_type+0x2c7/0x780 [ 1578.614981] ? blk_queue_flag_set+0x22/0x30 [ 1578.615571] ? __loop_update_dio+0x2d2/0x690 [ 1578.616167] loop_configure+0x958/0x1490 [ 1578.616729] lo_ioctl+0xa72/0x1760 [ 1578.617212] ? avc_has_extended_perms+0x7f1/0xf40 [ 1578.617871] ? loop_set_status_old+0x250/0x250 [ 1578.618491] ? avc_ss_reset+0x180/0x180 [ 1578.619032] ? find_held_lock+0x2c/0x110 [ 1578.619598] ? __lock_acquire+0xbb1/0x5b00 [ 1578.620205] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1578.620924] ? generic_block_fiemap+0x60/0x60 [ 1578.621538] ? lock_downgrade+0x6d0/0x6d0 [ 1578.622102] ? build_open_flags+0x6f0/0x6f0 [ 1578.622695] ? loop_set_status_old+0x250/0x250 [ 1578.623322] blkdev_ioctl+0x291/0x710 [ 1578.623839] ? blkdev_common_ioctl+0x1930/0x1930 [ 1578.624490] ? selinux_file_ioctl+0xb6/0x270 [ 1578.625097] block_ioctl+0xf9/0x140 [ 1578.625593] ? blkdev_read_iter+0x1c0/0x1c0 [ 1578.626172] __x64_sys_ioctl+0x19a/0x210 [ 1578.626718] do_syscall_64+0x33/0x40 [ 1578.627223] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1578.627917] RIP: 0033:0x7fd972fd98d7 [ 1578.628419] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.630917] RSP: 002b:00007fd97054ef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1578.631948] RAX: ffffffffffffffda RBX: 00007fd973023970 RCX: 00007fd972fd98d7 [ 1578.632922] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1578.633887] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1578.634850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1578.635816] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 1578.641570] FAULT_INJECTION: forcing a failure. [ 1578.641570] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.643128] CPU: 0 PID: 9581 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 1578.644057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.645192] Call Trace: [ 1578.645548] dump_stack+0x107/0x167 [ 1578.646039] should_fail.cold+0x5/0xa [ 1578.646557] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1578.647325] should_failslab+0x5/0x20 [ 1578.647844] kmem_cache_alloc+0x5b/0x310 [ 1578.648397] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1578.649154] idr_get_free+0x4b5/0x8f0 [ 1578.649667] idr_alloc_u32+0x170/0x2d0 [ 1578.650193] ? __fprop_inc_percpu_max+0x130/0x130 [ 1578.650839] ? lock_acquire+0x197/0x470 [ 1578.651378] ? __kernfs_new_node+0xff/0x860 [ 1578.651963] idr_alloc_cyclic+0x102/0x230 [ 1578.652532] ? idr_alloc+0x130/0x130 [ 1578.653046] ? rwlock_bug.part.0+0x90/0x90 [ 1578.653626] __kernfs_new_node+0x117/0x860 [ 1578.654206] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1578.654833] ? kernfs_add_one+0x36e/0x4d0 [ 1578.655410] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1578.656074] ? wait_for_completion_io+0x270/0x270 [ 1578.656732] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1578.657441] kernfs_new_node+0x18d/0x250 [ 1578.658002] __kernfs_create_file+0x51/0x350 [ 1578.658587] sysfs_add_file_mode_ns+0x221/0x560 [ 1578.659217] internal_create_group+0x324/0xb30 [ 1578.659831] ? sysfs_remove_group+0x170/0x170 [ 1578.660437] ? lockdep_init_map_type+0x2c7/0x780 [ 1578.661096] ? blk_queue_flag_set+0x22/0x30 [ 1578.661661] ? __loop_update_dio+0x2d2/0x690 [ 1578.662259] loop_configure+0x958/0x1490 [ 1578.662815] lo_ioctl+0xa72/0x1760 [ 1578.663300] ? avc_has_extended_perms+0x7f1/0xf40 [ 1578.663944] ? loop_set_status_old+0x250/0x250 [ 1578.664555] ? avc_ss_reset+0x180/0x180 [ 1578.665094] ? find_held_lock+0x2c/0x110 [ 1578.665643] ? __lock_acquire+0xbb1/0x5b00 [ 1578.666234] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1578.666936] ? generic_block_fiemap+0x60/0x60 [ 1578.667536] ? lock_downgrade+0x6d0/0x6d0 [ 1578.668093] ? build_open_flags+0x6f0/0x6f0 [ 1578.668683] ? loop_set_status_old+0x250/0x250 [ 1578.669289] blkdev_ioctl+0x291/0x710 [ 1578.669797] ? blkdev_common_ioctl+0x1930/0x1930 [ 1578.670432] ? selinux_file_ioctl+0xb6/0x270 [ 1578.671021] block_ioctl+0xf9/0x140 [ 1578.671503] ? blkdev_read_iter+0x1c0/0x1c0 [ 1578.672072] __x64_sys_ioctl+0x19a/0x210 [ 1578.672611] do_syscall_64+0x33/0x40 [ 1578.673104] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1578.673787] RIP: 0033:0x7ff3729078d7 [ 1578.674281] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.676744] RSP: 002b:00007ff36fe7cf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1578.677759] RAX: ffffffffffffffda RBX: 00007ff372951970 RCX: 00007ff3729078d7 [ 1578.678708] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1578.679652] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1578.680602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1578.681552] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1578.707554] FAULT_INJECTION: forcing a failure. [ 1578.707554] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.709054] CPU: 0 PID: 9576 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1578.709955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.711051] Call Trace: [ 1578.711400] dump_stack+0x107/0x167 [ 1578.711882] should_fail.cold+0x5/0xa [ 1578.712384] ? __kernfs_new_node+0xd4/0x860 [ 1578.712952] should_failslab+0x5/0x20 [ 1578.713452] kmem_cache_alloc+0x5b/0x310 [ 1578.713996] __kernfs_new_node+0xd4/0x860 [ 1578.714542] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1578.715157] ? kernfs_add_one+0x36e/0x4d0 [ 1578.715702] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1578.716336] ? wait_for_completion_io+0x270/0x270 [ 1578.716992] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1578.717671] kernfs_new_node+0x18d/0x250 [ 1578.718211] __kernfs_create_file+0x51/0x350 [ 1578.718783] sysfs_add_file_mode_ns+0x221/0x560 [ 1578.719386] internal_create_group+0x324/0xb30 [ 1578.719987] ? sysfs_remove_group+0x170/0x170 [ 1578.720568] ? lockdep_init_map_type+0x2c7/0x780 [ 1578.721201] ? blk_queue_flag_set+0x22/0x30 [ 1578.721766] ? __loop_update_dio+0x2d2/0x690 [ 1578.722334] loop_configure+0x958/0x1490 [ 1578.722879] lo_ioctl+0xa72/0x1760 [ 1578.723346] ? avc_has_extended_perms+0x7f1/0xf40 [ 1578.723973] ? loop_set_status_old+0x250/0x250 [ 1578.724569] ? avc_ss_reset+0x180/0x180 [ 1578.725086] ? find_held_lock+0x2c/0x110 [ 1578.725619] ? __lock_acquire+0xbb1/0x5b00 [ 1578.726186] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1578.726868] ? generic_block_fiemap+0x60/0x60 [ 1578.727446] ? lock_downgrade+0x6d0/0x6d0 [ 1578.727981] ? build_open_flags+0x6f0/0x6f0 [ 1578.728544] ? loop_set_status_old+0x250/0x250 [ 1578.729136] blkdev_ioctl+0x291/0x710 [ 1578.729635] ? blkdev_common_ioctl+0x1930/0x1930 [ 1578.730243] ? selinux_file_ioctl+0xb6/0x270 [ 1578.730820] block_ioctl+0xf9/0x140 [ 1578.731294] ? blkdev_read_iter+0x1c0/0x1c0 [ 1578.731854] __x64_sys_ioctl+0x19a/0x210 [ 1578.732377] do_syscall_64+0x33/0x40 [ 1578.732864] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1578.733529] RIP: 0033:0x7f744e91d8d7 [ 1578.734016] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.736410] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1578.737405] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1578.738326] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1578.739249] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1578.740168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1578.741105] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:32:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x6, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 18) [ 1578.783129] isofs_fill_super: get root inode failed [ 1578.796776] FAULT_INJECTION: forcing a failure. [ 1578.796776] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.799204] CPU: 1 PID: 9589 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1578.800691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.802505] Call Trace: [ 1578.803086] dump_stack+0x107/0x167 [ 1578.803876] should_fail.cold+0x5/0xa [ 1578.804716] ? __kernfs_new_node+0xd4/0x860 [ 1578.805656] should_failslab+0x5/0x20 [ 1578.806489] kmem_cache_alloc+0x5b/0x310 [ 1578.807379] __kernfs_new_node+0xd4/0x860 [ 1578.808282] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1578.809317] ? kernfs_add_one+0x36e/0x4d0 [ 1578.810219] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1578.811264] ? wait_for_completion_io+0x270/0x270 [ 1578.812310] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1578.813451] kernfs_new_node+0x18d/0x250 [ 1578.814331] __kernfs_create_file+0x51/0x350 [ 1578.815283] sysfs_add_file_mode_ns+0x221/0x560 [ 1578.816295] internal_create_group+0x324/0xb30 [ 1578.817294] ? sysfs_remove_group+0x170/0x170 [ 1578.818264] ? lockdep_init_map_type+0x2c7/0x780 [ 1578.819297] ? blk_queue_flag_set+0x22/0x30 [ 1578.820228] ? __loop_update_dio+0x2d2/0x690 [ 1578.821186] loop_configure+0x958/0x1490 [ 1578.822077] lo_ioctl+0xa72/0x1760 [ 1578.822845] ? avc_has_extended_perms+0x7f1/0xf40 [ 1578.823887] ? loop_set_status_old+0x250/0x250 [ 1578.824887] ? avc_ss_reset+0x180/0x180 [ 1578.825750] ? find_held_lock+0x2c/0x110 [ 1578.826635] ? __lock_acquire+0xbb1/0x5b00 [ 1578.827591] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1578.828728] ? generic_block_fiemap+0x60/0x60 [ 1578.829693] ? lock_downgrade+0x6d0/0x6d0 [ 1578.830585] ? build_open_flags+0x6f0/0x6f0 [ 1578.831520] ? loop_set_status_old+0x250/0x250 [ 1578.832502] blkdev_ioctl+0x291/0x710 [ 1578.833329] ? blkdev_common_ioctl+0x1930/0x1930 [ 1578.834351] ? selinux_file_ioctl+0xb6/0x270 [ 1578.835304] block_ioctl+0xf9/0x140 [ 1578.836083] ? blkdev_read_iter+0x1c0/0x1c0 [ 1578.837019] __x64_sys_ioctl+0x19a/0x210 [ 1578.837894] do_syscall_64+0x33/0x40 [ 1578.838699] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1578.839803] RIP: 0033:0x7f3b3a6db8d7 [ 1578.840603] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.844582] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1578.846234] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1578.847769] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1578.849312] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1578.850853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1578.852390] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1578.866505] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1578.869218] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:32:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 35) 14:32:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 36) [ 1578.974994] FAULT_INJECTION: forcing a failure. [ 1578.974994] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.977380] CPU: 1 PID: 9607 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1578.978813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.980559] Call Trace: [ 1578.981127] dump_stack+0x107/0x167 14:32:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 36) 14:32:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 36) 14:32:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0xc, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1578.981906] should_fail.cold+0x5/0xa [ 1578.982876] should_failslab+0x5/0x20 [ 1578.983681] __kmalloc_track_caller+0x79/0x370 [ 1578.984635] ? v9fs_session_init+0xe9/0x1680 [ 1578.985568] ? kernel_text_address+0xf2/0x120 [ 1578.986517] kstrdup+0x36/0x70 [ 1578.987190] v9fs_session_init+0xe9/0x1680 [ 1578.988081] ? lock_release+0x680/0x680 [ 1578.988920] ? find_held_lock+0x2c/0x110 [ 1578.989774] ? kmem_cache_alloc_trace+0x151/0x320 [ 1578.990779] ? v9fs_show_options+0x690/0x690 [ 1578.991712] ? trace_hardirqs_on+0x5b/0x180 [ 1578.992610] ? kasan_unpoison_shadow+0x33/0x50 [ 1578.993786] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1578.995093] v9fs_mount+0x79/0x8f0 [ 1578.995839] ? v9fs_write_inode+0x60/0x60 [ 1578.996721] legacy_get_tree+0x105/0x220 [ 1578.997571] vfs_get_tree+0x8e/0x300 [ 1578.998353] path_mount+0x1429/0x2120 [ 1578.999151] ? strncpy_from_user+0x9e/0x470 [ 1579.000057] ? finish_automount+0xa90/0xa90 [ 1579.000964] ? getname_flags.part.0+0x1dd/0x4f0 [ 1579.001934] ? _copy_from_user+0xfb/0x1b0 [ 1579.002805] __x64_sys_mount+0x282/0x300 [ 1579.003653] ? copy_mnt_ns+0xa00/0xa00 [ 1579.004468] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1579.005573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.006650] do_syscall_64+0x33/0x40 [ 1579.007435] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1579.008502] RIP: 0033:0x7fb9df3c2b19 [ 1579.009291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.013110] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1579.014691] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1579.016181] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1579.017667] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1579.019141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.020626] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1579.069013] FAULT_INJECTION: forcing a failure. [ 1579.069013] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.070354] CPU: 0 PID: 9615 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1579.071131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.072068] Call Trace: [ 1579.072373] dump_stack+0x107/0x167 [ 1579.072798] should_fail.cold+0x5/0xa [ 1579.073235] ? create_object.isra.0+0x3a/0xa20 [ 1579.073756] should_failslab+0x5/0x20 [ 1579.074193] kmem_cache_alloc+0x5b/0x310 [ 1579.074657] create_object.isra.0+0x3a/0xa20 [ 1579.075156] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1579.075741] kmem_cache_alloc+0x159/0x310 [ 1579.076220] __kernfs_new_node+0xd4/0x860 [ 1579.076701] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1579.077236] ? kernfs_add_one+0x36e/0x4d0 [ 1579.077710] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1579.078259] ? wait_for_completion_io+0x270/0x270 [ 1579.078807] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1579.079403] kernfs_new_node+0x18d/0x250 [ 1579.079868] __kernfs_create_file+0x51/0x350 [ 1579.080369] sysfs_add_file_mode_ns+0x221/0x560 [ 1579.080914] internal_create_group+0x324/0xb30 [ 1579.081436] ? sysfs_remove_group+0x170/0x170 [ 1579.081958] ? lockdep_init_map_type+0x2c7/0x780 [ 1579.082504] ? blk_queue_flag_set+0x22/0x30 [ 1579.083000] ? __loop_update_dio+0x2d2/0x690 [ 1579.083504] loop_configure+0x958/0x1490 [ 1579.083969] lo_ioctl+0xa72/0x1760 [ 1579.084376] ? avc_has_extended_perms+0x7f1/0xf40 [ 1579.084935] ? loop_set_status_old+0x250/0x250 [ 1579.085457] ? avc_ss_reset+0x180/0x180 [ 1579.085909] ? find_held_lock+0x2c/0x110 [ 1579.086374] ? __lock_acquire+0xbb1/0x5b00 [ 1579.086879] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1579.087473] ? generic_block_fiemap+0x60/0x60 [ 1579.087980] ? lock_downgrade+0x6d0/0x6d0 [ 1579.088445] ? build_open_flags+0x6f0/0x6f0 [ 1579.088950] ? loop_set_status_old+0x250/0x250 [ 1579.089466] blkdev_ioctl+0x291/0x710 [ 1579.089895] ? blkdev_common_ioctl+0x1930/0x1930 [ 1579.090434] ? selinux_file_ioctl+0xb6/0x270 [ 1579.090941] block_ioctl+0xf9/0x140 [ 1579.091355] ? blkdev_read_iter+0x1c0/0x1c0 [ 1579.091845] __x64_sys_ioctl+0x19a/0x210 [ 1579.092309] do_syscall_64+0x33/0x40 [ 1579.092737] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1579.093317] RIP: 0033:0x7f3b3a6db8d7 [ 1579.093742] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.095849] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1579.096741] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1579.097685] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1579.098551] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1579.099358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1579.100170] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:32:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1579.142226] FAULT_INJECTION: forcing a failure. [ 1579.142226] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.144737] CPU: 1 PID: 9620 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1579.146179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.147934] Call Trace: [ 1579.148491] dump_stack+0x107/0x167 [ 1579.149267] should_fail.cold+0x5/0xa [ 1579.150081] ? create_object.isra.0+0x3a/0xa20 [ 1579.151047] should_failslab+0x5/0x20 [ 1579.151852] kmem_cache_alloc+0x5b/0x310 [ 1579.152719] create_object.isra.0+0x3a/0xa20 [ 1579.153647] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1579.154722] kmem_cache_alloc+0x159/0x310 [ 1579.155604] __kernfs_new_node+0xd4/0x860 [ 1579.156484] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1579.157480] ? kernfs_add_one+0x36e/0x4d0 [ 1579.158365] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1579.159378] ? wait_for_completion_io+0x270/0x270 [ 1579.160396] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1579.161504] kernfs_new_node+0x18d/0x250 [ 1579.162365] __kernfs_create_file+0x51/0x350 [ 1579.163288] sysfs_add_file_mode_ns+0x221/0x560 [ 1579.164291] internal_create_group+0x324/0xb30 [ 1579.165266] ? sysfs_remove_group+0x170/0x170 [ 1579.166220] ? lockdep_init_map_type+0x2c7/0x780 [ 1579.167231] ? blk_queue_flag_set+0x22/0x30 [ 1579.168141] ? __loop_update_dio+0x2d2/0x690 [ 1579.169079] loop_configure+0x958/0x1490 [ 1579.169949] lo_ioctl+0xa72/0x1760 [ 1579.170706] ? avc_has_extended_perms+0x7f1/0xf40 [ 1579.171723] ? loop_set_status_old+0x250/0x250 [ 1579.172702] ? avc_ss_reset+0x180/0x180 [ 1579.173552] ? find_held_lock+0x2c/0x110 [ 1579.174427] ? __lock_acquire+0xbb1/0x5b00 [ 1579.175368] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1579.176473] ? generic_block_fiemap+0x60/0x60 [ 1579.177409] ? lock_downgrade+0x6d0/0x6d0 [ 1579.178285] ? build_open_flags+0x6f0/0x6f0 [ 1579.179200] ? loop_set_status_old+0x250/0x250 [ 1579.180151] blkdev_ioctl+0x291/0x710 [ 1579.180960] ? blkdev_common_ioctl+0x1930/0x1930 [ 1579.181965] ? selinux_file_ioctl+0xb6/0x270 [ 1579.182899] block_ioctl+0xf9/0x140 [ 1579.183663] ? blkdev_read_iter+0x1c0/0x1c0 [ 1579.184572] __x64_sys_ioctl+0x19a/0x210 [ 1579.185447] do_syscall_64+0x33/0x40 [ 1579.186234] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1579.187321] RIP: 0033:0x7f744e91d8d7 [ 1579.188110] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.192008] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1579.193622] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1579.195135] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1579.196642] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1579.198534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1579.200144] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1579.270885] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:56 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 19) 14:32:56 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:32:56 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:32:56 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:32:56 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:32:56 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 37) 14:32:56 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 37) 14:32:56 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0xff, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1593.997721] FAULT_INJECTION: forcing a failure. [ 1593.997721] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.000355] CPU: 1 PID: 9639 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1594.001878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1594.003730] Call Trace: [ 1594.004317] dump_stack+0x107/0x167 [ 1594.005130] should_fail.cold+0x5/0xa [ 1594.005988] ? create_object.isra.0+0x3a/0xa20 [ 1594.007020] should_failslab+0x5/0x20 [ 1594.007871] kmem_cache_alloc+0x5b/0x310 [ 1594.008787] create_object.isra.0+0x3a/0xa20 [ 1594.009779] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1594.010915] __kmalloc_track_caller+0x177/0x370 [ 1594.011956] ? v9fs_session_init+0xe9/0x1680 [ 1594.012940] ? kernel_text_address+0xf2/0x120 [ 1594.013961] kstrdup+0x36/0x70 [ 1594.014689] v9fs_session_init+0xe9/0x1680 [ 1594.015651] ? lock_release+0x680/0x680 [ 1594.016537] ? find_held_lock+0x2c/0x110 [ 1594.017459] ? kmem_cache_alloc_trace+0x151/0x320 [ 1594.018533] ? v9fs_show_options+0x690/0x690 [ 1594.019526] ? trace_hardirqs_on+0x5b/0x180 [ 1594.020502] ? kasan_unpoison_shadow+0x33/0x50 [ 1594.021518] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1594.022651] v9fs_mount+0x79/0x8f0 [ 1594.023443] ? v9fs_write_inode+0x60/0x60 [ 1594.024367] legacy_get_tree+0x105/0x220 [ 1594.025274] vfs_get_tree+0x8e/0x300 [ 1594.026099] path_mount+0x1429/0x2120 [ 1594.026948] ? strncpy_from_user+0x9e/0x470 [ 1594.027897] ? finish_automount+0xa90/0xa90 [ 1594.028855] ? getname_flags.part.0+0x1dd/0x4f0 [ 1594.029898] ? _copy_from_user+0xfb/0x1b0 [ 1594.030818] __x64_sys_mount+0x282/0x300 [ 1594.031720] ? copy_mnt_ns+0xa00/0xa00 [ 1594.032578] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1594.033739] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1594.034874] do_syscall_64+0x33/0x40 [ 1594.035697] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1594.036826] RIP: 0033:0x7fb9df3c2b19 [ 1594.037664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1594.041749] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1594.043436] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1594.045003] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1594.046586] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1594.048201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1594.049801] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1594.092080] FAULT_INJECTION: forcing a failure. [ 1594.092080] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.094630] CPU: 1 PID: 9644 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1594.096116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1594.097928] Call Trace: [ 1594.098507] dump_stack+0x107/0x167 [ 1594.099316] should_fail.cold+0x5/0xa [ 1594.100160] ? __kernfs_new_node+0xd4/0x860 [ 1594.101102] should_failslab+0x5/0x20 [ 1594.101936] kmem_cache_alloc+0x5b/0x310 [ 1594.102829] __kernfs_new_node+0xd4/0x860 [ 1594.103738] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1594.104764] ? kernfs_add_one+0x36e/0x4d0 [ 1594.105684] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1594.106735] ? wait_for_completion_io+0x270/0x270 [ 1594.107786] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1594.108929] kernfs_new_node+0x18d/0x250 [ 1594.109824] __kernfs_create_file+0x51/0x350 [ 1594.110785] sysfs_add_file_mode_ns+0x221/0x560 [ 1594.111806] internal_create_group+0x324/0xb30 [ 1594.112804] ? sysfs_remove_group+0x170/0x170 [ 1594.113798] ? lockdep_init_map_type+0x2c7/0x780 [ 1594.114827] ? blk_queue_flag_set+0x22/0x30 [ 1594.115752] ? __loop_update_dio+0x2d2/0x690 [ 1594.116696] loop_configure+0x958/0x1490 [ 1594.117587] lo_ioctl+0xa72/0x1760 [ 1594.118363] ? avc_has_extended_perms+0x7f1/0xf40 [ 1594.119409] ? loop_set_status_old+0x250/0x250 [ 1594.120402] ? avc_ss_reset+0x180/0x180 [ 1594.121262] ? find_held_lock+0x2c/0x110 [ 1594.122141] ? __lock_acquire+0xbb1/0x5b00 [ 1594.123103] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1594.124238] ? generic_block_fiemap+0x60/0x60 [ 1594.125218] ? lock_downgrade+0x6d0/0x6d0 [ 1594.126097] ? build_open_flags+0x6f0/0x6f0 [ 1594.127028] ? loop_set_status_old+0x250/0x250 [ 1594.127999] blkdev_ioctl+0x291/0x710 [ 1594.128814] ? blkdev_common_ioctl+0x1930/0x1930 [ 1594.129835] ? selinux_file_ioctl+0xb6/0x270 [ 1594.130781] block_ioctl+0xf9/0x140 [ 1594.131554] ? blkdev_read_iter+0x1c0/0x1c0 [ 1594.132485] __x64_sys_ioctl+0x19a/0x210 [ 1594.133368] do_syscall_64+0x33/0x40 [ 1594.134166] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1594.135291] RIP: 0033:0x7f3b3a6db8d7 [ 1594.136086] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1594.140039] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1594.141640] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1594.143155] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1594.144665] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1594.146188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1594.147708] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1594.151663] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:56 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:57 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1594.261614] FAULT_INJECTION: forcing a failure. [ 1594.261614] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.264393] CPU: 1 PID: 9648 Comm: syz-executor.4 Not tainted 5.10.230 #1 [ 1594.265996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1594.267926] Call Trace: [ 1594.268534] dump_stack+0x107/0x167 [ 1594.269391] should_fail.cold+0x5/0xa [ 1594.270277] ? __kernfs_new_node+0xd4/0x860 [ 1594.271282] should_failslab+0x5/0x20 [ 1594.272168] kmem_cache_alloc+0x5b/0x310 [ 1594.273119] __kernfs_new_node+0xd4/0x860 [ 1594.274091] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1594.275191] ? kernfs_add_one+0x36e/0x4d0 [ 1594.276156] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1594.277282] ? wait_for_completion_io+0x270/0x270 [ 1594.278386] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1594.279601] kernfs_new_node+0x18d/0x250 [ 1594.280542] __kernfs_create_file+0x51/0x350 [ 1594.281556] sysfs_add_file_mode_ns+0x221/0x560 [ 1594.282651] internal_create_group+0x324/0xb30 [ 1594.283703] ? sysfs_remove_group+0x170/0x170 [ 1594.284740] ? lockdep_init_map_type+0x2c7/0x780 [ 1594.285838] ? blk_queue_flag_set+0x22/0x30 [ 1594.286827] ? __loop_update_dio+0x2d2/0x690 [ 1594.287840] loop_configure+0x958/0x1490 [ 1594.288801] lo_ioctl+0xa72/0x1760 [ 1594.289626] ? avc_has_extended_perms+0x7f1/0xf40 [ 1594.290751] ? loop_set_status_old+0x250/0x250 [ 1594.291800] ? avc_ss_reset+0x180/0x180 [ 1594.292706] ? find_held_lock+0x2c/0x110 [ 1594.293666] ? __lock_acquire+0xbb1/0x5b00 [ 1594.294684] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1594.295877] ? generic_block_fiemap+0x60/0x60 [ 1594.296900] ? lock_downgrade+0x6d0/0x6d0 [ 1594.297863] ? build_open_flags+0x6f0/0x6f0 [ 1594.298870] ? loop_set_status_old+0x250/0x250 [ 1594.299908] blkdev_ioctl+0x291/0x710 [ 1594.300775] ? blkdev_common_ioctl+0x1930/0x1930 [ 1594.301866] ? selinux_file_ioctl+0xb6/0x270 [ 1594.302871] block_ioctl+0xf9/0x140 [ 1594.303703] ? blkdev_read_iter+0x1c0/0x1c0 [ 1594.304683] __x64_sys_ioctl+0x19a/0x210 [ 1594.305628] do_syscall_64+0x33/0x40 [ 1594.306473] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1594.307649] RIP: 0033:0x7f744e91d8d7 [ 1594.308498] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1594.312631] RSP: 002b:00007f744be92f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1594.314343] RAX: ffffffffffffffda RBX: 00007f744e967970 RCX: 00007f744e91d8d7 [ 1594.315977] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1594.317604] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1594.319236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1594.320851] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 1594.502949] isofs_fill_super: get root inode failed [ 1594.518664] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:57 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 38) 14:32:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x2, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:57 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 20) [ 1594.579339] isofs_fill_super: root inode is not a directory. Corrupted media? 14:32:57 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 38) 14:32:57 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:32:57 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1594.637697] FAULT_INJECTION: forcing a failure. [ 1594.637697] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.639095] CPU: 0 PID: 9672 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1594.639896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1594.640869] Call Trace: [ 1594.641177] dump_stack+0x107/0x167 [ 1594.641603] should_fail.cold+0x5/0xa [ 1594.642050] ? p9_client_create+0xaf/0x1230 [ 1594.642563] should_failslab+0x5/0x20 [ 1594.643007] kmem_cache_alloc_trace+0x55/0x320 [ 1594.643554] ? find_held_lock+0x2c/0x110 [ 1594.644035] p9_client_create+0xaf/0x1230 [ 1594.644523] ? lock_downgrade+0x6d0/0x6d0 [ 1594.645011] ? p9_client_flush+0x430/0x430 [ 1594.645524] ? trace_hardirqs_on+0x5b/0x180 [ 1594.646026] ? lockdep_init_map_type+0x2c7/0x780 [ 1594.646575] ? __raw_spin_lock_init+0x36/0x110 [ 1594.647111] v9fs_session_init+0x1dd/0x1680 [ 1594.647628] ? lock_release+0x680/0x680 [ 1594.648093] ? kmem_cache_alloc_trace+0x151/0x320 [ 1594.648664] ? v9fs_show_options+0x690/0x690 [ 1594.649207] ? trace_hardirqs_on+0x5b/0x180 [ 1594.649720] ? kasan_unpoison_shadow+0x33/0x50 [ 1594.650254] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1594.650856] v9fs_mount+0x79/0x8f0 [ 1594.651278] ? v9fs_write_inode+0x60/0x60 [ 1594.651768] legacy_get_tree+0x105/0x220 [ 1594.652252] vfs_get_tree+0x8e/0x300 [ 1594.652692] path_mount+0x1429/0x2120 [ 1594.653142] ? strncpy_from_user+0x9e/0x470 [ 1594.653655] ? finish_automount+0xa90/0xa90 [ 1594.654164] ? getname_flags.part.0+0x1dd/0x4f0 [ 1594.654717] ? _copy_from_user+0xfb/0x1b0 [ 1594.655210] __x64_sys_mount+0x282/0x300 [ 1594.655691] ? copy_mnt_ns+0xa00/0xa00 [ 1594.656144] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1594.656775] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1594.657391] do_syscall_64+0x33/0x40 [ 1594.657828] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1594.658437] RIP: 0033:0x7fb9df3c2b19 [ 1594.658875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1594.661024] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1594.661939] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1594.662777] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1594.663613] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1594.664456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1594.665312] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1594.666459] FAULT_INJECTION: forcing a failure. [ 1594.666459] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.667886] CPU: 0 PID: 9671 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1594.668693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1594.669680] Call Trace: [ 1594.669988] dump_stack+0x107/0x167 [ 1594.670413] should_fail.cold+0x5/0xa [ 1594.670861] ? create_object.isra.0+0x3a/0xa20 [ 1594.671401] should_failslab+0x5/0x20 [ 1594.671842] kmem_cache_alloc+0x5b/0x310 [ 1594.672327] create_object.isra.0+0x3a/0xa20 [ 1594.672842] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1594.673458] kmem_cache_alloc+0x159/0x310 [ 1594.673959] __kernfs_new_node+0xd4/0x860 [ 1594.674452] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1594.675003] ? kernfs_add_one+0x36e/0x4d0 [ 1594.675504] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1594.676068] ? wait_for_completion_io+0x270/0x270 [ 1594.676648] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1594.677273] kernfs_new_node+0x18d/0x250 [ 1594.677748] __kernfs_create_file+0x51/0x350 [ 1594.678263] sysfs_add_file_mode_ns+0x221/0x560 [ 1594.678805] internal_create_group+0x324/0xb30 [ 1594.679339] ? sysfs_remove_group+0x170/0x170 [ 1594.679861] ? lockdep_init_map_type+0x2c7/0x780 [ 1594.680416] ? blk_queue_flag_set+0x22/0x30 [ 1594.680931] ? __loop_update_dio+0x2d2/0x690 [ 1594.681468] loop_configure+0x958/0x1490 [ 1594.681958] lo_ioctl+0xa72/0x1760 [ 1594.682387] ? avc_has_extended_perms+0x7f1/0xf40 [ 1594.682952] ? loop_set_status_old+0x250/0x250 [ 1594.683486] ? avc_ss_reset+0x180/0x180 [ 1594.683952] ? find_held_lock+0x2c/0x110 [ 1594.684432] ? __lock_acquire+0xbb1/0x5b00 [ 1594.684964] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1594.685588] ? generic_block_fiemap+0x60/0x60 [ 1594.686113] ? lock_downgrade+0x6d0/0x6d0 [ 1594.686599] ? build_open_flags+0x6f0/0x6f0 [ 1594.687120] ? loop_set_status_old+0x250/0x250 [ 1594.687656] blkdev_ioctl+0x291/0x710 [ 1594.688104] ? blkdev_common_ioctl+0x1930/0x1930 [ 1594.688659] ? selinux_file_ioctl+0xb6/0x270 [ 1594.689176] block_ioctl+0xf9/0x140 [ 1594.689616] ? blkdev_read_iter+0x1c0/0x1c0 [ 1594.690133] __x64_sys_ioctl+0x19a/0x210 [ 1594.690614] do_syscall_64+0x33/0x40 [ 1594.691064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1594.691661] RIP: 0033:0x7f3b3a6db8d7 [ 1594.692102] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1594.694280] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1594.695168] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1594.696019] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1594.696861] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1594.697718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1594.698556] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:32:57 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1594.749825] isofs_fill_super: get root inode failed 14:32:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x4, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:32:57 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1594.790449] isofs_fill_super: get root inode failed 14:32:57 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1594.845784] isofs_fill_super: get root inode failed [ 1594.900711] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1594.915727] isofs_fill_super: get root inode failed 14:33:11 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:11 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1609.064407] isofs_fill_super: get root inode failed 14:33:11 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:11 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x6, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:33:11 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 21) 14:33:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:33:11 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 39) [ 1609.087484] Zero length message leads to an empty skb [ 1609.093272] FAULT_INJECTION: forcing a failure. [ 1609.093272] name failslab, interval 1, probability 0, space 0, times 0 [ 1609.094619] CPU: 0 PID: 9717 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1609.095393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1609.096336] Call Trace: [ 1609.096644] dump_stack+0x107/0x167 [ 1609.097059] should_fail.cold+0x5/0xa [ 1609.097495] ? create_object.isra.0+0x3a/0xa20 [ 1609.098023] should_failslab+0x5/0x20 [ 1609.098461] kmem_cache_alloc+0x5b/0x310 [ 1609.098936] ? kernel_text_address+0xf2/0x120 [ 1609.099450] create_object.isra.0+0x3a/0xa20 [ 1609.099951] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1609.100530] kmem_cache_alloc_trace+0x151/0x320 [ 1609.101060] ? find_held_lock+0x2c/0x110 [ 1609.101528] p9_client_create+0xaf/0x1230 [ 1609.102009] ? lock_downgrade+0x6d0/0x6d0 [ 1609.102485] ? p9_client_flush+0x430/0x430 [ 1609.102971] ? trace_hardirqs_on+0x5b/0x180 [ 1609.103463] ? lockdep_init_map_type+0x2c7/0x780 [ 1609.104004] ? __raw_spin_lock_init+0x36/0x110 [ 1609.104527] v9fs_session_init+0x1dd/0x1680 [ 1609.105021] ? lock_release+0x680/0x680 [ 1609.105480] ? kmem_cache_alloc_trace+0x151/0x320 [ 1609.106036] ? v9fs_show_options+0x690/0x690 [ 1609.106540] ? trace_hardirqs_on+0x5b/0x180 [ 1609.107031] ? kasan_unpoison_shadow+0x33/0x50 [ 1609.107548] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1609.108135] v9fs_mount+0x79/0x8f0 [ 1609.108543] ? v9fs_write_inode+0x60/0x60 [ 1609.109016] legacy_get_tree+0x105/0x220 [ 1609.109481] vfs_get_tree+0x8e/0x300 [ 1609.109915] path_mount+0x1429/0x2120 [ 1609.110353] ? strncpy_from_user+0x9e/0x470 [ 1609.110849] ? finish_automount+0xa90/0xa90 [ 1609.111336] ? getname_flags.part.0+0x1dd/0x4f0 [ 1609.111866] ? _copy_from_user+0xfb/0x1b0 [ 1609.112339] __x64_sys_mount+0x282/0x300 [ 1609.112801] ? copy_mnt_ns+0xa00/0xa00 [ 1609.113245] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1609.113857] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1609.114445] do_syscall_64+0x33/0x40 [ 1609.114875] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1609.115457] RIP: 0033:0x7fb9df3c2b19 [ 1609.115882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1609.117985] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 14:33:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0xc, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1609.118974] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1609.119820] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1609.120654] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1609.121501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1609.122362] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1609.141549] FAULT_INJECTION: forcing a failure. [ 1609.141549] name failslab, interval 1, probability 0, space 0, times 0 [ 1609.144333] CPU: 1 PID: 9720 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1609.145872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1609.147716] Call Trace: [ 1609.148299] dump_stack+0x107/0x167 [ 1609.149103] should_fail.cold+0x5/0xa [ 1609.149978] ? __kernfs_new_node+0xd4/0x860 [ 1609.150943] should_failslab+0x5/0x20 [ 1609.151795] kmem_cache_alloc+0x5b/0x310 [ 1609.152715] __kernfs_new_node+0xd4/0x860 [ 1609.153649] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1609.154722] ? kernfs_add_one+0x36e/0x4d0 [ 1609.155664] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1609.156745] ? wait_for_completion_io+0x270/0x270 [ 1609.157831] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1609.159001] kernfs_new_node+0x18d/0x250 [ 1609.159912] __kernfs_create_file+0x51/0x350 [ 1609.160905] sysfs_add_file_mode_ns+0x221/0x560 [ 1609.161963] internal_create_group+0x324/0xb30 [ 1609.163002] ? sysfs_remove_group+0x170/0x170 [ 1609.164011] ? lockdep_init_map_type+0x2c7/0x780 [ 1609.165068] ? blk_queue_flag_set+0x22/0x30 [ 1609.166048] ? __loop_update_dio+0x2d2/0x690 [ 1609.167038] loop_configure+0x958/0x1490 [ 1609.167977] lo_ioctl+0xa72/0x1760 [ 1609.168776] ? avc_has_extended_perms+0x7f1/0xf40 [ 1609.169870] ? loop_set_status_old+0x250/0x250 [ 1609.170901] ? avc_ss_reset+0x180/0x180 [ 1609.171797] ? find_held_lock+0x2c/0x110 [ 1609.172720] ? __lock_acquire+0xbb1/0x5b00 [ 1609.173721] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1609.174863] ? generic_block_fiemap+0x60/0x60 [ 1609.175844] ? lock_downgrade+0x6d0/0x6d0 [ 1609.176770] ? build_open_flags+0x6f0/0x6f0 [ 1609.177751] ? loop_set_status_old+0x250/0x250 [ 1609.178773] blkdev_ioctl+0x291/0x710 [ 1609.179623] ? blkdev_common_ioctl+0x1930/0x1930 [ 1609.180683] ? selinux_file_ioctl+0xb6/0x270 [ 1609.181669] block_ioctl+0xf9/0x140 [ 1609.182491] ? blkdev_read_iter+0x1c0/0x1c0 [ 1609.183458] __x64_sys_ioctl+0x19a/0x210 [ 1609.184363] do_syscall_64+0x33/0x40 [ 1609.185194] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1609.186343] RIP: 0033:0x7f3b3a6db8d7 [ 1609.187178] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1609.191283] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1609.192986] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1609.194596] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1609.196190] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1609.197781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1609.199370] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1609.229515] isofs_fill_super: get root inode failed [ 1609.230900] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1609.234360] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1609.284318] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1609.296577] isofs_fill_super: root inode is not a directory. Corrupted media? 14:33:27 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:27 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 22) 14:33:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, 0x0, 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:33:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:27 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:33:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0xff, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:33:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 40) [ 1625.181091] FAULT_INJECTION: forcing a failure. [ 1625.181091] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.182634] CPU: 0 PID: 9749 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1625.183554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1625.184610] Call Trace: [ 1625.184951] dump_stack+0x107/0x167 [ 1625.185413] should_fail.cold+0x5/0xa [ 1625.185901] should_failslab+0x5/0x20 [ 1625.186401] __kmalloc_track_caller+0x79/0x370 [ 1625.186990] ? p9_client_create+0x41d/0x1230 [ 1625.187566] kstrdup+0x36/0x70 [ 1625.187975] p9_client_create+0x41d/0x1230 [ 1625.188518] ? lock_downgrade+0x6d0/0x6d0 [ 1625.189048] ? p9_client_flush+0x430/0x430 [ 1625.189595] ? trace_hardirqs_on+0x5b/0x180 [ 1625.190147] ? lockdep_init_map_type+0x2c7/0x780 [ 1625.190793] ? __raw_spin_lock_init+0x36/0x110 [ 1625.191389] v9fs_session_init+0x1dd/0x1680 [ 1625.191936] ? lock_release+0x680/0x680 [ 1625.192447] ? kmem_cache_alloc_trace+0x151/0x320 [ 1625.193060] ? v9fs_show_options+0x690/0x690 [ 1625.193623] ? trace_hardirqs_on+0x5b/0x180 [ 1625.194166] ? kasan_unpoison_shadow+0x33/0x50 [ 1625.194743] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1625.195386] v9fs_mount+0x79/0x8f0 [ 1625.195849] ? v9fs_write_inode+0x60/0x60 [ 1625.196404] legacy_get_tree+0x105/0x220 [ 1625.196926] vfs_get_tree+0x8e/0x300 [ 1625.197400] path_mount+0x1429/0x2120 [ 1625.197887] ? strncpy_from_user+0x9e/0x470 [ 1625.198452] ? finish_automount+0xa90/0xa90 [ 1625.198994] ? getname_flags.part.0+0x1dd/0x4f0 [ 1625.199583] ? _copy_from_user+0xfb/0x1b0 [ 1625.200118] __x64_sys_mount+0x282/0x300 [ 1625.200632] ? copy_mnt_ns+0xa00/0xa00 [ 1625.201126] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1625.201828] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1625.202491] do_syscall_64+0x33/0x40 [ 1625.202961] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1625.203608] RIP: 0033:0x7fb9df3c2b19 [ 1625.204109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.206433] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1625.207394] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1625.208299] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1625.209258] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1625.210161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1625.211114] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1625.232263] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1625.241299] FAULT_INJECTION: forcing a failure. [ 1625.241299] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.242730] CPU: 0 PID: 9763 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1625.243569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1625.244631] Call Trace: [ 1625.244965] dump_stack+0x107/0x167 [ 1625.245420] should_fail.cold+0x5/0xa [ 1625.245900] ? create_object.isra.0+0x3a/0xa20 [ 1625.246478] should_failslab+0x5/0x20 [ 1625.246951] kmem_cache_alloc+0x5b/0x310 [ 1625.247455] create_object.isra.0+0x3a/0xa20 [ 1625.248003] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1625.248637] kmem_cache_alloc+0x159/0x310 [ 1625.249160] __kernfs_new_node+0xd4/0x860 [ 1625.249712] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1625.250310] ? kernfs_add_one+0x36e/0x4d0 [ 1625.250833] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1625.251436] ? wait_for_completion_io+0x270/0x270 [ 1625.252034] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1625.252687] kernfs_new_node+0x18d/0x250 [ 1625.253197] __kernfs_create_file+0x51/0x350 [ 1625.253754] sysfs_add_file_mode_ns+0x221/0x560 [ 1625.254348] internal_create_group+0x324/0xb30 [ 1625.254914] ? sysfs_remove_group+0x170/0x170 [ 1625.255475] ? lockdep_init_map_type+0x2c7/0x780 [ 1625.256069] ? blk_queue_flag_set+0x22/0x30 [ 1625.256611] ? __loop_update_dio+0x2d2/0x690 [ 1625.257155] loop_configure+0x958/0x1490 [ 1625.257666] lo_ioctl+0xa72/0x1760 [ 1625.258104] ? avc_has_extended_perms+0x7f1/0xf40 [ 1625.258712] ? loop_set_status_old+0x250/0x250 [ 1625.259300] ? avc_ss_reset+0x180/0x180 [ 1625.259802] ? find_held_lock+0x2c/0x110 [ 1625.260311] ? __lock_acquire+0xbb1/0x5b00 [ 1625.260860] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1625.261507] ? generic_block_fiemap+0x60/0x60 [ 1625.262057] ? lock_downgrade+0x6d0/0x6d0 [ 1625.262582] ? build_open_flags+0x6f0/0x6f0 [ 1625.263116] ? loop_set_status_old+0x250/0x250 [ 1625.263683] blkdev_ioctl+0x291/0x710 [ 1625.264158] ? blkdev_common_ioctl+0x1930/0x1930 [ 1625.264742] ? selinux_file_ioctl+0xb6/0x270 [ 1625.265288] block_ioctl+0xf9/0x140 [ 1625.265735] ? blkdev_read_iter+0x1c0/0x1c0 [ 1625.266315] __x64_sys_ioctl+0x19a/0x210 [ 1625.266818] do_syscall_64+0x33/0x40 [ 1625.267273] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1625.267907] RIP: 0033:0x7f3b3a6db8d7 [ 1625.268390] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.270646] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1625.271589] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1625.272475] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1625.273355] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1625.274244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1625.275119] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:33:28 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 23) 14:33:28 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1625.282173] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1625.283521] isofs_fill_super: get root inode failed 14:33:28 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 41) [ 1625.344374] isofs_fill_super: get root inode failed [ 1625.354002] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1625.362142] FAULT_INJECTION: forcing a failure. [ 1625.362142] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.364497] CPU: 1 PID: 9777 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1625.365917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1625.367630] Call Trace: [ 1625.368182] dump_stack+0x107/0x167 [ 1625.368931] should_fail.cold+0x5/0xa [ 1625.369713] ? create_object.isra.0+0x3a/0xa20 [ 1625.370661] should_failslab+0x5/0x20 [ 1625.371448] kmem_cache_alloc+0x5b/0x310 [ 1625.372273] ? lock_downgrade+0x6d0/0x6d0 [ 1625.373121] create_object.isra.0+0x3a/0xa20 [ 1625.374020] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1625.375074] __kmalloc_track_caller+0x177/0x370 [ 1625.376036] ? p9_client_create+0x41d/0x1230 [ 1625.376946] kstrdup+0x36/0x70 [ 1625.377605] p9_client_create+0x41d/0x1230 [ 1625.378524] ? lock_downgrade+0x6d0/0x6d0 [ 1625.379373] ? p9_client_flush+0x430/0x430 [ 1625.380234] ? trace_hardirqs_on+0x5b/0x180 [ 1625.381106] ? lockdep_init_map_type+0x2c7/0x780 [ 1625.382074] ? __raw_spin_lock_init+0x36/0x110 [ 1625.383017] v9fs_session_init+0x1dd/0x1680 [ 1625.383916] ? lock_release+0x680/0x680 [ 1625.384737] ? kmem_cache_alloc_trace+0x151/0x320 [ 1625.385866] ? v9fs_show_options+0x690/0x690 [ 1625.386928] ? trace_hardirqs_on+0x5b/0x180 [ 1625.387938] ? kasan_unpoison_shadow+0x33/0x50 [ 1625.389002] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1625.390212] v9fs_mount+0x79/0x8f0 [ 1625.391065] ? v9fs_write_inode+0x60/0x60 [ 1625.392034] legacy_get_tree+0x105/0x220 [ 1625.392982] vfs_get_tree+0x8e/0x300 [ 1625.393852] path_mount+0x1429/0x2120 [ 1625.394761] ? strncpy_from_user+0x9e/0x470 [ 1625.395768] ? finish_automount+0xa90/0xa90 [ 1625.396788] ? getname_flags.part.0+0x1dd/0x4f0 [ 1625.397894] ? _copy_from_user+0xfb/0x1b0 [ 1625.398903] __x64_sys_mount+0x282/0x300 [ 1625.399856] ? copy_mnt_ns+0xa00/0xa00 [ 1625.400774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1625.402001] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1625.403227] do_syscall_64+0x33/0x40 [ 1625.404100] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1625.405305] RIP: 0033:0x7fb9df3c2b19 [ 1625.406177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.410493] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1625.412282] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1625.413942] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1625.415620] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1625.417298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1625.418966] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:33:28 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1625.429469] isofs_fill_super: root inode is not a directory. Corrupted media? 14:33:28 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x2, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:33:28 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1625.457406] FAULT_INJECTION: forcing a failure. [ 1625.457406] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.460073] CPU: 1 PID: 9781 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1625.461647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1625.463558] Call Trace: [ 1625.464172] dump_stack+0x107/0x167 [ 1625.465015] should_fail.cold+0x5/0xa [ 1625.465895] ? __kernfs_new_node+0xd4/0x860 [ 1625.466898] should_failslab+0x5/0x20 [ 1625.467768] kmem_cache_alloc+0x5b/0x310 [ 1625.468712] __kernfs_new_node+0xd4/0x860 [ 1625.469674] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1625.470760] ? kernfs_add_one+0x36e/0x4d0 [ 1625.471722] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1625.472837] ? wait_for_completion_io+0x270/0x270 [ 1625.473944] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1625.475164] kernfs_new_node+0x18d/0x250 [ 1625.476108] __kernfs_create_file+0x51/0x350 [ 1625.477123] sysfs_add_file_mode_ns+0x221/0x560 [ 1625.478199] internal_create_group+0x324/0xb30 [ 1625.479262] ? sysfs_remove_group+0x170/0x170 [ 1625.480285] ? lockdep_init_map_type+0x2c7/0x780 [ 1625.481366] ? blk_queue_flag_set+0x22/0x30 [ 1625.482357] ? __loop_update_dio+0x2d2/0x690 [ 1625.483363] loop_configure+0x958/0x1490 [ 1625.484304] lo_ioctl+0xa72/0x1760 [ 1625.485117] ? avc_has_extended_perms+0x7f1/0xf40 [ 1625.486216] ? loop_set_status_old+0x250/0x250 [ 1625.487266] ? avc_ss_reset+0x180/0x180 [ 1625.488173] ? find_held_lock+0x2c/0x110 [ 1625.489110] ? __lock_acquire+0xbb1/0x5b00 [ 1625.490124] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1625.491327] ? generic_block_fiemap+0x60/0x60 [ 1625.492349] ? lock_downgrade+0x6d0/0x6d0 [ 1625.493283] ? build_open_flags+0x6f0/0x6f0 [ 1625.494272] ? loop_set_status_old+0x250/0x250 [ 1625.495300] blkdev_ioctl+0x291/0x710 [ 1625.496158] ? blkdev_common_ioctl+0x1930/0x1930 [ 1625.497228] ? selinux_file_ioctl+0xb6/0x270 [ 1625.498224] block_ioctl+0xf9/0x140 [ 1625.499063] ? blkdev_read_iter+0x1c0/0x1c0 [ 1625.500040] __x64_sys_ioctl+0x19a/0x210 [ 1625.500956] do_syscall_64+0x33/0x40 [ 1625.501793] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1625.502950] RIP: 0033:0x7f3b3a6db8d7 [ 1625.503787] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.507915] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1625.509623] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1625.511228] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1625.512826] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1625.514433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1625.516033] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:33:28 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:28 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 24) 14:33:28 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1625.672473] FAULT_INJECTION: forcing a failure. [ 1625.672473] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.675086] CPU: 1 PID: 9793 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1625.676613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1625.678475] Call Trace: [ 1625.679064] dump_stack+0x107/0x167 [ 1625.679877] should_fail.cold+0x5/0xa [ 1625.680732] should_failslab+0x5/0x20 [ 1625.681598] __kmalloc_track_caller+0x79/0x370 [ 1625.682624] ? p9_client_create+0x41d/0x1230 [ 1625.683610] kstrdup+0x36/0x70 [ 1625.684333] p9_client_create+0x41d/0x1230 [ 1625.685273] ? lock_downgrade+0x6d0/0x6d0 [ 1625.686212] ? p9_client_flush+0x430/0x430 [ 1625.687164] ? trace_hardirqs_on+0x5b/0x180 [ 1625.688132] ? lockdep_init_map_type+0x2c7/0x780 [ 1625.689183] ? __raw_spin_lock_init+0x36/0x110 [ 1625.690203] v9fs_session_init+0x1dd/0x1680 [ 1625.691226] ? lock_release+0x680/0x680 [ 1625.692125] ? kmem_cache_alloc_trace+0x151/0x320 [ 1625.693245] ? v9fs_show_options+0x690/0x690 [ 1625.694230] ? trace_hardirqs_on+0x5b/0x180 [ 1625.695256] ? kasan_unpoison_shadow+0x33/0x50 [ 1625.696264] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1625.697477] v9fs_mount+0x79/0x8f0 [ 1625.698282] ? v9fs_write_inode+0x60/0x60 [ 1625.699250] legacy_get_tree+0x105/0x220 [ 1625.700158] vfs_get_tree+0x8e/0x300 [ 1625.701028] path_mount+0x1429/0x2120 [ 1625.701880] ? strncpy_from_user+0x9e/0x470 [ 1625.702903] ? finish_automount+0xa90/0xa90 [ 1625.703863] ? getname_flags.part.0+0x1dd/0x4f0 [ 1625.704918] ? _copy_from_user+0xfb/0x1b0 [ 1625.705842] __x64_sys_mount+0x282/0x300 [ 1625.706773] ? copy_mnt_ns+0xa00/0xa00 [ 1625.707657] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1625.708816] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1625.710027] do_syscall_64+0x33/0x40 [ 1625.710939] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1625.712335] RIP: 0033:0x7fb9df3c2b19 [ 1625.713189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.717311] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1625.719024] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1625.720634] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1625.722235] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1625.723838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1625.725435] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1625.750263] isofs_fill_super: get root inode failed [ 1625.789629] isofs_fill_super: get root inode failed 14:33:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, 0x0, 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:33:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:33:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x4, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:33:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 42) 14:33:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 25) 14:33:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1638.272722] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1638.280361] isofs_fill_super: get root inode failed [ 1638.282147] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9820 comm=syz-executor.7 [ 1638.284391] FAULT_INJECTION: forcing a failure. [ 1638.284391] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.286425] CPU: 0 PID: 9825 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1638.287214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1638.288156] Call Trace: [ 1638.288462] dump_stack+0x107/0x167 [ 1638.288876] should_fail.cold+0x5/0xa [ 1638.289293] ? create_object.isra.0+0x3a/0xa20 [ 1638.289818] should_failslab+0x5/0x20 [ 1638.290251] kmem_cache_alloc+0x5b/0x310 [ 1638.290697] create_object.isra.0+0x3a/0xa20 [ 1638.291191] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1638.291740] __kmalloc_track_caller+0x177/0x370 [ 1638.292266] ? p9_client_create+0x51e/0x1230 [ 1638.292745] kmemdup_nul+0x2d/0xa0 [ 1638.293145] p9_client_create+0x51e/0x1230 [ 1638.293628] ? p9_client_flush+0x430/0x430 [ 1638.294109] ? trace_hardirqs_on+0x5b/0x180 [ 1638.294598] ? lockdep_init_map_type+0x2c7/0x780 [ 1638.295147] ? __raw_spin_lock_init+0x36/0x110 [ 1638.295641] v9fs_session_init+0x1dd/0x1680 [ 1638.296127] ? lock_release+0x680/0x680 [ 1638.296562] ? kmem_cache_alloc_trace+0x151/0x320 [ 1638.297108] ? v9fs_show_options+0x690/0x690 [ 1638.297588] ? trace_hardirqs_on+0x5b/0x180 [ 1638.298078] ? kasan_unpoison_shadow+0x33/0x50 [ 1638.298567] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1638.299156] v9fs_mount+0x79/0x8f0 [ 1638.299539] ? v9fs_write_inode+0x60/0x60 [ 1638.300011] legacy_get_tree+0x105/0x220 [ 1638.300471] vfs_get_tree+0x8e/0x300 [ 1638.300890] path_mount+0x1429/0x2120 [ 1638.301305] ? strncpy_from_user+0x9e/0x470 [ 1638.301791] ? finish_automount+0xa90/0xa90 [ 1638.302257] ? getname_flags.part.0+0x1dd/0x4f0 [ 1638.302791] ? _copy_from_user+0xfb/0x1b0 [ 1638.303263] __x64_sys_mount+0x282/0x300 [ 1638.303719] ? copy_mnt_ns+0xa00/0xa00 [ 1638.304139] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1638.304730] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1638.305306] do_syscall_64+0x33/0x40 [ 1638.305712] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1638.306290] RIP: 0033:0x7fb9df3c2b19 [ 1638.306719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.308792] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1638.309611] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1638.310418] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1638.311198] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1638.312006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1638.312780] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1638.315642] FAULT_INJECTION: forcing a failure. [ 1638.315642] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.316872] CPU: 0 PID: 9817 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1638.317601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1638.318488] Call Trace: [ 1638.318797] dump_stack+0x107/0x167 [ 1638.319189] should_fail.cold+0x5/0xa [ 1638.319602] ? create_object.isra.0+0x3a/0xa20 [ 1638.320102] should_failslab+0x5/0x20 [ 1638.320507] kmem_cache_alloc+0x5b/0x310 [ 1638.320944] create_object.isra.0+0x3a/0xa20 [ 1638.321412] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1638.321964] kmem_cache_alloc+0x159/0x310 [ 1638.322417] __kernfs_new_node+0xd4/0x860 [ 1638.322870] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1638.323405] ? kernfs_add_one+0x36e/0x4d0 [ 1638.323858] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1638.324404] ? wait_for_completion_io+0x270/0x270 [ 1638.324928] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1638.325525] kernfs_new_node+0x18d/0x250 [ 1638.325968] __kernfs_create_file+0x51/0x350 [ 1638.326472] sysfs_add_file_mode_ns+0x221/0x560 [ 1638.326989] internal_create_group+0x324/0xb30 [ 1638.327511] ? sysfs_remove_group+0x170/0x170 [ 1638.327999] ? lockdep_init_map_type+0x2c7/0x780 [ 1638.328542] ? blk_queue_flag_set+0x22/0x30 [ 1638.329015] ? __loop_update_dio+0x2d2/0x690 [ 1638.329514] loop_configure+0x958/0x1490 [ 1638.329961] lo_ioctl+0xa72/0x1760 [ 1638.330367] ? avc_has_extended_perms+0x7f1/0xf40 [ 1638.330893] ? loop_set_status_old+0x250/0x250 [ 1638.331413] ? avc_ss_reset+0x180/0x180 [ 1638.331842] ? find_held_lock+0x2c/0x110 [ 1638.332310] ? __lock_acquire+0xbb1/0x5b00 [ 1638.332798] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1638.333393] ? generic_block_fiemap+0x60/0x60 [ 1638.333872] ? lock_downgrade+0x6d0/0x6d0 [ 1638.334342] ? build_open_flags+0x6f0/0x6f0 [ 1638.334816] ? loop_set_status_old+0x250/0x250 [ 1638.335336] blkdev_ioctl+0x291/0x710 [ 1638.335744] ? blkdev_common_ioctl+0x1930/0x1930 [ 1638.336283] ? selinux_file_ioctl+0xb6/0x270 [ 1638.336757] block_ioctl+0xf9/0x140 [ 1638.337170] ? blkdev_read_iter+0x1c0/0x1c0 [ 1638.337633] __x64_sys_ioctl+0x19a/0x210 [ 1638.338094] do_syscall_64+0x33/0x40 [ 1638.338494] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1638.339083] RIP: 0033:0x7f3b3a6db8d7 [ 1638.339485] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.341566] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1638.342385] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1638.343153] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1638.343917] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1638.344679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1638.345442] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1638.371255] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1638.403352] isofs_fill_super: root inode is not a directory. Corrupted media? 14:33:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x6, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:33:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:33:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 43) 14:33:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 26) 14:33:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xc, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1638.544949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9846 comm=syz-executor.7 [ 1638.563913] FAULT_INJECTION: forcing a failure. [ 1638.563913] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.565193] CPU: 0 PID: 9852 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1638.565966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1638.566858] Call Trace: [ 1638.567167] dump_stack+0x107/0x167 [ 1638.567581] should_fail.cold+0x5/0xa [ 1638.568016] should_failslab+0x5/0x20 [ 1638.568449] __kmalloc_track_caller+0x79/0x370 [ 1638.568968] ? parse_opts.part.0+0x8e/0x340 [ 1638.569465] kstrdup+0x36/0x70 [ 1638.569831] parse_opts.part.0+0x8e/0x340 [ 1638.570287] ? p9_fd_show_options+0x1c0/0x1c0 [ 1638.570811] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1638.571403] ? quarantine_put+0x8b/0x1a0 [ 1638.571862] ? trace_hardirqs_on+0x5b/0x180 [ 1638.572326] ? kfree+0xd7/0x340 [ 1638.572703] p9_fd_create+0x98/0x4a0 [ 1638.573112] ? p9_conn_create+0x510/0x510 [ 1638.573583] ? p9_client_create+0x798/0x1230 [ 1638.574054] ? kfree+0xd7/0x340 [ 1638.574431] ? do_raw_spin_unlock+0x4f/0x220 [ 1638.574914] p9_client_create+0x7ff/0x1230 [ 1638.575368] ? p9_client_flush+0x430/0x430 [ 1638.575819] ? trace_hardirqs_on+0x5b/0x180 [ 1638.576279] ? lockdep_init_map_type+0x2c7/0x780 [ 1638.576786] ? __raw_spin_lock_init+0x36/0x110 [ 1638.577279] v9fs_session_init+0x1dd/0x1680 [ 1638.577740] ? lock_release+0x680/0x680 [ 1638.578169] ? kmem_cache_alloc_trace+0x151/0x320 [ 1638.578690] ? v9fs_show_options+0x690/0x690 [ 1638.579162] ? trace_hardirqs_on+0x5b/0x180 [ 1638.579651] ? kasan_unpoison_shadow+0x33/0x50 [ 1638.580139] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1638.580683] v9fs_mount+0x79/0x8f0 [ 1638.581063] ? v9fs_write_inode+0x60/0x60 [ 1638.581515] legacy_get_tree+0x105/0x220 [ 1638.581948] vfs_get_tree+0x8e/0x300 [ 1638.582345] path_mount+0x1429/0x2120 [ 1638.582762] ? strncpy_from_user+0x9e/0x470 [ 1638.583220] ? finish_automount+0xa90/0xa90 [ 1638.583680] ? getname_flags.part.0+0x1dd/0x4f0 [ 1638.584176] ? _copy_from_user+0xfb/0x1b0 [ 1638.584622] __x64_sys_mount+0x282/0x300 [ 1638.585053] ? copy_mnt_ns+0xa00/0xa00 [ 1638.585470] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1638.586028] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1638.586611] do_syscall_64+0x33/0x40 [ 1638.587020] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1638.587565] RIP: 0033:0x7fb9df3c2b19 [ 1638.587963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.589919] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1638.590736] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1638.591495] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1638.592254] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1638.593013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1638.593772] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1638.594573] 9pnet: Insufficient options for proto=fd [ 1638.599084] FAULT_INJECTION: forcing a failure. [ 1638.599084] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.600285] CPU: 0 PID: 9858 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1638.601019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1638.601904] Call Trace: [ 1638.602187] dump_stack+0x107/0x167 [ 1638.602576] should_fail.cold+0x5/0xa [ 1638.602991] ? kobject_uevent_env+0x22b/0xfd0 [ 1638.603472] ? dev_uevent_filter+0xd0/0xd0 [ 1638.603924] should_failslab+0x5/0x20 [ 1638.604335] kmem_cache_alloc_trace+0x55/0x320 [ 1638.604825] ? loop_configure+0xad6/0x1490 [ 1638.605278] ? dev_uevent_filter+0xd0/0xd0 [ 1638.605727] kobject_uevent_env+0x22b/0xfd0 [ 1638.606195] loop_configure+0x1170/0x1490 [ 1638.606649] lo_ioctl+0xa72/0x1760 [ 1638.607038] ? avc_has_extended_perms+0x7f1/0xf40 [ 1638.607554] ? loop_set_status_old+0x250/0x250 [ 1638.608042] ? avc_ss_reset+0x180/0x180 [ 1638.608469] ? find_held_lock+0x2c/0x110 [ 1638.608909] ? __lock_acquire+0xbb1/0x5b00 [ 1638.609386] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1638.609946] ? generic_block_fiemap+0x60/0x60 [ 1638.610451] ? lock_downgrade+0x6d0/0x6d0 [ 1638.610932] ? build_open_flags+0x6f0/0x6f0 [ 1638.611396] ? loop_set_status_old+0x250/0x250 [ 1638.611883] blkdev_ioctl+0x291/0x710 [ 1638.612289] ? blkdev_common_ioctl+0x1930/0x1930 [ 1638.612793] ? selinux_file_ioctl+0xb6/0x270 [ 1638.613265] block_ioctl+0xf9/0x140 [ 1638.613651] ? blkdev_read_iter+0x1c0/0x1c0 [ 1638.614109] __x64_sys_ioctl+0x19a/0x210 [ 1638.614542] do_syscall_64+0x33/0x40 [ 1638.614946] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1638.615491] RIP: 0033:0x7f3b3a6db8d7 [ 1638.615887] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.617838] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1638.618647] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1638.619410] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1638.620170] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1638.620927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1638.621685] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:33:56 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 27) 14:33:56 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x18, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:56 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, 0x0, 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:33:56 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:56 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x600, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:33:56 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:33:56 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:56 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 44) [ 1653.710275] FAULT_INJECTION: forcing a failure. [ 1653.710275] name failslab, interval 1, probability 0, space 0, times 0 [ 1653.711850] CPU: 0 PID: 9868 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1653.712810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1653.713980] Call Trace: [ 1653.714363] dump_stack+0x107/0x167 [ 1653.714618] FAULT_INJECTION: forcing a failure. [ 1653.714618] name failslab, interval 1, probability 0, space 0, times 0 [ 1653.714884] should_fail.cold+0x5/0xa [ 1653.714908] ? create_object.isra.0+0x3a/0xa20 [ 1653.714934] should_failslab+0x5/0x20 [ 1653.719145] kmem_cache_alloc+0x5b/0x310 [ 1653.719716] ? legacy_get_tree+0x105/0x220 [ 1653.720297] ? vfs_get_tree+0x8e/0x300 [ 1653.720835] create_object.isra.0+0x3a/0xa20 [ 1653.721437] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1653.722141] __kmalloc_track_caller+0x177/0x370 [ 1653.722782] ? parse_opts.part.0+0x8e/0x340 [ 1653.723387] kstrdup+0x36/0x70 [ 1653.723831] parse_opts.part.0+0x8e/0x340 [ 1653.724402] ? p9_fd_show_options+0x1c0/0x1c0 [ 1653.725025] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1653.725742] ? quarantine_put+0x8b/0x1a0 [ 1653.726302] ? trace_hardirqs_on+0x5b/0x180 [ 1653.726895] ? kfree+0xd7/0x340 [ 1653.727361] p9_fd_create+0x98/0x4a0 [ 1653.727874] ? p9_conn_create+0x510/0x510 [ 1653.728442] ? p9_client_create+0x798/0x1230 [ 1653.729045] ? kfree+0xd7/0x340 [ 1653.729496] ? do_raw_spin_unlock+0x4f/0x220 [ 1653.730105] p9_client_create+0x7ff/0x1230 [ 1653.730690] ? p9_client_flush+0x430/0x430 [ 1653.731278] ? trace_hardirqs_on+0x5b/0x180 [ 1653.731871] ? lockdep_init_map_type+0x2c7/0x780 [ 1653.732523] ? __raw_spin_lock_init+0x36/0x110 [ 1653.733155] v9fs_session_init+0x1dd/0x1680 [ 1653.733746] ? lock_release+0x680/0x680 [ 1653.734298] ? kmem_cache_alloc_trace+0x151/0x320 [ 1653.734958] ? v9fs_show_options+0x690/0x690 [ 1653.735574] ? trace_hardirqs_on+0x5b/0x180 [ 1653.736167] ? kasan_unpoison_shadow+0x33/0x50 [ 1653.736791] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1653.737492] v9fs_mount+0x79/0x8f0 [ 1653.737984] ? v9fs_write_inode+0x60/0x60 [ 1653.738553] legacy_get_tree+0x105/0x220 [ 1653.739113] vfs_get_tree+0x8e/0x300 [ 1653.739650] path_mount+0x1429/0x2120 [ 1653.740178] ? strncpy_from_user+0x9e/0x470 [ 1653.740771] ? finish_automount+0xa90/0xa90 [ 1653.741364] ? getname_flags.part.0+0x1dd/0x4f0 [ 1653.742000] ? _copy_from_user+0xfb/0x1b0 [ 1653.742570] __x64_sys_mount+0x282/0x300 [ 1653.743123] ? copy_mnt_ns+0xa00/0xa00 [ 1653.743649] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1653.744350] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1653.745031] do_syscall_64+0x33/0x40 [ 1653.745521] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1653.746201] RIP: 0033:0x7fb9df3c2b19 [ 1653.746692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1653.749133] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1653.750144] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1653.751089] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1653.752065] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1653.753014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1653.753959] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1653.754930] CPU: 1 PID: 9882 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1653.756499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1653.758356] Call Trace: [ 1653.758952] dump_stack+0x107/0x167 [ 1653.759065] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1653.759773] should_fail.cold+0x5/0xa [ 1653.761557] ? create_object.isra.0+0x3a/0xa20 [ 1653.762581] should_failslab+0x5/0x20 [ 1653.763367] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9878 comm=syz-executor.7 [ 1653.763446] kmem_cache_alloc+0x5b/0x310 [ 1653.765864] create_object.isra.0+0x3a/0xa20 [ 1653.766838] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1653.767983] kmem_cache_alloc_trace+0x151/0x320 [ 1653.769031] ? dev_uevent_filter+0xd0/0xd0 [ 1653.769971] kobject_uevent_env+0x22b/0xfd0 [ 1653.770946] loop_configure+0x1170/0x1490 [ 1653.771888] lo_ioctl+0xa72/0x1760 [ 1653.772683] ? avc_has_extended_perms+0x7f1/0xf40 [ 1653.773763] ? loop_set_status_old+0x250/0x250 [ 1653.774784] ? avc_ss_reset+0x180/0x180 [ 1653.775684] ? find_held_lock+0x2c/0x110 [ 1653.776602] ? __lock_acquire+0xbb1/0x5b00 [ 1653.777593] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1653.778757] ? generic_block_fiemap+0x60/0x60 [ 1653.779757] ? lock_downgrade+0x6d0/0x6d0 [ 1653.780678] ? build_open_flags+0x6f0/0x6f0 [ 1653.781645] ? loop_set_status_old+0x250/0x250 [ 1653.782660] blkdev_ioctl+0x291/0x710 [ 1653.783520] ? blkdev_common_ioctl+0x1930/0x1930 [ 1653.784576] ? selinux_file_ioctl+0xb6/0x270 [ 1653.785558] block_ioctl+0xf9/0x140 [ 1653.786366] ? blkdev_read_iter+0x1c0/0x1c0 [ 1653.787335] __x64_sys_ioctl+0x19a/0x210 [ 1653.788242] do_syscall_64+0x33/0x40 [ 1653.789071] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1653.790208] RIP: 0033:0x7f3b3a6db8d7 [ 1653.791036] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1653.795144] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1653.796853] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1653.798447] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1653.800100] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1653.801808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1653.803420] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1653.812129] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1653.823377] isofs_fill_super: get root inode failed 14:33:56 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:33:56 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xc00, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1653.869792] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1653.872111] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1653.907320] isofs_fill_super: get root inode failed 14:33:56 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:56 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1c, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:56 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 45) [ 1653.977557] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1653.986053] FAULT_INJECTION: forcing a failure. [ 1653.986053] name failslab, interval 1, probability 0, space 0, times 0 [ 1653.988469] CPU: 1 PID: 9905 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1653.989916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1653.991681] Call Trace: [ 1653.992243] dump_stack+0x107/0x167 [ 1653.993016] should_fail.cold+0x5/0xa [ 1653.993835] ? __kernfs_new_node+0xd4/0x860 [ 1653.994754] should_failslab+0x5/0x20 [ 1653.995572] kmem_cache_alloc+0x5b/0x310 [ 1653.996446] __kernfs_new_node+0xd4/0x860 [ 1653.997337] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1653.998339] ? kernfs_add_one+0x36e/0x4d0 [ 1653.999241] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1654.000276] ? wait_for_completion_io+0x270/0x270 [ 1654.001309] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1654.002420] kernfs_new_node+0x18d/0x250 [ 1654.003315] __kernfs_create_file+0x51/0x350 [ 1654.004266] sysfs_add_file_mode_ns+0x221/0x560 [ 1654.005261] internal_create_group+0x324/0xb30 [ 1654.006249] ? sysfs_remove_group+0x170/0x170 [ 1654.007226] ? lockdep_init_map_type+0x2c7/0x780 [ 1654.008248] ? blk_queue_flag_set+0x22/0x30 [ 1654.009174] ? __loop_update_dio+0x2d2/0x690 [ 1654.010126] loop_configure+0x958/0x1490 [ 1654.011025] lo_ioctl+0xa72/0x1760 [ 1654.011795] ? avc_has_extended_perms+0x7f1/0xf40 [ 1654.012843] ? loop_set_status_old+0x250/0x250 [ 1654.013838] ? avc_ss_reset+0x180/0x180 [ 1654.014701] ? find_held_lock+0x2c/0x110 [ 1654.015612] ? __lock_acquire+0xbb1/0x5b00 [ 1654.016553] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1654.017690] ? generic_block_fiemap+0x60/0x60 [ 1654.018657] ? lock_downgrade+0x6d0/0x6d0 [ 1654.019564] ? build_open_flags+0x6f0/0x6f0 [ 1654.020503] ? loop_set_status_old+0x250/0x250 [ 1654.021495] blkdev_ioctl+0x291/0x710 [ 1654.022297] ? blkdev_common_ioctl+0x1930/0x1930 [ 1654.023343] ? selinux_file_ioctl+0xb6/0x270 [ 1654.024312] block_ioctl+0xf9/0x140 [ 1654.025106] ? blkdev_read_iter+0x1c0/0x1c0 [ 1654.026047] __x64_sys_ioctl+0x19a/0x210 [ 1654.026933] do_syscall_64+0x33/0x40 [ 1654.027755] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1654.028875] RIP: 0033:0x7f3b3a6db8d7 [ 1654.029691] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1654.033745] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1654.035430] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1654.037002] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1654.038595] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1654.040179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1654.041750] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:33:56 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:33:56 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1654.137072] isofs_fill_super: get root inode failed 14:33:56 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x4000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1654.169559] isofs_fill_super: root inode is not a directory. Corrupted media? 14:33:56 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 28) [ 1654.193645] isofs_fill_super: get root inode failed [ 1654.206941] isofs_fill_super: root inode is not a directory. Corrupted media? 14:33:57 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1654.254723] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1654.281569] FAULT_INJECTION: forcing a failure. [ 1654.281569] name failslab, interval 1, probability 0, space 0, times 0 [ 1654.282896] CPU: 0 PID: 9925 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1654.283668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1654.284607] Call Trace: [ 1654.284921] dump_stack+0x107/0x167 [ 1654.285342] should_fail.cold+0x5/0xa [ 1654.285789] should_failslab+0x5/0x20 [ 1654.286236] __kmalloc_track_caller+0x79/0x370 [ 1654.286769] ? match_number+0xaf/0x1d0 [ 1654.287319] kmemdup_nul+0x2d/0xa0 [ 1654.287733] match_number+0xaf/0x1d0 [ 1654.288164] ? match_u64+0x190/0x190 [ 1654.288594] ? __kmalloc_track_caller+0x2c6/0x370 [ 1654.289153] ? memcpy+0x39/0x60 [ 1654.289540] parse_opts.part.0+0x1f3/0x340 [ 1654.290031] ? p9_fd_show_options+0x1c0/0x1c0 [ 1654.290555] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1654.291166] ? trace_hardirqs_on+0x5b/0x180 [ 1654.291675] ? kfree+0xd7/0x340 [ 1654.292062] p9_fd_create+0x98/0x4a0 [ 1654.292491] ? p9_conn_create+0x510/0x510 [ 1654.292972] ? p9_client_create+0x798/0x1230 [ 1654.292984] ? kfree+0xd7/0x340 [ 1654.292992] ? do_raw_spin_unlock+0x4f/0x220 [ 1654.293006] p9_client_create+0x7ff/0x1230 [ 1654.293036] ? p9_client_flush+0x430/0x430 [ 1654.295849] ? trace_hardirqs_on+0x5b/0x180 [ 1654.296350] ? lockdep_init_map_type+0x2c7/0x780 [ 1654.296900] ? __raw_spin_lock_init+0x36/0x110 [ 1654.297430] v9fs_session_init+0x1dd/0x1680 [ 1654.297932] ? lock_release+0x680/0x680 [ 1654.298395] ? kmem_cache_alloc_trace+0x151/0x320 [ 1654.298950] ? v9fs_show_options+0x690/0x690 [ 1654.299472] ? trace_hardirqs_on+0x5b/0x180 [ 1654.299971] ? kasan_unpoison_shadow+0x33/0x50 [ 1654.300503] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1654.301101] v9fs_mount+0x79/0x8f0 [ 1654.301516] ? v9fs_write_inode+0x60/0x60 [ 1654.302004] legacy_get_tree+0x105/0x220 [ 1654.302476] vfs_get_tree+0x8e/0x300 [ 1654.302909] path_mount+0x1429/0x2120 [ 1654.303363] ? strncpy_from_user+0x9e/0x470 [ 1654.303860] ? finish_automount+0xa90/0xa90 [ 1654.304362] ? getname_flags.part.0+0x1dd/0x4f0 [ 1654.304902] ? _copy_from_user+0xfb/0x1b0 [ 1654.305384] __x64_sys_mount+0x282/0x300 [ 1654.305853] ? copy_mnt_ns+0xa00/0xa00 [ 1654.306307] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1654.306916] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1654.307519] do_syscall_64+0x33/0x40 [ 1654.307950] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1654.308544] RIP: 0033:0x7fb9df3c2b19 [ 1654.308977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1654.311122] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1654.312017] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1654.312846] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1654.313679] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1654.314509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1654.315350] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1654.316702] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1654.410059] 9pnet: Insufficient options for proto=fd 14:34:11 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 46) 14:34:11 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x65, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:11 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x80000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:34:11 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:34:11 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 29) 14:34:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:34:11 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1668.397877] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1668.404504] FAULT_INJECTION: forcing a failure. [ 1668.404504] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.406057] CPU: 1 PID: 9960 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1668.406909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.407966] Call Trace: [ 1668.408295] dump_stack+0x107/0x167 [ 1668.408754] should_fail.cold+0x5/0xa [ 1668.409246] ? create_object.isra.0+0x3a/0xa20 [ 1668.409822] should_failslab+0x5/0x20 [ 1668.410305] kmem_cache_alloc+0x5b/0x310 [ 1668.410821] create_object.isra.0+0x3a/0xa20 [ 1668.411384] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.412043] __kmalloc_track_caller+0x177/0x370 [ 1668.412633] ? match_number+0xaf/0x1d0 [ 1668.413136] kmemdup_nul+0x2d/0xa0 [ 1668.413579] match_number+0xaf/0x1d0 [ 1668.414043] ? match_u64+0x190/0x190 [ 1668.414500] ? __kmalloc_track_caller+0x2c6/0x370 [ 1668.415111] ? memcpy+0x39/0x60 [ 1668.415523] parse_opts.part.0+0x1f3/0x340 [ 1668.416070] ? p9_fd_show_options+0x1c0/0x1c0 [ 1668.416628] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1668.417292] ? trace_hardirqs_on+0x5b/0x180 [ 1668.417834] ? kfree+0xd7/0x340 [ 1668.418252] p9_fd_create+0x98/0x4a0 [ 1668.418722] ? p9_conn_create+0x510/0x510 [ 1668.419238] ? p9_client_create+0x798/0x1230 [ 1668.419802] ? kfree+0xd7/0x340 [ 1668.420222] ? do_raw_spin_unlock+0x4f/0x220 [ 1668.420770] p9_client_create+0x7ff/0x1230 [ 1668.421298] ? p9_client_flush+0x430/0x430 [ 1668.421815] ? trace_hardirqs_on+0x5b/0x180 [ 1668.422339] ? lockdep_init_map_type+0x2c7/0x780 [ 1668.422926] ? __raw_spin_lock_init+0x36/0x110 [ 1668.423517] v9fs_session_init+0x1dd/0x1680 [ 1668.424086] ? lock_release+0x680/0x680 [ 1668.424585] ? kmem_cache_alloc_trace+0x151/0x320 [ 1668.425200] ? v9fs_show_options+0x690/0x690 [ 1668.425747] ? trace_hardirqs_on+0x5b/0x180 [ 1668.426279] ? kasan_unpoison_shadow+0x33/0x50 [ 1668.426840] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.427461] v9fs_mount+0x79/0x8f0 [ 1668.427912] ? v9fs_write_inode+0x60/0x60 [ 1668.428426] legacy_get_tree+0x105/0x220 [ 1668.428928] vfs_get_tree+0x8e/0x300 [ 1668.429381] path_mount+0x1429/0x2120 [ 1668.429851] ? strncpy_from_user+0x9e/0x470 [ 1668.430389] ? finish_automount+0xa90/0xa90 [ 1668.430919] ? getname_flags.part.0+0x1dd/0x4f0 [ 1668.431497] ? _copy_from_user+0xfb/0x1b0 [ 1668.432046] __x64_sys_mount+0x282/0x300 [ 1668.432551] ? copy_mnt_ns+0xa00/0xa00 [ 1668.433050] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1668.433704] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1668.434349] do_syscall_64+0x33/0x40 [ 1668.434808] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1668.435452] RIP: 0033:0x7fb9df3c2b19 [ 1668.435917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.438211] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1668.439178] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1668.440071] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1668.440974] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1668.441862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1668.442756] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1668.461096] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1668.469865] FAULT_INJECTION: forcing a failure. [ 1668.469865] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.471339] CPU: 1 PID: 9956 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1668.472186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.473205] Call Trace: [ 1668.473528] dump_stack+0x107/0x167 [ 1668.473972] should_fail.cold+0x5/0xa [ 1668.474440] ? create_object.isra.0+0x3a/0xa20 [ 1668.475007] should_failslab+0x5/0x20 [ 1668.475476] kmem_cache_alloc+0x5b/0x310 [ 1668.475980] ? kmem_cache_alloc_trace+0x151/0x320 [ 1668.476564] create_object.isra.0+0x3a/0xa20 [ 1668.477107] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.477725] __kmalloc+0x16e/0x390 [ 1668.478170] kobject_get_path+0xc5/0x1f0 [ 1668.478674] kobject_uevent_env+0x251/0xfd0 [ 1668.479217] loop_configure+0x1170/0x1490 [ 1668.479747] lo_ioctl+0xa72/0x1760 [ 1668.480185] ? avc_has_extended_perms+0x7f1/0xf40 [ 1668.480778] ? loop_set_status_old+0x250/0x250 [ 1668.481347] ? avc_ss_reset+0x180/0x180 [ 1668.481834] ? find_held_lock+0x2c/0x110 [ 1668.482337] ? __lock_acquire+0xbb1/0x5b00 [ 1668.482876] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1668.483524] ? generic_block_fiemap+0x60/0x60 [ 1668.484079] ? lock_downgrade+0x6d0/0x6d0 [ 1668.484577] ? build_open_flags+0x6f0/0x6f0 [ 1668.485099] ? loop_set_status_old+0x250/0x250 [ 1668.485654] blkdev_ioctl+0x291/0x710 [ 1668.486121] ? blkdev_common_ioctl+0x1930/0x1930 [ 1668.486706] ? selinux_file_ioctl+0xb6/0x270 [ 1668.487234] block_ioctl+0xf9/0x140 [ 1668.487665] ? blkdev_read_iter+0x1c0/0x1c0 [ 1668.488187] __x64_sys_ioctl+0x19a/0x210 [ 1668.488668] do_syscall_64+0x33/0x40 [ 1668.489115] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1668.489728] RIP: 0033:0x7f3b3a6db8d7 [ 1668.490174] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.492372] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1668.493273] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1668.494124] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1668.494983] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1668.495842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1668.496701] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:34:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x400000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1668.556995] isofs_fill_super: get root inode failed [ 1668.583154] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1668.604192] isofs_fill_super: root inode is not a directory. Corrupted media? 14:34:11 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1668.670369] isofs_fill_super: get root inode failed 14:34:11 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1668.725059] isofs_fill_super: root inode is not a directory. Corrupted media? 14:34:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x80ffff, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:34:11 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:11 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 47) 14:34:11 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 30) 14:34:11 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1668.755570] FAULT_INJECTION: forcing a failure. [ 1668.755570] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.758239] CPU: 0 PID: 9985 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1668.759744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.761552] Call Trace: [ 1668.762140] dump_stack+0x107/0x167 [ 1668.762937] should_fail.cold+0x5/0xa [ 1668.763789] ? create_object.isra.0+0x3a/0xa20 [ 1668.764795] should_failslab+0x5/0x20 [ 1668.765641] kmem_cache_alloc+0x5b/0x310 [ 1668.766532] create_object.isra.0+0x3a/0xa20 [ 1668.767502] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.768654] __kmalloc_track_caller+0x177/0x370 [ 1668.769692] ? match_number+0xaf/0x1d0 [ 1668.770552] kmemdup_nul+0x2d/0xa0 [ 1668.771362] match_number+0xaf/0x1d0 14:34:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x1000000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1668.772307] ? match_u64+0x190/0x190 [ 1668.773233] ? __kmalloc_track_caller+0x2c6/0x370 [ 1668.774289] ? memcpy+0x39/0x60 [ 1668.775029] parse_opts.part.0+0x1f3/0x340 [ 1668.775998] ? p9_fd_show_options+0x1c0/0x1c0 [ 1668.776988] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1668.778162] ? trace_hardirqs_on+0x5b/0x180 [ 1668.779135] ? kfree+0xd7/0x340 [ 1668.779896] p9_fd_create+0x98/0x4a0 [ 1668.780735] ? p9_conn_create+0x510/0x510 [ 1668.781661] ? p9_client_create+0x798/0x1230 [ 1668.782654] ? kfree+0xd7/0x340 [ 1668.783391] ? do_raw_spin_unlock+0x4f/0x220 [ 1668.784393] p9_client_create+0x7ff/0x1230 [ 1668.785351] ? p9_client_flush+0x430/0x430 [ 1668.786300] ? trace_hardirqs_on+0x5b/0x180 [ 1668.787271] ? lockdep_init_map_type+0x2c7/0x780 [ 1668.788343] ? __raw_spin_lock_init+0x36/0x110 [ 1668.789376] v9fs_session_init+0x1dd/0x1680 [ 1668.790347] ? lock_release+0x680/0x680 [ 1668.791252] ? kmem_cache_alloc_trace+0x151/0x320 [ 1668.792341] ? v9fs_show_options+0x690/0x690 [ 1668.793342] ? trace_hardirqs_on+0x5b/0x180 [ 1668.794312] ? kasan_unpoison_shadow+0x33/0x50 [ 1668.795339] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.796499] v9fs_mount+0x79/0x8f0 [ 1668.797304] ? v9fs_write_inode+0x60/0x60 [ 1668.798240] legacy_get_tree+0x105/0x220 [ 1668.799162] vfs_get_tree+0x8e/0x300 [ 1668.800005] path_mount+0x1429/0x2120 [ 1668.800869] ? strncpy_from_user+0x9e/0x470 [ 1668.801843] ? finish_automount+0xa90/0xa90 [ 1668.802818] ? getname_flags.part.0+0x1dd/0x4f0 [ 1668.803868] ? _copy_from_user+0xfb/0x1b0 [ 1668.804812] __x64_sys_mount+0x282/0x300 [ 1668.805727] ? copy_mnt_ns+0xa00/0xa00 [ 1668.806608] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1668.807800] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1668.808964] do_syscall_64+0x33/0x40 [ 1668.809800] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1668.810957] RIP: 0033:0x7fb9df3c2b19 [ 1668.811802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.815970] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1668.817671] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1668.819262] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1668.820860] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1668.822454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1668.824061] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1668.826943] FAULT_INJECTION: forcing a failure. [ 1668.826943] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.828256] CPU: 1 PID: 9983 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1668.829036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.829979] Call Trace: [ 1668.830280] dump_stack+0x107/0x167 [ 1668.830699] should_fail.cold+0x5/0xa [ 1668.831136] ? kobject_get_path+0xc5/0x1f0 [ 1668.831622] should_failslab+0x5/0x20 [ 1668.832071] __kmalloc+0x72/0x390 [ 1668.832461] ? trace_hardirqs_on+0x5b/0x180 [ 1668.832959] kobject_get_path+0xc5/0x1f0 [ 1668.833428] kobject_uevent_env+0x251/0xfd0 [ 1668.833932] loop_configure+0x1170/0x1490 [ 1668.834410] lo_ioctl+0xa72/0x1760 [ 1668.834818] ? avc_has_extended_perms+0x7f1/0xf40 [ 1668.835373] ? loop_set_status_old+0x250/0x250 [ 1668.835909] ? avc_ss_reset+0x180/0x180 [ 1668.836362] ? find_held_lock+0x2c/0x110 [ 1668.836833] ? __lock_acquire+0xbb1/0x5b00 [ 1668.837339] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1668.837946] ? generic_block_fiemap+0x60/0x60 [ 1668.838457] ? lock_downgrade+0x6d0/0x6d0 [ 1668.838928] ? build_open_flags+0x6f0/0x6f0 [ 1668.839446] ? loop_set_status_old+0x250/0x250 [ 1668.839982] blkdev_ioctl+0x291/0x710 [ 1668.840414] ? blkdev_common_ioctl+0x1930/0x1930 [ 1668.840958] ? selinux_file_ioctl+0xb6/0x270 [ 1668.841463] block_ioctl+0xf9/0x140 [ 1668.841879] ? blkdev_read_iter+0x1c0/0x1c0 [ 1668.842372] __x64_sys_ioctl+0x19a/0x210 [ 1668.842835] do_syscall_64+0x33/0x40 [ 1668.843259] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1668.843843] RIP: 0033:0x7f3b3a6db8d7 [ 1668.844264] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.846310] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1668.847154] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1668.847952] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1668.848746] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1668.849538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1668.850330] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1668.852191] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1668.916301] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1668.929599] isofs_fill_super: get root inode failed [ 1668.967921] isofs_fill_super: get root inode failed 14:34:26 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x2000000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:34:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:34:26 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:26 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:26 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 48) 14:34:26 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x480, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:26 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 31) 14:34:26 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1683.811096] FAULT_INJECTION: forcing a failure. [ 1683.811096] name failslab, interval 1, probability 0, space 0, times 0 [ 1683.813335] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1683.813645] CPU: 0 PID: 10018 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1683.816965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1683.818802] Call Trace: [ 1683.819404] dump_stack+0x107/0x167 [ 1683.820230] should_fail.cold+0x5/0xa [ 1683.821104] should_failslab+0x5/0x20 [ 1683.821969] __kmalloc_track_caller+0x79/0x370 [ 1683.822997] ? match_number+0xaf/0x1d0 [ 1683.823876] ? kfree+0xd7/0x340 [ 1683.824648] kmemdup_nul+0x2d/0xa0 [ 1683.825586] match_number+0xaf/0x1d0 [ 1683.826473] ? match_u64+0x190/0x190 [ 1683.827311] ? __kmalloc_track_caller+0x2c6/0x370 [ 1683.828630] ? memcpy+0x39/0x60 [ 1683.829507] parse_opts.part.0+0x1f3/0x340 [ 1683.830505] ? p9_fd_show_options+0x1c0/0x1c0 [ 1683.831618] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1683.832813] ? trace_hardirqs_on+0x5b/0x180 [ 1683.833794] ? kfree+0xd7/0x340 [ 1683.834558] p9_fd_create+0x98/0x4a0 [ 1683.835390] ? p9_conn_create+0x510/0x510 [ 1683.836346] ? p9_client_create+0x798/0x1230 [ 1683.837353] ? kfree+0xd7/0x340 [ 1683.838088] ? do_raw_spin_unlock+0x4f/0x220 [ 1683.839099] p9_client_create+0x7ff/0x1230 [ 1683.840078] ? p9_client_flush+0x430/0x430 [ 1683.841056] ? trace_hardirqs_on+0x5b/0x180 [ 1683.842050] ? lockdep_init_map_type+0x2c7/0x780 [ 1683.843142] ? __raw_spin_lock_init+0x36/0x110 [ 1683.844218] v9fs_session_init+0x1dd/0x1680 [ 1683.845223] ? lock_release+0x680/0x680 [ 1683.846254] ? kmem_cache_alloc_trace+0x151/0x320 [ 1683.847349] ? v9fs_show_options+0x690/0x690 [ 1683.848554] ? trace_hardirqs_on+0x5b/0x180 [ 1683.849597] ? kasan_unpoison_shadow+0x33/0x50 [ 1683.850650] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1683.851843] v9fs_mount+0x79/0x8f0 [ 1683.852696] ? v9fs_write_inode+0x60/0x60 [ 1683.853834] legacy_get_tree+0x105/0x220 [ 1683.854782] vfs_get_tree+0x8e/0x300 [ 1683.855649] path_mount+0x1429/0x2120 [ 1683.856536] ? strncpy_from_user+0x9e/0x470 [ 1683.857416] ? finish_automount+0xa90/0xa90 [ 1683.858290] ? getname_flags.part.0+0x1dd/0x4f0 [ 1683.859227] ? _copy_from_user+0xfb/0x1b0 [ 1683.860083] __x64_sys_mount+0x282/0x300 [ 1683.860951] ? copy_mnt_ns+0xa00/0xa00 [ 1683.861755] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1683.862861] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1683.863906] do_syscall_64+0x33/0x40 [ 1683.864690] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1683.865731] RIP: 0033:0x7fb9df3c2b19 [ 1683.866500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1683.870448] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1683.872151] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1683.873610] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1683.875049] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1683.876528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1683.877998] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1683.879630] 9pnet: Insufficient options for proto=fd [ 1683.886274] FAULT_INJECTION: forcing a failure. [ 1683.886274] name failslab, interval 1, probability 0, space 0, times 0 [ 1683.889282] CPU: 1 PID: 10022 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1683.890746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1683.892502] Call Trace: [ 1683.893059] dump_stack+0x107/0x167 [ 1683.893819] should_fail.cold+0x5/0xa [ 1683.894644] ? create_object.isra.0+0x3a/0xa20 [ 1683.895612] should_failslab+0x5/0x20 [ 1683.896422] kmem_cache_alloc+0x5b/0x310 [ 1683.897279] create_object.isra.0+0x3a/0xa20 [ 1683.898194] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1683.899274] kmem_cache_alloc_node+0x169/0x330 [ 1683.900243] __alloc_skb+0x6d/0x5b0 [ 1683.901015] alloc_uevent_skb+0x7b/0x210 [ 1683.901885] kobject_uevent_env+0x99a/0xfd0 [ 1683.902824] loop_configure+0x1170/0x1490 [ 1683.903703] lo_ioctl+0xa72/0x1760 [ 1683.904472] ? avc_has_extended_perms+0x7f1/0xf40 [ 1683.905499] ? loop_set_status_old+0x250/0x250 [ 1683.906461] ? avc_ss_reset+0x180/0x180 [ 1683.907297] ? find_held_lock+0x2c/0x110 [ 1683.908161] ? __lock_acquire+0xbb1/0x5b00 [ 1683.909097] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1683.910194] ? generic_block_fiemap+0x60/0x60 [ 1683.911126] ? lock_downgrade+0x6d0/0x6d0 [ 1683.911991] ? build_open_flags+0x6f0/0x6f0 [ 1683.912906] ? loop_set_status_old+0x250/0x250 [ 1683.913870] blkdev_ioctl+0x291/0x710 [ 1683.914664] ? blkdev_common_ioctl+0x1930/0x1930 [ 1683.915665] ? selinux_file_ioctl+0xb6/0x270 [ 1683.916605] block_ioctl+0xf9/0x140 [ 1683.917368] ? blkdev_read_iter+0x1c0/0x1c0 [ 1683.918272] __x64_sys_ioctl+0x19a/0x210 [ 1683.919122] do_syscall_64+0x33/0x40 [ 1683.919901] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1683.920971] RIP: 0033:0x7f3b3a6db8d7 [ 1683.921730] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1683.925560] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1683.927162] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1683.928660] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1683.930133] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1683.931622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1683.933122] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:34:26 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 32) [ 1683.995682] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1684.001302] isofs_fill_super: get root inode failed 14:34:26 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 49) 14:34:26 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1684.062738] isofs_fill_super: get root inode failed [ 1684.088537] FAULT_INJECTION: forcing a failure. [ 1684.088537] name failslab, interval 1, probability 0, space 0, times 0 [ 1684.091370] CPU: 1 PID: 10039 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1684.093024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1684.094990] Call Trace: [ 1684.095610] dump_stack+0x107/0x167 [ 1684.096477] should_fail.cold+0x5/0xa [ 1684.097385] ? p9_fd_create+0x161/0x4a0 [ 1684.098323] should_failslab+0x5/0x20 [ 1684.099215] kmem_cache_alloc_trace+0x55/0x320 [ 1684.100305] p9_fd_create+0x161/0x4a0 [ 1684.101199] ? p9_conn_create+0x510/0x510 [ 1684.102176] ? p9_client_create+0x798/0x1230 [ 1684.103204] ? kfree+0xd7/0x340 14:34:26 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1684.103976] ? do_raw_spin_unlock+0x4f/0x220 [ 1684.105211] p9_client_create+0x7ff/0x1230 [ 1684.106221] ? p9_client_flush+0x430/0x430 [ 1684.107213] ? trace_hardirqs_on+0x5b/0x180 [ 1684.108258] ? lockdep_init_map_type+0x2c7/0x780 [ 1684.109376] ? __raw_spin_lock_init+0x36/0x110 [ 1684.110454] v9fs_session_init+0x1dd/0x1680 [ 1684.111455] ? lock_release+0x680/0x680 [ 1684.112408] ? kmem_cache_alloc_trace+0x151/0x320 [ 1684.113555] ? v9fs_show_options+0x690/0x690 [ 1684.114610] ? trace_hardirqs_on+0x5b/0x180 [ 1684.115619] ? kasan_unpoison_shadow+0x33/0x50 [ 1684.116691] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1684.117880] v9fs_mount+0x79/0x8f0 [ 1684.118709] ? v9fs_write_inode+0x60/0x60 [ 1684.119671] legacy_get_tree+0x105/0x220 [ 1684.120633] vfs_get_tree+0x8e/0x300 [ 1684.121504] path_mount+0x1429/0x2120 [ 1684.122396] ? strncpy_from_user+0x9e/0x470 [ 1684.123403] ? finish_automount+0xa90/0xa90 [ 1684.124421] ? getname_flags.part.0+0x1dd/0x4f0 [ 1684.125497] ? _copy_from_user+0xfb/0x1b0 [ 1684.126480] __x64_sys_mount+0x282/0x300 [ 1684.127425] ? copy_mnt_ns+0xa00/0xa00 [ 1684.128341] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1684.129556] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1684.130756] do_syscall_64+0x33/0x40 [ 1684.131627] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1684.132858] RIP: 0033:0x7fb9df3c2b19 [ 1684.133720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1684.138033] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1684.139780] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1684.141411] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1684.143057] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1684.144719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1684.146396] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1684.168133] isofs_fill_super: root inode is not a directory. Corrupted media? 14:34:26 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x4000000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1684.213157] FAULT_INJECTION: forcing a failure. [ 1684.213157] name failslab, interval 1, probability 0, space 0, times 0 [ 1684.215463] CPU: 0 PID: 10046 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1684.216873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1684.218700] Call Trace: [ 1684.219242] dump_stack+0x107/0x167 [ 1684.219992] should_fail.cold+0x5/0xa [ 1684.220828] should_failslab+0x5/0x20 [ 1684.221609] __kmalloc_node_track_caller+0x74/0x3b0 [ 1684.222657] ? alloc_uevent_skb+0x7b/0x210 [ 1684.223544] __alloc_skb+0xb1/0x5b0 [ 1684.224298] alloc_uevent_skb+0x7b/0x210 [ 1684.225259] kobject_uevent_env+0x99a/0xfd0 [ 1684.226190] loop_configure+0x1170/0x1490 [ 1684.227051] lo_ioctl+0xa72/0x1760 [ 1684.227777] ? avc_has_extended_perms+0x7f1/0xf40 [ 1684.228894] ? loop_set_status_old+0x250/0x250 [ 1684.229920] ? avc_ss_reset+0x180/0x180 [ 1684.230716] ? find_held_lock+0x2c/0x110 [ 1684.231535] ? __lock_acquire+0xbb1/0x5b00 [ 1684.232430] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1684.233479] ? generic_block_fiemap+0x60/0x60 [ 1684.234386] ? lock_downgrade+0x6d0/0x6d0 [ 1684.235356] ? build_open_flags+0x6f0/0x6f0 [ 1684.236260] ? loop_set_status_old+0x250/0x250 [ 1684.237328] blkdev_ioctl+0x291/0x710 [ 1684.238169] ? blkdev_common_ioctl+0x1930/0x1930 [ 1684.239158] ? selinux_file_ioctl+0xb6/0x270 [ 1684.240248] block_ioctl+0xf9/0x140 [ 1684.241103] ? blkdev_read_iter+0x1c0/0x1c0 [ 1684.242120] __x64_sys_ioctl+0x19a/0x210 [ 1684.243079] do_syscall_64+0x33/0x40 [ 1684.243855] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1684.244861] RIP: 0033:0x7f3b3a6db8d7 [ 1684.245741] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1684.249488] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1684.251112] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1684.252556] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1684.253983] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1684.255422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1684.257241] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:34:42 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:42 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 33) 14:34:42 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:34:42 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, 0x0, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:34:42 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:42 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:42 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x6000000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:34:42 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 50) [ 1700.185562] FAULT_INJECTION: forcing a failure. [ 1700.185562] name failslab, interval 1, probability 0, space 0, times 0 [ 1700.187056] CPU: 0 PID: 10064 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1700.187986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1700.189118] Call Trace: [ 1700.189472] dump_stack+0x107/0x167 [ 1700.189947] should_fail.cold+0x5/0xa [ 1700.190450] ? create_object.isra.0+0x3a/0xa20 [ 1700.191052] should_failslab+0x5/0x20 [ 1700.191553] kmem_cache_alloc+0x5b/0x310 [ 1700.192095] ? p9_fd_show_options+0x1c0/0x1c0 [ 1700.192687] create_object.isra.0+0x3a/0xa20 [ 1700.193273] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1700.193939] kmem_cache_alloc_trace+0x151/0x320 [ 1700.194558] p9_fd_create+0x161/0x4a0 [ 1700.195063] ? p9_conn_create+0x510/0x510 [ 1700.195609] ? p9_client_create+0x798/0x1230 [ 1700.196182] ? kfree+0xd7/0x340 [ 1700.196616] ? do_raw_spin_unlock+0x4f/0x220 [ 1700.197209] p9_client_create+0x7ff/0x1230 [ 1700.197770] ? p9_client_flush+0x430/0x430 [ 1700.198325] ? trace_hardirqs_on+0x5b/0x180 [ 1700.198897] ? lockdep_init_map_type+0x2c7/0x780 [ 1700.199532] ? __raw_spin_lock_init+0x36/0x110 [ 1700.200137] v9fs_session_init+0x1dd/0x1680 [ 1700.200729] ? lock_release+0x680/0x680 [ 1700.201259] ? kmem_cache_alloc_trace+0x151/0x320 [ 1700.201885] ? v9fs_show_options+0x690/0x690 [ 1700.202460] ? trace_hardirqs_on+0x5b/0x180 [ 1700.203018] ? kasan_unpoison_shadow+0x33/0x50 [ 1700.203614] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1700.204288] v9fs_mount+0x79/0x8f0 [ 1700.204771] ? v9fs_write_inode+0x60/0x60 [ 1700.205315] legacy_get_tree+0x105/0x220 [ 1700.205849] vfs_get_tree+0x8e/0x300 [ 1700.206337] path_mount+0x1429/0x2120 [ 1700.206844] ? strncpy_from_user+0x9e/0x470 [ 1700.207415] ? finish_automount+0xa90/0xa90 [ 1700.207999] ? getname_flags.part.0+0x1dd/0x4f0 [ 1700.208608] ? _copy_from_user+0xfb/0x1b0 [ 1700.209174] __x64_sys_mount+0x282/0x300 [ 1700.209700] ? copy_mnt_ns+0xa00/0xa00 [ 1700.210218] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1700.210908] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1700.211583] do_syscall_64+0x33/0x40 [ 1700.212072] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1700.212748] RIP: 0033:0x7fb9df3c2b19 [ 1700.213236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1700.215637] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1700.216634] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1700.217588] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1700.218529] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1700.219469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1700.220408] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1700.233665] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1700.255401] isofs_fill_super: get root inode failed [ 1700.257455] FAULT_INJECTION: forcing a failure. [ 1700.257455] name failslab, interval 1, probability 0, space 0, times 0 [ 1700.258904] CPU: 0 PID: 10079 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1700.259791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1700.260887] Call Trace: [ 1700.261232] dump_stack+0x107/0x167 [ 1700.261711] should_fail.cold+0x5/0xa [ 1700.262201] ? create_object.isra.0+0x3a/0xa20 [ 1700.262794] should_failslab+0x5/0x20 [ 1700.263290] kmem_cache_alloc+0x5b/0x310 [ 1700.263827] create_object.isra.0+0x3a/0xa20 [ 1700.264388] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1700.265063] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1700.265733] ? alloc_uevent_skb+0x7b/0x210 [ 1700.266301] __alloc_skb+0xb1/0x5b0 [ 1700.266770] alloc_uevent_skb+0x7b/0x210 [ 1700.267307] kobject_uevent_env+0x99a/0xfd0 [ 1700.267873] loop_configure+0x1170/0x1490 [ 1700.268405] lo_ioctl+0xa72/0x1760 [ 1700.268870] ? avc_has_extended_perms+0x7f1/0xf40 [ 1700.269496] ? loop_set_status_old+0x250/0x250 [ 1700.270091] ? avc_ss_reset+0x180/0x180 [ 1700.270607] ? find_held_lock+0x2c/0x110 [ 1700.271142] ? __lock_acquire+0xbb1/0x5b00 [ 1700.271710] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1700.272376] ? generic_block_fiemap+0x60/0x60 [ 1700.272951] ? lock_downgrade+0x6d0/0x6d0 [ 1700.273482] ? build_open_flags+0x6f0/0x6f0 [ 1700.274045] ? loop_set_status_old+0x250/0x250 [ 1700.274633] blkdev_ioctl+0x291/0x710 [ 1700.275122] ? blkdev_common_ioctl+0x1930/0x1930 [ 1700.275726] ? selinux_file_ioctl+0xb6/0x270 [ 1700.276298] block_ioctl+0xf9/0x140 [ 1700.276774] ? blkdev_read_iter+0x1c0/0x1c0 [ 1700.277325] __x64_sys_ioctl+0x19a/0x210 [ 1700.277849] do_syscall_64+0x33/0x40 [ 1700.278318] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1700.278969] RIP: 0033:0x7f3b3a6db8d7 [ 1700.279458] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1700.281837] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1700.282800] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1700.283710] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1700.284611] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1700.285543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1700.286460] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 14:34:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 34) [ 1700.316231] isofs_fill_super: root inode is not a directory. Corrupted media? 14:34:43 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xc000000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1700.365488] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1700.375678] FAULT_INJECTION: forcing a failure. [ 1700.375678] name failslab, interval 1, probability 0, space 0, times 0 [ 1700.377239] CPU: 1 PID: 10089 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1700.377386] isofs_fill_super: get root inode failed [ 1700.378809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1700.378821] Call Trace: [ 1700.378845] dump_stack+0x107/0x167 [ 1700.378866] should_fail.cold+0x5/0xa [ 1700.383491] ? p9_client_prepare_req.part.0+0x3a/0xac0 [ 1700.384679] should_failslab+0x5/0x20 [ 1700.385549] kmem_cache_alloc+0x5b/0x310 [ 1700.386470] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1700.387623] p9_client_rpc+0x220/0x1370 [ 1700.388525] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1700.389744] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1700.390958] ? pipe_poll+0x21b/0x7f0 [ 1700.391731] ? p9_fd_close+0x4a0/0x4a0 [ 1700.392595] ? anon_pipe_buf_release+0x280/0x280 [ 1700.393682] ? p9_fd_poll+0x1e0/0x2c0 [ 1700.394548] ? p9_fd_create+0x357/0x4a0 [ 1700.395413] ? p9_conn_create+0x510/0x510 [ 1700.396301] ? p9_client_create+0x798/0x1230 [ 1700.397305] ? kfree+0xd7/0x340 [ 1700.398045] ? do_raw_spin_unlock+0x4f/0x220 [ 1700.399044] p9_client_create+0xa76/0x1230 14:34:43 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x11, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1700.399924] ? p9_client_flush+0x430/0x430 [ 1700.401019] ? trace_hardirqs_on+0x5b/0x180 [ 1700.402002] ? lockdep_init_map_type+0x2c7/0x780 [ 1700.403066] ? __raw_spin_lock_init+0x36/0x110 [ 1700.404109] v9fs_session_init+0x1dd/0x1680 [ 1700.405084] ? lock_release+0x680/0x680 [ 1700.405988] ? kmem_cache_alloc_trace+0x151/0x320 [ 1700.407094] ? v9fs_show_options+0x690/0x690 [ 1700.408101] ? trace_hardirqs_on+0x5b/0x180 [ 1700.409079] ? kasan_unpoison_shadow+0x33/0x50 [ 1700.410034] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1700.411197] v9fs_mount+0x79/0x8f0 [ 1700.412008] ? v9fs_write_inode+0x60/0x60 [ 1700.412964] legacy_get_tree+0x105/0x220 [ 1700.413900] vfs_get_tree+0x8e/0x300 [ 1700.414748] path_mount+0x1429/0x2120 [ 1700.415624] ? strncpy_from_user+0x9e/0x470 [ 1700.416607] ? finish_automount+0xa90/0xa90 [ 1700.417596] ? getname_flags.part.0+0x1dd/0x4f0 [ 1700.418660] ? _copy_from_user+0xfb/0x1b0 [ 1700.419619] __x64_sys_mount+0x282/0x300 [ 1700.420538] ? copy_mnt_ns+0xa00/0xa00 [ 1700.421432] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1700.422636] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1700.423812] do_syscall_64+0x33/0x40 [ 1700.424658] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1700.425864] RIP: 0033:0x7fb9df3c2b19 [ 1700.426716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1700.430843] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1700.432576] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1700.434200] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1700.435803] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1700.437317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1700.438923] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:34:43 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 51) 14:34:43 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, 0x0, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1700.446898] isofs_fill_super: root inode is not a directory. Corrupted media? 14:34:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 35) 14:34:43 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:43 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x22, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:43 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:43 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x40000000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1700.543118] FAULT_INJECTION: forcing a failure. [ 1700.543118] name failslab, interval 1, probability 0, space 0, times 0 [ 1700.544660] CPU: 0 PID: 10109 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1700.545624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1700.546782] Call Trace: [ 1700.547158] dump_stack+0x107/0x167 [ 1700.547667] should_fail.cold+0x5/0xa [ 1700.548205] ? create_object.isra.0+0x3a/0xa20 [ 1700.548843] should_failslab+0x5/0x20 [ 1700.549378] kmem_cache_alloc+0x5b/0x310 [ 1700.549935] create_object.isra.0+0x3a/0xa20 [ 1700.550545] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1700.551252] kmem_cache_alloc+0x159/0x310 [ 1700.551832] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1700.552553] p9_client_rpc+0x220/0x1370 [ 1700.553122] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1700.553858] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1700.554602] ? pipe_poll+0x21b/0x7f0 [ 1700.555118] ? p9_fd_close+0x4a0/0x4a0 [ 1700.555664] ? anon_pipe_buf_release+0x280/0x280 [ 1700.556331] ? p9_fd_poll+0x1e0/0x2c0 [ 1700.556872] ? p9_fd_create+0x357/0x4a0 [ 1700.557430] ? p9_conn_create+0x510/0x510 [ 1700.558006] ? p9_client_create+0x798/0x1230 [ 1700.558614] ? kfree+0xd7/0x340 [ 1700.559072] ? do_raw_spin_unlock+0x4f/0x220 [ 1700.559687] p9_client_create+0xa76/0x1230 [ 1700.560272] ? p9_client_flush+0x430/0x430 [ 1700.560860] ? trace_hardirqs_on+0x5b/0x180 [ 1700.561459] ? lockdep_init_map_type+0x2c7/0x780 [ 1700.562115] ? __raw_spin_lock_init+0x36/0x110 [ 1700.562752] v9fs_session_init+0x1dd/0x1680 [ 1700.563353] ? lock_release+0x680/0x680 [ 1700.563926] ? kmem_cache_alloc_trace+0x151/0x320 [ 1700.564589] ? v9fs_show_options+0x690/0x690 [ 1700.565216] ? trace_hardirqs_on+0x5b/0x180 [ 1700.565817] ? kasan_unpoison_shadow+0x33/0x50 [ 1700.566455] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1700.567166] v9fs_mount+0x79/0x8f0 [ 1700.567659] ? v9fs_write_inode+0x60/0x60 [ 1700.568242] legacy_get_tree+0x105/0x220 [ 1700.568899] vfs_get_tree+0x8e/0x300 [ 1700.569835] path_mount+0x1429/0x2120 [ 1700.570776] ? strncpy_from_user+0x9e/0x470 [ 1700.571835] ? finish_automount+0xa90/0xa90 [ 1700.572917] ? getname_flags.part.0+0x1dd/0x4f0 [ 1700.573967] ? _copy_from_user+0xfb/0x1b0 [ 1700.574880] __x64_sys_mount+0x282/0x300 [ 1700.575763] ? copy_mnt_ns+0xa00/0xa00 [ 1700.576629] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1700.577784] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1700.578908] do_syscall_64+0x33/0x40 [ 1700.579720] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1700.580849] RIP: 0033:0x7fb9df3c2b19 [ 1700.581661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1700.585683] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1700.587347] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1700.588912] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1700.590469] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1700.592025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1700.593591] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1700.612479] FAULT_INJECTION: forcing a failure. [ 1700.612479] name failslab, interval 1, probability 0, space 0, times 0 [ 1700.614964] CPU: 1 PID: 10107 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1700.616443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1700.618223] Call Trace: [ 1700.618789] dump_stack+0x107/0x167 [ 1700.619569] should_fail.cold+0x5/0xa [ 1700.620389] ? skb_clone+0x14f/0x3d0 [ 1700.621203] should_failslab+0x5/0x20 [ 1700.622018] kmem_cache_alloc+0x5b/0x310 [ 1700.622893] skb_clone+0x14f/0x3d0 [ 1700.623657] netlink_broadcast_filtered+0xa08/0xdc0 [ 1700.624738] netlink_broadcast+0x35/0x50 [ 1700.625618] kobject_uevent_env+0x93d/0xfd0 [ 1700.626554] loop_configure+0x1170/0x1490 [ 1700.627451] lo_ioctl+0xa72/0x1760 [ 1700.628214] ? avc_has_extended_perms+0x7f1/0xf40 [ 1700.629261] ? loop_set_status_old+0x250/0x250 [ 1700.630243] ? avc_ss_reset+0x180/0x180 [ 1700.631100] ? find_held_lock+0x2c/0x110 [ 1700.631984] ? __lock_acquire+0xbb1/0x5b00 [ 1700.632944] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1700.634068] ? generic_block_fiemap+0x60/0x60 [ 1700.635028] ? lock_downgrade+0x6d0/0x6d0 [ 1700.635919] ? build_open_flags+0x6f0/0x6f0 [ 1700.636857] ? loop_set_status_old+0x250/0x250 [ 1700.637834] blkdev_ioctl+0x291/0x710 [ 1700.638649] ? blkdev_common_ioctl+0x1930/0x1930 [ 1700.639673] ? selinux_file_ioctl+0xb6/0x270 [ 1700.640620] block_ioctl+0xf9/0x140 [ 1700.641405] ? blkdev_read_iter+0x1c0/0x1c0 [ 1700.642329] __x64_sys_ioctl+0x19a/0x210 [ 1700.643204] do_syscall_64+0x33/0x40 [ 1700.644006] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1700.645110] RIP: 0033:0x7f3b3a6db8d7 [ 1700.645906] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1700.649863] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1700.651491] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1700.653025] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1700.654550] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1700.656074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1700.657609] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1700.672934] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1700.763292] isofs_fill_super: get root inode failed [ 1700.789426] isofs_fill_super: get root inode failed 14:34:57 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 52) 14:34:57 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, 0x0, 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:34:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xf5ffffff, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:34:57 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x11, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:57 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:57 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2e, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:34:57 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 36) 14:34:57 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, 0x0, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1714.992393] FAULT_INJECTION: forcing a failure. [ 1714.992393] name failslab, interval 1, probability 0, space 0, times 0 [ 1714.993898] CPU: 0 PID: 10130 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1714.994773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1714.995820] Call Trace: [ 1714.996160] dump_stack+0x107/0x167 [ 1714.996616] should_fail.cold+0x5/0xa [ 1714.997096] ? p9_fcall_init+0x97/0x290 [ 1714.997609] should_failslab+0x5/0x20 [ 1714.998095] __kmalloc+0x72/0x390 [ 1714.998535] p9_fcall_init+0x97/0x290 [ 1714.999015] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1714.999655] p9_client_rpc+0x220/0x1370 [ 1715.000157] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.000823] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1715.001505] ? pipe_poll+0x21b/0x7f0 [ 1715.001970] ? p9_fd_close+0x4a0/0x4a0 [ 1715.002462] ? anon_pipe_buf_release+0x280/0x280 [ 1715.003060] ? p9_fd_poll+0x1e0/0x2c0 [ 1715.003547] ? p9_fd_create+0x357/0x4a0 [ 1715.004061] ? p9_conn_create+0x510/0x510 [ 1715.004578] ? p9_client_create+0x798/0x1230 [ 1715.005127] ? kfree+0xd7/0x340 [ 1715.005553] ? do_raw_spin_unlock+0x4f/0x220 [ 1715.006110] p9_client_create+0xa76/0x1230 [ 1715.006648] ? p9_client_flush+0x430/0x430 [ 1715.007181] ? trace_hardirqs_on+0x5b/0x180 [ 1715.007723] ? lockdep_init_map_type+0x2c7/0x780 [ 1715.008322] ? __raw_spin_lock_init+0x36/0x110 [ 1715.008901] v9fs_session_init+0x1dd/0x1680 [ 1715.009459] ? lock_release+0x680/0x680 [ 1715.009962] ? kmem_cache_alloc_trace+0x151/0x320 [ 1715.010571] ? v9fs_show_options+0x690/0x690 [ 1715.011127] ? trace_hardirqs_on+0x5b/0x180 [ 1715.011675] ? kasan_unpoison_shadow+0x33/0x50 [ 1715.012246] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1715.012884] v9fs_mount+0x79/0x8f0 [ 1715.013343] ? v9fs_write_inode+0x60/0x60 [ 1715.013869] legacy_get_tree+0x105/0x220 [ 1715.014372] vfs_get_tree+0x8e/0x300 [ 1715.014832] path_mount+0x1429/0x2120 [ 1715.015313] ? strncpy_from_user+0x9e/0x470 [ 1715.015856] ? finish_automount+0xa90/0xa90 [ 1715.016391] ? getname_flags.part.0+0x1dd/0x4f0 [ 1715.016984] ? _copy_from_user+0xfb/0x1b0 [ 1715.017531] __x64_sys_mount+0x282/0x300 [ 1715.018034] ? copy_mnt_ns+0xa00/0xa00 [ 1715.018518] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.019169] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1715.019818] do_syscall_64+0x33/0x40 [ 1715.020283] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1715.020933] RIP: 0033:0x7fb9df3c2b19 [ 1715.021415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1715.023712] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1715.024674] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1715.025580] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1715.026474] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1715.027369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1715.028260] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:34:57 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 37) 14:34:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xffff8000, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1715.069336] FAULT_INJECTION: forcing a failure. [ 1715.069336] name failslab, interval 1, probability 0, space 0, times 0 [ 1715.070798] CPU: 0 PID: 10141 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1715.071650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1715.072682] Call Trace: [ 1715.073012] dump_stack+0x107/0x167 [ 1715.073470] should_fail.cold+0x5/0xa [ 1715.073945] ? create_object.isra.0+0x3a/0xa20 [ 1715.074512] should_failslab+0x5/0x20 [ 1715.074978] kmem_cache_alloc+0x5b/0x310 [ 1715.075479] ? find_held_lock+0x2c/0x110 [ 1715.075978] create_object.isra.0+0x3a/0xa20 [ 1715.076514] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1715.077138] kmem_cache_alloc+0x159/0x310 [ 1715.077657] skb_clone+0x14f/0x3d0 [ 1715.078095] netlink_broadcast_filtered+0xa08/0xdc0 [ 1715.078712] netlink_broadcast+0x35/0x50 [ 1715.079213] kobject_uevent_env+0x93d/0xfd0 [ 1715.079751] loop_configure+0x1170/0x1490 [ 1715.080264] lo_ioctl+0xa72/0x1760 [ 1715.080700] ? avc_has_extended_perms+0x7f1/0xf40 [ 1715.081301] ? loop_set_status_old+0x250/0x250 [ 1715.081859] ? avc_ss_reset+0x180/0x180 [ 1715.082346] ? find_held_lock+0x2c/0x110 [ 1715.082848] ? __lock_acquire+0xbb1/0x5b00 [ 1715.083394] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 1715.084034] ? generic_block_fiemap+0x60/0x60 [ 1715.084578] ? lock_downgrade+0x6d0/0x6d0 [ 1715.085085] ? build_open_flags+0x6f0/0x6f0 [ 1715.085622] ? loop_set_status_old+0x250/0x250 [ 1715.086176] blkdev_ioctl+0x291/0x710 [ 1715.086641] ? blkdev_common_ioctl+0x1930/0x1930 [ 1715.087220] ? selinux_file_ioctl+0xb6/0x270 [ 1715.087762] block_ioctl+0xf9/0x140 [ 1715.088208] ? blkdev_read_iter+0x1c0/0x1c0 [ 1715.088732] __x64_sys_ioctl+0x19a/0x210 [ 1715.089229] do_syscall_64+0x33/0x40 [ 1715.089720] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1715.090343] RIP: 0033:0x7f3b3a6db8d7 [ 1715.090796] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1715.093043] RSP: 002b:00007f3b37c50f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1715.093976] RAX: ffffffffffffffda RBX: 00007f3b3a725970 RCX: 00007f3b3a6db8d7 [ 1715.094840] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1715.095705] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 1715.096571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1715.097448] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002 [ 1715.104581] isofs_fill_super: get root inode failed [ 1715.114828] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1715.118145] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1715.126582] isofs_fill_super: get root inode failed 14:34:57 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, 0x0, 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 1715.170522] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1715.173259] FAULT_INJECTION: forcing a failure. [ 1715.173259] name failslab, interval 1, probability 0, space 0, times 0 [ 1715.174595] CPU: 0 PID: 10155 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1715.175409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1715.176391] Call Trace: [ 1715.176708] dump_stack+0x107/0x167 [ 1715.177138] should_fail.cold+0x5/0xa [ 1715.177600] ? create_object.isra.0+0x3a/0xa20 [ 1715.178145] should_failslab+0x5/0x20 [ 1715.178609] kmem_cache_alloc+0x5b/0x310 [ 1715.179091] create_object.isra.0+0x3a/0xa20 [ 1715.179608] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1715.180211] __kmalloc+0x16e/0x390 [ 1715.180636] p9_fcall_init+0x97/0x290 [ 1715.181085] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1715.181689] p9_client_rpc+0x220/0x1370 [ 1715.182162] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.182788] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1715.183418] ? pipe_poll+0x21b/0x7f0 [ 1715.183855] ? p9_fd_close+0x4a0/0x4a0 [ 1715.184313] ? anon_pipe_buf_release+0x280/0x280 [ 1715.184876] ? p9_fd_poll+0x1e0/0x2c0 [ 1715.185540] ? p9_fd_create+0x357/0x4a0 [ 1715.186540] ? p9_conn_create+0x510/0x510 [ 1715.187567] ? p9_client_create+0x798/0x1230 [ 1715.188663] ? kfree+0xd7/0x340 [ 1715.189502] ? do_raw_spin_unlock+0x4f/0x220 [ 1715.190535] p9_client_create+0xa76/0x1230 [ 1715.191428] ? p9_client_flush+0x430/0x430 [ 1715.192307] ? trace_hardirqs_on+0x5b/0x180 [ 1715.193206] ? lockdep_init_map_type+0x2c7/0x780 [ 1715.194195] ? __raw_spin_lock_init+0x36/0x110 [ 1715.195147] v9fs_session_init+0x1dd/0x1680 [ 1715.196040] ? lock_release+0x680/0x680 [ 1715.196912] ? kmem_cache_alloc_trace+0x151/0x320 [ 1715.197954] ? v9fs_show_options+0x690/0x690 [ 1715.198904] ? trace_hardirqs_on+0x5b/0x180 [ 1715.199829] ? kasan_unpoison_shadow+0x33/0x50 [ 1715.200799] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1715.201902] v9fs_mount+0x79/0x8f0 [ 1715.202693] ? v9fs_write_inode+0x60/0x60 [ 1715.203581] legacy_get_tree+0x105/0x220 [ 1715.204447] vfs_get_tree+0x8e/0x300 [ 1715.205270] path_mount+0x1429/0x2120 [ 1715.206089] ? strncpy_from_user+0x9e/0x470 [ 1715.207023] ? finish_automount+0xa90/0xa90 [ 1715.207933] ? getname_flags.part.0+0x1dd/0x4f0 [ 1715.208914] ? _copy_from_user+0xfb/0x1b0 [ 1715.209803] __x64_sys_mount+0x282/0x300 [ 1715.210659] ? copy_mnt_ns+0xa00/0xa00 [ 1715.211484] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.212581] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1715.213667] do_syscall_64+0x33/0x40 [ 1715.214448] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1715.215514] RIP: 0033:0x7fb9df3c2b19 [ 1715.216288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1715.220012] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1715.221573] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1715.223023] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1715.224463] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1715.225933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1715.227367] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1715.249883] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, 0x0, 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:13 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xfffffff5, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:13 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 38) 14:35:13 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1800, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:13 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x48, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:13 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:35:13 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 53) 14:35:13 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2e, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1730.954906] FAULT_INJECTION: forcing a failure. [ 1730.954906] name failslab, interval 1, probability 0, space 0, times 0 [ 1730.956465] CPU: 1 PID: 10175 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 1730.957418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1730.958580] Call Trace: [ 1730.958949] dump_stack+0x107/0x167 [ 1730.959439] should_fail.cold+0x5/0xa [ 1730.959956] ? getname_flags.part.0+0x50/0x4f0 [ 1730.960582] should_failslab+0x5/0x20 [ 1730.961097] kmem_cache_alloc+0x5b/0x310 [ 1730.961651] ? generic_block_fiemap+0x60/0x60 [ 1730.962268] getname_flags.part.0+0x50/0x4f0 [ 1730.962865] getname_flags+0x9a/0xe0 [ 1730.963377] do_mkdirat+0x8f/0x2b0 [ 1730.963861] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1730.964591] ? user_path_create+0xf0/0xf0 [ 1730.965160] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1730.965888] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1730.966590] do_syscall_64+0x33/0x40 [ 1730.967094] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1730.967778] RIP: 0033:0x7f3b3a6dac27 [ 1730.968278] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1730.970779] RSP: 002b:00007f3b37c50fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1730.971801] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f3b3a6dac27 [ 1730.972766] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1730.973745] RBP: 00007f3b37c51040 R08: 0000000000000000 R09: ffffffffffffffff [ 1730.974699] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1730.975661] R13: 0000000020000100 R14: 00007f3b37c51000 R15: 0000000020000080 [ 1730.976630] FAULT_INJECTION: forcing a failure. [ 1730.976630] name failslab, interval 1, probability 0, space 0, times 0 [ 1730.978152] CPU: 0 PID: 10181 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1730.979637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1730.981362] Call Trace: [ 1730.981923] dump_stack+0x107/0x167 [ 1730.982676] should_fail.cold+0x5/0xa [ 1730.983471] ? p9_fcall_init+0x97/0x290 [ 1730.984296] should_failslab+0x5/0x20 [ 1730.985082] __kmalloc+0x72/0x390 [ 1730.985805] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1730.986854] p9_fcall_init+0x97/0x290 [ 1730.987648] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1730.988698] p9_client_rpc+0x220/0x1370 [ 1730.989526] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1730.990633] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1730.991737] ? pipe_poll+0x21b/0x7f0 [ 1730.992511] ? p9_fd_close+0x4a0/0x4a0 [ 1730.993326] ? anon_pipe_buf_release+0x280/0x280 [ 1730.994316] ? p9_fd_poll+0x1e0/0x2c0 [ 1730.995110] ? p9_fd_create+0x357/0x4a0 [ 1730.995934] ? p9_conn_create+0x510/0x510 [ 1730.996787] ? p9_client_create+0x798/0x1230 [ 1730.997698] ? kfree+0xd7/0x340 [ 1730.998385] ? do_raw_spin_unlock+0x4f/0x220 [ 1730.999303] p9_client_create+0xa76/0x1230 [ 1731.000185] ? p9_client_flush+0x430/0x430 [ 1731.001070] ? trace_hardirqs_on+0x5b/0x180 [ 1731.001095] ? lockdep_init_map_type+0x2c7/0x780 [ 1731.002651] ? __raw_spin_lock_init+0x36/0x110 [ 1731.003600] v9fs_session_init+0x1dd/0x1680 [ 1731.004492] ? lock_release+0x680/0x680 [ 1731.005324] ? kmem_cache_alloc_trace+0x151/0x320 [ 1731.006332] ? v9fs_show_options+0x690/0x690 [ 1731.007244] ? trace_hardirqs_on+0x5b/0x180 [ 1731.008134] ? kasan_unpoison_shadow+0x33/0x50 [ 1731.009078] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1731.010136] v9fs_mount+0x79/0x8f0 [ 1731.010879] ? v9fs_write_inode+0x60/0x60 [ 1731.011739] legacy_get_tree+0x105/0x220 [ 1731.012578] vfs_get_tree+0x8e/0x300 [ 1731.013343] path_mount+0x1429/0x2120 [ 1731.014140] ? strncpy_from_user+0x9e/0x470 [ 1731.015032] ? finish_automount+0xa90/0xa90 [ 1731.015922] ? getname_flags.part.0+0x1dd/0x4f0 [ 1731.016882] ? _copy_from_user+0xfb/0x1b0 [ 1731.017750] __x64_sys_mount+0x282/0x300 [ 1731.018593] ? copy_mnt_ns+0xa00/0xa00 [ 1731.019399] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1731.020482] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1731.021550] do_syscall_64+0x33/0x40 [ 1731.022336] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1731.023401] RIP: 0033:0x7fb9df3c2b19 [ 1731.024167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1731.027999] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1731.029576] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1731.031063] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1731.032536] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1731.034019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1731.035490] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1731.046922] isofs_fill_super: get root inode failed 14:35:13 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:35:13 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) (fail_nth: 54) 14:35:13 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0xffffffff, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1731.146457] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1731.157521] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:13 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 39) 14:35:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:14 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4c, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1731.254389] FAULT_INJECTION: forcing a failure. [ 1731.254389] name failslab, interval 1, probability 0, space 0, times 0 [ 1731.256930] CPU: 0 PID: 10209 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1731.258376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1731.260097] Call Trace: [ 1731.260644] dump_stack+0x107/0x167 [ 1731.261402] should_fail.cold+0x5/0xa [ 1731.262210] ? create_object.isra.0+0x3a/0xa20 [ 1731.263158] should_failslab+0x5/0x20 [ 1731.263956] kmem_cache_alloc+0x5b/0x310 [ 1731.264805] create_object.isra.0+0x3a/0xa20 [ 1731.265713] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1731.266775] __kmalloc+0x16e/0x390 [ 1731.267518] p9_fcall_init+0x97/0x290 [ 1731.268319] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1731.269384] p9_client_rpc+0x220/0x1370 [ 1731.270225] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1731.271318] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1731.272424] ? pipe_poll+0x21b/0x7f0 [ 1731.273197] ? p9_fd_close+0x4a0/0x4a0 [ 1731.274010] ? anon_pipe_buf_release+0x280/0x280 [ 1731.274994] ? p9_fd_poll+0x1e0/0x2c0 [ 1731.275789] ? p9_fd_create+0x357/0x4a0 [ 1731.276614] ? p9_conn_create+0x510/0x510 [ 1731.277469] ? p9_client_create+0x798/0x1230 [ 1731.278391] ? kfree+0xd7/0x340 [ 1731.279076] ? do_raw_spin_unlock+0x4f/0x220 [ 1731.279987] p9_client_create+0xa76/0x1230 14:35:14 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1731.280868] ? p9_client_flush+0x430/0x430 [ 1731.281852] ? trace_hardirqs_on+0x5b/0x180 [ 1731.282747] ? lockdep_init_map_type+0x2c7/0x780 [ 1731.283730] ? __raw_spin_lock_init+0x36/0x110 [ 1731.284680] v9fs_session_init+0x1dd/0x1680 [ 1731.285577] ? lock_release+0x680/0x680 [ 1731.286425] ? kmem_cache_alloc_trace+0x151/0x320 [ 1731.287424] ? v9fs_show_options+0x690/0x690 [ 1731.288358] ? trace_hardirqs_on+0x5b/0x180 [ 1731.289246] ? kasan_unpoison_shadow+0x33/0x50 [ 1731.290198] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1731.291247] v9fs_mount+0x79/0x8f0 [ 1731.291990] ? v9fs_write_inode+0x60/0x60 [ 1731.292852] legacy_get_tree+0x105/0x220 [ 1731.293693] vfs_get_tree+0x8e/0x300 [ 1731.294477] path_mount+0x1429/0x2120 [ 1731.295267] ? strncpy_from_user+0x9e/0x470 [ 1731.296161] ? finish_automount+0xa90/0xa90 [ 1731.297048] ? getname_flags.part.0+0x1dd/0x4f0 [ 1731.298027] ? _copy_from_user+0xfb/0x1b0 [ 1731.298885] __x64_sys_mount+0x282/0x300 [ 1731.299717] ? copy_mnt_ns+0xa00/0xa00 [ 1731.300520] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1731.301604] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1731.302670] do_syscall_64+0x33/0x40 [ 1731.303440] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1731.304489] RIP: 0033:0x7fb9df3c2b19 [ 1731.305257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1731.309032] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1731.310614] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1731.312077] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1731.313537] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1731.315012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1731.316483] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1731.322496] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:14 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x48, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:14 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:14 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:14 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1c00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1731.435554] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1731.463101] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:14 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x68, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:14 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:14 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4c, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1731.505331] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1731.557735] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1731.577751] isofs_fill_super: get root inode failed [ 1731.593494] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1731.618382] isofs_fill_super: get root inode failed 14:35:28 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6c, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:28 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, 0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:35:28 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 40) 14:35:28 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:28 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:28 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:28 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x68, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1745.836228] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1745.849345] FAULT_INJECTION: forcing a failure. [ 1745.849345] name failslab, interval 1, probability 0, space 0, times 0 [ 1745.852276] CPU: 1 PID: 10254 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1745.854015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1745.854031] Call Trace: [ 1745.855653] dump_stack+0x107/0x167 [ 1745.856577] should_fail.cold+0x5/0xa [ 1745.857542] ? create_object.isra.0+0x3a/0xa20 [ 1745.858707] should_failslab+0x5/0x20 [ 1745.859665] kmem_cache_alloc+0x5b/0x310 [ 1745.860689] create_object.isra.0+0x3a/0xa20 [ 1745.861794] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1745.863084] __kmalloc+0x16e/0x390 [ 1745.863985] p9_fcall_init+0x97/0x290 [ 1745.864948] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1745.866228] p9_client_rpc+0x220/0x1370 [ 1745.867252] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1745.868580] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1745.869921] ? pipe_poll+0x21b/0x7f0 [ 1745.870839] ? p9_fd_close+0x4a0/0x4a0 [ 1745.871654] ? anon_pipe_buf_release+0x280/0x280 [ 1745.872652] ? p9_fd_poll+0x1e0/0x2c0 [ 1745.873461] ? p9_fd_create+0x357/0x4a0 [ 1745.874304] ? p9_conn_create+0x510/0x510 [ 1745.875175] ? p9_client_create+0x798/0x1230 [ 1745.876091] ? kfree+0xd7/0x340 [ 1745.876777] ? do_raw_spin_unlock+0x4f/0x220 [ 1745.877704] p9_client_create+0xa76/0x1230 [ 1745.878610] ? p9_client_flush+0x430/0x430 [ 1745.879495] ? trace_hardirqs_on+0x5b/0x180 [ 1745.880401] ? lockdep_init_map_type+0x2c7/0x780 [ 1745.881396] ? __raw_spin_lock_init+0x36/0x110 [ 1745.882362] v9fs_session_init+0x1dd/0x1680 [ 1745.883265] ? lock_release+0x680/0x680 [ 1745.884105] ? kmem_cache_alloc_trace+0x151/0x320 [ 1745.885109] ? v9fs_show_options+0x690/0x690 [ 1745.886034] ? trace_hardirqs_on+0x5b/0x180 [ 1745.886944] ? kasan_unpoison_shadow+0x33/0x50 [ 1745.887902] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1745.888971] v9fs_mount+0x79/0x8f0 [ 1745.889717] ? v9fs_write_inode+0x60/0x60 [ 1745.890591] legacy_get_tree+0x105/0x220 [ 1745.891445] vfs_get_tree+0x8e/0x300 [ 1745.892221] path_mount+0x1429/0x2120 [ 1745.893023] ? strncpy_from_user+0x9e/0x470 [ 1745.893927] ? finish_automount+0xa90/0xa90 [ 1745.894842] ? getname_flags.part.0+0x1dd/0x4f0 [ 1745.895816] ? _copy_from_user+0xfb/0x1b0 [ 1745.896700] __x64_sys_mount+0x282/0x300 [ 1745.897546] ? copy_mnt_ns+0xa00/0xa00 [ 1745.898380] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1745.899483] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1745.900566] do_syscall_64+0x33/0x40 [ 1745.901353] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1745.902433] RIP: 0033:0x7fb9df3c2b19 [ 1745.903211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1745.907107] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1745.908699] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1745.910189] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1745.911710] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1745.913196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1745.914708] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1745.919981] isofs_fill_super: get root inode failed [ 1745.924123] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1745.931708] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:28 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1745.983703] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:28 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6500, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1746.013846] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:28 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:28 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1746.058909] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:28 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x74, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1746.105369] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1746.177069] isofs_fill_super: get root inode failed [ 1746.212024] isofs_fill_super: get root inode failed 14:35:44 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 41) 14:35:44 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:44 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6c, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:44 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7a, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:44 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, 0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:35:44 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8004, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:44 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:44 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1761.381051] FAULT_INJECTION: forcing a failure. [ 1761.381051] name failslab, interval 1, probability 0, space 0, times 0 [ 1761.382686] CPU: 0 PID: 10308 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1761.383528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1761.384543] Call Trace: [ 1761.384870] dump_stack+0x107/0x167 [ 1761.385308] should_fail.cold+0x5/0xa [ 1761.385771] ? create_object.isra.0+0x3a/0xa20 [ 1761.386328] should_failslab+0x5/0x20 [ 1761.386786] kmem_cache_alloc+0x5b/0x310 [ 1761.387286] create_object.isra.0+0x3a/0xa20 [ 1761.387812] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1761.388429] kmem_cache_alloc+0x159/0x310 [ 1761.388935] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1761.389609] idr_get_free+0x4b5/0x8f0 [ 1761.390081] idr_alloc_u32+0x170/0x2d0 [ 1761.390554] ? __fprop_inc_percpu_max+0x130/0x130 [ 1761.391143] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1761.391787] ? lock_release+0x680/0x680 [ 1761.392263] idr_alloc+0xc2/0x130 [ 1761.392679] ? idr_alloc_u32+0x2d0/0x2d0 [ 1761.393164] ? rwlock_bug.part.0+0x90/0x90 [ 1761.393681] p9_client_prepare_req.part.0+0x612/0xac0 [ 1761.394303] p9_client_rpc+0x220/0x1370 [ 1761.394781] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1761.395435] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1761.396078] ? pipe_poll+0x21b/0x7f0 [ 1761.396524] ? p9_fd_close+0x4a0/0x4a0 [ 1761.396987] ? anon_pipe_buf_release+0x280/0x280 [ 1761.397556] ? p9_fd_poll+0x1e0/0x2c0 [ 1761.398016] ? p9_fd_create+0x357/0x4a0 [ 1761.398495] ? p9_conn_create+0x510/0x510 [ 1761.398996] ? p9_client_create+0x798/0x1230 [ 1761.399522] ? kfree+0xd7/0x340 [ 1761.399917] ? do_raw_spin_unlock+0x4f/0x220 [ 1761.400442] p9_client_create+0xa76/0x1230 [ 1761.400957] ? p9_client_flush+0x430/0x430 [ 1761.401469] ? trace_hardirqs_on+0x5b/0x180 [ 1761.401982] ? lockdep_init_map_type+0x2c7/0x780 [ 1761.402546] ? __raw_spin_lock_init+0x36/0x110 [ 1761.403106] v9fs_session_init+0x1dd/0x1680 [ 1761.403617] ? lock_release+0x680/0x680 [ 1761.404103] ? kmem_cache_alloc_trace+0x151/0x320 [ 1761.404684] ? v9fs_show_options+0x690/0x690 [ 1761.405211] ? trace_hardirqs_on+0x5b/0x180 [ 1761.405731] ? kasan_unpoison_shadow+0x33/0x50 [ 1761.406281] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1761.406899] v9fs_mount+0x79/0x8f0 [ 1761.407324] ? v9fs_write_inode+0x60/0x60 [ 1761.407827] legacy_get_tree+0x105/0x220 [ 1761.408314] vfs_get_tree+0x8e/0x300 [ 1761.408754] path_mount+0x1429/0x2120 [ 1761.409209] ? strncpy_from_user+0x9e/0x470 [ 1761.409724] ? finish_automount+0xa90/0xa90 [ 1761.410235] ? getname_flags.part.0+0x1dd/0x4f0 [ 1761.410787] ? _copy_from_user+0xfb/0x1b0 [ 1761.411289] __x64_sys_mount+0x282/0x300 [ 1761.411771] ? copy_mnt_ns+0xa00/0xa00 [ 1761.412239] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1761.412866] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1761.413475] do_syscall_64+0x33/0x40 [ 1761.413914] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1761.414523] RIP: 0033:0x7fb9df3c2b19 [ 1761.414970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1761.417155] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1761.418049] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1761.418916] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1761.419761] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1761.420599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1761.421437] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1761.435549] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1761.437365] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1761.458409] isofs_fill_super: get root inode failed [ 1761.477030] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:44 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1e000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1761.525155] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1761.528860] isofs_fill_super: get root inode failed 14:35:44 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 42) [ 1761.548404] FAULT_INJECTION: forcing a failure. [ 1761.548404] name failslab, interval 1, probability 0, space 0, times 0 [ 1761.549691] CPU: 0 PID: 10335 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1761.550463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1761.551405] Call Trace: [ 1761.551710] dump_stack+0x107/0x167 [ 1761.552116] should_fail.cold+0x5/0xa [ 1761.552549] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1761.553201] should_failslab+0x5/0x20 [ 1761.553635] kmem_cache_alloc+0x5b/0x310 [ 1761.554100] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1761.554731] idr_get_free+0x4b5/0x8f0 [ 1761.555177] idr_alloc_u32+0x170/0x2d0 [ 1761.555614] ? __fprop_inc_percpu_max+0x130/0x130 [ 1761.556163] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1761.556775] ? lock_release+0x680/0x680 [ 1761.557237] idr_alloc+0xc2/0x130 [ 1761.557628] ? idr_alloc_u32+0x2d0/0x2d0 [ 1761.558090] ? rwlock_bug.part.0+0x90/0x90 [ 1761.558580] p9_client_prepare_req.part.0+0x612/0xac0 [ 1761.559177] p9_client_rpc+0x220/0x1370 [ 1761.559619] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1761.560215] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1761.560826] ? pipe_poll+0x21b/0x7f0 [ 1761.561248] ? p9_fd_close+0x4a0/0x4a0 [ 1761.561686] ? anon_pipe_buf_release+0x280/0x280 [ 1761.562231] ? p9_fd_poll+0x1e0/0x2c0 [ 1761.562671] ? p9_fd_create+0x357/0x4a0 [ 1761.563130] ? p9_conn_create+0x510/0x510 [ 1761.563599] ? p9_client_create+0x798/0x1230 [ 1761.564098] ? kfree+0xd7/0x340 [ 1761.564483] ? do_raw_spin_unlock+0x4f/0x220 [ 1761.564994] p9_client_create+0xa76/0x1230 [ 1761.565471] ? p9_client_flush+0x430/0x430 [ 1761.565967] ? trace_hardirqs_on+0x5b/0x180 [ 1761.566454] ? lockdep_init_map_type+0x2c7/0x780 [ 1761.567003] ? __raw_spin_lock_init+0x36/0x110 [ 1761.567521] v9fs_session_init+0x1dd/0x1680 [ 1761.568008] ? lock_release+0x680/0x680 [ 1761.568456] ? kmem_cache_alloc_trace+0x151/0x320 [ 1761.569002] ? v9fs_show_options+0x690/0x690 [ 1761.569503] ? trace_hardirqs_on+0x5b/0x180 [ 1761.569995] ? kasan_unpoison_shadow+0x33/0x50 [ 1761.570508] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1761.571091] v9fs_mount+0x79/0x8f0 [ 1761.571496] ? v9fs_write_inode+0x60/0x60 [ 1761.571969] legacy_get_tree+0x105/0x220 [ 1761.572424] vfs_get_tree+0x8e/0x300 [ 1761.572844] path_mount+0x1429/0x2120 [ 1761.573278] ? strncpy_from_user+0x9e/0x470 [ 1761.573766] ? finish_automount+0xa90/0xa90 [ 1761.574261] ? getname_flags.part.0+0x1dd/0x4f0 [ 1761.574792] ? _copy_from_user+0xfb/0x1b0 [ 1761.575266] __x64_sys_mount+0x282/0x300 [ 1761.575724] ? copy_mnt_ns+0xa00/0xa00 [ 1761.576167] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1761.576758] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1761.577339] do_syscall_64+0x33/0x40 [ 1761.577767] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1761.578346] RIP: 0033:0x7fb9df3c2b19 [ 1761.578766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1761.580838] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1761.581697] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1761.582501] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1761.583331] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1761.584137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1761.584945] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:35:44 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:44 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:44 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x84, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:44 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x74, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1761.664099] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:44 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, 0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:35:44 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1761.719056] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1761.724486] isofs_fill_super: get root inode failed [ 1761.785127] isofs_fill_super: get root inode failed 14:35:59 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:59 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:35:59 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 43) 14:35:59 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:35:59 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7a, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:59 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x88, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:59 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:59 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1776.553284] FAULT_INJECTION: forcing a failure. [ 1776.553284] name failslab, interval 1, probability 0, space 0, times 0 [ 1776.554930] CPU: 0 PID: 10370 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1776.555940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1776.557149] Call Trace: [ 1776.557543] dump_stack+0x107/0x167 [ 1776.558084] should_fail.cold+0x5/0xa [ 1776.558657] ? create_object.isra.0+0x3a/0xa20 [ 1776.559344] should_failslab+0x5/0x20 [ 1776.559905] kmem_cache_alloc+0x5b/0x310 [ 1776.560507] create_object.isra.0+0x3a/0xa20 [ 1776.561150] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1776.561902] kmem_cache_alloc+0x159/0x310 [ 1776.562516] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1776.563341] idr_get_free+0x4b5/0x8f0 [ 1776.563909] idr_alloc_u32+0x170/0x2d0 [ 1776.564481] ? __fprop_inc_percpu_max+0x130/0x130 [ 1776.565195] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1776.565982] ? lock_release+0x680/0x680 [ 1776.566566] idr_alloc+0xc2/0x130 [ 1776.567075] ? idr_alloc_u32+0x2d0/0x2d0 [ 1776.567678] ? rwlock_bug.part.0+0x90/0x90 [ 1776.568311] p9_client_prepare_req.part.0+0x612/0xac0 [ 1776.569073] p9_client_rpc+0x220/0x1370 [ 1776.569652] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1776.570424] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1776.571206] ? pipe_poll+0x21b/0x7f0 [ 1776.571761] ? p9_fd_close+0x4a0/0x4a0 [ 1776.572331] ? anon_pipe_buf_release+0x280/0x280 [ 1776.573032] ? p9_fd_poll+0x1e0/0x2c0 [ 1776.573601] ? p9_fd_create+0x357/0x4a0 [ 1776.574181] ? p9_conn_create+0x510/0x510 [ 1776.574792] ? p9_client_create+0x798/0x1230 [ 1776.575448] ? kfree+0xd7/0x340 [ 1776.575929] ? do_raw_spin_unlock+0x4f/0x220 [ 1776.576579] p9_client_create+0xa76/0x1230 [ 1776.577208] ? p9_client_flush+0x430/0x430 [ 1776.577828] ? trace_hardirqs_on+0x5b/0x180 [ 1776.578458] ? lockdep_init_map_type+0x2c7/0x780 [ 1776.579145] ? __raw_spin_lock_init+0x36/0x110 [ 1776.579819] v9fs_session_init+0x1dd/0x1680 [ 1776.580446] ? lock_release+0x680/0x680 [ 1776.581029] ? kmem_cache_alloc_trace+0x151/0x320 [ 1776.581732] ? v9fs_show_options+0x690/0x690 [ 1776.582384] ? trace_hardirqs_on+0x5b/0x180 [ 1776.583008] ? kasan_unpoison_shadow+0x33/0x50 [ 1776.583685] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1776.584433] v9fs_mount+0x79/0x8f0 [ 1776.584950] ? v9fs_write_inode+0x60/0x60 [ 1776.585553] legacy_get_tree+0x105/0x220 [ 1776.586140] vfs_get_tree+0x8e/0x300 [ 1776.586680] path_mount+0x1429/0x2120 [ 1776.587254] ? strncpy_from_user+0x9e/0x470 [ 1776.587889] ? finish_automount+0xa90/0xa90 [ 1776.588520] ? getname_flags.part.0+0x1dd/0x4f0 [ 1776.589199] ? _copy_from_user+0xfb/0x1b0 [ 1776.589806] __x64_sys_mount+0x282/0x300 [ 1776.590396] ? copy_mnt_ns+0xa00/0xa00 [ 1776.590972] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1776.591747] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1776.592507] do_syscall_64+0x33/0x40 [ 1776.593048] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1776.593791] RIP: 0033:0x7fb9df3c2b19 [ 1776.594333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1776.597018] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1776.598121] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1776.599154] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1776.600220] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1776.601253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1776.602288] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1776.606690] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:59 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1776.651656] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1776.652942] isofs_fill_super: get root inode failed [ 1776.698707] isofs_fill_super: get root inode failed 14:35:59 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1776.732166] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:59 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1776.756016] isofs_fill_super: root inode is not a directory. Corrupted media? 14:35:59 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:59 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:59 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:35:59 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:35:59 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 44) [ 1776.912985] isofs_fill_super: get root inode failed 14:35:59 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1776.942066] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1776.942382] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1776.972176] isofs_fill_super: get root inode failed [ 1776.989076] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1776.991996] FAULT_INJECTION: forcing a failure. [ 1776.991996] name failslab, interval 1, probability 0, space 0, times 0 [ 1776.993350] CPU: 0 PID: 10419 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1776.994244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1776.995234] Call Trace: [ 1776.995565] dump_stack+0x107/0x167 [ 1776.996003] should_fail.cold+0x5/0xa [ 1776.996465] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1776.997159] should_failslab+0x5/0x20 [ 1776.997621] kmem_cache_alloc+0x5b/0x310 [ 1776.998116] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1776.998793] idr_get_free+0x4b5/0x8f0 [ 1776.999260] idr_alloc_u32+0x170/0x2d0 [ 1776.999734] ? __fprop_inc_percpu_max+0x130/0x130 [ 1777.000313] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1777.000951] ? lock_release+0x680/0x680 [ 1777.001435] idr_alloc+0xc2/0x130 [ 1777.001850] ? idr_alloc_u32+0x2d0/0x2d0 [ 1777.002333] ? rwlock_bug.part.0+0x90/0x90 [ 1777.002847] p9_client_prepare_req.part.0+0x612/0xac0 [ 1777.003480] p9_client_rpc+0x220/0x1370 [ 1777.003956] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1777.004599] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1777.005242] ? pipe_poll+0x21b/0x7f0 [ 1777.005687] ? p9_fd_close+0x4a0/0x4a0 [ 1777.006153] ? anon_pipe_buf_release+0x280/0x280 [ 1777.006723] ? p9_fd_poll+0x1e0/0x2c0 [ 1777.007190] ? p9_fd_create+0x357/0x4a0 [ 1777.007676] ? p9_conn_create+0x510/0x510 [ 1777.008172] ? p9_client_create+0x798/0x1230 [ 1777.008700] ? kfree+0xd7/0x340 [ 1777.009098] ? do_raw_spin_unlock+0x4f/0x220 [ 1777.009631] p9_client_create+0xa76/0x1230 [ 1777.010147] ? p9_client_flush+0x430/0x430 [ 1777.010655] ? trace_hardirqs_on+0x5b/0x180 [ 1777.011172] ? lockdep_init_map_type+0x2c7/0x780 [ 1777.011747] ? __raw_spin_lock_init+0x36/0x110 [ 1777.012299] v9fs_session_init+0x1dd/0x1680 [ 1777.012812] ? lock_release+0x680/0x680 [ 1777.013289] ? kmem_cache_alloc_trace+0x151/0x320 [ 1777.013862] ? v9fs_show_options+0x690/0x690 [ 1777.014391] ? trace_hardirqs_on+0x5b/0x180 [ 1777.014902] ? kasan_unpoison_shadow+0x33/0x50 [ 1777.015455] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1777.016061] v9fs_mount+0x79/0x8f0 [ 1777.016484] ? v9fs_write_inode+0x60/0x60 [ 1777.016981] legacy_get_tree+0x105/0x220 [ 1777.017473] vfs_get_tree+0x8e/0x300 [ 1777.017917] path_mount+0x1429/0x2120 [ 1777.018376] ? strncpy_from_user+0x9e/0x470 [ 1777.018891] ? finish_automount+0xa90/0xa90 [ 1777.019418] ? getname_flags.part.0+0x1dd/0x4f0 [ 1777.019972] ? _copy_from_user+0xfb/0x1b0 [ 1777.020468] __x64_sys_mount+0x282/0x300 [ 1777.020947] ? copy_mnt_ns+0xa00/0xa00 [ 1777.021412] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1777.022037] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1777.022654] do_syscall_64+0x33/0x40 [ 1777.023097] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1777.023718] RIP: 0033:0x7fb9df3c2b19 [ 1777.024161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1777.026350] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1777.027253] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1777.028107] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1777.028955] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1777.029804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1777.030657] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1777.049006] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:36:13 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:36:13 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:13 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:13 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xe00100, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:13 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:13 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:36:13 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 45) [ 1790.970599] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1790.984513] FAULT_INJECTION: forcing a failure. [ 1790.984513] name failslab, interval 1, probability 0, space 0, times 0 [ 1790.986566] CPU: 0 PID: 10450 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1790.987852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1790.989399] Call Trace: [ 1790.989891] dump_stack+0x107/0x167 [ 1790.990566] should_fail.cold+0x5/0xa [ 1790.991268] ? ___slab_alloc+0x155/0x700 [ 1790.992026] ? create_object.isra.0+0x3a/0xa20 [ 1790.992878] should_failslab+0x5/0x20 [ 1790.993582] kmem_cache_alloc+0x5b/0x310 [ 1790.994338] create_object.isra.0+0x3a/0xa20 [ 1790.995154] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1790.996345] kmem_cache_alloc+0x159/0x310 [ 1790.997130] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1790.998177] idr_get_free+0x4b5/0x8f0 [ 1790.998900] idr_alloc_u32+0x170/0x2d0 [ 1790.999626] ? __fprop_inc_percpu_max+0x130/0x130 [ 1791.000530] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1791.001518] ? lock_release+0x680/0x680 [ 1791.002247] idr_alloc+0xc2/0x130 [ 1791.002884] ? idr_alloc_u32+0x2d0/0x2d0 [ 1791.003622] ? rwlock_bug.part.0+0x90/0x90 [ 1791.004418] p9_client_prepare_req.part.0+0x612/0xac0 [ 1791.005368] p9_client_rpc+0x220/0x1370 [ 1791.006100] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1791.007077] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1791.008071] ? pipe_poll+0x21b/0x7f0 [ 1791.008753] ? p9_fd_close+0x4a0/0x4a0 [ 1791.009461] ? anon_pipe_buf_release+0x280/0x280 [ 1791.010330] ? p9_fd_poll+0x1e0/0x2c0 [ 1791.011040] ? p9_fd_create+0x357/0x4a0 [ 1791.011771] ? p9_conn_create+0x510/0x510 [ 1791.012539] ? p9_client_create+0x798/0x1230 [ 1791.013343] ? kfree+0xd7/0x340 [ 1791.013940] ? do_raw_spin_unlock+0x4f/0x220 [ 1791.014738] p9_client_create+0xa76/0x1230 [ 1791.015520] ? p9_client_flush+0x430/0x430 [ 1791.016299] ? trace_hardirqs_on+0x5b/0x180 [ 1791.017087] ? lockdep_init_map_type+0x2c7/0x780 [ 1791.017956] ? __raw_spin_lock_init+0x36/0x110 [ 1791.018794] v9fs_session_init+0x1dd/0x1680 [ 1791.019588] ? lock_release+0x680/0x680 [ 1791.020330] ? kmem_cache_alloc_trace+0x151/0x320 [ 1791.021208] ? v9fs_show_options+0x690/0x690 [ 1791.022022] ? trace_hardirqs_on+0x5b/0x180 [ 1791.022802] ? kasan_unpoison_shadow+0x33/0x50 [ 1791.023627] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1791.024561] v9fs_mount+0x79/0x8f0 [ 1791.025210] ? v9fs_write_inode+0x60/0x60 [ 1791.025964] legacy_get_tree+0x105/0x220 [ 1791.026701] vfs_get_tree+0x8e/0x300 [ 1791.027372] path_mount+0x1429/0x2120 [ 1791.028078] ? strncpy_from_user+0x9e/0x470 [ 1791.028858] ? finish_automount+0xa90/0xa90 [ 1791.029642] ? getname_flags.part.0+0x1dd/0x4f0 [ 1791.030487] ? _copy_from_user+0xfb/0x1b0 [ 1791.031241] __x64_sys_mount+0x282/0x300 [ 1791.031985] ? copy_mnt_ns+0xa00/0xa00 [ 1791.032694] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1791.033654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1791.034590] do_syscall_64+0x33/0x40 [ 1791.035262] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1791.036196] RIP: 0033:0x7fb9df3c2b19 [ 1791.036871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1791.040220] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1791.041583] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1791.042864] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1791.044147] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1791.045428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1791.046714] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1791.048571] isofs_fill_super: get root inode failed [ 1791.054338] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 1791.106324] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:13 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1791.113861] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:13 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1791.172073] isofs_fill_super: get root inode failed 14:36:13 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:14 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:14 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:14 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000400)={{}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1791.240647] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1791.283028] isofs_fill_super: get root inode failed [ 1791.293980] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1791.312863] isofs_fill_super: get root inode failed [ 1791.348485] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x18, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:27 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000400)={{}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:36:27 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 46) 14:36:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:27 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:36:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 1804.948839] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1804.956232] isofs_fill_super: get root inode failed [ 1804.960602] FAULT_INJECTION: forcing a failure. [ 1804.960602] name failslab, interval 1, probability 0, space 0, times 0 [ 1804.963175] CPU: 0 PID: 10502 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1804.964657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1804.966409] Call Trace: [ 1804.966982] dump_stack+0x107/0x167 [ 1804.967746] should_fail.cold+0x5/0xa [ 1804.968551] ? p9pdu_readf+0xadb/0x1d40 [ 1804.969390] should_failslab+0x5/0x20 [ 1804.970185] __kmalloc+0x72/0x390 [ 1804.970921] p9pdu_readf+0xadb/0x1d40 [ 1804.971722] ? pipe_poll+0x21b/0x7f0 [ 1804.972516] ? p9pdu_writef+0x100/0x100 [ 1804.973344] ? p9_fd_poll+0x1e0/0x2c0 [ 1804.974147] ? p9_fd_create+0x357/0x4a0 [ 1804.974975] ? p9_conn_create+0x510/0x510 [ 1804.975847] ? p9_client_create+0x798/0x1230 [ 1804.976779] ? kfree+0xd7/0x340 [ 1804.977471] ? do_raw_spin_unlock+0x4f/0x220 [ 1804.978404] p9_client_create+0xaee/0x1230 [ 1804.979299] ? p9_client_flush+0x430/0x430 [ 1804.980181] ? trace_hardirqs_on+0x5b/0x180 [ 1804.981093] ? lockdep_init_map_type+0x2c7/0x780 [ 1804.982081] ? __raw_spin_lock_init+0x36/0x110 [ 1804.983047] v9fs_session_init+0x1dd/0x1680 [ 1804.983947] ? lock_release+0x680/0x680 [ 1804.984805] ? kmem_cache_alloc_trace+0x151/0x320 [ 1804.985811] ? v9fs_show_options+0x690/0x690 [ 1804.986738] ? trace_hardirqs_on+0x5b/0x180 14:36:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1804.987637] ? kasan_unpoison_shadow+0x33/0x50 [ 1804.988732] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1804.989797] v9fs_mount+0x79/0x8f0 [ 1804.990543] ? v9fs_write_inode+0x60/0x60 [ 1804.991412] legacy_get_tree+0x105/0x220 [ 1804.992277] vfs_get_tree+0x8e/0x300 [ 1804.993059] path_mount+0x1429/0x2120 [ 1804.993859] ? strncpy_from_user+0x9e/0x470 [ 1804.994758] ? finish_automount+0xa90/0xa90 [ 1804.995656] ? getname_flags.part.0+0x1dd/0x4f0 [ 1804.996631] ? _copy_from_user+0xfb/0x1b0 [ 1804.997505] __x64_sys_mount+0x282/0x300 [ 1804.998356] ? copy_mnt_ns+0xa00/0xa00 [ 1804.999174] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1805.000281] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1805.001365] do_syscall_64+0x33/0x40 [ 1805.002142] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1805.003212] RIP: 0033:0x7fb9df3c2b19 [ 1805.004000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1805.007852] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1805.009448] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1805.010944] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1805.012444] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1805.013933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1805.015420] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1805.055725] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xc000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1805.087478] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:27 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000400)={{}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:36:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(0x0, 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:36:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1c, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1805.138347] isofs_fill_super: get root inode failed 14:36:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1805.156773] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:27 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 47) [ 1805.201803] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1805.239247] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1805.264877] FAULT_INJECTION: forcing a failure. [ 1805.264877] name failslab, interval 1, probability 0, space 0, times 0 [ 1805.265454] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1805.267448] CPU: 0 PID: 10539 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1805.269613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1805.271368] Call Trace: [ 1805.271933] dump_stack+0x107/0x167 [ 1805.272714] should_fail.cold+0x5/0xa [ 1805.273512] ? p9pdu_readf+0xadb/0x1d40 [ 1805.274354] should_failslab+0x5/0x20 [ 1805.275155] __kmalloc+0x72/0x390 [ 1805.275886] p9pdu_readf+0xadb/0x1d40 [ 1805.276697] ? pipe_poll+0x21b/0x7f0 [ 1805.277480] ? p9pdu_writef+0x100/0x100 [ 1805.278329] ? p9_fd_poll+0x1e0/0x2c0 [ 1805.279133] ? p9_fd_create+0x357/0x4a0 [ 1805.279969] ? p9_conn_create+0x510/0x510 [ 1805.280848] ? p9_client_create+0x798/0x1230 [ 1805.281768] ? kfree+0xd7/0x340 [ 1805.282463] ? do_raw_spin_unlock+0x4f/0x220 [ 1805.283395] p9_client_create+0xaee/0x1230 [ 1805.284299] ? p9_client_flush+0x430/0x430 [ 1805.285201] ? trace_hardirqs_on+0x5b/0x180 [ 1805.286113] ? lockdep_init_map_type+0x2c7/0x780 [ 1805.287111] ? __raw_spin_lock_init+0x36/0x110 [ 1805.288073] v9fs_session_init+0x1dd/0x1680 [ 1805.288997] ? lock_release+0x680/0x680 [ 1805.289837] ? kmem_cache_alloc_trace+0x151/0x320 [ 1805.290837] ? v9fs_show_options+0x690/0x690 [ 1805.291763] ? trace_hardirqs_on+0x5b/0x180 [ 1805.292668] ? kasan_unpoison_shadow+0x33/0x50 [ 1805.293626] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1805.294689] v9fs_mount+0x79/0x8f0 [ 1805.295435] ? v9fs_write_inode+0x60/0x60 [ 1805.296316] legacy_get_tree+0x105/0x220 [ 1805.297167] vfs_get_tree+0x8e/0x300 [ 1805.297943] path_mount+0x1429/0x2120 [ 1805.298743] ? strncpy_from_user+0x9e/0x470 [ 1805.299642] ? finish_automount+0xa90/0xa90 [ 1805.300552] ? getname_flags.part.0+0x1dd/0x4f0 [ 1805.301526] ? _copy_from_user+0xfb/0x1b0 [ 1805.302402] __x64_sys_mount+0x282/0x300 [ 1805.303254] ? copy_mnt_ns+0xa00/0xa00 [ 1805.304074] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1805.305185] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1805.306277] do_syscall_64+0x33/0x40 [ 1805.307064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1805.308144] RIP: 0033:0x7fb9df3c2b19 [ 1805.308955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1805.312830] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1805.314423] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1805.315928] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1805.317447] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1805.318953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1805.320470] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1820.813827] isofs_fill_super: get root inode failed 14:36:43 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(0x0, 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:36:43 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:36:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 48) 14:36:43 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x65, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:43 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:43 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7fc, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:43 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:43 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1820.833692] FAULT_INJECTION: forcing a failure. [ 1820.833692] name failslab, interval 1, probability 0, space 0, times 0 [ 1820.836178] CPU: 1 PID: 10564 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1820.837654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1820.837661] Call Trace: [ 1820.837684] dump_stack+0x107/0x167 [ 1820.837703] should_fail.cold+0x5/0xa [ 1820.837728] should_failslab+0x5/0x20 [ 1820.837747] __kmalloc_track_caller+0x79/0x370 [ 1820.837765] ? kasprintf+0xbb/0xf0 [ 1820.837782] ? __delete_object+0xb3/0x100 14:36:43 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1820.837804] kvasprintf+0xb5/0x150 [ 1820.837828] ? bust_spinlocks+0xe0/0xe0 [ 1820.837847] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1820.837879] kasprintf+0xbb/0xf0 [ 1820.837899] ? kvasprintf_const+0x1a0/0x1a0 [ 1820.837920] ? kmem_cache_free+0x249/0x2d0 [ 1820.837946] ? p9_client_create+0xbfa/0x1230 [ 1820.837967] p9_client_create+0xc1b/0x1230 14:36:43 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1820.837994] ? p9_client_flush+0x430/0x430 [ 1820.838013] ? trace_hardirqs_on+0x5b/0x180 [ 1820.838033] ? lockdep_init_map_type+0x2c7/0x780 14:36:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 49) [ 1820.838054] ? __raw_spin_lock_init+0x36/0x110 [ 1820.838077] v9fs_session_init+0x1dd/0x1680 [ 1820.838095] ? lock_release+0x680/0x680 14:36:43 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1820.838121] ? kmem_cache_alloc_trace+0x151/0x320 [ 1820.838139] ? v9fs_show_options+0x690/0x690 [ 1820.838165] ? trace_hardirqs_on+0x5b/0x180 14:36:43 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1820.838183] ? kasan_unpoison_shadow+0x33/0x50 [ 1820.838199] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 14:36:43 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1820.838223] v9fs_mount+0x79/0x8f0 14:36:43 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xffff8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1820.838245] ? v9fs_write_inode+0x60/0x60 [ 1820.838264] legacy_get_tree+0x105/0x220 [ 1820.838283] vfs_get_tree+0x8e/0x300 [ 1820.838300] path_mount+0x1429/0x2120 [ 1820.838323] ? strncpy_from_user+0x9e/0x470 [ 1820.838340] ? finish_automount+0xa90/0xa90 14:36:43 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1820.838358] ? getname_flags.part.0+0x1dd/0x4f0 [ 1820.838375] ? _copy_from_user+0xfb/0x1b0 [ 1820.838400] __x64_sys_mount+0x282/0x300 [ 1820.838416] ? copy_mnt_ns+0xa00/0xa00 [ 1820.838438] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1820.838458] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1820.838478] do_syscall_64+0x33/0x40 [ 1820.838495] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1820.838508] RIP: 0033:0x7fb9df3c2b19 [ 1820.838526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1820.838536] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1820.838556] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1820.838567] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1820.838578] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1820.838588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1820.838599] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1820.868513] isofs_fill_super: get root inode failed [ 1820.871342] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1820.871794] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1820.928533] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1820.932025] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1820.946591] FAULT_INJECTION: forcing a failure. [ 1820.946591] name failslab, interval 1, probability 0, space 0, times 0 [ 1820.946604] CPU: 0 PID: 10580 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1820.946611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1820.946615] Call Trace: [ 1820.946631] dump_stack+0x107/0x167 [ 1820.946643] should_fail.cold+0x5/0xa [ 1820.946657] ? create_object.isra.0+0x3a/0xa20 [ 1820.946670] should_failslab+0x5/0x20 [ 1820.946682] kmem_cache_alloc+0x5b/0x310 [ 1820.946693] ? vsnprintf+0x4ba/0x1600 [ 1820.946705] create_object.isra.0+0x3a/0xa20 [ 1820.946719] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1820.946735] __kmalloc_track_caller+0x177/0x370 [ 1820.946747] ? kasprintf+0xbb/0xf0 [ 1820.946761] kvasprintf+0xb5/0x150 [ 1820.946773] ? bust_spinlocks+0xe0/0xe0 [ 1820.946787] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1820.946806] kasprintf+0xbb/0xf0 [ 1820.946820] ? kvasprintf_const+0x1a0/0x1a0 [ 1820.946833] ? kmem_cache_free+0x249/0x2d0 [ 1820.946855] ? p9_client_create+0xbfa/0x1230 [ 1820.946868] p9_client_create+0xc1b/0x1230 [ 1820.946886] ? p9_client_flush+0x430/0x430 [ 1820.946901] ? trace_hardirqs_on+0x5b/0x180 [ 1820.946914] ? lockdep_init_map_type+0x2c7/0x780 [ 1820.946927] ? __raw_spin_lock_init+0x36/0x110 [ 1820.946942] v9fs_session_init+0x1dd/0x1680 [ 1820.946954] ? lock_release+0x680/0x680 [ 1820.946970] ? kmem_cache_alloc_trace+0x151/0x320 [ 1820.946981] ? v9fs_show_options+0x690/0x690 [ 1820.946997] ? trace_hardirqs_on+0x5b/0x180 [ 1820.947008] ? kasan_unpoison_shadow+0x33/0x50 [ 1820.947018] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1820.947035] v9fs_mount+0x79/0x8f0 [ 1820.947051] ? v9fs_write_inode+0x60/0x60 [ 1820.947064] legacy_get_tree+0x105/0x220 [ 1820.947076] vfs_get_tree+0x8e/0x300 [ 1820.947088] path_mount+0x1429/0x2120 [ 1820.947104] ? strncpy_from_user+0x9e/0x470 [ 1820.947116] ? finish_automount+0xa90/0xa90 [ 1820.947128] ? getname_flags.part.0+0x1dd/0x4f0 [ 1820.947140] ? _copy_from_user+0xfb/0x1b0 [ 1820.947155] __x64_sys_mount+0x282/0x300 [ 1820.947166] ? copy_mnt_ns+0xa00/0xa00 [ 1820.947180] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1820.947195] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1820.947211] do_syscall_64+0x33/0x40 [ 1820.947225] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1820.947234] RIP: 0033:0x7fb9df3c2b19 [ 1820.947247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1820.947255] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1820.947268] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1820.947276] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1820.947284] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1820.947291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1820.947297] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1820.980115] isofs_fill_super: get root inode failed [ 1821.014117] isofs_fill_super: get root inode failed [ 1821.073910] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1821.192398] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1821.199794] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1821.244012] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:57 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 50) 14:36:57 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(0x0, 0x100) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:36:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:36:57 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:57 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:57 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:57 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x480, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:57 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1834.803907] FAULT_INJECTION: forcing a failure. [ 1834.803907] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.806478] CPU: 0 PID: 10624 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1834.806489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1834.806495] Call Trace: [ 1834.806518] dump_stack+0x107/0x167 [ 1834.806537] should_fail.cold+0x5/0xa [ 1834.806558] ? create_object.isra.0+0x3a/0xa20 [ 1834.806578] should_failslab+0x5/0x20 [ 1834.806595] kmem_cache_alloc+0x5b/0x310 [ 1834.806612] ? vsnprintf+0x4ba/0x1600 [ 1834.806633] create_object.isra.0+0x3a/0xa20 [ 1834.806648] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1834.806672] __kmalloc_track_caller+0x177/0x370 [ 1834.806689] ? kasprintf+0xbb/0xf0 [ 1834.806719] kvasprintf+0xb5/0x150 [ 1834.806738] ? bust_spinlocks+0xe0/0xe0 [ 1834.806762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1834.806793] kasprintf+0xbb/0xf0 14:36:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x157be7dd876, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1834.806813] ? kvasprintf_const+0x1a0/0x1a0 [ 1834.806834] ? kmem_cache_free+0x249/0x2d0 [ 1834.806859] ? p9_client_create+0xbfa/0x1230 [ 1834.806881] p9_client_create+0xc1b/0x1230 [ 1834.806907] ? p9_client_flush+0x430/0x430 14:36:57 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1834.806926] ? trace_hardirqs_on+0x5b/0x180 [ 1834.806947] ? lockdep_init_map_type+0x2c7/0x780 14:36:57 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:57 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1834.806966] ? __raw_spin_lock_init+0x36/0x110 [ 1834.806990] v9fs_session_init+0x1dd/0x1680 [ 1834.807009] ? lock_release+0x680/0x680 [ 1834.807035] ? kmem_cache_alloc_trace+0x151/0x320 14:36:57 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1834.807053] ? v9fs_show_options+0x690/0x690 [ 1834.807079] ? trace_hardirqs_on+0x5b/0x180 14:36:57 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 51) [ 1834.807097] ? kasan_unpoison_shadow+0x33/0x50 [ 1834.807114] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1834.807137] v9fs_mount+0x79/0x8f0 [ 1834.807159] ? v9fs_write_inode+0x60/0x60 [ 1834.807179] legacy_get_tree+0x105/0x220 [ 1834.807198] vfs_get_tree+0x8e/0x300 [ 1834.807215] path_mount+0x1429/0x2120 [ 1834.807237] ? strncpy_from_user+0x9e/0x470 [ 1834.807254] ? finish_automount+0xa90/0xa90 [ 1834.807272] ? getname_flags.part.0+0x1dd/0x4f0 [ 1834.807289] ? _copy_from_user+0xfb/0x1b0 [ 1834.807314] __x64_sys_mount+0x282/0x300 [ 1834.807330] ? copy_mnt_ns+0xa00/0xa00 [ 1834.807352] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1834.807370] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.807390] do_syscall_64+0x33/0x40 [ 1834.807408] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1834.807422] RIP: 0033:0x7fb9df3c2b19 [ 1834.807441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.807452] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1834.807471] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1834.807482] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1834.807492] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1834.807503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.807514] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1834.826400] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1834.830544] isofs_fill_super: get root inode failed [ 1834.831426] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1834.869143] isofs_fill_super: get root inode failed [ 1834.890327] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1834.913680] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1835.077315] isofs_fill_super: get root inode failed [ 1835.132385] isofs_fill_super: root inode is not a directory. Corrupted media? 14:36:57 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1835.144879] isofs_fill_super: get root inode failed 14:36:57 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:36:58 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1835.196930] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1835.200300] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1835.205346] FAULT_INJECTION: forcing a failure. [ 1835.205346] name failslab, interval 1, probability 0, space 0, times 0 [ 1835.207823] CPU: 0 PID: 10660 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1835.209318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1835.211121] Call Trace: [ 1835.211698] dump_stack+0x107/0x167 [ 1835.212483] should_fail.cold+0x5/0xa [ 1835.213303] ? create_object.isra.0+0x3a/0xa20 [ 1835.214294] should_failslab+0x5/0x20 [ 1835.215115] kmem_cache_alloc+0x5b/0x310 [ 1835.215987] ? vsnprintf+0x4ba/0x1600 [ 1835.216808] create_object.isra.0+0x3a/0xa20 [ 1835.217754] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1835.218854] __kmalloc_track_caller+0x177/0x370 [ 1835.219857] ? kasprintf+0xbb/0xf0 [ 1835.220627] kvasprintf+0xb5/0x150 [ 1835.221408] ? bust_spinlocks+0xe0/0xe0 [ 1835.222266] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1835.223415] kasprintf+0xbb/0xf0 [ 1835.224147] ? kvasprintf_const+0x1a0/0x1a0 [ 1835.225076] ? kmem_cache_free+0x249/0x2d0 [ 1835.225996] ? p9_client_create+0xbfa/0x1230 [ 1835.226947] p9_client_create+0xc1b/0x1230 [ 1835.227860] ? p9_client_flush+0x430/0x430 [ 1835.228767] ? trace_hardirqs_on+0x5b/0x180 [ 1835.229707] ? lockdep_init_map_type+0x2c7/0x780 [ 1835.230722] ? __raw_spin_lock_init+0x36/0x110 [ 1835.231700] v9fs_session_init+0x1dd/0x1680 [ 1835.232621] ? lock_release+0x680/0x680 [ 1835.233492] ? kmem_cache_alloc_trace+0x151/0x320 [ 1835.234523] ? v9fs_show_options+0x690/0x690 [ 1835.235466] ? trace_hardirqs_on+0x5b/0x180 [ 1835.236393] ? kasan_unpoison_shadow+0x33/0x50 [ 1835.237376] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1835.238466] v9fs_mount+0x79/0x8f0 [ 1835.239231] ? v9fs_write_inode+0x60/0x60 [ 1835.240126] legacy_get_tree+0x105/0x220 [ 1835.240998] vfs_get_tree+0x8e/0x300 [ 1835.241800] path_mount+0x1429/0x2120 [ 1835.242619] ? strncpy_from_user+0x9e/0x470 [ 1835.243541] ? finish_automount+0xa90/0xa90 [ 1835.244463] ? getname_flags.part.0+0x1dd/0x4f0 [ 1835.245468] ? _copy_from_user+0xfb/0x1b0 [ 1835.246362] __x64_sys_mount+0x282/0x300 [ 1835.247230] ? copy_mnt_ns+0xa00/0xa00 [ 1835.248069] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1835.249191] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1835.250305] do_syscall_64+0x33/0x40 [ 1835.251098] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1835.252192] RIP: 0033:0x7fb9df3c2b19 [ 1835.252991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1835.256944] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1835.258580] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1835.260105] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1835.261642] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1835.263167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1835.264695] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1835.356460] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:12 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:12 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:37:12 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)) timer_settime(0x0, 0x1, 0x0, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:37:12 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:12 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:12 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 52) 14:37:12 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1849.801214] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1849.834724] FAULT_INJECTION: forcing a failure. [ 1849.834724] name failslab, interval 1, probability 0, space 0, times 0 [ 1849.837492] CPU: 0 PID: 10696 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1849.838904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1849.840580] Call Trace: [ 1849.841114] dump_stack+0x107/0x167 [ 1849.841857] should_fail.cold+0x5/0xa [ 1849.842637] ? create_object.isra.0+0x3a/0xa20 [ 1849.843565] should_failslab+0x5/0x20 [ 1849.844336] kmem_cache_alloc+0x5b/0x310 [ 1849.845164] create_object.isra.0+0x3a/0xa20 [ 1849.846057] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1849.846115] kmem_cache_alloc+0x159/0x310 [ 1849.848136] kmem_cache_create_usercopy+0x190/0x2f0 [ 1849.849161] p9_client_create+0xc6a/0x1230 [ 1849.850039] ? p9_client_flush+0x430/0x430 [ 1849.850907] ? trace_hardirqs_on+0x5b/0x180 [ 1849.851782] ? lockdep_init_map_type+0x2c7/0x780 [ 1849.852751] ? __raw_spin_lock_init+0x36/0x110 [ 1849.853693] v9fs_session_init+0x1dd/0x1680 [ 1849.854583] ? lock_release+0x680/0x680 [ 1849.855392] ? kmem_cache_alloc_trace+0x151/0x320 [ 1849.856383] ? v9fs_show_options+0x690/0x690 [ 1849.857277] ? trace_hardirqs_on+0x5b/0x180 [ 1849.858166] ? kasan_unpoison_shadow+0x33/0x50 [ 1849.859080] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1849.860107] v9fs_mount+0x79/0x8f0 [ 1849.860841] ? v9fs_write_inode+0x60/0x60 [ 1849.861676] legacy_get_tree+0x105/0x220 [ 1849.862514] vfs_get_tree+0x8e/0x300 [ 1849.863267] path_mount+0x1429/0x2120 [ 1849.864041] ? strncpy_from_user+0x9e/0x470 [ 1849.864910] ? finish_automount+0xa90/0xa90 [ 1849.865786] ? getname_flags.part.0+0x1dd/0x4f0 [ 1849.866730] ? _copy_from_user+0xfb/0x1b0 [ 1849.867574] __x64_sys_mount+0x282/0x300 [ 1849.868392] ? copy_mnt_ns+0xa00/0xa00 [ 1849.869180] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1849.870252] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1849.871298] do_syscall_64+0x33/0x40 [ 1849.872050] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1849.873093] RIP: 0033:0x7fb9df3c2b19 [ 1849.873852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1849.877566] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1849.879107] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1849.880543] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1849.882001] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1849.883455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1849.884910] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1849.896611] isofs_fill_super: get root inode failed [ 1849.909137] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1849.921863] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1849.946538] isofs_fill_super: get root inode failed 14:37:12 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:12 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1849.977198] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:12 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1850.083207] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:12 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:12 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80ffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:12 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:12 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)) timer_settime(0x0, 0x1, 0x0, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1850.210484] isofs_fill_super: get root inode failed [ 1850.270495] isofs_fill_super: get root inode failed [ 1850.276811] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1850.355834] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:27 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 53) 14:37:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:37:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x18000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:27 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1020, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:27 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)) timer_settime(0x0, 0x1, 0x0, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:37:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1800, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1864.477267] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1864.513340] FAULT_INJECTION: forcing a failure. [ 1864.513340] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.517065] CPU: 1 PID: 10750 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1864.518644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1864.520516] Call Trace: [ 1864.521128] dump_stack+0x107/0x167 [ 1864.521959] should_fail.cold+0x5/0xa [ 1864.522826] ? __kmem_cache_create+0x10e/0x520 [ 1864.523852] should_failslab+0x5/0x20 [ 1864.524704] kmem_cache_alloc_node+0x55/0x330 [ 1864.525718] __kmem_cache_create+0x10e/0x520 [ 1864.526720] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1864.527854] p9_client_create+0xc6a/0x1230 [ 1864.528816] ? p9_client_flush+0x430/0x430 [ 1864.529772] ? trace_hardirqs_on+0x5b/0x180 [ 1864.530751] ? lockdep_init_map_type+0x2c7/0x780 [ 1864.531816] ? __raw_spin_lock_init+0x36/0x110 [ 1864.532845] v9fs_session_init+0x1dd/0x1680 [ 1864.533812] ? lock_release+0x680/0x680 [ 1864.534725] ? kmem_cache_alloc_trace+0x151/0x320 [ 1864.535810] ? v9fs_show_options+0x690/0x690 [ 1864.536811] ? trace_hardirqs_on+0x5b/0x180 [ 1864.537779] ? kasan_unpoison_shadow+0x33/0x50 [ 1864.538808] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1864.539962] v9fs_mount+0x79/0x8f0 [ 1864.540760] ? v9fs_write_inode+0x60/0x60 [ 1864.541680] legacy_get_tree+0x105/0x220 [ 1864.542604] vfs_get_tree+0x8e/0x300 [ 1864.543442] path_mount+0x1429/0x2120 [ 1864.544302] ? strncpy_from_user+0x9e/0x470 [ 1864.545276] ? finish_automount+0xa90/0xa90 [ 1864.546253] ? getname_flags.part.0+0x1dd/0x4f0 [ 1864.547303] ? _copy_from_user+0xfb/0x1b0 [ 1864.548245] __x64_sys_mount+0x282/0x300 [ 1864.549154] ? copy_mnt_ns+0xa00/0xa00 [ 1864.550034] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1864.551222] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1864.552379] do_syscall_64+0x33/0x40 [ 1864.553214] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1864.554368] RIP: 0033:0x7fb9df3c2b19 [ 1864.555208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.559356] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1864.561078] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1864.562702] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1864.564306] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1864.565925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.567541] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1864.569546] kmem_cache_create(9p-fcall-cache-199) failed with error -22 [ 1864.571091] CPU: 1 PID: 10750 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1864.572629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1864.574507] Call Trace: [ 1864.575099] dump_stack+0x107/0x167 [ 1864.575918] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1864.577094] p9_client_create+0xc6a/0x1230 [ 1864.578052] ? p9_client_flush+0x430/0x430 [ 1864.579002] ? trace_hardirqs_on+0x5b/0x180 [ 1864.579969] ? lockdep_init_map_type+0x2c7/0x780 [ 1864.581041] ? __raw_spin_lock_init+0x36/0x110 [ 1864.582065] v9fs_session_init+0x1dd/0x1680 [ 1864.583039] ? lock_release+0x680/0x680 [ 1864.583938] ? kmem_cache_alloc_trace+0x151/0x320 [ 1864.585016] ? v9fs_show_options+0x690/0x690 [ 1864.586008] ? trace_hardirqs_on+0x5b/0x180 [ 1864.587000] ? kasan_unpoison_shadow+0x33/0x50 [ 1864.588015] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1864.589159] v9fs_mount+0x79/0x8f0 [ 1864.589963] ? v9fs_write_inode+0x60/0x60 [ 1864.590895] legacy_get_tree+0x105/0x220 [ 1864.591805] vfs_get_tree+0x8e/0x300 [ 1864.592645] path_mount+0x1429/0x2120 [ 1864.593511] ? strncpy_from_user+0x9e/0x470 [ 1864.594475] ? finish_automount+0xa90/0xa90 14:37:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1864.595448] ? getname_flags.part.0+0x1dd/0x4f0 [ 1864.596794] ? _copy_from_user+0xfb/0x1b0 [ 1864.597734] __x64_sys_mount+0x282/0x300 [ 1864.598657] ? copy_mnt_ns+0xa00/0xa00 14:37:27 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{0x0, r5+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1864.599540] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1864.600788] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1864.601947] do_syscall_64+0x33/0x40 [ 1864.602955] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1864.604007] RIP: 0033:0x7fb9df3c2b19 [ 1864.604763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.608629] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1864.610212] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1864.611702] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1864.613188] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1864.614674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.616152] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1864.646852] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1864.647823] isofs_fill_super: get root inode failed [ 1864.672092] isofs_fill_super: get root inode failed [ 1864.704207] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:27 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 54) 14:37:27 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1100, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1864.736489] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:27 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1020, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:27 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1c00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:27 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1c000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1864.841143] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1864.857956] FAULT_INJECTION: forcing a failure. [ 1864.857956] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.859210] CPU: 0 PID: 10788 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1864.859954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1864.860851] Call Trace: [ 1864.861144] dump_stack+0x107/0x167 [ 1864.861537] should_fail.cold+0x5/0xa [ 1864.861975] ? create_object.isra.0+0x3a/0xa20 [ 1864.862471] should_failslab+0x5/0x20 [ 1864.862892] kmem_cache_alloc+0x5b/0x310 [ 1864.863331] create_object.isra.0+0x3a/0xa20 [ 1864.863802] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1864.864388] kmem_cache_alloc+0x159/0x310 [ 1864.864841] kmem_cache_create_usercopy+0x190/0x2f0 [ 1864.865418] p9_client_create+0xc6a/0x1230 [ 1864.865879] ? p9_client_flush+0x430/0x430 [ 1864.866368] ? trace_hardirqs_on+0x5b/0x180 [ 1864.866845] ? lockdep_init_map_type+0x2c7/0x780 [ 1864.867392] ? __raw_spin_lock_init+0x36/0x110 [ 1864.867892] v9fs_session_init+0x1dd/0x1680 [ 1864.868384] ? lock_release+0x680/0x680 [ 1864.868817] ? kmem_cache_alloc_trace+0x151/0x320 [ 1864.869331] ? v9fs_show_options+0x690/0x690 [ 1864.869844] ? trace_hardirqs_on+0x5b/0x180 [ 1864.870308] ? kasan_unpoison_shadow+0x33/0x50 [ 1864.870849] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1864.871404] v9fs_mount+0x79/0x8f0 [ 1864.871787] ? v9fs_write_inode+0x60/0x60 [ 1864.872238] legacy_get_tree+0x105/0x220 [ 1864.872675] vfs_get_tree+0x8e/0x300 [ 1864.873105] path_mount+0x1429/0x2120 [ 1864.873524] ? strncpy_from_user+0x9e/0x470 [ 1864.873988] ? finish_automount+0xa90/0xa90 [ 1864.874452] ? getname_flags.part.0+0x1dd/0x4f0 [ 1864.874964] ? _copy_from_user+0xfb/0x1b0 [ 1864.875413] __x64_sys_mount+0x282/0x300 [ 1864.875859] ? copy_mnt_ns+0xa00/0xa00 [ 1864.876307] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1864.876878] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1864.877476] do_syscall_64+0x33/0x40 [ 1864.877890] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1864.878477] RIP: 0033:0x7fb9df3c2b19 [ 1864.878888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.881008] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1864.881828] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1864.882603] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1864.883365] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1864.884132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.884895] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:37:27 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1864.920640] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:27 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x600000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 55) 14:37:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1100, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{0x0, r5+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:37:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xc00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREADLINK(r0, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:37:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2010, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1878.463887] FAULT_INJECTION: forcing a failure. [ 1878.463887] name failslab, interval 1, probability 0, space 0, times 0 [ 1878.465357] CPU: 0 PID: 10809 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1878.466256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1878.467363] Call Trace: [ 1878.467715] dump_stack+0x107/0x167 [ 1878.468193] should_fail.cold+0x5/0xa [ 1878.468694] ? create_object.isra.0+0x3a/0xa20 [ 1878.469292] should_failslab+0x5/0x20 [ 1878.469792] kmem_cache_alloc+0x5b/0x310 [ 1878.470332] create_object.isra.0+0x3a/0xa20 [ 1878.470910] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1878.471593] kmem_cache_alloc+0x159/0x310 [ 1878.472134] kmem_cache_create_usercopy+0x190/0x2f0 [ 1878.472798] p9_client_create+0xc6a/0x1230 [ 1878.473361] ? p9_client_flush+0x430/0x430 [ 1878.473911] ? trace_hardirqs_on+0x5b/0x180 [ 1878.474484] ? lockdep_init_map_type+0x2c7/0x780 [ 1878.475118] ? __raw_spin_lock_init+0x36/0x110 [ 1878.475718] v9fs_session_init+0x1dd/0x1680 [ 1878.476293] ? lock_release+0x680/0x680 [ 1878.476816] ? kmem_cache_alloc_trace+0x151/0x320 [ 1878.477433] ? v9fs_show_options+0x690/0x690 [ 1878.478007] ? trace_hardirqs_on+0x5b/0x180 [ 1878.478556] ? kasan_unpoison_shadow+0x33/0x50 [ 1878.479159] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1878.479810] v9fs_mount+0x79/0x8f0 [ 1878.480271] ? v9fs_write_inode+0x60/0x60 [ 1878.480804] legacy_get_tree+0x105/0x220 [ 1878.481332] vfs_get_tree+0x8e/0x300 [ 1878.481808] path_mount+0x1429/0x2120 [ 1878.482312] ? strncpy_from_user+0x9e/0x470 [ 1878.482862] ? finish_automount+0xa90/0xa90 [ 1878.483437] ? getname_flags.part.0+0x1dd/0x4f0 [ 1878.484032] ? _copy_from_user+0xfb/0x1b0 [ 1878.484588] __x64_sys_mount+0x282/0x300 [ 1878.485105] ? copy_mnt_ns+0xa00/0xa00 [ 1878.485619] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1878.486289] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1878.486967] do_syscall_64+0x33/0x40 [ 1878.487455] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1878.488111] RIP: 0033:0x7fb9df3c2b19 [ 1878.488585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1878.490943] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1878.491936] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1878.492850] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1878.493759] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1878.494710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1878.495662] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1878.542141] isofs_fill_super: get root inode failed [ 1878.547237] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1878.552495] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:41 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{0x0, r5+60000000}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:37:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1878.616969] isofs_fill_super: get root inode failed [ 1878.619938] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x65000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:41 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1878.711783] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:41 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2200, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:41 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:41 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 56) [ 1878.743350] isofs_fill_super: get root inode failed 14:37:41 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x76d87dbe57010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1878.757333] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:41 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80040000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1878.771785] FAULT_INJECTION: forcing a failure. [ 1878.771785] name failslab, interval 1, probability 0, space 0, times 0 [ 1878.774454] CPU: 1 PID: 10852 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1878.776031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1878.777899] Call Trace: [ 1878.778492] dump_stack+0x107/0x167 [ 1878.779317] should_fail.cold+0x5/0xa [ 1878.780180] ? create_object.isra.0+0x3a/0xa20 [ 1878.781211] should_failslab+0x5/0x20 [ 1878.782070] kmem_cache_alloc+0x5b/0x310 [ 1878.782985] create_object.isra.0+0x3a/0xa20 [ 1878.783983] kmemleak_alloc_percpu+0xa0/0x100 [ 1878.784995] pcpu_alloc+0x4e2/0x1240 [ 1878.785848] __kmem_cache_create+0x35a/0x520 [ 1878.786840] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1878.787979] p9_client_create+0xc6a/0x1230 [ 1878.788973] ? p9_client_flush+0x430/0x430 [ 1878.789923] ? trace_hardirqs_on+0x5b/0x180 [ 1878.790894] ? lockdep_init_map_type+0x2c7/0x780 [ 1878.791962] ? __raw_spin_lock_init+0x36/0x110 [ 1878.792992] v9fs_session_init+0x1dd/0x1680 [ 1878.793953] ? lock_release+0x680/0x680 [ 1878.794853] ? kmem_cache_alloc_trace+0x151/0x320 [ 1878.795951] ? v9fs_show_options+0x690/0x690 [ 1878.796939] ? trace_hardirqs_on+0x5b/0x180 [ 1878.797906] ? kasan_unpoison_shadow+0x33/0x50 [ 1878.798918] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1878.800066] v9fs_mount+0x79/0x8f0 [ 1878.800867] ? v9fs_write_inode+0x60/0x60 [ 1878.801800] legacy_get_tree+0x105/0x220 [ 1878.802710] vfs_get_tree+0x8e/0x300 [ 1878.803557] path_mount+0x1429/0x2120 [ 1878.804416] ? strncpy_from_user+0x9e/0x470 [ 1878.805377] ? finish_automount+0xa90/0xa90 [ 1878.806342] ? getname_flags.part.0+0x1dd/0x4f0 [ 1878.807384] ? _copy_from_user+0xfb/0x1b0 [ 1878.808319] __x64_sys_mount+0x282/0x300 [ 1878.809225] ? copy_mnt_ns+0xa00/0xa00 [ 1878.810095] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1878.811275] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1878.812422] do_syscall_64+0x33/0x40 [ 1878.813251] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1878.814396] RIP: 0033:0x7fb9df3c2b19 [ 1878.815240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1878.819366] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1878.821085] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1878.822682] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1878.824285] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1878.825886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1878.827493] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1878.839389] isofs_fill_super: get root inode failed 14:37:56 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, 0x0}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1893.503863] isofs_fill_super: root inode is not a directory. Corrupted media? 14:37:56 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:56 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:37:56 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 57) 14:37:56 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2010, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:56 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2e00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:37:56 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xf5ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:37:56 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1893.526427] FAULT_INJECTION: forcing a failure. [ 1893.526427] name failslab, interval 1, probability 0, space 0, times 0 [ 1893.527750] CPU: 0 PID: 10882 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1893.528550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1893.529487] Call Trace: [ 1893.529797] dump_stack+0x107/0x167 [ 1893.530219] should_fail.cold+0x5/0xa [ 1893.530668] should_failslab+0x5/0x20 [ 1893.531103] __kmalloc_track_caller+0x79/0x370 [ 1893.531630] ? kstrdup_const+0x53/0x80 [ 1893.532075] kstrdup+0x36/0x70 [ 1893.532442] kstrdup_const+0x53/0x80 [ 1893.532866] kvasprintf_const+0x10c/0x1a0 [ 1893.533355] kobject_set_name_vargs+0x56/0x150 [ 1893.533876] kobject_init_and_add+0xc9/0x160 [ 1893.534383] ? kobject_create_and_add+0xb0/0xb0 [ 1893.534924] ? wait_for_completion_io+0x270/0x270 [ 1893.535474] ? kernfs_name_hash+0xe7/0x110 [ 1893.535975] ? kernfs_find_ns+0x256/0x380 [ 1893.536455] sysfs_slab_add+0x172/0x200 [ 1893.536919] __kmem_cache_create+0x3db/0x520 [ 1893.537433] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1893.538021] p9_client_create+0xc6a/0x1230 [ 1893.538510] ? p9_client_flush+0x430/0x430 [ 1893.539000] ? trace_hardirqs_on+0x5b/0x180 [ 1893.539499] ? lockdep_init_map_type+0x2c7/0x780 [ 1893.540060] ? __raw_spin_lock_init+0x36/0x110 [ 1893.540588] v9fs_session_init+0x1dd/0x1680 [ 1893.541085] ? lock_release+0x680/0x680 [ 1893.541548] ? kmem_cache_alloc_trace+0x151/0x320 [ 1893.542101] ? v9fs_show_options+0x690/0x690 [ 1893.542610] ? trace_hardirqs_on+0x5b/0x180 [ 1893.543102] ? kasan_unpoison_shadow+0x33/0x50 [ 1893.543635] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1893.544219] v9fs_mount+0x79/0x8f0 [ 1893.544635] ? v9fs_write_inode+0x60/0x60 [ 1893.545115] legacy_get_tree+0x105/0x220 [ 1893.545584] vfs_get_tree+0x8e/0x300 [ 1893.546000] path_mount+0x1429/0x2120 [ 1893.546431] ? strncpy_from_user+0x9e/0x470 [ 1893.546919] ? finish_automount+0xa90/0xa90 [ 1893.547411] ? getname_flags.part.0+0x1dd/0x4f0 [ 1893.547965] ? _copy_from_user+0xfb/0x1b0 [ 1893.548445] __x64_sys_mount+0x282/0x300 [ 1893.548908] ? copy_mnt_ns+0xa00/0xa00 [ 1893.549355] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1893.549955] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1893.550554] do_syscall_64+0x33/0x40 [ 1893.550992] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1893.551575] RIP: 0033:0x7fb9df3c2b19 [ 1893.552006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1893.554134] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1893.555003] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1893.555829] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1893.556651] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1893.557465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1893.558277] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1893.559203] kobject: can not set name properly! [ 1893.559808] kmem_cache_create(9p-fcall-cache-203) failed with error -12 [ 1893.560593] CPU: 0 PID: 10882 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1893.561364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1893.562292] Call Trace: [ 1893.562592] dump_stack+0x107/0x167 [ 1893.563005] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1893.563595] p9_client_create+0xc6a/0x1230 [ 1893.564082] ? p9_client_flush+0x430/0x430 [ 1893.564554] ? trace_hardirqs_on+0x5b/0x180 [ 1893.565038] ? lockdep_init_map_type+0x2c7/0x780 [ 1893.565576] ? __raw_spin_lock_init+0x36/0x110 [ 1893.566101] v9fs_session_init+0x1dd/0x1680 [ 1893.566585] ? lock_release+0x680/0x680 [ 1893.567041] ? kmem_cache_alloc_trace+0x151/0x320 [ 1893.567580] ? v9fs_show_options+0x690/0x690 [ 1893.568084] ? trace_hardirqs_on+0x5b/0x180 [ 1893.568572] ? kasan_unpoison_shadow+0x33/0x50 [ 1893.569086] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1893.569653] v9fs_mount+0x79/0x8f0 [ 1893.570052] ? v9fs_write_inode+0x60/0x60 [ 1893.570511] legacy_get_tree+0x105/0x220 [ 1893.570976] vfs_get_tree+0x8e/0x300 [ 1893.571391] path_mount+0x1429/0x2120 [ 1893.571823] ? strncpy_from_user+0x9e/0x470 [ 1893.572305] ? finish_automount+0xa90/0xa90 [ 1893.572789] ? getname_flags.part.0+0x1dd/0x4f0 [ 1893.573307] ? _copy_from_user+0xfb/0x1b0 [ 1893.573775] __x64_sys_mount+0x282/0x300 [ 1893.574232] ? copy_mnt_ns+0xa00/0xa00 [ 1893.574674] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1893.575259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1893.575838] do_syscall_64+0x33/0x40 [ 1893.576262] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1893.576855] RIP: 0033:0x7fb9df3c2b19 [ 1893.577268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1893.579406] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1893.580285] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1893.581093] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1893.581908] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1893.582705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1893.583513] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1893.587311] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1893.589139] isofs_fill_super: get root inode failed [ 1893.620649] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1893.642568] isofs_fill_super: get root inode failed [ 1893.655454] isofs_fill_super: root inode is not a directory. Corrupted media? 14:38:10 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 58) 14:38:10 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6500, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:10 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2e00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:10 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:10 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, 0x0}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 14:38:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:38:10 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:10 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) [ 1908.149973] FAULT_INJECTION: forcing a failure. [ 1908.149973] name failslab, interval 1, probability 0, space 0, times 0 [ 1908.152437] CPU: 1 PID: 10910 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1908.153949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1908.155725] Call Trace: [ 1908.156349] dump_stack+0x107/0x167 [ 1908.157137] should_fail.cold+0x5/0xa [ 1908.157976] ? create_object.isra.0+0x3a/0xa20 [ 1908.158977] should_failslab+0x5/0x20 [ 1908.159811] kmem_cache_alloc+0x5b/0x310 [ 1908.160710] ? lock_release+0x680/0x680 [ 1908.161591] create_object.isra.0+0x3a/0xa20 [ 1908.162546] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1908.163661] __kmalloc_track_caller+0x177/0x370 [ 1908.164681] ? kstrdup_const+0x53/0x80 [ 1908.165534] kstrdup+0x36/0x70 [ 1908.166225] kstrdup_const+0x53/0x80 [ 1908.167039] kvasprintf_const+0x10c/0x1a0 [ 1908.167947] kobject_set_name_vargs+0x56/0x150 [ 1908.168953] kobject_init_and_add+0xc9/0x160 [ 1908.169916] ? kobject_create_and_add+0xb0/0xb0 [ 1908.170927] ? wait_for_completion_io+0x270/0x270 [ 1908.171956] ? kernfs_name_hash+0xe7/0x110 [ 1908.172869] ? kernfs_find_ns+0x256/0x380 [ 1908.173757] sysfs_slab_add+0x172/0x200 [ 1908.174606] __kmem_cache_create+0x3db/0x520 [ 1908.175547] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1908.176618] p9_client_create+0xc6a/0x1230 [ 1908.177531] ? p9_client_flush+0x430/0x430 [ 1908.178432] ? trace_hardirqs_on+0x5b/0x180 [ 1908.179349] ? lockdep_init_map_type+0x2c7/0x780 [ 1908.180368] ? __raw_spin_lock_init+0x36/0x110 [ 1908.181343] v9fs_session_init+0x1dd/0x1680 [ 1908.182260] ? lock_release+0x680/0x680 [ 1908.183113] ? kmem_cache_alloc_trace+0x151/0x320 [ 1908.184133] ? v9fs_show_options+0x690/0x690 [ 1908.185085] ? trace_hardirqs_on+0x5b/0x180 [ 1908.186002] ? kasan_unpoison_shadow+0x33/0x50 [ 1908.186970] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1908.188053] v9fs_mount+0x79/0x8f0 [ 1908.188819] ? v9fs_write_inode+0x60/0x60 [ 1908.189701] legacy_get_tree+0x105/0x220 [ 1908.190563] vfs_get_tree+0x8e/0x300 [ 1908.191353] path_mount+0x1429/0x2120 [ 1908.192170] ? strncpy_from_user+0x9e/0x470 [ 1908.193080] ? finish_automount+0xa90/0xa90 [ 1908.193989] ? getname_flags.part.0+0x1dd/0x4f0 [ 1908.194975] ? _copy_from_user+0xfb/0x1b0 [ 1908.195858] __x64_sys_mount+0x282/0x300 [ 1908.196720] ? copy_mnt_ns+0xa00/0xa00 [ 1908.197546] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1908.198654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1908.199743] do_syscall_64+0x33/0x40 [ 1908.200533] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1908.201610] RIP: 0033:0x7fb9df3c2b19 [ 1908.202396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1908.206280] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1908.207885] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1908.209393] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1908.210912] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1908.212439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1908.213940] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 14:38:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:38:11 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, 0x0}, {0x0, 0x989680}}, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1908.242456] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1908.245165] isofs_fill_super: root inode is not a directory. Corrupted media? 14:38:11 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8004, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1908.273112] isofs_fill_super: get root inode failed [ 1908.287879] isofs_fill_super: get root inode failed 14:38:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:38:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000580)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0x10) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 14:38:11 executing program 1: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:11 executing program 6: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfcfdffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:11 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1e000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) 14:38:11 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8c) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x6f3e220144fcf83e, r1, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffbf80000000, 0x0, 0x0, 0x1d, 0xd288ad835bc70cfe}, 0x8000020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x7, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x1}, 0x100) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 59) [ 1908.418846] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1908.488879] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1908.509105] FAULT_INJECTION: forcing a failure. [ 1908.509105] name failslab, interval 1, probability 0, space 0, times 0 [ 1908.511552] CPU: 1 PID: 10954 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1908.513011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1908.514757] Call Trace: [ 1908.515330] dump_stack+0x107/0x167 [ 1908.516102] should_fail.cold+0x5/0xa [ 1908.516924] should_failslab+0x5/0x20 [ 1908.517737] __kmalloc_track_caller+0x79/0x370 [ 1908.518705] ? kstrdup_const+0x53/0x80 [ 1908.519531] kstrdup+0x36/0x70 [ 1908.520227] kstrdup_const+0x53/0x80 [ 1908.521210] __kernfs_new_node+0x9d/0x860 [ 1908.522099] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1908.523355] ? lock_acquire+0x197/0x470 [ 1908.524218] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1908.525606] ? lock_release+0x680/0x680 [ 1908.526453] ? find_held_lock+0x2c/0x110 [ 1908.527530] kernfs_new_node+0x18d/0x250 [ 1908.528426] kernfs_create_dir_ns+0x49/0x160 [ 1908.529362] sysfs_create_dir_ns+0x127/0x290 [ 1908.530295] ? sysfs_create_mount_point+0xb0/0xb0 [ 1908.531317] ? rwlock_bug.part.0+0x90/0x90 [ 1908.532238] ? do_raw_spin_unlock+0x4f/0x220 [ 1908.533181] kobject_add_internal+0x25e/0xa30 [ 1908.534146] kobject_init_and_add+0x101/0x160 [ 1908.535100] ? kobject_create_and_add+0xb0/0xb0 [ 1908.536097] ? wait_for_completion_io+0x270/0x270 [ 1908.537131] ? kernfs_name_hash+0xe7/0x110 [ 1908.538038] ? kernfs_find_ns+0x256/0x380 [ 1908.538930] sysfs_slab_add+0x172/0x200 [ 1908.539982] __kmem_cache_create+0x3db/0x520 [ 1908.540938] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1908.542276] p9_client_create+0xc6a/0x1230 [ 1908.543189] ? p9_client_flush+0x430/0x430 [ 1908.544225] ? trace_hardirqs_on+0x5b/0x180 [ 1908.545162] ? lockdep_init_map_type+0x2c7/0x780 14:38:11 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000400)={{r5, r6+60000000}, {0x0, 0x989680}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000002e2f66696c6530009166263aee5db6a7d892f316fa187be064d038a7cf8c0f42afc1a2b72b9375ae9a226ceee84e99b50c0207e790d7ac91cf295691302015df842abc6b83769f2232d8c9555920115c585b72bed037ee3a46b2b98a7724a1a26a1d68ae58123c81620d5151c0e0e7585d019bec22c720fbe8827bf6df4fed00c53e0d72273726a77b9822f535fba36102d758c031b5e8b8578728d84e08ec4c5a8481a59e78b1ce50c390f80e63413599b8ddf24fbf3bf637750d8f3e71314ef8abb3d21be0468422ec3d93eea347286111b20d5fa60cd855fe8a14edb5a484c887e5dba4b9c63b40c0a1b751d2fde096959ae2141735a93ce935a5ac01b025a59ecc3564d00dbf2b50d729099cd7b40772208abddaa339691e73745272dde1d93b6ec5b791ce97bf440ed49ff4f8714c480a2183ae2bee61ad0f314c89d6729e437ef34ae0f8"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1908.546375] ? __raw_spin_lock_init+0x36/0x110 [ 1908.547600] v9fs_session_init+0x1dd/0x1680 [ 1908.548759] ? lock_release+0x680/0x680 [ 1908.549598] ? kmem_cache_alloc_trace+0x151/0x320 [ 1908.550858] ? v9fs_show_options+0x690/0x690 [ 1908.551783] ? trace_hardirqs_on+0x5b/0x180 [ 1908.552902] ? kasan_unpoison_shadow+0x33/0x50 14:38:11 executing program 0: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) capget(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getown(0xffffffffffffffff, 0x9) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x81, 0x0, 0x5, 0x0, 0x0, 0x3, 0x4, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x4, 0x20, 0x8d, 0x3, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x8) 14:38:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x127) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) chdir(&(0x7f0000000200)='./file1\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x100) write$P9_RREADLINK(r0, 0x0, 0x0) rmdir(&(0x7f0000000380)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 1908.554165] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 14:38:11 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)='\"', 0x1, 0xf000}], 0x0, &(0x7f0000000080)=ANY=[]) [ 1908.555462] v9fs_mount+0x79/0x8f0 [ 1908.556272] ? v9fs_write_inode+0x60/0x60 [ 1908.557345] legacy_get_tree+0x105/0x220 [ 1908.558418] vfs_get_tree+0x8e/0x300 [ 1908.559380] path_mount+0x1429/0x2120 [ 1908.560380] ? strncpy_from_user+0x9e/0x470 [ 1908.561298] ? finish_automount+0xa90/0xa90 [ 1908.562422] ? getname_flags.part.0+0x1dd/0x4f0 [ 1908.563420] ? _copy_from_user+0xfb/0x1b0 [ 1908.564542] __x64_sys_mount+0x282/0x300 [ 1908.565423] ? copy_mnt_ns+0xa00/0xa00 [ 1908.566256] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1908.567365] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1908.568469] do_syscall_64+0x33/0x40 [ 1908.569254] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1908.570336] RIP: 0033:0x7fb9df3c2b19 [ 1908.571120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1908.575035] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1908.576656] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1908.578163] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1908.579672] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1908.581191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1908.582703] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1908.585472] kobject_add_internal failed for 9p-fcall-cache-205 (error: -12 parent: slab) [ 1908.587442] kmem_cache_create(9p-fcall-cache-205) failed with error -12 [ 1908.588918] CPU: 1 PID: 10954 Comm: syz-executor.5 Not tainted 5.10.230 #1 [ 1908.590381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1908.592134] Call Trace: [ 1908.592704] dump_stack+0x107/0x167 [ 1908.593477] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1908.594595] p9_client_create+0xc6a/0x1230 [ 1908.595510] ? p9_client_flush+0x430/0x430 [ 1908.596414] ? trace_hardirqs_on+0x5b/0x180 [ 1908.597329] ? lockdep_init_map_type+0x2c7/0x780 [ 1908.598333] ? __raw_spin_lock_init+0x36/0x110 [ 1908.599272] v9fs_session_init+0x1dd/0x1680 [ 1908.600195] ? lock_release+0x680/0x680 [ 1908.601016] ? kmem_cache_alloc_trace+0x151/0x320 [ 1908.602038] ? v9fs_show_options+0x690/0x690 [ 1908.602939] ? trace_hardirqs_on+0x5b/0x180 [ 1908.603859] ? kasan_unpoison_shadow+0x33/0x50 [ 1908.604842] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1908.605879] v9fs_mount+0x79/0x8f0 [ 1908.606633] ? v9fs_write_inode+0x60/0x60 [ 1908.607479] legacy_get_tree+0x105/0x220 [ 1908.608392] vfs_get_tree+0x8e/0x300 [ 1908.609276] path_mount+0x1429/0x2120 [ 1908.610109] ? strncpy_from_user+0x9e/0x470 [ 1908.611075] ? finish_automount+0xa90/0xa90 [ 1908.612026] ? getname_flags.part.0+0x1dd/0x4f0 [ 1908.613053] ? _copy_from_user+0xfb/0x1b0 [ 1908.613946] __x64_sys_mount+0x282/0x300 [ 1908.614906] ? copy_mnt_ns+0xa00/0xa00 [ 1908.615784] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1908.616939] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1908.618008] do_syscall_64+0x33/0x40 [ 1908.618761] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1908.619813] RIP: 0033:0x7fb9df3c2b19 [ 1908.620576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1908.624340] RSP: 002b:00007fb9dc938188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1908.626107] RAX: ffffffffffffffda RBX: 00007fb9df4d5f60 RCX: 00007fb9df3c2b19 [ 1908.627631] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1908.629156] RBP: 00007fb9dc9381d0 R08: 0000000020000140 R09: 0000000000000000 [ 1908.630644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1908.632154] R13: 00007ffc60b2f33f R14: 00007fb9dc938300 R15: 0000000000022000 [ 1908.648357] isofs_fill_super: get root inode failed [ 1908.693106] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1908.749344] isofs_fill_super: get root inode failed [ 1908.763664] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1908.800819] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1925.197785] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88801cca0840 (size 32): comm "syz-executor.5", pid 10954, jiffies 4296575407 (age 24.525s) hex dump (first 32 bytes): 39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 32 9p-fcall-cache-2 30 35 00 1c 80 88 ff ff 00 00 00 00 00 00 00 00 05.............. backtrace: [<00000000d9a8d396>] kstrdup+0x36/0x70 [<00000000f7fa9b44>] kstrdup_const+0x53/0x80 [<000000008cc73f0f>] kvasprintf_const+0x10c/0x1a0 [<00000000b0d992b0>] kobject_set_name_vargs+0x56/0x150 [<0000000073a799c1>] kobject_init_and_add+0xc9/0x160 [<00000000bf6dcca8>] sysfs_slab_add+0x172/0x200 [<00000000be64a27f>] __kmem_cache_create+0x3db/0x520 [<0000000002671893>] kmem_cache_create_usercopy+0x1db/0x2f0 [<0000000009127ac0>] p9_client_create+0xc6a/0x1230 [<000000003229f525>] v9fs_session_init+0x1dd/0x1680 [<000000008aad00d2>] v9fs_mount+0x79/0x8f0 [<000000000c3fe359>] legacy_get_tree+0x105/0x220 [<00000000bf970633>] vfs_get_tree+0x8e/0x300 [<00000000464792fb>] path_mount+0x1429/0x2120 [<0000000096303f50>] __x64_sys_mount+0x282/0x300 [<000000003dc49b7a>] do_syscall_64+0x33/0x40 BUG: leak checking failed VM DIAGNOSIS: 14:38:36 Registers: info registers vcpu 0 RAX=ffffffff83e7c900 RBX=0000000000000000 RCX=ffffffff83e644dc RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e7cf08 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85677788 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7c90e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f57ff98d568 CR3=0000000008c1a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e XMM02=3a29323320657a697328203034383061 XMM03=303120646970202c22352e726f747563 XMM04=6c6c6163662d70392020323320643220 XMM05=32206336206336203136203336203636 XMM06=73657479622032332074737269662820 XMM07=2e343220656761282037303435373536 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff83e7c900 RBX=0000000000000001 RCX=ffffffff83e644dc RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e7cf08 RBP=ffffed100112f000 RSP=ffff888008987e70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85677788 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7c90e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fffc388e900 CR3=000000000dce0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0a64656c69616620676e696b63656863 XMM02=31636e75662e6e75522e6c697475736f XMM03=00000000000000000000000000000000 XMM04=6b61656c2079726f6d656d203a475542 XMM05=32343178302b746e756f6d5f68746170 XMM06=303c5b202020200a3032313278302f39 XMM07=3e303566333033363930303030303030 XMM08=6e756f6d5f7379735f3436785f5f205d XMM09=20200a30303378302f32383278302b74 XMM10=3463643330303030303030303c5b2020 XMM11=6c61637379735f6f64205d3e61376239 XMM12=0a0a303478302f333378302b34365f6c XMM13=69727420636578650b00657461646964 XMM14=696d696e696d20636578650d00656761 XMM15=00026873616d7320636578650a06657a