1, 'aa\x00'}]}, 0x28}}, 0x0) 23:46:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x1c, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x0) [ 583.586766] 9pnet: Insufficient options for proto=fd 23:46:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, 0x0, 0x0) 23:46:26 executing program 3: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x20005e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x2, 0x0, 0xef}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x39) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x20, 0x4, 0x7f, 0x40, 0x0, 0xfff, 0x4000, 0xc, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, @perf_bp={&(0x7f0000000040)}, 0x440c4, 0xffffffffffffffaa, 0x2040, 0x7, 0x0, 0x8, 0x82d2, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x8, r1, 0xa) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'ipvlan1\x00'}) 23:46:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_L}, {@aname={'aname', 0x3d, '\x00'}}, {@msize={'msize', 0x3d, 0xc24}}, {@nodevmap}], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) 23:46:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:46:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011500)="ed41000000080000d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000280)=ANY=[]) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) openat(r1, &(0x7f0000000280)='./file1\x00', 0x20000, 0x8a) fsmount(r1, 0x1, 0x74) openat(r1, &(0x7f0000000040)='./file0\x00', 0x486001, 0x1) mount(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x912030, 0x0) 23:46:26 executing program 1: syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x19, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3, 0x90, 0x3, [{{0x9, 0x4, 0x0, 0x7f, 0x2, 0x3, 0x1, 0x2, 0x1, {0x9, 0x21, 0x4000, 0x9, 0x1, {0x22, 0xd1a}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x9, 0xfa, 0x2}}}}}]}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x250, 0x7, 0x24, 0x81, 0x20, 0x10}, 0xf9, &(0x7f0000000180)={0x5, 0xf, 0xf9, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x7f, "763095648869cbd2a9d66bf3768f8bf5"}, @generic={0xca, 0x10, 0x0, "1bdb1bd081ff48416b722923e0b98c2e2b92a54ed5450e9108bf21fde6a4a38c2bae9262602a3e0fba8de0918c2d668cf44c14d1dcd733671b6b7174061b2aa8db7c194d6e5fcf97cbfc6845ced9a0f63d90be8c2cd80688e973a88c579e00943c5b61d1ac0daeb9c3a582b97e11322a590e2718efd1e8a7ec5c51d9118b42061df76344449a072bc572608de62ae13d5bb4b2b6f845c72b798036279967aa641147da56233b5e877bba2a7639e882c8f065ffc978a2569e75ad0c951dd01f68d68d206c59a308"}, @wireless={0xb, 0x10, 0x1, 0xc, 0xc8, 0x6, 0x7, 0x2, 0x7}, @wireless={0xb, 0x10, 0x1, 0x8, 0x54, 0x7, 0x80, 0x4, 0x9}]}, 0x4, [{0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x500a}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x140a}}, {0x17, &(0x7f0000000300)=@string={0x17, 0x3, "3d631109b2f0afdf4d1094b6f767a2eb9d9858d69f"}}, {0x1a, &(0x7f0000000340)=@string={0x1a, 0x3, "74b6884c374c6380728d81ac276658d2b68116c5e77dab7c"}}]}) syz_usb_control_io$hid(r1, &(0x7f0000000580)={0x24, &(0x7f0000000400)={0x40, 0x2d, 0xaf, {0xaf, 0x2, "a464edaa150a940de9e04277eb963350e160e9616006130bb3ed73eddfad396fbe209bd3f2ce85e70ddb079840c3f0d147664e8542801780ef6a4f709f271da9df00f0949845ac4e785f63a46bd7fa3fa9d1ba0fb899f5c9bd5a87769d2089bd94431cc32073f2aedaafd340efd166b240490737eb10d88917554ec3d0aad5f445538bb1d21119fa9b3a9e7bfb8413c03910b2bfd9002be6aaf7f51d6eae8fba77345b457cdcd14cc31edc3c03"}}, &(0x7f00000004c0)={0x0, 0x3, 0x15, @string={0x15, 0x3, "cdd8a0df205749f7412aea37bf3b1cff271fd2"}}, &(0x7f0000000500)={0x0, 0x22, 0x1a, {[@main=@item_012={0x1, 0x0, 0xb, "96"}, @local=@item_4={0x3, 0x2, 0x0, "48b7fa11"}, @local=@item_012={0x0, 0x2, 0x2}, @local=@item_012={0x2, 0x2, 0x7, "9ff1"}, @main=@item_4={0x3, 0x0, 0xc, "f078d6b6"}, @main=@item_4={0x3, 0x0, 0xc, "24c521ed"}, @main=@item_4={0x3, 0x0, 0xc, "3dc195c7"}]}}, &(0x7f0000000540)={0x0, 0x21, 0x9, {0x9, 0x21, 0xb19, 0x2, 0x1, {0x22, 0x74d}}}}, &(0x7f00000007c0)={0x2c, &(0x7f00000005c0)={0x20, 0x3, 0x3f, "ca6a8b287cc2ee713463780ab0adfd42520952d032dd74d695310967c2c08cf75f85521b966b13b9a43d8020d887b7cb4b39650e6896fd212c2c1b64f7414c"}, &(0x7f0000000640)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000000680)={0x0, 0x8, 0x1, 0x7f}, &(0x7f00000006c0)={0x20, 0x1, 0xb9, "8dd325117486fdc47478c0038855157876d8f33f14c53cd7841ddae48dfe4df776a5e39e99b846f9f5bbdda94e4f7c3034fc2abe9a9f8aac7dad210e88514347d56c46f89bfbc36aa5d72105d404e2eb47eb6be5f08c4a9885eea0b0b53b7777ad7bed932f86466139bcc5d431f2c02a219178a6f7818fd6e1385f1d224345da464202d0c5e64a6a5b1c67c5a45d70bec4e7d441ed14e394ffd7b8b116be332249cea5e480c645989e4e9d06b60cccb9ae33d5628e1ba7a513"}, &(0x7f0000000780)={0x20, 0x3, 0x1, 0x7f}}) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000c00)={0x14, 0x0, 0x0, 0x70bd29}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000940)={0x24, &(0x7f0000000800)={0x40, 0x0, 0x3c, {0x3c, 0x2, "d8bfc1166c5fe1a644b1fe719d08ed6155a978a3635705e700278994e3923c522ebb3c4624f8e8bf405a1fdb653041c59696f733b18570a48ca4"}}, &(0x7f0000000880)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41f}}, &(0x7f00000008c0)={0x0, 0x22, 0x11, {[@main=@item_012={0x2, 0x0, 0xb, "c329"}, @local=@item_012={0x1, 0x2, 0xa, "f4"}, @global=@item_4={0x3, 0x1, 0xa, "66a05ea8"}, @main=@item_012={0x1, 0x0, 0x9, '6'}, @local=@item_4={0x3, 0x2, 0x0, "94832337"}]}}, &(0x7f0000000900)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8001, 0x2, 0x1, {0x22, 0x2da}}}}, &(0x7f0000000b40)={0x2c, &(0x7f0000000980)={0x20, 0x14, 0xa2, "31275be9b0dab161063e8fc73e1df16599c15ce7b49195e84d6c8e99ab9cc393aa2b859b4660682f16da9a7cee4d4719c5c677914f4445f75725d87bcb08904534b73400a95ef955dbfc3f519f0b72c0151450d316f47fabd84a426b880db12cc8d5e81bf58b89ed0c02a11eaa7ec722e45939f18b425339e4730d2cf220cd83e0c4cea90ca9d09ee78dbe7ad7181addf39da9216d80d88551dfa16631dca110462a"}, &(0x7f0000000a40)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000000a80)={0x0, 0x8, 0x1, 0x8f}, &(0x7f0000000ac0)={0x20, 0x1, 0x7, "3ef171d70e9b31"}, &(0x7f0000000b00)={0x20, 0x3, 0x1, 0x3f}}) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x115}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x40) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000c80)={0x14, &(0x7f0000000b80)={0x20, 0xc, 0x4a, {0x4a, 0x10, "d679fda434fa0633525959266f9f7abdf6e5db388f72167786313c3a42cd9ab5d6a9b6a936fcd6dce11985c6f070e136829a1534180ca2e6e396c7ed491eec99c717d4765d8272d8"}}, &(0x7f0000000c40)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000dc0)={0x1c, &(0x7f0000000cc0)={0x0, 0x1, 0x63, "a504a43a360670251188c9587a7701894e0da972924b96c6cc167b91f94eb86c4d9a25a62c2478d4c8c90faf59e5274af6f11d127b765d6952e46a363b3647c9df1ef6afe2e08d419fd74e4c8fea445cc3ceb2b1d7140cf2b950ab6faf76ce440c31be"}, &(0x7f0000000d40)={0x0, 0xa, 0x1}, &(0x7f0000000d80)={0x0, 0x8, 0x1, 0x8}}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) [ 583.603853] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 583.630387] udc-core: couldn't find an available UDC or it's busy [ 583.631469] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 583.660058] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue 23:46:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:46:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_L}, {@aname={'aname', 0x3d, '\x00'}}, {@msize={'msize', 0x3d, 0xc24}}, {@nodevmap}], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) 23:46:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) [ 583.671021] EXT4-fs (loop0): re-mounted. Opts: (null) 23:46:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:46:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x1c, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x0) [ 583.702903] EXT4-fs (loop0): re-mounted. Opts: (null) [ 583.713800] 9pnet: Insufficient options for proto=fd 23:46:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L}, {@aname={'aname', 0x3d, '\x00'}}, {@msize={'msize', 0x3d, 0xc24}}], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) [ 583.750310] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) 23:46:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L}, {@aname={'aname', 0x3d, '\x00'}}], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) [ 583.788083] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 583.791368] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:46:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 23:46:26 executing program 0: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x40, 0x0, 0xb3, 0x3f, 0x2, 0x3, 0x4, 0x6e, 0x40, 0x27d, 0x0, 0x7, 0x38, 0x1, 0x0, 0x8}, [{0x2, 0x1, 0x6, 0x0, 0x6, 0x6, 0x3f}], "bfc3a0942c", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x57d) r1 = accept(r0, &(0x7f0000000080)=@in={0x2, 0x0, @empty}, &(0x7f0000000100)=0x80) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000140)={0x738502a, 0xffffffff, 0x9, 0x4, 0x3}) 23:46:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 584.146667] udc-core: couldn't find an available UDC or it's busy [ 584.148026] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 597.336624] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:46:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 1) 23:46:40 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:46:40 executing program 1: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) openat(r2, &(0x7f0000000280)='./file1\x00', 0x20000, 0x8a) fsmount(r2, 0x1, 0x74) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x4, 0x40, 0xfc, 0x0, 0x0, 0x1ff, 0x0, 0x5, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xb4, 0x4, @perf_config_ext={0x1000, 0x7ff}, 0x30, 0x2, 0x0, 0x4, 0x6, 0xfea8, 0x7fff, 0x0, 0x6, 0x0, 0x7fffffff}, 0xffffffffffffffff, 0xc, r2, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2, 0x6, 0x7, 0x76, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_config_ext={0x3f, 0x8001}, 0x1006, 0x5, 0x6, 0x6, 0xa9d8, 0x9, 0x80, 0x0, 0x12, 0x0, 0x7}, 0x0, 0xc, r0, 0x3) unshare(0x48020200) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) unshare(0x14000000) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3) openat(r4, &(0x7f0000000280)='./file1\x00', 0x20000, 0x8a) fsmount(r4, 0x1, 0x74) openat$cgroup(r4, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) 23:46:40 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {}, [@NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x1}]}, 0x1c}}, 0x2000c014) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2) openat(r3, &(0x7f0000000280)='./file1\x00', 0x20000, 0x8a) fsmount(r3, 0x1, 0x74) sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x3c, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_LABELS={0xc, 0x16, 0x1, 0x0, [0x0, 0x1]}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'snmp_trap\x00'}}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x15}, 0x20000004) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r4, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r4], 0x1c}}, 0x0) dup3(r1, r0, 0x0) 23:46:40 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L}], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) 23:46:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 23:46:40 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x20, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}]}, 0x20}}, 0x0) 23:46:40 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 597.359966] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:46:40 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:46:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0) [ 597.391084] FAULT_INJECTION: forcing a failure. [ 597.391084] name failslab, interval 1, probability 0, space 0, times 1 [ 597.392649] CPU: 0 PID: 5850 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 597.393496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 597.394512] Call Trace: [ 597.394847] dump_stack+0x107/0x167 [ 597.395307] should_fail.cold+0x5/0xa [ 597.395796] should_failslab+0x5/0x20 [ 597.396280] __kmalloc_track_caller+0x79/0x3c0 [ 597.396859] ? strndup_user+0x74/0xe0 [ 597.397330] memdup_user+0x22/0xd0 [ 597.397787] strndup_user+0x74/0xe0 [ 597.398248] __x64_sys_mount+0x133/0x300 [ 597.398741] ? copy_mnt_ns+0xa00/0xa00 [ 597.399232] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 597.399896] ? syscall_enter_from_user_mode+0x1d/0x50 [ 597.400560] do_syscall_64+0x33/0x40 [ 597.401020] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 597.401660] RIP: 0033:0x7ff8f0c7cb19 [ 597.402114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 597.404391] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 597.405334] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 597.406218] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 597.407097] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 597.407944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 597.408833] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:46:40 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:46:40 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x20, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}]}, 0x20}}, 0x0) 23:46:40 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) [ 597.441490] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:46:40 executing program 0: r0 = creat(&(0x7f0000000180)='./file1\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x0, 0x8001, 0x800, 0x6, 0x0, "9c29e77a13390700fde1bb28cb12723ece1f73", 0x7fff, 0x8}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0xf0) statfs(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/209) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r1, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r3, &(0x7f0000000280)=ANY=[], 0xfdef) syz_io_uring_complete(r2) syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x40001) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0xe40, 0x0) fcntl$getflags(r0, 0x3) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) 23:46:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0) 23:46:40 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}}) [ 597.483184] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 597.498939] 9pnet: Insufficient options for proto=fd 23:46:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 2) 23:46:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0) [ 597.648893] FAULT_INJECTION: forcing a failure. [ 597.648893] name failslab, interval 1, probability 0, space 0, times 0 [ 597.650214] CPU: 0 PID: 5874 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 597.651002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 597.651949] Call Trace: [ 597.652265] dump_stack+0x107/0x167 [ 597.652687] should_fail.cold+0x5/0xa [ 597.653118] ? create_object.isra.0+0x3a/0xa20 [ 597.653632] should_failslab+0x5/0x20 [ 597.654056] kmem_cache_alloc+0x5b/0x360 [ 597.654517] create_object.isra.0+0x3a/0xa20 [ 597.655021] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 597.655565] __kmalloc_track_caller+0x177/0x3c0 [ 597.656090] ? strndup_user+0x74/0xe0 [ 597.656514] memdup_user+0x22/0xd0 [ 597.656922] strndup_user+0x74/0xe0 [ 597.657328] __x64_sys_mount+0x133/0x300 [ 597.657789] ? copy_mnt_ns+0xa00/0xa00 [ 597.658228] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 597.658819] ? syscall_enter_from_user_mode+0x1d/0x50 [ 597.659407] do_syscall_64+0x33/0x40 [ 597.659828] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 597.660418] RIP: 0033:0x7ff8f0c7cb19 [ 597.660840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 597.662909] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 597.663757] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 597.664541] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 597.665339] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 597.666139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 597.666937] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 597.672091] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:46:51 executing program 1: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_tables_names\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='status\x00') socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet_udp(0x2, 0x2, 0x0) pselect6(0x40, &(0x7f0000000180), &(0x7f0000000340)={0x3fc, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x0, 0x0, 0x0) 23:46:51 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:46:51 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 3) 23:46:51 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}}) 23:46:51 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x20, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}]}, 0x20}}, 0x0) 23:46:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]}}) 23:46:51 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2], 0x28}}, 0x0) 23:46:51 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/19, 0x13}], 0x1) write$bt_hci(r0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0xe4b4}}, './file0\x00'}) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000080)=0x3) [ 608.819178] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 608.821565] 9pnet: Insufficient options for proto=fd [ 608.824848] FAULT_INJECTION: forcing a failure. [ 608.824848] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 608.825243] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 608.826462] CPU: 1 PID: 5897 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 608.826469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 608.826473] Call Trace: [ 608.826492] dump_stack+0x107/0x167 [ 608.826507] should_fail.cold+0x5/0xa [ 608.826524] _copy_from_user+0x2e/0x1b0 [ 608.826540] memdup_user+0x65/0xd0 [ 608.826554] strndup_user+0x74/0xe0 [ 608.826581] __x64_sys_mount+0x133/0x300 [ 608.833901] ? copy_mnt_ns+0xa00/0xa00 [ 608.834447] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 608.835186] ? syscall_enter_from_user_mode+0x1d/0x50 [ 608.835904] do_syscall_64+0x33/0x40 [ 608.836440] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 608.837182] RIP: 0033:0x7ff8f0c7cb19 [ 608.837719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 608.840387] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 608.841494] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 608.842533] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 608.843583] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 608.844616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 608.845642] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:46:51 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x1c, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x0) 23:46:51 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:46:51 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) pread64(0xffffffffffffffff, 0x0, 0x0, 0x2) write$tun(r0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4940}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() capget(&(0x7f0000000080)={0x20071026, r1}, &(0x7f0000000100)) r2 = syz_open_dev$vcsn(&(0x7f0000000a40), 0x1, 0x601) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x5) write$tcp_mem(0xffffffffffffffff, &(0x7f0000002040), 0x48) perf_event_open(&(0x7f0000000240)={0x7, 0x80, 0x7f, 0x0, 0x1, 0x1, 0x0, 0x9c85, 0x12008, 0xb, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x40, 0x0, @perf_config_ext={0x9, 0x5}, 0x840, 0x8, 0x3, 0x6, 0x8c, 0x1, 0x9, 0x0, 0x0, 0x0, 0x1000}, r1, 0x8, r2, 0xb) socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f00000002c0)={0x2, 0x4, @rand_addr=0x64010100}, 0x10) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) fork() syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x3f, 0x3, &(0x7f0000000300)=[{&(0x7f0000010000)="eb3cd04d6b66732e66617400020801b90170000000f801", 0x17, 0xfffffffffffffffe}, {0x0, 0x0, 0x2000001000a04}, {&(0x7f0000000140)="09321ee71c1f999ee4c5394b1ece5a1f6a1c1d5f80a9f7a244e3d1ad2980644e50ad2b19bc24174421d5167ab53d6db00374a55e15f4085f2749d399f432c4c9869b8670028e22e0c14e7b2cbf7661ae478d2ccfcb4af12fbbb8013218eb980b2ae3a9edbb1ac596d96b8dfc4103dc096a187a67187e28c303d3a195984a8f0cbe5b4950a9c330961a27aa5693a16a771eb301f961300b852e410e9630b41b49e47ce3dbfc35d1a7aecddebc761dd0a40c1a09a0", 0xb4, 0x8}], 0x30e000, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') open(&(0x7f0000000040)='./file0\x00', 0x1a18c1, 0x0) acct(&(0x7f0000000040)='./file0\x00') acct(0x0) 23:46:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}]}}) 23:46:51 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}}) [ 608.928423] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 608.931394] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure [ 609.016667] 9pnet: Insufficient options for proto=fd [ 609.082987] Process accounting resumed [ 609.202557] Process accounting resumed 23:47:02 executing program 1: syz_io_uring_submit(0x0, 0x0, 0x0, 0x18) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x100, 0x108) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x100, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r1, 0x0, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x5) 23:47:02 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x1c, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x0) 23:47:02 executing program 0: openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x22000, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/meminfo\x00', 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONE(r2, 0x40049409, 0xffffffffffffffff) preadv(r1, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0) r3 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r3, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r3, r0, 0x0) r4 = syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) sendfile(r4, r0, &(0x7f0000000040)=0x79fa9960, 0x3) 23:47:02 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:47:02 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}]}}) 23:47:02 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:47:02 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 4) 23:47:02 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2], 0x28}}, 0x0) [ 619.778723] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 619.779641] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 619.781177] FAULT_INJECTION: forcing a failure. [ 619.781177] name failslab, interval 1, probability 0, space 0, times 0 [ 619.783833] CPU: 1 PID: 5929 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 619.785242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 619.786906] Call Trace: [ 619.787454] dump_stack+0x107/0x167 [ 619.788188] should_fail.cold+0x5/0xa [ 619.788988] ? copy_mount_options+0x55/0x180 [ 619.789889] should_failslab+0x5/0x20 [ 619.790666] kmem_cache_alloc_trace+0x55/0x360 [ 619.791591] ? _copy_from_user+0xfb/0x1b0 [ 619.792438] copy_mount_options+0x55/0x180 [ 619.793344] __x64_sys_mount+0x1a8/0x300 [ 619.794177] ? copy_mnt_ns+0xa00/0xa00 [ 619.794961] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 619.796024] ? syscall_enter_from_user_mode+0x1d/0x50 [ 619.797069] do_syscall_64+0x33/0x40 [ 619.797824] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 619.798860] RIP: 0033:0x7ff8f0c7cb19 [ 619.799614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 619.803336] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 619.804890] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 619.806335] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 619.807768] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 619.809232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 619.810676] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 619.824542] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:47:02 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2], 0x28}}, 0x0) 23:47:02 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:47:02 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x1c, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x0) 23:47:02 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}]}}) 23:47:02 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 619.918262] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 619.931265] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:47:02 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 5) [ 619.945204] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:47:02 executing program 1: write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x20, 0x0, 0xfb, 0x4, @tick=0x7, {0xf9, 0x8}, {0x1, 0x1a}, @result={0x9, 0xdb}}], 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000600)={0xa, 0x0, 0x0, @mcast2}, 0x1c) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0xa, 0x4e21, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0xd3}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000400)="543f67de889d330eb216c580b3e780da8eb63c54c66e193edefa8edd7b5de07d2a49c0e907e6249dceaf7067a8e7cc7cdba4b463f7a04f935ede70db55b25e9ee7f1359855e7fab0c70b90a05823bb5700489eb15d15483982ba6afefddb731726e7c60c062fb22538bfd85737", 0x6d}], 0x1}, 0x841) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00), 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000fffffdfd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000004000000000000000000000000000000000000000000000027aa887d00"/250]) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000080)) open(&(0x7f00000001c0)='./file1\x00', 0x802, 0x2) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = dup(r1) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f00000002c0)) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000080)={@local, 0x78, r3}) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r3}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'gre0\x00', &(0x7f0000000180)={'syztnl1\x00', r3, 0x8000, 0x8000, 0x4, 0x6, {{0x6, 0x4, 0x3, 0x8, 0x18, 0x67, 0x0, 0x3, 0x4, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@noop]}}}}}) bind$packet(r0, &(0x7f0000000280)={0x11, 0x1, r3, 0x1, 0x9, 0x6, @broadcast}, 0x14) ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={0x0, @phonet={0x23, 0x1f, 0x9, 0x4}, @phonet={0x23, 0x3, 0xff, 0x1}, @ethernet={0x1, @broadcast}, 0x20, 0x0, 0x0, 0x0, 0xcfd4, &(0x7f0000000200)='ipvlan0\x00', 0x180000000000, 0x4, 0x8}) [ 620.000942] FAULT_INJECTION: forcing a failure. [ 620.000942] name failslab, interval 1, probability 0, space 0, times 0 [ 620.003354] CPU: 1 PID: 5956 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 620.004793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 620.006508] Call Trace: [ 620.007057] dump_stack+0x107/0x167 [ 620.007800] should_fail.cold+0x5/0xa [ 620.008598] ? create_object.isra.0+0x3a/0xa20 [ 620.009533] should_failslab+0x5/0x20 [ 620.010322] kmem_cache_alloc+0x5b/0x360 [ 620.011160] create_object.isra.0+0x3a/0xa20 [ 620.012065] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 620.013125] kmem_cache_alloc_trace+0x151/0x360 [ 620.014072] ? _copy_from_user+0xfb/0x1b0 [ 620.014927] copy_mount_options+0x55/0x180 [ 620.015802] __x64_sys_mount+0x1a8/0x300 [ 620.016657] ? copy_mnt_ns+0xa00/0xa00 [ 620.017454] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 620.018529] ? syscall_enter_from_user_mode+0x1d/0x50 [ 620.019594] do_syscall_64+0x33/0x40 [ 620.020355] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 620.021407] RIP: 0033:0x7ff8f0c7cb19 [ 620.022182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 620.025954] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 620.027532] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 620.029013] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 620.030473] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 620.031936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 620.033426] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 620.053186] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) [ 620.089371] device veth0_vlan entered promiscuous mode 23:47:14 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:47:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 6) 23:47:14 executing program 0: write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0x4, @tick=0x7, {0xf9, 0x8}, {0x1}, @result={0x9, 0xdb}}], 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000600)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00), 0x0, 0x0) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x22, 0x3, 0x4, 0x1, 0x0, 0x6, 0xe8120, 0xc, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x7, @perf_config_ext={0xfffffffffffffffa, 0x7}, 0x19209, 0xe8, 0x7fff, 0x7, 0x3, 0x8, 0x0, 0x0, 0x7, 0x0, 0x7ff}, r1, 0x2, r0, 0x8) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000fffffdfd0201000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8ffffff0000000000000000000000000000000000000008000000000000000000000000000400"/256]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x3, 0x3, 0xff, 0x0, 0x9, 0x61808, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, 0x1, @perf_config_ext={0x3ff, 0x100000001}, 0x1002, 0x7, 0xd, 0x6, 0x6, 0x3, 0x9, 0x0, 0xff, 0x0, 0xfffffffffffffff7}, 0x0, 0xd, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'}) io_uring_enter(r4, 0x7acc, 0x14ae, 0x3, &(0x7f0000000300)={[0x603d]}, 0x8) open(&(0x7f00000001c0)='./file1\x00', 0x101402, 0x1141819f688a6e08) 23:47:14 executing program 1: chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x8800000) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) fdatasync(r3) 23:47:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:47:14 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:47:14 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 1) 23:47:14 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 631.807318] FAULT_INJECTION: forcing a failure. [ 631.807318] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 631.810039] CPU: 1 PID: 5973 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 631.811599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 631.813499] Call Trace: [ 631.814108] dump_stack+0x107/0x167 [ 631.814952] should_fail.cold+0x5/0xa [ 631.815837] _copy_from_user+0x2e/0x1b0 [ 631.816792] copy_mount_options+0x76/0x180 [ 631.817773] __x64_sys_mount+0x1a8/0x300 [ 631.818715] ? copy_mnt_ns+0xa00/0xa00 [ 631.819634] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 631.820851] ? syscall_enter_from_user_mode+0x1d/0x50 [ 631.822051] do_syscall_64+0x33/0x40 [ 631.822926] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 631.824109] RIP: 0033:0x7ff8f0c7cb19 [ 631.824998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 631.829275] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 631.831068] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 631.832750] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 631.834419] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 631.836104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 631.837817] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 631.861558] FAULT_INJECTION: forcing a failure. [ 631.861558] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 631.864063] CPU: 1 PID: 5983 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 631.864243] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 631.865505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 631.865511] Call Trace: [ 631.865534] dump_stack+0x107/0x167 [ 631.865555] should_fail.cold+0x5/0xa [ 631.865578] _copy_from_user+0x2e/0x1b0 [ 631.865601] __copy_msghdr_from_user+0x91/0x4b0 [ 631.865619] ? __ia32_sys_shutdown+0x80/0x80 [ 631.865638] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 631.865654] ? __lock_acquire+0x1657/0x5b00 [ 631.865677] ? __lock_acquire+0xbb1/0x5b00 [ 631.865704] sendmsg_copy_msghdr+0xa1/0x160 [ 631.865720] ? do_recvmmsg+0x6d0/0x6d0 [ 631.865746] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 631.879656] ? lock_downgrade+0x6d0/0x6d0 [ 631.880553] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 631.881697] ___sys_sendmsg+0xc6/0x170 [ 631.882541] ? sendmsg_copy_msghdr+0x160/0x160 [ 631.883533] ? __fget_files+0x26d/0x480 [ 631.884395] ? lock_downgrade+0x6d0/0x6d0 [ 631.885305] ? find_held_lock+0x2c/0x110 [ 631.886192] ? __fget_files+0x296/0x480 [ 631.887079] ? __fget_light+0xea/0x290 [ 631.887951] __sys_sendmsg+0xe5/0x1b0 [ 631.888811] ? __sys_sendmsg_sock+0xb0/0xb0 [ 631.889755] ? rcu_read_lock_any_held+0x75/0xa0 [ 631.890779] ? fput_many+0x2f/0x1a0 [ 631.891577] ? ksys_write+0x1a9/0x260 [ 631.892420] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 631.893597] ? syscall_enter_from_user_mode+0x1d/0x50 [ 631.894741] ? trace_hardirqs_on+0x5b/0x180 [ 631.895714] do_syscall_64+0x33/0x40 [ 631.896529] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 631.897663] RIP: 0033:0x7f9af4beeb19 [ 631.898482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 631.902552] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 631.904242] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 631.905845] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 631.907436] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 631.909043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 631.910655] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 631.915809] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 631.936759] kernel write not supported for file /snd/seq (pid: 70 comm: kworker/1:2) 23:47:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:47:14 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:47:14 executing program 3: close(0xffffffffffffffff) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) [ 632.019712] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:47:14 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 1) [ 632.046020] FAULT_INJECTION: forcing a failure. [ 632.046020] name failslab, interval 1, probability 0, space 0, times 0 [ 632.048410] CPU: 1 PID: 5994 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 632.049827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 632.051541] Call Trace: [ 632.052088] dump_stack+0x107/0x167 [ 632.052872] should_fail.cold+0x5/0xa [ 632.053859] should_failslab+0x5/0x20 [ 632.054686] __kmalloc_track_caller+0x79/0x3c0 [ 632.055614] ? strndup_user+0x74/0xe0 [ 632.056395] memdup_user+0x22/0xd0 [ 632.057136] strndup_user+0x74/0xe0 [ 632.057879] __x64_sys_mount+0x133/0x300 [ 632.058707] ? copy_mnt_ns+0xa00/0xa00 [ 632.059503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 632.060567] ? syscall_enter_from_user_mode+0x1d/0x50 [ 632.061625] do_syscall_64+0x33/0x40 [ 632.062383] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 632.063422] RIP: 0033:0x7fbdabcfab19 [ 632.064170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 632.067882] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 632.069423] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 632.070854] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 632.072288] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 632.073745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.075174] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 632.086086] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 23:47:14 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 2) 23:47:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 7) 23:47:14 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:47:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:47:14 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x101068100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x200}) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) splice(0xffffffffffffffff, 0x0, r2, &(0x7f0000000140), 0x9b92, 0x0) r3 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x84000) mq_timedsend(r4, &(0x7f00000002c0)="99f01354009e13401a5edd8cab9c64a81f04e08e9703c774ed83f943e9fb084dbc88d83bdee375f495c2bb39a84ec8f7e203af5af6146d1234862a6960518d91c15106fa68ff8647e795dd998862ab51afec64a0949bbd8c7a9da7985d1f89955e3084e9a8660b987e8cafcf76c06cd3a9a22e9ba06be947292a820f4c6b2913d09e0397b4cb209da5ab0d3bd18698e3060be17c9a453985f2437d", 0x9b, 0xe529, &(0x7f0000000200)) ftruncate(0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) 23:47:15 executing program 3: close(0xffffffffffffffff) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) [ 632.246083] FAULT_INJECTION: forcing a failure. [ 632.246083] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 632.248438] CPU: 1 PID: 6006 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 632.249818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 632.251473] Call Trace: [ 632.252009] dump_stack+0x107/0x167 [ 632.252757] should_fail.cold+0x5/0xa [ 632.253522] _copy_from_user+0x2e/0x1b0 [ 632.254329] iovec_from_user+0x141/0x400 [ 632.255155] __import_iovec+0x67/0x590 [ 632.255934] ? __ia32_sys_shutdown+0x80/0x80 [ 632.256824] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 632.257895] import_iovec+0x83/0xb0 [ 632.258634] sendmsg_copy_msghdr+0x131/0x160 [ 632.259518] ? do_recvmmsg+0x6d0/0x6d0 [ 632.260305] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 632.261388] ? lock_downgrade+0x6d0/0x6d0 [ 632.262234] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 632.263292] ___sys_sendmsg+0xc6/0x170 [ 632.264083] ? sendmsg_copy_msghdr+0x160/0x160 [ 632.265016] ? __fget_files+0x26d/0x480 [ 632.265819] ? lock_downgrade+0x6d0/0x6d0 [ 632.266664] ? find_held_lock+0x2c/0x110 [ 632.267493] ? __fget_files+0x296/0x480 [ 632.268307] ? __fget_light+0xea/0x290 [ 632.269131] __sys_sendmsg+0xe5/0x1b0 [ 632.269906] ? __sys_sendmsg_sock+0xb0/0xb0 [ 632.270777] ? rcu_read_lock_any_held+0x75/0xa0 [ 632.271715] ? fput_many+0x2f/0x1a0 [ 632.272452] ? ksys_write+0x1a9/0x260 [ 632.273233] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 632.274292] ? syscall_enter_from_user_mode+0x1d/0x50 [ 632.275331] ? trace_hardirqs_on+0x5b/0x180 [ 632.276211] do_syscall_64+0x33/0x40 [ 632.276983] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 632.278014] RIP: 0033:0x7f9af4beeb19 [ 632.278764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 632.282467] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 632.284007] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 632.285448] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 632.286883] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 632.288316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.289768] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 632.297914] FAULT_INJECTION: forcing a failure. [ 632.297914] name failslab, interval 1, probability 0, space 0, times 0 [ 632.300291] CPU: 0 PID: 6009 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 632.301727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 632.303437] Call Trace: [ 632.303988] dump_stack+0x107/0x167 [ 632.304772] should_fail.cold+0x5/0xa [ 632.305585] ? getname_flags.part.0+0x50/0x4f0 [ 632.306539] should_failslab+0x5/0x20 [ 632.307330] kmem_cache_alloc+0x5b/0x360 [ 632.308197] getname_flags.part.0+0x50/0x4f0 [ 632.309123] ? _copy_from_user+0xfb/0x1b0 [ 632.309984] user_path_at_empty+0xa1/0x100 [ 632.310875] __x64_sys_mount+0x1e9/0x300 [ 632.311724] ? copy_mnt_ns+0xa00/0xa00 [ 632.312546] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 632.313649] ? syscall_enter_from_user_mode+0x1d/0x50 [ 632.314750] do_syscall_64+0x33/0x40 [ 632.315527] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 632.316595] RIP: 0033:0x7ff8f0c7cb19 [ 632.317389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 632.321208] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 632.322781] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 632.324257] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 632.325742] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 632.327241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.328725] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 632.334122] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 23:47:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 2) [ 632.400059] FAULT_INJECTION: forcing a failure. [ 632.400059] name failslab, interval 1, probability 0, space 0, times 0 [ 632.402528] CPU: 0 PID: 6017 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 632.403901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 632.405659] Call Trace: [ 632.406203] dump_stack+0x107/0x167 [ 632.406963] should_fail.cold+0x5/0xa [ 632.407732] ? create_object.isra.0+0x3a/0xa20 [ 632.408696] should_failslab+0x5/0x20 [ 632.409480] kmem_cache_alloc+0x5b/0x360 [ 632.410319] create_object.isra.0+0x3a/0xa20 [ 632.411210] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 632.412287] __kmalloc_track_caller+0x177/0x3c0 [ 632.413233] ? strndup_user+0x74/0xe0 [ 632.414027] memdup_user+0x22/0xd0 [ 632.414766] strndup_user+0x74/0xe0 [ 632.415516] __x64_sys_mount+0x133/0x300 [ 632.416357] ? copy_mnt_ns+0xa00/0xa00 [ 632.417194] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 632.418276] ? syscall_enter_from_user_mode+0x1d/0x50 [ 632.419346] do_syscall_64+0x33/0x40 [ 632.420120] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 632.421186] RIP: 0033:0x7fbdabcfab19 [ 632.421956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 632.425785] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 632.427362] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 632.428850] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 632.430323] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 632.431785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.433254] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 632.435447] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 644.171097] FAULT_INJECTION: forcing a failure. [ 644.171097] name failslab, interval 1, probability 0, space 0, times 0 [ 644.173460] CPU: 1 PID: 6029 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 644.174850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 644.176522] Call Trace: [ 644.177104] dump_stack+0x107/0x167 [ 644.177843] should_fail.cold+0x5/0xa [ 644.178612] ? create_object.isra.0+0x3a/0xa20 [ 644.179535] should_failslab+0x5/0x20 [ 644.180302] kmem_cache_alloc+0x5b/0x360 [ 644.181149] create_object.isra.0+0x3a/0xa20 [ 644.182038] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 644.183067] kmem_cache_alloc+0x159/0x360 [ 644.183909] getname_flags.part.0+0x50/0x4f0 [ 644.184797] ? _copy_from_user+0xfb/0x1b0 23:47:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 3) 23:47:26 executing program 1: set_mempolicy(0x2, &(0x7f0000000000)=0x9, 0x5) r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x608103, 0x0) pwrite64(r0, &(0x7f0000000300)="af", 0xfffffeb2, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec}, 0x0, 0xf, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, 0x0, 0x0) add_key$fscrypt_provisioning(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x1}, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f40c12f6b82ec3ac918dd9d34fde9189d7f0922f15a3ac0e4f541d56edf70d9f8afa70cb8cbdc8ade5e80b1fbccef9525739e8839de05c6c3db3e68d12c2143075ad1c8a1b8095a121b6b3bba435a3b106b124252cb3acdddff1be8918bec6289cdfe783e4a7efefd581665227ff7e60439e4ab8b09e78082556ded89bd59c601e142d6a17a62cc551e88ec4609eedafdc2f7bd73347322b0e163c73eb6fb947600924b7270efb1d670a84ec88d67ddcad8363f4d97594511d4cdc0f9ed7602babbe7a011efb03e5b220af74f3b4a1d8438ff5458d0ff324802660814c8fc26affbb1e1797500000000"], 0x48, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4}, 0x1c) 23:47:26 executing program 0: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @dev}, &(0x7f0000000140)=0x10, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r1, 0x1000003) syz_io_uring_complete(0x0) r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = fcntl$dupfd(r2, 0x0, r3) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000040)) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000)) fsetxattr$security_capability(r1, &(0x7f0000000040), &(0x7f0000000080)=@v2={0x2000000, [{}, {0x5}]}, 0x14, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0xcf, 0x0, 0x0, 0x5e, 0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r1, &(0x7f00000001c0)=ANY=[], 0xfdef) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) fcntl$dupfd(0xffffffffffffffff, 0x0, r5) write$sndseq(r5, &(0x7f00000000c0)=[{0x21, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x80, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_L}, {@aname={'aname', 0x3d, '\x00'}}, {@msize={'msize', 0x3d, 0xc24}}, {@nodevmap}], [{@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}]}}) ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f00000000c0)) 23:47:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) 23:47:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:47:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 3) 23:47:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 8) 23:47:26 executing program 3: close(0xffffffffffffffff) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) [ 644.185933] user_path_at_empty+0xa1/0x100 [ 644.186905] __x64_sys_mount+0x1e9/0x300 [ 644.187745] ? copy_mnt_ns+0xa00/0xa00 [ 644.188536] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 644.189606] ? syscall_enter_from_user_mode+0x1d/0x50 [ 644.190651] do_syscall_64+0x33/0x40 [ 644.191403] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 644.192437] RIP: 0033:0x7ff8f0c7cb19 [ 644.193198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 644.196884] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 644.198454] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 644.199124] FAULT_INJECTION: forcing a failure. [ 644.199124] name failslab, interval 1, probability 0, space 0, times 0 [ 644.199920] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 644.199932] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 644.199942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 644.199953] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 644.208416] CPU: 0 PID: 6038 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 644.209849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 644.211572] Call Trace: [ 644.212131] dump_stack+0x107/0x167 [ 644.212885] should_fail.cold+0x5/0xa [ 644.213706] ? __alloc_skb+0x6d/0x620 [ 644.214496] should_failslab+0x5/0x20 [ 644.215290] kmem_cache_alloc_node+0x55/0x370 [ 644.216242] __alloc_skb+0x6d/0x620 [ 644.217034] netlink_sendmsg+0x98e/0xdf0 [ 644.217886] ? netlink_unicast+0x7f0/0x7f0 [ 644.217983] FAULT_INJECTION: forcing a failure. [ 644.217983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 644.218768] ? netlink_unicast+0x7f0/0x7f0 [ 644.218798] sock_sendmsg+0x154/0x190 [ 644.223160] ____sys_sendmsg+0x70d/0x870 [ 644.224005] ? kernel_sendmsg+0x50/0x50 [ 644.224822] ? do_recvmmsg+0x6d0/0x6d0 [ 644.225652] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 644.226737] ? lock_downgrade+0x6d0/0x6d0 [ 644.227595] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 644.228680] ___sys_sendmsg+0xf3/0x170 [ 644.229494] ? sendmsg_copy_msghdr+0x160/0x160 [ 644.230443] ? lock_downgrade+0x6d0/0x6d0 [ 644.231303] ? find_held_lock+0x2c/0x110 [ 644.232151] ? __fget_files+0x296/0x480 [ 644.233002] ? __fget_light+0xea/0x290 [ 644.233813] __sys_sendmsg+0xe5/0x1b0 [ 644.234601] ? __sys_sendmsg_sock+0xb0/0xb0 [ 644.235491] ? rcu_read_lock_any_held+0x75/0xa0 [ 644.236468] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 644.237560] ? syscall_enter_from_user_mode+0x1d/0x50 [ 644.238625] ? trace_hardirqs_on+0x5b/0x180 [ 644.239515] do_syscall_64+0x33/0x40 [ 644.240287] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 644.241374] RIP: 0033:0x7f9af4beeb19 [ 644.242146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 644.245982] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 644.247553] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 644.249036] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 644.250515] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 644.252000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 644.253499] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 644.255011] CPU: 1 PID: 6040 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 644.256419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 644.258107] Call Trace: [ 644.258642] dump_stack+0x107/0x167 [ 644.259380] should_fail.cold+0x5/0xa [ 644.260152] _copy_from_user+0x2e/0x1b0 [ 644.260970] memdup_user+0x65/0xd0 [ 644.261689] strndup_user+0x74/0xe0 [ 644.262427] __x64_sys_mount+0x133/0x300 [ 644.263250] ? copy_mnt_ns+0xa00/0xa00 [ 644.264040] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 644.265129] ? syscall_enter_from_user_mode+0x1d/0x50 [ 644.266173] do_syscall_64+0x33/0x40 [ 644.266927] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 644.267959] RIP: 0033:0x7fbdabcfab19 [ 644.268712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 644.272414] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 644.273956] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 644.275478] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 644.277314] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 644.279127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 644.280955] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:47:27 executing program 3: r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:47:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) [ 644.318539] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:47:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:47:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 644.393797] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 23:47:27 executing program 3: r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 657.222311] FAULT_INJECTION: forcing a failure. [ 657.222311] name failslab, interval 1, probability 0, space 0, times 0 [ 657.223655] CPU: 1 PID: 6068 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 657.224414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.225335] Call Trace: [ 657.225635] dump_stack+0x107/0x167 [ 657.226041] should_fail.cold+0x5/0xa [ 657.226468] ? create_object.isra.0+0x3a/0xa20 [ 657.226982] should_failslab+0x5/0x20 [ 657.227414] kmem_cache_alloc+0x5b/0x360 [ 657.227867] create_object.isra.0+0x3a/0xa20 [ 657.228357] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 657.228922] kmem_cache_alloc_node+0x169/0x370 [ 657.229463] __alloc_skb+0x6d/0x620 [ 657.229871] netlink_sendmsg+0x98e/0xdf0 [ 657.230334] ? netlink_unicast+0x7f0/0x7f0 [ 657.230813] ? netlink_unicast+0x7f0/0x7f0 [ 657.231281] sock_sendmsg+0x154/0x190 23:47:39 executing program 1: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000480), 0x40001, 0x0) readahead(r0, 0x7, 0x401) lseek(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x64, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0xca0cc, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r2, 0xc038943b, &(0x7f0000000200)={0x100000000000, 0x8, '\x00', 0x0, &(0x7f00000001c0)=[0x0]}) r3 = timerfd_create(0x8, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000240)=ANY=[@ANYBLOB="0100ec8419b36c000001000000180000005a88e414ab562e58f1c81e37387d95c7a82b2ed1ab0a2da2e6e9f54deafc41352cb681f6b57f7c3ee68f1edd0d7af2ec4d848a00000000000000000000f800000000000000000000000000000000000000f6d00fc5db20d2e92214d34ba9b18803aca1d6c1239a7200ceab033b826da32802000000932290237ddd35ff413b1afdd28219c01c50e98aa6e2786d8d57e37d5e5419928fff6f7755c9e9444b4acd830b0e6cfbeede84794a4cd863b6a8787cc8bc93e88e54a00e1b024c68bb57dd9fb32c06a2bb3cb6c51f8e0bbea0446673f4d0801717b87f3d10a3f59317e88de8c8f97af4dd742a15a614972436a8b76226d2", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file1/file0\x00']) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r4, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000002, 0x10, r5, 0x4bae0000) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f00000004c0)) 23:47:39 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x24, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x24}}, 0x0) [ 657.231713] ____sys_sendmsg+0x70d/0x870 23:47:40 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 4) 23:47:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 9) 23:47:40 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 4) [ 657.232826] ? kernel_sendmsg+0x50/0x50 [ 657.233979] ? do_recvmmsg+0x6d0/0x6d0 [ 657.234961] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.236277] ? lock_downgrade+0x6d0/0x6d0 [ 657.237331] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.238636] ___sys_sendmsg+0xf3/0x170 [ 657.239612] ? sendmsg_copy_msghdr+0x160/0x160 [ 657.240747] ? lock_downgrade+0x6d0/0x6d0 [ 657.241818] ? find_held_lock+0x2c/0x110 [ 657.242766] ? __fget_files+0x296/0x480 [ 657.243659] ? __fget_light+0xea/0x290 [ 657.244506] __sys_sendmsg+0xe5/0x1b0 [ 657.245291] ? __sys_sendmsg_sock+0xb0/0xb0 [ 657.246248] ? rcu_read_lock_any_held+0x75/0xa0 [ 657.247310] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.248483] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.249623] ? trace_hardirqs_on+0x5b/0x180 23:47:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:47:40 executing program 3: r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:47:40 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 657.250528] do_syscall_64+0x33/0x40 [ 657.251481] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.252626] RIP: 0033:0x7f9af4beeb19 [ 657.253470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.257144] FAULT_INJECTION: forcing a failure. [ 657.257144] name failslab, interval 1, probability 0, space 0, times 0 [ 657.257478] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.257500] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 657.257511] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 657.257530] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 657.266426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.268021] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 657.269628] CPU: 0 PID: 6071 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 657.271043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.272743] Call Trace: [ 657.273296] dump_stack+0x107/0x167 [ 657.274045] should_fail.cold+0x5/0xa [ 657.274829] ? copy_mount_options+0x55/0x180 [ 657.275743] should_failslab+0x5/0x20 [ 657.276533] kmem_cache_alloc_trace+0x55/0x360 [ 657.277491] ? _copy_from_user+0xfb/0x1b0 [ 657.278348] copy_mount_options+0x55/0x180 [ 657.279221] __x64_sys_mount+0x1a8/0x300 [ 657.280068] ? copy_mnt_ns+0xa00/0xa00 [ 657.280878] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.281974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.282045] FAULT_INJECTION: forcing a failure. [ 657.282045] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 657.283041] do_syscall_64+0x33/0x40 [ 657.283061] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.283072] RIP: 0033:0x7fbdabcfab19 [ 657.283096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.291903] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 657.293517] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 657.295036] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 657.296544] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 657.298092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.299629] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 657.301198] CPU: 1 PID: 6076 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 657.302635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.304373] Call Trace: [ 657.304930] dump_stack+0x107/0x167 [ 657.305707] should_fail.cold+0x5/0xa [ 657.306506] strncpy_from_user+0x34/0x470 [ 657.307388] getname_flags.part.0+0x95/0x4f0 [ 657.308315] ? _copy_from_user+0xfb/0x1b0 [ 657.309199] user_path_at_empty+0xa1/0x100 [ 657.310084] __x64_sys_mount+0x1e9/0x300 [ 657.310935] ? copy_mnt_ns+0xa00/0xa00 [ 657.311753] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.312852] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.313935] do_syscall_64+0x33/0x40 [ 657.314723] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.315827] RIP: 0033:0x7ff8f0c7cb19 [ 657.316611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.320315] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 657.321848] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 657.323278] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 657.324706] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 657.326157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.327590] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:47:40 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 1) 23:47:40 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 657.410365] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 23:47:40 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 5) 23:47:40 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 657.453916] FAULT_INJECTION: forcing a failure. [ 657.453916] name failslab, interval 1, probability 0, space 0, times 0 [ 657.456285] CPU: 1 PID: 6082 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 657.457677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.459356] Call Trace: [ 657.459897] dump_stack+0x107/0x167 [ 657.460640] should_fail.cold+0x5/0xa [ 657.461423] should_failslab+0x5/0x20 [ 657.462201] __kmalloc_node_track_caller+0x74/0x3f0 [ 657.463212] ? netlink_sendmsg+0x98e/0xdf0 [ 657.464072] __alloc_skb+0xb1/0x620 [ 657.464813] netlink_sendmsg+0x98e/0xdf0 [ 657.465661] ? netlink_unicast+0x7f0/0x7f0 [ 657.466529] ? netlink_unicast+0x7f0/0x7f0 [ 657.467387] sock_sendmsg+0x154/0x190 [ 657.468159] ____sys_sendmsg+0x70d/0x870 [ 657.468983] ? kernel_sendmsg+0x50/0x50 [ 657.469789] ? do_recvmmsg+0x6d0/0x6d0 [ 657.470582] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.471640] ? lock_downgrade+0x6d0/0x6d0 [ 657.472479] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.473563] ___sys_sendmsg+0xf3/0x170 [ 657.474351] ? sendmsg_copy_msghdr+0x160/0x160 [ 657.475279] ? lock_downgrade+0x6d0/0x6d0 [ 657.476120] ? find_held_lock+0x2c/0x110 [ 657.476952] ? __fget_files+0x296/0x480 [ 657.477772] ? __fget_light+0xea/0x290 [ 657.478563] __sys_sendmsg+0xe5/0x1b0 [ 657.479331] ? __sys_sendmsg_sock+0xb0/0xb0 [ 657.480207] ? rcu_read_lock_any_held+0x75/0xa0 [ 657.481185] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.482245] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.483282] ? trace_hardirqs_on+0x5b/0x180 [ 657.484158] do_syscall_64+0x33/0x40 [ 657.484908] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.485960] RIP: 0033:0x7f9af4beeb19 [ 657.486714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.490446] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.491977] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 657.493426] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 657.494859] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 657.496291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.497733] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 657.505833] FAULT_INJECTION: forcing a failure. [ 657.505833] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 657.508200] CPU: 1 PID: 6087 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 657.509584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.511246] Call Trace: [ 657.511779] dump_stack+0x107/0x167 [ 657.512513] should_fail.cold+0x5/0xa [ 657.513304] _copy_from_user+0x2e/0x1b0 [ 657.514108] __copy_msghdr_from_user+0x91/0x4b0 [ 657.515061] ? __ia32_sys_shutdown+0x80/0x80 [ 657.515963] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.517024] ? __lock_acquire+0x1657/0x5b00 [ 657.517918] ? __lock_acquire+0xbb1/0x5b00 [ 657.518787] sendmsg_copy_msghdr+0xa1/0x160 [ 657.519658] ? do_recvmmsg+0x6d0/0x6d0 [ 657.520460] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.521548] ? lock_downgrade+0x6d0/0x6d0 [ 657.522396] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.523472] ___sys_sendmsg+0xc6/0x170 [ 657.524267] ? sendmsg_copy_msghdr+0x160/0x160 [ 657.525205] ? __fget_files+0x26d/0x480 [ 657.526011] ? lock_downgrade+0x6d0/0x6d0 [ 657.526853] ? find_held_lock+0x2c/0x110 [ 657.527689] ? __fget_files+0x296/0x480 [ 657.528513] ? __fget_light+0xea/0x290 [ 657.529320] __sys_sendmsg+0xe5/0x1b0 [ 657.530095] ? __sys_sendmsg_sock+0xb0/0xb0 [ 657.530966] ? rcu_read_lock_any_held+0x75/0xa0 [ 657.531904] ? fput_many+0x2f/0x1a0 [ 657.532640] ? ksys_write+0x1a9/0x260 [ 657.533419] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.534486] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.535538] ? trace_hardirqs_on+0x5b/0x180 [ 657.536425] do_syscall_64+0x33/0x40 [ 657.537197] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.538236] RIP: 0033:0x7fc1f6be2b19 [ 657.539015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.542707] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.544251] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 657.545684] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 657.547113] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 657.548551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.550003] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 23:47:40 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 5) 23:47:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:47:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 10) 23:47:40 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:47:40 executing program 1: move_pages(0x0, 0x1, &(0x7f0000000280)=[&(0x7f0000ffc000/0x3000)=nil], &(0x7f00000002c0)=[0x8], 0x0, 0x0) [ 657.595386] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 657.601102] FAULT_INJECTION: forcing a failure. [ 657.601102] name failslab, interval 1, probability 0, space 0, times 0 [ 657.603452] CPU: 1 PID: 6093 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 657.604818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.606493] Call Trace: [ 657.607030] dump_stack+0x107/0x167 [ 657.607763] should_fail.cold+0x5/0xa [ 657.608531] ? create_object.isra.0+0x3a/0xa20 [ 657.609483] should_failslab+0x5/0x20 [ 657.610246] kmem_cache_alloc+0x5b/0x360 [ 657.610873] FAULT_INJECTION: forcing a failure. [ 657.610873] name failslab, interval 1, probability 0, space 0, times 0 [ 657.611071] create_object.isra.0+0x3a/0xa20 [ 657.614269] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 657.615297] kmem_cache_alloc_trace+0x151/0x360 [ 657.616251] copy_mount_options+0x55/0x180 [ 657.617114] __x64_sys_mount+0x1a8/0x300 [ 657.617943] ? copy_mnt_ns+0xa00/0xa00 [ 657.618756] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.619814] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.620852] do_syscall_64+0x33/0x40 [ 657.621617] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.622646] RIP: 0033:0x7fbdabcfab19 [ 657.623401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.627119] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 657.628678] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 657.630125] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 657.631562] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 657.633024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.634482] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 657.635951] CPU: 0 PID: 6094 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 657.637371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.639079] Call Trace: [ 657.639623] dump_stack+0x107/0x167 [ 657.640374] should_fail.cold+0x5/0xa [ 657.641170] ? alloc_fs_context+0x57/0x840 [ 657.642040] should_failslab+0x5/0x20 [ 657.642821] kmem_cache_alloc_trace+0x55/0x360 [ 657.643768] alloc_fs_context+0x57/0x840 [ 657.644624] path_mount+0xa72/0x20b0 [ 657.645428] ? strncpy_from_user+0x9e/0x470 [ 657.646329] ? finish_automount+0xa40/0xa40 [ 657.647225] ? getname_flags.part.0+0x1dd/0x4f0 [ 657.648190] ? _copy_from_user+0xfb/0x1b0 [ 657.649066] __x64_sys_mount+0x282/0x300 [ 657.649914] ? copy_mnt_ns+0xa00/0xa00 [ 657.650734] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.651813] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.652890] do_syscall_64+0x33/0x40 [ 657.653671] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.654747] RIP: 0033:0x7ff8f0c7cb19 [ 657.655516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.659376] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 657.660956] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 657.662439] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 657.663906] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 657.665375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 657.666834] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:47:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37"], 0x28}}, 0x0) 23:47:40 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 6) 23:47:40 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 657.737280] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 657.751138] FAULT_INJECTION: forcing a failure. [ 657.751138] name failslab, interval 1, probability 0, space 0, times 0 [ 657.753557] CPU: 0 PID: 6102 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 657.754960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.756667] Call Trace: [ 657.757225] dump_stack+0x107/0x167 [ 657.757978] should_fail.cold+0x5/0xa [ 657.758783] should_failslab+0x5/0x20 [ 657.759583] __kmalloc_node_track_caller+0x74/0x3f0 [ 657.760625] ? netlink_sendmsg+0x98e/0xdf0 [ 657.761532] __alloc_skb+0xb1/0x620 [ 657.762302] netlink_sendmsg+0x98e/0xdf0 [ 657.763158] ? netlink_unicast+0x7f0/0x7f0 [ 657.764052] ? netlink_unicast+0x7f0/0x7f0 [ 657.764942] sock_sendmsg+0x154/0x190 [ 657.765746] ____sys_sendmsg+0x70d/0x870 [ 657.766599] ? kernel_sendmsg+0x50/0x50 [ 657.767424] ? do_recvmmsg+0x6d0/0x6d0 [ 657.768237] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.769340] ? lock_downgrade+0x6d0/0x6d0 [ 657.770204] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.771301] ___sys_sendmsg+0xf3/0x170 [ 657.772112] ? sendmsg_copy_msghdr+0x160/0x160 [ 657.773086] ? lock_downgrade+0x6d0/0x6d0 [ 657.773970] ? find_held_lock+0x2c/0x110 [ 657.774822] ? __fget_files+0x296/0x480 [ 657.775649] ? __fget_light+0xea/0x290 [ 657.776462] __sys_sendmsg+0xe5/0x1b0 [ 657.777254] ? __sys_sendmsg_sock+0xb0/0xb0 [ 657.778144] ? rcu_read_lock_any_held+0x75/0xa0 [ 657.779115] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.780214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.781288] ? trace_hardirqs_on+0x5b/0x180 [ 657.782175] do_syscall_64+0x33/0x40 [ 657.782960] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.784027] RIP: 0033:0x7f9af4beeb19 [ 657.784813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.788663] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.790263] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 657.791853] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 657.793321] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 657.794776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.796232] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 23:47:40 executing program 1: ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00/file0/file0\x00\x00\x00\x00\x00\x00']) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0/file0\x00'}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000300)={0x30, 0x32, 0xa, 0x8, 0x9, 0x7, 0x2006, 0x140, 0x57c371147aca7cca}) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0x0, 0x1c, 0x0, 0x12, 0x4, 0x8f6, 0x1, 0x15b}) dup2(0xffffffffffffffff, r2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f00000001c0)="201900d07642da921fd6ff11430c6c6b8c0ac5060048065e24ecf3bb8ce311427ac446646b66cda5c391a00fbccd665cde721d7307fdcb6b969016edfcfc7632c1f3819bab23a38c40d2318820e65ef0262cc5dd8b5bc96f21bc84022b67785d6741984f29f705f842bd5a0870925cdb5d80eb689f80ea6ff07d3876a48c6519dad01907103c1df3928cb15b27437eb6e994a4bed70de633978e40", 0x9b, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000180)) mmap$IORING_OFF_SQES(&(0x7f0000ff3000/0xc000)=nil, 0xc000, 0x2000002, 0xf154c79f1722d852, 0xffffffffffffffff, 0x10000000) pkey_mprotect(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) pkey_mprotect(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) pkey_mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000010000002afbce28", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0/file0\x00']) pkey_mprotect(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) ftruncate(0xffffffffffffffff, 0x1) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, 0x0) 23:47:40 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 2) [ 657.857295] FAULT_INJECTION: forcing a failure. [ 657.857295] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 657.859879] CPU: 1 PID: 6106 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 657.861287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 657.862959] Call Trace: [ 657.863498] dump_stack+0x107/0x167 [ 657.864231] should_fail.cold+0x5/0xa [ 657.865003] _copy_from_user+0x2e/0x1b0 [ 657.865815] iovec_from_user+0x141/0x400 [ 657.866643] __import_iovec+0x67/0x590 [ 657.867428] ? __ia32_sys_shutdown+0x80/0x80 [ 657.868332] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.869416] import_iovec+0x83/0xb0 [ 657.870172] sendmsg_copy_msghdr+0x131/0x160 [ 657.871066] ? do_recvmmsg+0x6d0/0x6d0 [ 657.871868] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.872943] ? lock_downgrade+0x6d0/0x6d0 [ 657.873805] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 657.874876] ___sys_sendmsg+0xc6/0x170 [ 657.875684] ? sendmsg_copy_msghdr+0x160/0x160 [ 657.876612] ? __fget_files+0x26d/0x480 [ 657.877423] ? lock_downgrade+0x6d0/0x6d0 [ 657.878268] ? find_held_lock+0x2c/0x110 [ 657.879097] ? __fget_files+0x296/0x480 [ 657.879913] ? __fget_light+0xea/0x290 [ 657.880702] __sys_sendmsg+0xe5/0x1b0 [ 657.881486] ? __sys_sendmsg_sock+0xb0/0xb0 [ 657.882363] ? rcu_read_lock_any_held+0x75/0xa0 [ 657.883307] ? fput_many+0x2f/0x1a0 [ 657.884049] ? ksys_write+0x1a9/0x260 [ 657.884829] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 657.885894] ? syscall_enter_from_user_mode+0x1d/0x50 [ 657.886941] ? trace_hardirqs_on+0x5b/0x180 [ 657.887822] do_syscall_64+0x33/0x40 [ 657.888578] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 657.889638] RIP: 0033:0x7fc1f6be2b19 [ 657.890391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 657.894120] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.895663] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 657.897127] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 657.898580] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 657.900031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.901514] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 [ 658.121367] EXT4-fs error (device loop1): ext4_orphan_get:1413: comm syz-executor.1: bad orphan inode 301979167 [ 658.128415] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue 23:47:51 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:47:51 executing program 1: ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00/file0/file0\x00\x00\x00\x00\x00\x00']) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0/file0\x00'}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000300)={0x30, 0x32, 0xa, 0x8, 0x9, 0x7, 0x2006, 0x140, 0x57c371147aca7cca}) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0x0, 0x1c, 0x0, 0x12, 0x4, 0x8f6, 0x1, 0x15b}) dup2(0xffffffffffffffff, r2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f00000001c0)="201900d07642da921fd6ff11430c6c6b8c0ac5060048065e24ecf3bb8ce311427ac446646b66cda5c391a00fbccd665cde721d7307fdcb6b969016edfcfc7632c1f3819bab23a38c40d2318820e65ef0262cc5dd8b5bc96f21bc84022b67785d6741984f29f705f842bd5a0870925cdb5d80eb689f80ea6ff07d3876a48c6519dad01907103c1df3928cb15b27437eb6e994a4bed70de633978e40", 0x9b, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000180)) mmap$IORING_OFF_SQES(&(0x7f0000ff3000/0xc000)=nil, 0xc000, 0x2000002, 0xf154c79f1722d852, 0xffffffffffffffff, 0x10000000) pkey_mprotect(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) pkey_mprotect(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) pkey_mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000010000002afbce28", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0/file0\x00']) pkey_mprotect(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) ftruncate(0xffffffffffffffff, 0x1) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, 0x0) 23:47:51 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 3) 23:47:51 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 11) 23:47:51 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:47:51 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 7) 23:47:51 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:47:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 6) [ 668.825772] FAULT_INJECTION: forcing a failure. [ 668.825772] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 668.826711] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 668.827434] CPU: 0 PID: 6129 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 668.829385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 668.830235] Call Trace: [ 668.830535] dump_stack+0x107/0x167 [ 668.830940] should_fail.cold+0x5/0xa [ 668.831364] _copy_from_user+0x2e/0x1b0 [ 668.831805] copy_mount_options+0x76/0x180 [ 668.832270] __x64_sys_mount+0x1a8/0x300 [ 668.832728] ? copy_mnt_ns+0xa00/0xa00 [ 668.833172] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 668.833777] ? syscall_enter_from_user_mode+0x1d/0x50 [ 668.834354] do_syscall_64+0x33/0x40 [ 668.834763] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 668.835329] RIP: 0033:0x7fbdabcfab19 [ 668.835736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 668.837762] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 668.838597] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 668.839426] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 668.840250] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 668.841080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 668.841926] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 668.846522] FAULT_INJECTION: forcing a failure. [ 668.846522] name failslab, interval 1, probability 0, space 0, times 0 [ 668.847099] FAULT_INJECTION: forcing a failure. [ 668.847099] name failslab, interval 1, probability 0, space 0, times 0 [ 668.849010] CPU: 1 PID: 6134 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 668.851548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 668.853246] Call Trace: [ 668.853799] dump_stack+0x107/0x167 [ 668.854551] should_fail.cold+0x5/0xa [ 668.855356] ? __skb_ext_alloc+0x19/0x90 [ 668.856196] should_failslab+0x5/0x20 [ 668.856973] kmem_cache_alloc+0x5b/0x360 [ 668.857822] __skb_ext_alloc+0x19/0x90 [ 668.858618] skb_ext_add+0x508/0x670 [ 668.859386] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 668.860466] __alloc_skb+0x3c1/0x620 [ 668.861248] netlink_sendmsg+0x98e/0xdf0 [ 668.862100] ? netlink_unicast+0x7f0/0x7f0 [ 668.862986] ? netlink_unicast+0x7f0/0x7f0 [ 668.863853] sock_sendmsg+0x154/0x190 [ 668.864641] ____sys_sendmsg+0x70d/0x870 [ 668.865487] ? kernel_sendmsg+0x50/0x50 [ 668.866307] ? do_recvmmsg+0x6d0/0x6d0 [ 668.867110] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 668.868185] ? lock_downgrade+0x6d0/0x6d0 [ 668.869041] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 668.870129] ___sys_sendmsg+0xf3/0x170 [ 668.870934] ? sendmsg_copy_msghdr+0x160/0x160 [ 668.871875] ? lock_downgrade+0x6d0/0x6d0 [ 668.872735] ? find_held_lock+0x2c/0x110 [ 668.873588] ? __fget_files+0x296/0x480 [ 668.874412] ? __fget_light+0xea/0x290 [ 668.875220] __sys_sendmsg+0xe5/0x1b0 [ 668.876004] ? __sys_sendmsg_sock+0xb0/0xb0 [ 668.876891] ? rcu_read_lock_any_held+0x75/0xa0 [ 668.877873] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 668.878955] ? syscall_enter_from_user_mode+0x1d/0x50 [ 668.880022] ? trace_hardirqs_on+0x5b/0x180 [ 668.880924] do_syscall_64+0x33/0x40 [ 668.881716] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 668.882776] RIP: 0033:0x7f9af4beeb19 [ 668.883541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 668.887338] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 668.888923] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 668.890386] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 668.891851] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 668.893323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 668.894789] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 668.896281] CPU: 0 PID: 6136 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 668.897081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 668.898046] Call Trace: [ 668.898354] dump_stack+0x107/0x167 [ 668.898788] should_fail.cold+0x5/0xa [ 668.899248] ? create_object.isra.0+0x3a/0xa20 [ 668.899788] should_failslab+0x5/0x20 [ 668.900225] kmem_cache_alloc+0x5b/0x360 [ 668.900696] create_object.isra.0+0x3a/0xa20 [ 668.901064] FAULT_INJECTION: forcing a failure. [ 668.901064] name failslab, interval 1, probability 0, space 0, times 0 [ 668.901202] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 668.901233] kmem_cache_alloc_trace+0x151/0x360 [ 668.904560] alloc_fs_context+0x57/0x840 [ 668.905032] path_mount+0xa72/0x20b0 [ 668.905461] ? strncpy_from_user+0x9e/0x470 [ 668.905959] ? finish_automount+0xa40/0xa40 [ 668.906466] ? getname_flags.part.0+0x1dd/0x4f0 [ 668.907001] ? _copy_from_user+0xfb/0x1b0 [ 668.907489] __x64_sys_mount+0x282/0x300 [ 668.907958] ? copy_mnt_ns+0xa00/0xa00 [ 668.908413] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 668.909017] ? syscall_enter_from_user_mode+0x1d/0x50 [ 668.909603] do_syscall_64+0x33/0x40 [ 668.910029] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 668.910615] RIP: 0033:0x7ff8f0c7cb19 [ 668.911049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 668.913179] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 668.914059] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 668.914881] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 668.915705] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 668.916499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 668.917326] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 668.918162] CPU: 1 PID: 6135 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 668.919586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 668.921304] Call Trace: [ 668.921850] dump_stack+0x107/0x167 [ 668.922618] should_fail.cold+0x5/0xa [ 668.923393] ? __alloc_skb+0x6d/0x620 [ 668.924172] should_failslab+0x5/0x20 [ 668.924943] kmem_cache_alloc_node+0x55/0x370 [ 668.925864] __alloc_skb+0x6d/0x620 [ 668.926618] netlink_sendmsg+0x98e/0xdf0 [ 668.927459] ? netlink_unicast+0x7f0/0x7f0 [ 668.928333] ? netlink_unicast+0x7f0/0x7f0 [ 668.929196] sock_sendmsg+0x154/0x190 [ 668.929991] ____sys_sendmsg+0x70d/0x870 [ 668.930824] ? kernel_sendmsg+0x50/0x50 [ 668.931637] ? do_recvmmsg+0x6d0/0x6d0 [ 668.932443] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 668.933534] ? lock_downgrade+0x6d0/0x6d0 [ 668.934394] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 668.935482] ___sys_sendmsg+0xf3/0x170 [ 668.936290] ? sendmsg_copy_msghdr+0x160/0x160 [ 668.937256] ? lock_downgrade+0x6d0/0x6d0 [ 668.938100] ? find_held_lock+0x2c/0x110 [ 668.938952] ? __fget_files+0x296/0x480 [ 668.939780] ? __fget_light+0xea/0x290 [ 668.940595] __sys_sendmsg+0xe5/0x1b0 [ 668.941397] ? __sys_sendmsg_sock+0xb0/0xb0 [ 668.942295] ? rcu_read_lock_any_held+0x75/0xa0 [ 668.943277] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 668.943958] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 668.944359] ? syscall_enter_from_user_mode+0x1d/0x50 [ 668.946318] ? trace_hardirqs_on+0x5b/0x180 [ 668.947206] do_syscall_64+0x33/0x40 [ 668.947966] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 668.949028] RIP: 0033:0x7fc1f6be2b19 [ 668.949807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 668.953642] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 668.955224] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 668.956699] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 668.958186] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 668.959662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 668.961148] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 23:47:51 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 668.966535] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:47:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 7) [ 669.006138] FAULT_INJECTION: forcing a failure. [ 669.006138] name failslab, interval 1, probability 0, space 0, times 0 [ 669.008502] CPU: 1 PID: 6143 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 669.009904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 669.011617] Call Trace: [ 669.012165] dump_stack+0x107/0x167 [ 669.012927] should_fail.cold+0x5/0xa [ 669.013731] ? getname_flags.part.0+0x50/0x4f0 [ 669.014689] should_failslab+0x5/0x20 [ 669.015475] kmem_cache_alloc+0x5b/0x360 [ 669.016326] getname_flags.part.0+0x50/0x4f0 [ 669.017245] ? _copy_from_user+0xfb/0x1b0 [ 669.018098] user_path_at_empty+0xa1/0x100 [ 669.018970] __x64_sys_mount+0x1e9/0x300 [ 669.019806] ? copy_mnt_ns+0xa00/0xa00 [ 669.020605] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 669.021681] ? syscall_enter_from_user_mode+0x1d/0x50 [ 669.022738] do_syscall_64+0x33/0x40 [ 669.023498] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 669.024537] RIP: 0033:0x7fbdabcfab19 [ 669.025308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 669.029098] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 669.030682] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 669.032151] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 669.033630] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 669.035101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 669.036574] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 669.050526] EXT4-fs error (device loop1): ext4_orphan_get:1413: comm syz-executor.1: bad orphan inode 301979167 [ 669.053521] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue 23:47:51 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 12) 23:47:51 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(0xffffffffffffffff) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 669.128643] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 669.153132] FAULT_INJECTION: forcing a failure. [ 669.153132] name failslab, interval 1, probability 0, space 0, times 0 [ 669.155557] CPU: 1 PID: 6151 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 669.156947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 669.158638] Call Trace: [ 669.159180] dump_stack+0x107/0x167 [ 669.159930] should_fail.cold+0x5/0xa [ 669.160712] ? legacy_init_fs_context+0x44/0xe0 [ 669.161668] should_failslab+0x5/0x20 [ 669.162439] kmem_cache_alloc_trace+0x55/0x360 [ 669.163387] ? lockdep_init_map_type+0x2c7/0x780 [ 669.164376] legacy_init_fs_context+0x44/0xe0 [ 669.165310] ? generic_parse_monolithic+0x1f0/0x1f0 [ 669.166342] alloc_fs_context+0x4f8/0x840 [ 669.167207] path_mount+0xa72/0x20b0 [ 669.167975] ? strncpy_from_user+0x9e/0x470 [ 669.168872] ? finish_automount+0xa40/0xa40 [ 669.169781] ? getname_flags.part.0+0x1dd/0x4f0 [ 669.170735] ? _copy_from_user+0xfb/0x1b0 [ 669.171588] __x64_sys_mount+0x282/0x300 [ 669.172425] ? copy_mnt_ns+0xa00/0xa00 [ 669.173219] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 669.174314] ? syscall_enter_from_user_mode+0x1d/0x50 [ 669.175385] do_syscall_64+0x33/0x40 [ 669.176156] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 669.177212] RIP: 0033:0x7ff8f0c7cb19 [ 669.177996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 669.181765] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 669.183315] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 669.184763] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 669.186217] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 669.187687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 669.189162] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:48:02 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 13) 23:48:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:02 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 8) [ 679.329451] FAULT_INJECTION: forcing a failure. [ 679.329451] name failslab, interval 1, probability 0, space 0, times 0 [ 679.330743] CPU: 0 PID: 6159 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 679.331497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.332427] Call Trace: [ 679.332728] dump_stack+0x107/0x167 [ 679.333134] should_fail.cold+0x5/0xa [ 679.333585] ? create_object.isra.0+0x3a/0xa20 [ 679.334094] should_failslab+0x5/0x20 [ 679.334518] kmem_cache_alloc+0x5b/0x360 [ 679.334979] create_object.isra.0+0x3a/0xa20 [ 679.335494] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 679.336077] kmem_cache_alloc_node+0x169/0x370 [ 679.336581] __alloc_skb+0x6d/0x620 [ 679.337005] netlink_sendmsg+0x98e/0xdf0 [ 679.337479] ? netlink_unicast+0x7f0/0x7f0 [ 679.337965] ? netlink_unicast+0x7f0/0x7f0 [ 679.338444] sock_sendmsg+0x154/0x190 [ 679.338877] ____sys_sendmsg+0x70d/0x870 [ 679.339338] ? kernel_sendmsg+0x50/0x50 [ 679.339783] ? do_recvmmsg+0x6d0/0x6d0 [ 679.340229] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.340821] ? lock_downgrade+0x6d0/0x6d0 [ 679.341307] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.341912] ___sys_sendmsg+0xf3/0x170 [ 679.342348] ? sendmsg_copy_msghdr+0x160/0x160 [ 679.342863] ? lock_downgrade+0x6d0/0x6d0 [ 679.343332] ? find_held_lock+0x2c/0x110 [ 679.343795] ? __fget_files+0x296/0x480 [ 679.344246] ? __fget_light+0xea/0x290 [ 679.344685] __sys_sendmsg+0xe5/0x1b0 [ 679.345121] ? __sys_sendmsg_sock+0xb0/0xb0 [ 679.345639] ? rcu_read_lock_any_held+0x75/0xa0 [ 679.346180] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.346782] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.347380] ? trace_hardirqs_on+0x5b/0x180 [ 679.347881] do_syscall_64+0x33/0x40 [ 679.348312] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.348881] RIP: 0033:0x7fc1f6be2b19 [ 679.349302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.351370] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 679.352232] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 679.353050] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 679.353871] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 679.354677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.355478] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 [ 679.359531] FAULT_INJECTION: forcing a failure. [ 679.359531] name failslab, interval 1, probability 0, space 0, times 0 [ 679.360865] CPU: 0 PID: 6167 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 679.361664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.362594] Call Trace: [ 679.362891] dump_stack+0x107/0x167 [ 679.363303] should_fail.cold+0x5/0xa [ 679.363735] ? create_object.isra.0+0x3a/0xa20 [ 679.364259] should_failslab+0x5/0x20 [ 679.364690] kmem_cache_alloc+0x5b/0x360 [ 679.365158] create_object.isra.0+0x3a/0xa20 [ 679.365661] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 679.366247] kmem_cache_alloc+0x159/0x360 [ 679.366722] __skb_ext_alloc+0x19/0x90 [ 679.367162] skb_ext_add+0x508/0x670 [ 679.367513] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 679.367584] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 679.367598] __alloc_skb+0x3c1/0x620 [ 679.367611] netlink_sendmsg+0x98e/0xdf0 [ 679.367625] ? netlink_unicast+0x7f0/0x7f0 [ 679.367642] ? netlink_unicast+0x7f0/0x7f0 [ 679.371738] sock_sendmsg+0x154/0x190 [ 679.372175] ____sys_sendmsg+0x70d/0x870 [ 679.372638] ? kernel_sendmsg+0x50/0x50 [ 679.372681] FAULT_INJECTION: forcing a failure. [ 679.372681] name failslab, interval 1, probability 0, space 0, times 0 [ 679.373092] ? do_recvmmsg+0x6d0/0x6d0 [ 679.373103] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.373114] ? lock_downgrade+0x6d0/0x6d0 [ 679.373132] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.377533] ___sys_sendmsg+0xf3/0x170 [ 679.377968] ? sendmsg_copy_msghdr+0x160/0x160 [ 679.378486] ? lock_downgrade+0x6d0/0x6d0 [ 679.378957] ? find_held_lock+0x2c/0x110 [ 679.379419] ? __fget_files+0x296/0x480 [ 679.379875] ? __fget_light+0xea/0x290 [ 679.380320] __sys_sendmsg+0xe5/0x1b0 [ 679.380750] ? __sys_sendmsg_sock+0xb0/0xb0 [ 679.381239] ? rcu_read_lock_any_held+0x75/0xa0 [ 679.381793] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.382401] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.382981] ? trace_hardirqs_on+0x5b/0x180 [ 679.383474] do_syscall_64+0x33/0x40 [ 679.383895] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.384477] RIP: 0033:0x7f9af4beeb19 [ 679.384895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.386986] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 679.387845] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 679.388660] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 679.389488] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 679.390301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.391089] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 679.391910] CPU: 1 PID: 6170 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 679.393374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 23:48:02 executing program 0: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:02 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:48:02 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 8) 23:48:02 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 4) 23:48:02 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(0xffffffffffffffff) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 679.395145] Call Trace: [ 679.395860] dump_stack+0x107/0x167 [ 679.396641] should_fail.cold+0x5/0xa [ 679.397476] ? create_object.isra.0+0x3a/0xa20 [ 679.398449] should_failslab+0x5/0x20 [ 679.399257] kmem_cache_alloc+0x5b/0x360 [ 679.400124] create_object.isra.0+0x3a/0xa20 [ 679.401057] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 679.402150] kmem_cache_alloc_trace+0x151/0x360 [ 679.403135] ? lockdep_init_map_type+0x2c7/0x780 [ 679.404145] legacy_init_fs_context+0x44/0xe0 [ 679.405100] ? generic_parse_monolithic+0x1f0/0x1f0 [ 679.406168] alloc_fs_context+0x4f8/0x840 [ 679.407058] path_mount+0xa72/0x20b0 [ 679.407860] ? strncpy_from_user+0x9e/0x470 [ 679.408782] ? finish_automount+0xa40/0xa40 [ 679.409718] ? getname_flags.part.0+0x1dd/0x4f0 [ 679.410702] ? _copy_from_user+0xfb/0x1b0 [ 679.411627] __x64_sys_mount+0x282/0x300 [ 679.412493] ? copy_mnt_ns+0xa00/0xa00 [ 679.413325] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.414479] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.415606] do_syscall_64+0x33/0x40 [ 679.416413] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.417513] RIP: 0033:0x7ff8f0c7cb19 [ 679.418332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.422233] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 679.423903] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 679.425471] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 679.427019] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 679.428582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 679.430164] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 679.436543] FAULT_INJECTION: forcing a failure. [ 679.436543] name failslab, interval 1, probability 0, space 0, times 0 [ 679.439070] CPU: 1 PID: 6156 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 679.440561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.442391] Call Trace: [ 679.442970] dump_stack+0x107/0x167 [ 679.443776] should_fail.cold+0x5/0xa [ 679.444614] ? create_object.isra.0+0x3a/0xa20 [ 679.445645] should_failslab+0x5/0x20 [ 679.446480] kmem_cache_alloc+0x5b/0x360 [ 679.447378] create_object.isra.0+0x3a/0xa20 [ 679.448333] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 679.449449] kmem_cache_alloc+0x159/0x360 [ 679.450360] getname_flags.part.0+0x50/0x4f0 [ 679.451312] ? _copy_from_user+0xfb/0x1b0 [ 679.452213] user_path_at_empty+0xa1/0x100 [ 679.453137] __x64_sys_mount+0x1e9/0x300 [ 679.454028] ? copy_mnt_ns+0xa00/0xa00 [ 679.454877] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.456016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.457138] do_syscall_64+0x33/0x40 [ 679.457964] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.459081] RIP: 0033:0x7fbdabcfab19 [ 679.459888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.463876] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 679.465537] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 679.467084] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 679.468632] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 679.470195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.471743] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 679.482635] FAULT_INJECTION: forcing a failure. [ 679.482635] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 679.485254] CPU: 1 PID: 6175 Comm: syz-executor.2 Not tainted 5.10.161 #1 23:48:02 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 9) 23:48:02 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 5) [ 679.486769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.488709] Call Trace: [ 679.489273] dump_stack+0x107/0x167 [ 679.490061] should_fail.cold+0x5/0xa [ 679.490890] _copy_from_iter_full+0x1ff/0x940 [ 679.491844] ? __check_object_size+0x319/0x440 [ 679.492824] netlink_sendmsg+0x86f/0xdf0 [ 679.493703] ? netlink_unicast+0x7f0/0x7f0 [ 679.494617] ? netlink_unicast+0x7f0/0x7f0 [ 679.495518] sock_sendmsg+0x154/0x190 [ 679.496330] ____sys_sendmsg+0x70d/0x870 [ 679.497199] ? kernel_sendmsg+0x50/0x50 [ 679.498058] ? do_recvmmsg+0x6d0/0x6d0 [ 679.498887] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.499996] ? lock_downgrade+0x6d0/0x6d0 [ 679.500878] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.501996] ___sys_sendmsg+0xf3/0x170 [ 679.502822] ? sendmsg_copy_msghdr+0x160/0x160 [ 679.503795] ? lock_downgrade+0x6d0/0x6d0 [ 679.504676] ? find_held_lock+0x2c/0x110 [ 679.505560] ? __fget_files+0x296/0x480 [ 679.506414] ? __fget_light+0xea/0x290 [ 679.507246] __sys_sendmsg+0xe5/0x1b0 [ 679.508051] ? __sys_sendmsg_sock+0xb0/0xb0 [ 679.508964] ? rcu_read_lock_any_held+0x75/0xa0 [ 679.509975] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.511087] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.512178] ? trace_hardirqs_on+0x5b/0x180 [ 679.513094] do_syscall_64+0x33/0x40 [ 679.513893] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.514977] RIP: 0033:0x7f9af4beeb19 [ 679.515766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.519706] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 679.521342] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 679.522871] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 679.524393] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 679.525930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.527452] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 679.533844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 679.539694] FAULT_INJECTION: forcing a failure. [ 679.539694] name failslab, interval 1, probability 0, space 0, times 0 [ 679.542129] CPU: 1 PID: 6178 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 679.543595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.545375] Call Trace: [ 679.545953] dump_stack+0x107/0x167 [ 679.546735] should_fail.cold+0x5/0xa [ 679.547557] should_failslab+0x5/0x20 [ 679.548369] __kmalloc_node_track_caller+0x74/0x3f0 [ 679.549453] ? netlink_sendmsg+0x98e/0xdf0 [ 679.550359] __alloc_skb+0xb1/0x620 [ 679.551142] netlink_sendmsg+0x98e/0xdf0 [ 679.552015] ? netlink_unicast+0x7f0/0x7f0 [ 679.552931] ? netlink_unicast+0x7f0/0x7f0 [ 679.553841] sock_sendmsg+0x154/0x190 [ 679.554655] ____sys_sendmsg+0x70d/0x870 [ 679.555525] ? kernel_sendmsg+0x50/0x50 [ 679.556367] ? do_recvmmsg+0x6d0/0x6d0 [ 679.557198] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.558335] ? lock_downgrade+0x6d0/0x6d0 [ 679.559223] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 679.560349] ___sys_sendmsg+0xf3/0x170 [ 679.561180] ? sendmsg_copy_msghdr+0x160/0x160 [ 679.562166] ? lock_downgrade+0x6d0/0x6d0 [ 679.563056] ? find_held_lock+0x2c/0x110 [ 679.563932] ? __fget_files+0x296/0x480 [ 679.564792] ? __fget_light+0xea/0x290 [ 679.565648] __sys_sendmsg+0xe5/0x1b0 [ 679.566460] ? __sys_sendmsg_sock+0xb0/0xb0 [ 679.567380] ? rcu_read_lock_any_held+0x75/0xa0 [ 679.568391] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.569517] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.570615] ? trace_hardirqs_on+0x5b/0x180 [ 679.571537] do_syscall_64+0x33/0x40 [ 679.572333] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.573430] RIP: 0033:0x7fc1f6be2b19 [ 679.574224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.578144] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 679.579764] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 679.581282] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 679.582804] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 679.584318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.585846] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 [ 679.588092] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 679.600099] FAT-fs (loop1): Directory bread(block 3) failed [ 679.604335] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. 23:48:02 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:48:02 executing program 0: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 679.619034] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:48:02 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 14) 23:48:02 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(0xffffffffffffffff) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:02 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 9) 23:48:02 executing program 0: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 679.676740] FAULT_INJECTION: forcing a failure. [ 679.676740] name failslab, interval 1, probability 0, space 0, times 0 [ 679.678097] CPU: 0 PID: 6186 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 679.678835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.679718] Call Trace: [ 679.680010] dump_stack+0x107/0x167 [ 679.680403] should_fail.cold+0x5/0xa [ 679.680821] ? v9fs_mount+0x5a/0x8f0 [ 679.681223] should_failslab+0x5/0x20 [ 679.681641] kmem_cache_alloc_trace+0x55/0x360 [ 679.682131] ? v9fs_write_inode+0x60/0x60 [ 679.682578] v9fs_mount+0x5a/0x8f0 [ 679.682823] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 679.682958] ? v9fs_write_inode+0x60/0x60 [ 679.682970] legacy_get_tree+0x105/0x220 [ 679.682989] vfs_get_tree+0x8e/0x300 [ 679.685978] path_mount+0x13be/0x20b0 [ 679.686413] ? strncpy_from_user+0x9e/0x470 [ 679.686901] ? finish_automount+0xa40/0xa40 [ 679.687385] ? getname_flags.part.0+0x1dd/0x4f0 [ 679.687905] ? _copy_from_user+0xfb/0x1b0 [ 679.688376] __x64_sys_mount+0x282/0x300 [ 679.688830] ? copy_mnt_ns+0xa00/0xa00 [ 679.689272] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.689872] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.690449] do_syscall_64+0x33/0x40 [ 679.690868] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.691438] RIP: 0033:0x7ff8f0c7cb19 [ 679.691854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.693927] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 679.694794] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 679.695605] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 679.696401] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 679.697195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 679.698010] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 679.715047] FAULT_INJECTION: forcing a failure. [ 679.715047] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 679.716356] CPU: 0 PID: 6187 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 679.717084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 679.718000] Call Trace: [ 679.718286] dump_stack+0x107/0x167 [ 679.718677] should_fail.cold+0x5/0xa [ 679.719091] strncpy_from_user+0x34/0x470 [ 679.719543] getname_flags.part.0+0x95/0x4f0 [ 679.720020] ? _copy_from_user+0xfb/0x1b0 [ 679.720468] user_path_at_empty+0xa1/0x100 [ 679.720929] __x64_sys_mount+0x1e9/0x300 [ 679.721383] ? copy_mnt_ns+0xa00/0xa00 [ 679.721811] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 679.722383] ? syscall_enter_from_user_mode+0x1d/0x50 [ 679.722939] do_syscall_64+0x33/0x40 [ 679.723353] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 679.723930] RIP: 0033:0x7fbdabcfab19 [ 679.724335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 679.726373] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 679.727209] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 679.727991] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 679.728773] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 679.729560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.730350] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:48:14 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 10) 23:48:14 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 10) 23:48:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e382"], 0x28}}, 0x0) 23:48:14 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:14 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:14 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 6) 23:48:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 15) [ 691.845933] FAULT_INJECTION: forcing a failure. [ 691.845933] name failslab, interval 1, probability 0, space 0, times 0 [ 691.848473] CPU: 1 PID: 6205 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 691.849976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 691.851787] Call Trace: [ 691.852372] dump_stack+0x107/0x167 [ 691.853181] should_fail.cold+0x5/0xa [ 691.854042] ? alloc_fs_context+0x57/0x840 [ 691.854968] should_failslab+0x5/0x20 [ 691.855206] FAULT_INJECTION: forcing a failure. [ 691.855206] name failslab, interval 1, probability 0, space 0, times 0 [ 691.855799] kmem_cache_alloc_trace+0x55/0x360 [ 691.855827] alloc_fs_context+0x57/0x840 [ 691.855868] path_mount+0xa72/0x20b0 [ 691.860986] ? strncpy_from_user+0x9e/0x470 [ 691.861946] ? finish_automount+0xa40/0xa40 [ 691.862892] ? getname_flags.part.0+0x1dd/0x4f0 [ 691.863909] ? _copy_from_user+0xfb/0x1b0 [ 691.864840] __x64_sys_mount+0x282/0x300 [ 691.865763] ? copy_mnt_ns+0xa00/0xa00 [ 691.866634] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 691.867794] ? syscall_enter_from_user_mode+0x1d/0x50 [ 691.868937] do_syscall_64+0x33/0x40 [ 691.869773] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 691.870909] RIP: 0033:0x7fbdabcfab19 [ 691.871738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 691.875822] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 691.877509] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 691.879101] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 691.880684] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 691.882272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 691.883848] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 691.885457] CPU: 0 PID: 6195 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 691.887057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 691.888959] Call Trace: [ 691.889579] dump_stack+0x107/0x167 [ 691.890420] should_fail.cold+0x5/0xa [ 691.891300] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 691.892454] 9pnet: Insufficient options for proto=fd [ 691.892791] should_failslab+0x5/0x20 [ 691.892808] __kmalloc+0x72/0x3f0 [ 691.892841] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 691.895289] FAULT_INJECTION: forcing a failure. [ 691.895289] name failslab, interval 1, probability 0, space 0, times 0 [ 691.895628] genl_family_rcv_msg_doit+0xda/0x330 [ 691.895657] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 691.902138] ? cap_capable+0x1d6/0x240 [ 691.903034] ? security_capable+0x95/0xc0 [ 691.903991] ? ns_capable+0xdd/0x100 [ 691.904850] genl_rcv_msg+0x33c/0x5a0 [ 691.905751] ? genl_get_cmd+0x480/0x480 [ 691.906678] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 691.907882] ? lock_release+0x6b0/0x6b0 [ 691.908827] ? netlink_deliver_tap+0xf4/0xc40 [ 691.909885] netlink_rcv_skb+0x14b/0x430 [ 691.910828] ? genl_get_cmd+0x480/0x480 [ 691.911753] ? netlink_ack+0xab0/0xab0 [ 691.912671] ? netlink_deliver_tap+0x1c4/0xc40 [ 691.913744] ? is_vmalloc_addr+0x7b/0xb0 [ 691.914698] genl_rcv+0x24/0x40 [ 691.915465] netlink_unicast+0x549/0x7f0 [ 691.916414] ? netlink_attachskb+0x810/0x810 [ 691.917446] netlink_sendmsg+0x905/0xdf0 [ 691.918409] ? netlink_unicast+0x7f0/0x7f0 [ 691.919406] ? netlink_unicast+0x7f0/0x7f0 [ 691.920390] sock_sendmsg+0x154/0x190 [ 691.921279] ____sys_sendmsg+0x70d/0x870 [ 691.922236] ? kernel_sendmsg+0x50/0x50 [ 691.923152] ? do_recvmmsg+0x6d0/0x6d0 [ 691.924061] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 691.925315] ? lock_downgrade+0x6d0/0x6d0 [ 691.926313] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 691.927546] ___sys_sendmsg+0xf3/0x170 [ 691.928462] ? sendmsg_copy_msghdr+0x160/0x160 [ 691.929549] ? lock_downgrade+0x6d0/0x6d0 [ 691.930530] ? find_held_lock+0x2c/0x110 [ 691.931492] ? __fget_files+0x296/0x480 [ 691.932437] ? __fget_light+0xea/0x290 [ 691.933356] __sys_sendmsg+0xe5/0x1b0 [ 691.934259] ? __sys_sendmsg_sock+0xb0/0xb0 [ 691.935267] ? rcu_read_lock_any_held+0x75/0xa0 [ 691.936378] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 691.937622] ? syscall_enter_from_user_mode+0x1d/0x50 [ 691.938831] ? trace_hardirqs_on+0x5b/0x180 [ 691.939869] do_syscall_64+0x33/0x40 [ 691.940751] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 691.941968] RIP: 0033:0x7f9af4beeb19 [ 691.942849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 691.947215] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 691.949013] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 691.950714] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 691.952405] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 691.954113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 691.955832] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 691.957566] CPU: 1 PID: 6209 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 691.959174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 691.961114] Call Trace: [ 691.961744] dump_stack+0x107/0x167 [ 691.962604] should_fail.cold+0x5/0xa [ 691.963495] ? create_object.isra.0+0x3a/0xa20 [ 691.964570] should_failslab+0x5/0x20 [ 691.965464] kmem_cache_alloc+0x5b/0x360 [ 691.966441] create_object.isra.0+0x3a/0xa20 [ 691.967470] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 691.968664] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 691.969857] ? netlink_sendmsg+0x98e/0xdf0 [ 691.970853] __alloc_skb+0xb1/0x620 [ 691.971717] netlink_sendmsg+0x98e/0xdf0 [ 691.972681] ? netlink_unicast+0x7f0/0x7f0 [ 691.973709] ? netlink_unicast+0x7f0/0x7f0 [ 691.974711] sock_sendmsg+0x154/0x190 [ 691.975626] ____sys_sendmsg+0x70d/0x870 [ 691.976599] ? kernel_sendmsg+0x50/0x50 [ 691.977547] ? do_recvmmsg+0x6d0/0x6d0 [ 691.978478] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 691.979724] ? lock_downgrade+0x6d0/0x6d0 [ 691.980716] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 691.981974] ___sys_sendmsg+0xf3/0x170 [ 691.982902] ? sendmsg_copy_msghdr+0x160/0x160 [ 691.983991] ? lock_downgrade+0x6d0/0x6d0 [ 691.984980] ? find_held_lock+0x2c/0x110 [ 691.985971] ? __fget_files+0x296/0x480 [ 691.986929] ? __fget_light+0xea/0x290 [ 691.987861] __sys_sendmsg+0xe5/0x1b0 [ 691.988766] ? __sys_sendmsg_sock+0xb0/0xb0 [ 691.989794] ? rcu_read_lock_any_held+0x75/0xa0 [ 691.990885] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 691.991926] ? syscall_enter_from_user_mode+0x1d/0x50 [ 691.992945] ? trace_hardirqs_on+0x5b/0x180 [ 691.993809] do_syscall_64+0x33/0x40 [ 691.994548] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 691.995558] RIP: 0033:0x7fc1f6be2b19 [ 691.996296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 691.999949] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 692.001456] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 692.002885] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 692.004294] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 692.005722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 692.007129] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 23:48:14 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 692.018826] FAT-fs (loop1): Directory bread(block 3) failed [ 692.024259] FAULT_INJECTION: forcing a failure. [ 692.024259] name failslab, interval 1, probability 0, space 0, times 0 [ 692.026613] CPU: 1 PID: 6210 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 692.028021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 692.029730] Call Trace: [ 692.030276] dump_stack+0x107/0x167 [ 692.031030] should_fail.cold+0x5/0xa [ 692.031819] ? create_object.isra.0+0x3a/0xa20 [ 692.032763] should_failslab+0x5/0x20 [ 692.033551] kmem_cache_alloc+0x5b/0x360 [ 692.034388] ? cred_has_capability.isra.0+0x152/0x2b0 [ 692.035450] create_object.isra.0+0x3a/0xa20 [ 692.036359] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 692.037406] kmem_cache_alloc_trace+0x151/0x360 [ 692.038383] ? v9fs_write_inode+0x60/0x60 [ 692.039236] v9fs_mount+0x5a/0x8f0 [ 692.039973] ? v9fs_write_inode+0x60/0x60 [ 692.040829] legacy_get_tree+0x105/0x220 [ 692.041692] vfs_get_tree+0x8e/0x300 [ 692.042469] path_mount+0x13be/0x20b0 [ 692.043266] ? strncpy_from_user+0x9e/0x470 [ 692.044165] ? finish_automount+0xa40/0xa40 [ 692.045066] ? getname_flags.part.0+0x1dd/0x4f0 [ 692.046048] ? _copy_from_user+0xfb/0x1b0 [ 692.046922] __x64_sys_mount+0x282/0x300 [ 692.047772] ? copy_mnt_ns+0xa00/0xa00 [ 692.048590] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 692.049692] ? syscall_enter_from_user_mode+0x1d/0x50 [ 692.050764] do_syscall_64+0x33/0x40 [ 692.051544] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 692.052610] RIP: 0033:0x7ff8f0c7cb19 [ 692.053386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 692.057235] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 692.058842] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 692.060341] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 692.061834] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 692.063348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 692.064858] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:48:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 692.112373] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. 23:48:14 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:14 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 7) 23:48:14 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 11) 23:48:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:48:14 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 11) [ 692.217371] 9pnet: Insufficient options for proto=fd 23:48:14 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 692.255573] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 692.275070] FAULT_INJECTION: forcing a failure. [ 692.275070] name failslab, interval 1, probability 0, space 0, times 0 [ 692.277639] CPU: 0 PID: 6227 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 692.279029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 692.280702] Call Trace: [ 692.281243] dump_stack+0x107/0x167 [ 692.282015] should_fail.cold+0x5/0xa [ 692.282791] ? __skb_ext_alloc+0x19/0x90 [ 692.283616] should_failslab+0x5/0x20 [ 692.284390] kmem_cache_alloc+0x5b/0x360 [ 692.285222] __skb_ext_alloc+0x19/0x90 [ 692.286022] skb_ext_add+0x508/0x670 [ 692.286778] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 692.287845] __alloc_skb+0x3c1/0x620 [ 692.288604] netlink_sendmsg+0x98e/0xdf0 [ 692.289434] ? netlink_unicast+0x7f0/0x7f0 [ 692.290311] ? netlink_unicast+0x7f0/0x7f0 [ 692.291170] sock_sendmsg+0x154/0x190 [ 692.291947] ____sys_sendmsg+0x70d/0x870 [ 692.292775] ? kernel_sendmsg+0x50/0x50 [ 692.293588] ? do_recvmmsg+0x6d0/0x6d0 [ 692.294379] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 692.295449] ? lock_downgrade+0x6d0/0x6d0 [ 692.296291] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 692.297352] ___sys_sendmsg+0xf3/0x170 [ 692.298154] ? sendmsg_copy_msghdr+0x160/0x160 [ 692.299082] ? lock_downgrade+0x6d0/0x6d0 [ 692.299939] ? find_held_lock+0x2c/0x110 [ 692.300777] ? __fget_files+0x296/0x480 [ 692.301606] ? __fget_light+0xea/0x290 [ 692.302398] __sys_sendmsg+0xe5/0x1b0 [ 692.303169] ? __sys_sendmsg_sock+0xb0/0xb0 [ 692.304043] ? rcu_read_lock_any_held+0x75/0xa0 [ 692.305010] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 692.306083] ? syscall_enter_from_user_mode+0x1d/0x50 [ 692.307125] ? trace_hardirqs_on+0x5b/0x180 [ 692.308001] do_syscall_64+0x33/0x40 [ 692.308763] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 692.309817] RIP: 0033:0x7fc1f6be2b19 [ 692.310579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 692.314298] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 692.315850] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 692.317301] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 692.318763] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 692.320219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 692.321697] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 [ 692.329002] FAULT_INJECTION: forcing a failure. [ 692.329002] name failslab, interval 1, probability 0, space 0, times 0 [ 692.329359] FAULT_INJECTION: forcing a failure. [ 692.329359] name failslab, interval 1, probability 0, space 0, times 0 [ 692.331419] CPU: 0 PID: 6228 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 692.331430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 692.331435] Call Trace: [ 692.331456] dump_stack+0x107/0x167 [ 692.331478] should_fail.cold+0x5/0xa [ 692.331498] ? create_object.isra.0+0x3a/0xa20 [ 692.331518] should_failslab+0x5/0x20 [ 692.331535] kmem_cache_alloc+0x5b/0x360 [ 692.331558] create_object.isra.0+0x3a/0xa20 [ 692.342185] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 692.343223] kmem_cache_alloc_trace+0x151/0x360 [ 692.344178] alloc_fs_context+0x57/0x840 [ 692.345019] path_mount+0xa72/0x20b0 [ 692.345796] ? strncpy_from_user+0x9e/0x470 [ 692.346683] ? finish_automount+0xa40/0xa40 [ 692.347565] ? getname_flags.part.0+0x1dd/0x4f0 [ 692.348514] ? _copy_from_user+0xfb/0x1b0 [ 692.349371] __x64_sys_mount+0x282/0x300 [ 692.350219] ? copy_mnt_ns+0xa00/0xa00 [ 692.351019] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 692.352093] ? syscall_enter_from_user_mode+0x1d/0x50 [ 692.353148] do_syscall_64+0x33/0x40 [ 692.353922] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 692.354972] RIP: 0033:0x7fbdabcfab19 [ 692.355729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 692.359488] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 692.361039] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 692.362503] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 692.363959] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 692.365409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 692.366867] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 692.368351] CPU: 1 PID: 6229 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 692.369731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 692.371379] Call Trace: [ 692.371905] dump_stack+0x107/0x167 [ 692.372635] should_fail.cold+0x5/0xa [ 692.373393] ? create_object.isra.0+0x3a/0xa20 [ 692.374317] should_failslab+0x5/0x20 [ 692.375074] kmem_cache_alloc+0x5b/0x360 [ 692.375887] create_object.isra.0+0x3a/0xa20 [ 692.376766] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 692.377819] __kmalloc+0x16e/0x3f0 [ 692.378550] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 692.379818] genl_family_rcv_msg_doit+0xda/0x330 [ 692.380770] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 692.381233] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 692.382090] ? cap_capable+0x1d6/0x240 [ 692.382113] ? security_capable+0x95/0xc0 [ 692.382136] ? ns_capable+0xdd/0x100 [ 692.382167] genl_rcv_msg+0x33c/0x5a0 [ 692.386778] ? genl_get_cmd+0x480/0x480 [ 692.387576] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 692.388607] ? lock_release+0x6b0/0x6b0 [ 692.389397] ? netlink_deliver_tap+0xf4/0xc40 [ 692.390059] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 692.390302] netlink_rcv_skb+0x14b/0x430 [ 692.392660] ? genl_get_cmd+0x480/0x480 [ 692.393478] ? netlink_ack+0xab0/0xab0 [ 692.394274] ? netlink_deliver_tap+0x1c4/0xc40 [ 692.395181] ? is_vmalloc_addr+0x7b/0xb0 [ 692.395996] genl_rcv+0x24/0x40 [ 692.396655] netlink_unicast+0x549/0x7f0 [ 692.397471] ? netlink_attachskb+0x810/0x810 [ 692.398378] netlink_sendmsg+0x905/0xdf0 [ 692.399196] ? netlink_unicast+0x7f0/0x7f0 [ 692.400055] ? netlink_unicast+0x7f0/0x7f0 [ 692.400901] sock_sendmsg+0x154/0x190 [ 692.401680] ____sys_sendmsg+0x70d/0x870 [ 692.402492] ? kernel_sendmsg+0x50/0x50 [ 692.403280] ? do_recvmmsg+0x6d0/0x6d0 [ 692.404057] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 692.405105] ? lock_downgrade+0x6d0/0x6d0 [ 692.405990] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 692.407050] ___sys_sendmsg+0xf3/0x170 [ 692.407843] ? sendmsg_copy_msghdr+0x160/0x160 [ 692.408790] ? lock_downgrade+0x6d0/0x6d0 [ 692.409638] ? find_held_lock+0x2c/0x110 [ 692.410459] ? __fget_files+0x296/0x480 [ 692.411269] ? __fget_light+0xea/0x290 [ 692.412062] __sys_sendmsg+0xe5/0x1b0 [ 692.412820] ? __sys_sendmsg_sock+0xb0/0xb0 [ 692.413687] ? rcu_read_lock_any_held+0x75/0xa0 [ 692.414637] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 692.415682] ? syscall_enter_from_user_mode+0x1d/0x50 [ 692.416708] ? trace_hardirqs_on+0x5b/0x180 [ 692.417584] do_syscall_64+0x33/0x40 [ 692.418329] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 692.419362] RIP: 0033:0x7f9af4beeb19 [ 692.420104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 692.423772] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 692.425311] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 692.426742] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 692.428166] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 692.429593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 692.431026] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 23:48:33 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 12) 23:48:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:33 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 8) 23:48:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 12) 23:48:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:33 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:48:33 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 16) [ 710.754521] FAULT_INJECTION: forcing a failure. [ 710.754521] name failslab, interval 1, probability 0, space 0, times 0 [ 710.756528] CPU: 0 PID: 6247 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 710.757703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 710.759142] Call Trace: [ 710.759517] FAULT_INJECTION: forcing a failure. [ 710.759517] name failslab, interval 1, probability 0, space 0, times 0 [ 710.759598] dump_stack+0x107/0x167 [ 710.759627] should_fail.cold+0x5/0xa [ 710.763123] should_failslab+0x5/0x20 [ 710.763762] __kmalloc_track_caller+0x79/0x3c0 [ 710.764532] ? v9fs_session_init+0xa7/0x16a0 [ 710.765272] ? kernel_text_address+0xf2/0x120 [ 710.766044] kstrdup+0x36/0x70 [ 710.766587] v9fs_session_init+0xa7/0x16a0 [ 710.767304] ? find_held_lock+0x2c/0x110 [ 710.768001] ? kmem_cache_alloc_trace+0x151/0x360 [ 710.768823] ? v9fs_show_options+0x690/0x690 [ 710.769585] ? kasan_unpoison_shadow+0x33/0x50 [ 710.770382] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 710.771249] v9fs_mount+0x79/0x8f0 [ 710.771855] ? v9fs_write_inode+0x60/0x60 [ 710.772564] legacy_get_tree+0x105/0x220 [ 710.773256] vfs_get_tree+0x8e/0x300 [ 710.773893] path_mount+0x13be/0x20b0 [ 710.774544] ? strncpy_from_user+0x9e/0x470 [ 710.775280] ? finish_automount+0xa40/0xa40 [ 710.776017] ? getname_flags.part.0+0x1dd/0x4f0 [ 710.776786] ? _copy_from_user+0xfb/0x1b0 [ 710.777497] __x64_sys_mount+0x282/0x300 [ 710.778187] ? copy_mnt_ns+0xa00/0xa00 [ 710.778854] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 710.779724] ? syscall_enter_from_user_mode+0x1d/0x50 [ 710.780596] do_syscall_64+0x33/0x40 [ 710.781224] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 710.782104] RIP: 0033:0x7ff8f0c7cb19 [ 710.782740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 710.785856] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 710.787141] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 710.788348] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 710.789549] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 710.790761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 710.791971] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 710.793200] CPU: 1 PID: 6249 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 710.794591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 710.796255] Call Trace: [ 710.796789] dump_stack+0x107/0x167 [ 710.797523] should_fail.cold+0x5/0xa [ 710.798230] FAULT_INJECTION: forcing a failure. [ 710.798230] name failslab, interval 1, probability 0, space 0, times 0 [ 710.798304] ? legacy_init_fs_context+0x44/0xe0 [ 710.801054] should_failslab+0x5/0x20 [ 710.801838] kmem_cache_alloc_trace+0x55/0x360 [ 710.802752] ? lockdep_init_map_type+0x2c7/0x780 [ 710.803706] legacy_init_fs_context+0x44/0xe0 [ 710.804605] ? generic_parse_monolithic+0x1f0/0x1f0 [ 710.805601] alloc_fs_context+0x4f8/0x840 [ 710.806442] path_mount+0xa72/0x20b0 [ 710.807193] ? strncpy_from_user+0x9e/0x470 [ 710.808060] ? finish_automount+0xa40/0xa40 [ 710.808930] ? getname_flags.part.0+0x1dd/0x4f0 [ 710.809935] ? _copy_from_user+0xfb/0x1b0 [ 710.810941] __x64_sys_mount+0x282/0x300 [ 710.811899] ? copy_mnt_ns+0xa00/0xa00 [ 710.812820] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 710.814083] ? syscall_enter_from_user_mode+0x1d/0x50 [ 710.815123] do_syscall_64+0x33/0x40 [ 710.815867] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 710.816887] RIP: 0033:0x7fbdabcfab19 [ 710.817625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 710.821290] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 710.822808] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 710.824233] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 710.825659] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 710.827097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 710.828520] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 710.829974] CPU: 0 PID: 6248 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 710.831148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 710.832554] Call Trace: [ 710.833000] dump_stack+0x107/0x167 [ 710.833617] should_fail.cold+0x5/0xa [ 710.834275] ? create_object.isra.0+0x3a/0xa20 [ 710.835052] should_failslab+0x5/0x20 [ 710.835694] kmem_cache_alloc+0x5b/0x360 [ 710.836385] create_object.isra.0+0x3a/0xa20 [ 710.836408] FAULT_INJECTION: forcing a failure. [ 710.836408] name failslab, interval 1, probability 0, space 0, times 0 [ 710.837131] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 710.837150] kmem_cache_alloc+0x159/0x360 [ 710.837170] __skb_ext_alloc+0x19/0x90 [ 710.837191] skb_ext_add+0x508/0x670 [ 710.842128] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 710.843014] __alloc_skb+0x3c1/0x620 [ 710.843635] netlink_sendmsg+0x98e/0xdf0 [ 710.844320] ? netlink_unicast+0x7f0/0x7f0 [ 710.845026] ? netlink_unicast+0x7f0/0x7f0 [ 710.845733] sock_sendmsg+0x154/0x190 [ 710.846372] ____sys_sendmsg+0x70d/0x870 [ 710.847056] ? kernel_sendmsg+0x50/0x50 [ 710.847699] ? do_recvmmsg+0x6d0/0x6d0 [ 710.848352] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 710.849205] ? lock_downgrade+0x6d0/0x6d0 [ 710.849919] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 710.850798] ___sys_sendmsg+0xf3/0x170 [ 710.851453] ? sendmsg_copy_msghdr+0x160/0x160 [ 710.852225] ? lock_downgrade+0x6d0/0x6d0 [ 710.852920] ? find_held_lock+0x2c/0x110 [ 710.853603] ? __fget_files+0x296/0x480 [ 710.854292] ? __fget_light+0xea/0x290 [ 710.854953] __sys_sendmsg+0xe5/0x1b0 [ 710.855596] ? __sys_sendmsg_sock+0xb0/0xb0 [ 710.856319] ? rcu_read_lock_any_held+0x75/0xa0 [ 710.857111] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 710.858001] ? syscall_enter_from_user_mode+0x1d/0x50 [ 710.858863] ? trace_hardirqs_on+0x5b/0x180 [ 710.859584] do_syscall_64+0x33/0x40 [ 710.860210] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 710.861066] RIP: 0033:0x7fc1f6be2b19 [ 710.861692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 710.864822] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 710.866070] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 710.867236] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 710.868405] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 710.869571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 710.870851] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 [ 710.872153] CPU: 1 PID: 6241 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 710.873549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 710.875211] Call Trace: [ 710.875755] dump_stack+0x107/0x167 [ 710.876494] should_fail.cold+0x5/0xa [ 710.877260] ? __alloc_skb+0x6d/0x620 [ 710.878037] should_failslab+0x5/0x20 [ 710.878802] kmem_cache_alloc_node+0x55/0x370 [ 710.879701] __alloc_skb+0x6d/0x620 [ 710.880432] ? genl_rcv_msg+0x33c/0x5a0 [ 710.881235] netlink_ack+0x1ed/0xab0 [ 710.882017] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 710.883061] ? netlink_sendmsg+0xdf0/0xdf0 [ 710.883916] ? lock_release+0x6b0/0x6b0 [ 710.884719] ? netlink_deliver_tap+0xf4/0xc40 [ 710.885632] netlink_rcv_skb+0x348/0x430 [ 710.886463] ? genl_get_cmd+0x480/0x480 [ 710.887270] ? netlink_ack+0xab0/0xab0 [ 710.888064] ? netlink_deliver_tap+0x1c4/0xc40 [ 710.888986] ? is_vmalloc_addr+0x7b/0xb0 [ 710.889812] genl_rcv+0x24/0x40 [ 710.890474] netlink_unicast+0x549/0x7f0 [ 710.891297] ? netlink_attachskb+0x810/0x810 [ 710.892194] netlink_sendmsg+0x905/0xdf0 [ 710.893022] ? netlink_unicast+0x7f0/0x7f0 [ 710.893905] ? netlink_unicast+0x7f0/0x7f0 [ 710.894761] sock_sendmsg+0x154/0x190 [ 710.895531] ____sys_sendmsg+0x70d/0x870 [ 710.896354] ? kernel_sendmsg+0x50/0x50 [ 710.897148] ? do_recvmmsg+0x6d0/0x6d0 [ 710.897949] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 710.899002] ? lock_downgrade+0x6d0/0x6d0 [ 710.899855] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 710.900911] ___sys_sendmsg+0xf3/0x170 [ 710.901693] ? sendmsg_copy_msghdr+0x160/0x160 [ 710.902635] ? lock_downgrade+0x6d0/0x6d0 [ 710.903472] ? find_held_lock+0x2c/0x110 [ 710.904302] ? __fget_files+0x296/0x480 [ 710.905111] ? __fget_light+0xea/0x290 [ 710.905909] __sys_sendmsg+0xe5/0x1b0 [ 710.906674] ? __sys_sendmsg_sock+0xb0/0xb0 [ 710.907542] ? rcu_read_lock_any_held+0x75/0xa0 [ 710.908494] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 710.909552] ? syscall_enter_from_user_mode+0x1d/0x50 [ 710.910598] ? trace_hardirqs_on+0x5b/0x180 [ 710.911470] do_syscall_64+0x33/0x40 [ 710.912223] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 710.913254] RIP: 0033:0x7f9af4beeb19 [ 710.914030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 710.917711] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 710.919248] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 710.920692] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 710.922136] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 710.923568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 710.925002] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 710.941750] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. 23:48:33 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 710.953854] 9pnet: Insufficient options for proto=fd [ 710.972926] FAT-fs (loop1): Directory bread(block 3) failed 23:48:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 17) [ 710.991401] FAULT_INJECTION: forcing a failure. [ 710.991401] name failslab, interval 1, probability 0, space 0, times 0 [ 710.993322] CPU: 0 PID: 6256 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 710.994484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 710.995880] Call Trace: [ 710.996324] dump_stack+0x107/0x167 [ 710.996918] should_fail.cold+0x5/0xa [ 710.997543] ? create_object.isra.0+0x3a/0xa20 [ 710.998317] should_failslab+0x5/0x20 [ 710.998949] kmem_cache_alloc+0x5b/0x360 [ 710.999632] create_object.isra.0+0x3a/0xa20 [ 711.000368] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 711.001234] __kmalloc_track_caller+0x177/0x3c0 [ 711.002007] ? v9fs_session_init+0xa7/0x16a0 [ 711.002737] ? kernel_text_address+0xf2/0x120 [ 711.003505] kstrdup+0x36/0x70 [ 711.004055] v9fs_session_init+0xa7/0x16a0 [ 711.004748] ? find_held_lock+0x2c/0x110 [ 711.005454] ? kmem_cache_alloc_trace+0x151/0x360 [ 711.006264] ? v9fs_show_options+0x690/0x690 [ 711.007023] ? kasan_unpoison_shadow+0x33/0x50 [ 711.007798] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 711.008655] v9fs_mount+0x79/0x8f0 [ 711.009256] ? v9fs_write_inode+0x60/0x60 [ 711.009978] legacy_get_tree+0x105/0x220 [ 711.010602] vfs_get_tree+0x8e/0x300 [ 711.011162] path_mount+0x13be/0x20b0 [ 711.011752] ? strncpy_from_user+0x9e/0x470 [ 711.012412] ? finish_automount+0xa40/0xa40 [ 711.013071] ? getname_flags.part.0+0x1dd/0x4f0 [ 711.013786] ? _copy_from_user+0xfb/0x1b0 [ 711.014444] __x64_sys_mount+0x282/0x300 [ 711.015082] ? copy_mnt_ns+0xa00/0xa00 [ 711.015680] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 711.016528] ? syscall_enter_from_user_mode+0x1d/0x50 [ 711.017332] do_syscall_64+0x33/0x40 [ 711.017942] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 711.018742] RIP: 0033:0x7ff8f0c7cb19 [ 711.019342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 711.022402] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 711.023696] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 711.024913] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 23:48:33 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000"], 0x28}}, 0x0) [ 711.026129] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 711.027401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 711.028603] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:48:33 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 9) 23:48:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:33 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:33 executing program 0: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 711.078988] FAULT_INJECTION: forcing a failure. [ 711.078988] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 711.081470] CPU: 1 PID: 6261 Comm: syz-executor.5 Not tainted 5.10.161 #1 [ 711.082872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 711.084565] Call Trace: [ 711.085125] dump_stack+0x107/0x167 [ 711.085893] should_fail.cold+0x5/0xa [ 711.086697] _copy_from_iter_full+0x1ff/0x940 [ 711.087624] ? __check_object_size+0x319/0x440 [ 711.088562] netlink_sendmsg+0x86f/0xdf0 [ 711.089385] ? netlink_unicast+0x7f0/0x7f0 [ 711.090266] ? netlink_unicast+0x7f0/0x7f0 [ 711.091121] sock_sendmsg+0x154/0x190 [ 711.091892] ____sys_sendmsg+0x70d/0x870 [ 711.092712] ? kernel_sendmsg+0x50/0x50 [ 711.093507] ? do_recvmmsg+0x6d0/0x6d0 [ 711.094305] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 711.095356] ? lock_downgrade+0x6d0/0x6d0 [ 711.096188] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 711.097250] ___sys_sendmsg+0xf3/0x170 [ 711.098054] ? sendmsg_copy_msghdr+0x160/0x160 [ 711.098974] ? lock_downgrade+0x6d0/0x6d0 [ 711.099807] ? find_held_lock+0x2c/0x110 [ 711.100631] ? __fget_files+0x296/0x480 [ 711.101439] ? __fget_light+0xea/0x290 [ 711.102235] __sys_sendmsg+0xe5/0x1b0 [ 711.103002] ? __sys_sendmsg_sock+0xb0/0xb0 [ 711.103872] ? rcu_read_lock_any_held+0x75/0xa0 [ 711.104846] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 711.105902] ? syscall_enter_from_user_mode+0x1d/0x50 [ 711.106928] ? trace_hardirqs_on+0x5b/0x180 [ 711.107797] do_syscall_64+0x33/0x40 [ 711.108536] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 711.109550] RIP: 0033:0x7fc1f6be2b19 [ 711.110302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 711.114000] RSP: 002b:00007fc1f4158188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 711.115521] RAX: ffffffffffffffda RBX: 00007fc1f6cf5f60 RCX: 00007fc1f6be2b19 [ 711.116944] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 711.118386] RBP: 00007fc1f41581d0 R08: 0000000000000000 R09: 0000000000000000 [ 711.119812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.121254] R13: 00007ffd0c48844f R14: 00007fc1f4158300 R15: 0000000000022000 23:48:33 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 711.157423] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 711.158764] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:48:48 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 18) 23:48:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 10) 23:48:48 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 13) 23:48:48 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:48:48 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 13) 23:48:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 725.328371] FAULT_INJECTION: forcing a failure. [ 725.328371] name failslab, interval 1, probability 0, space 0, times 0 [ 725.330717] CPU: 1 PID: 6282 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 725.332098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 725.333780] Call Trace: [ 725.334333] dump_stack+0x107/0x167 [ 725.335082] should_fail.cold+0x5/0xa [ 725.335863] should_failslab+0x5/0x20 [ 725.336639] __kmalloc_track_caller+0x79/0x3c0 [ 725.337053] FAULT_INJECTION: forcing a failure. [ 725.337053] name failslab, interval 1, probability 0, space 0, times 0 [ 725.337569] ? v9fs_session_init+0xe9/0x16a0 [ 725.337594] ? kernel_text_address+0xf2/0x120 [ 725.341683] kstrdup+0x36/0x70 [ 725.342348] v9fs_session_init+0xe9/0x16a0 [ 725.343207] ? find_held_lock+0x2c/0x110 [ 725.344035] ? kmem_cache_alloc_trace+0x151/0x360 [ 725.345008] ? v9fs_show_options+0x690/0x690 [ 725.345914] ? kasan_unpoison_shadow+0x33/0x50 [ 725.346836] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 725.347868] v9fs_mount+0x79/0x8f0 [ 725.348590] ? v9fs_write_inode+0x60/0x60 [ 725.349431] legacy_get_tree+0x105/0x220 [ 725.350275] vfs_get_tree+0x8e/0x300 [ 725.351033] path_mount+0x13be/0x20b0 [ 725.351807] ? strncpy_from_user+0x9e/0x470 [ 725.352681] ? finish_automount+0xa40/0xa40 [ 725.353557] ? getname_flags.part.0+0x1dd/0x4f0 [ 725.354500] ? _copy_from_user+0xfb/0x1b0 [ 725.355366] __x64_sys_mount+0x282/0x300 [ 725.356195] ? copy_mnt_ns+0xa00/0xa00 [ 725.356988] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 725.358074] ? syscall_enter_from_user_mode+0x1d/0x50 [ 725.359134] do_syscall_64+0x33/0x40 [ 725.359893] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 725.360936] RIP: 0033:0x7ff8f0c7cb19 [ 725.361700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 725.365449] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 725.367015] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 725.368479] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 725.369933] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 725.371410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 725.372860] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 725.374347] CPU: 0 PID: 6289 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 725.375780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 725.377511] Call Trace: [ 725.378070] dump_stack+0x107/0x167 [ 725.378836] should_fail.cold+0x5/0xa [ 725.379633] ? create_object.isra.0+0x3a/0xa20 [ 725.380582] should_failslab+0x5/0x20 [ 725.381376] kmem_cache_alloc+0x5b/0x360 [ 725.382248] create_object.isra.0+0x3a/0xa20 [ 725.383165] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 725.384226] kmem_cache_alloc_node+0x169/0x370 [ 725.385184] __alloc_skb+0x6d/0x620 [ 725.385951] ? genl_rcv_msg+0x33c/0x5a0 [ 725.386785] netlink_ack+0x1ed/0xab0 [ 725.387569] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 725.388641] ? netlink_sendmsg+0xdf0/0xdf0 [ 725.389527] ? lock_release+0x6b0/0x6b0 [ 725.390381] ? netlink_deliver_tap+0xf4/0xc40 [ 725.390687] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 725.391316] netlink_rcv_skb+0x348/0x430 [ 725.393856] ? genl_get_cmd+0x480/0x480 [ 725.394699] ? netlink_ack+0xab0/0xab0 [ 725.395521] ? netlink_deliver_tap+0x1c4/0xc40 [ 725.396469] ? is_vmalloc_addr+0x7b/0xb0 [ 725.397318] genl_rcv+0x24/0x40 [ 725.398029] netlink_unicast+0x549/0x7f0 [ 725.398885] ? netlink_attachskb+0x810/0x810 [ 725.399814] netlink_sendmsg+0x905/0xdf0 [ 725.400670] ? netlink_unicast+0x7f0/0x7f0 [ 725.401565] ? netlink_unicast+0x7f0/0x7f0 [ 725.402457] sock_sendmsg+0x154/0x190 [ 725.403256] ____sys_sendmsg+0x70d/0x870 [ 725.404106] ? kernel_sendmsg+0x50/0x50 [ 725.404929] ? do_recvmmsg+0x6d0/0x6d0 [ 725.405741] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 725.406842] ? lock_downgrade+0x6d0/0x6d0 [ 725.407707] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 725.408800] ___sys_sendmsg+0xf3/0x170 [ 725.409612] ? sendmsg_copy_msghdr+0x160/0x160 [ 725.410582] ? lock_downgrade+0x6d0/0x6d0 [ 725.411450] ? find_held_lock+0x2c/0x110 [ 725.412304] ? __fget_files+0x296/0x480 [ 725.413143] ? __fget_light+0xea/0x290 [ 725.413970] __sys_sendmsg+0xe5/0x1b0 [ 725.414763] ? __sys_sendmsg_sock+0xb0/0xb0 23:48:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 725.415663] ? rcu_read_lock_any_held+0x75/0xa0 [ 725.416762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 725.417854] ? syscall_enter_from_user_mode+0x1d/0x50 [ 725.418945] ? trace_hardirqs_on+0x5b/0x180 [ 725.419845] do_syscall_64+0x33/0x40 [ 725.420618] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 725.421678] RIP: 0033:0x7f9af4beeb19 [ 725.422458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 23:48:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 725.426289] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 725.427913] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 725.429396] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 725.430885] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 725.432366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 725.433852] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 725.447898] FAULT_INJECTION: forcing a failure. [ 725.447898] name failslab, interval 1, probability 0, space 0, times 0 [ 725.450261] CPU: 1 PID: 6288 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 725.451624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 725.453320] Call Trace: [ 725.453858] dump_stack+0x107/0x167 [ 725.454614] should_fail.cold+0x5/0xa [ 725.455394] ? create_object.isra.0+0x3a/0xa20 [ 725.456320] should_failslab+0x5/0x20 [ 725.457094] kmem_cache_alloc+0x5b/0x360 [ 725.457932] create_object.isra.0+0x3a/0xa20 [ 725.458834] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 725.459870] kmem_cache_alloc_trace+0x151/0x360 [ 725.460802] ? lockdep_init_map_type+0x2c7/0x780 [ 725.461769] legacy_init_fs_context+0x44/0xe0 [ 725.462687] ? generic_parse_monolithic+0x1f0/0x1f0 [ 725.463702] alloc_fs_context+0x4f8/0x840 [ 725.464548] path_mount+0xa72/0x20b0 [ 725.465303] ? strncpy_from_user+0x9e/0x470 [ 725.466191] ? finish_automount+0xa40/0xa40 [ 725.467068] ? getname_flags.part.0+0x1dd/0x4f0 [ 725.468009] ? _copy_from_user+0xfb/0x1b0 [ 725.468862] __x64_sys_mount+0x282/0x300 [ 725.469676] ? copy_mnt_ns+0xa00/0xa00 [ 725.470475] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 725.471542] ? syscall_enter_from_user_mode+0x1d/0x50 [ 725.472590] do_syscall_64+0x33/0x40 [ 725.473347] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 725.474402] RIP: 0033:0x7fbdabcfab19 [ 725.475159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 725.478900] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 725.480444] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 725.481894] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 725.483353] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 725.484805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 725.485748] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 725.486266] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:48:48 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 19) 23:48:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:48 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 725.608551] FAULT_INJECTION: forcing a failure. [ 725.608551] name failslab, interval 1, probability 0, space 0, times 0 [ 725.611102] CPU: 1 PID: 6302 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 725.612492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 725.614184] Call Trace: [ 725.614734] dump_stack+0x107/0x167 [ 725.615478] should_fail.cold+0x5/0xa [ 725.616260] ? create_object.isra.0+0x3a/0xa20 [ 725.617185] should_failslab+0x5/0x20 [ 725.617969] kmem_cache_alloc+0x5b/0x360 [ 725.618793] create_object.isra.0+0x3a/0xa20 [ 725.619680] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 725.620709] __kmalloc_track_caller+0x177/0x3c0 [ 725.621649] ? v9fs_session_init+0xe9/0x16a0 [ 725.622569] kstrdup+0x36/0x70 [ 725.623220] v9fs_session_init+0xe9/0x16a0 [ 725.624073] ? find_held_lock+0x2c/0x110 [ 725.624897] ? kmem_cache_alloc_trace+0x151/0x360 [ 725.625873] ? v9fs_show_options+0x690/0x690 [ 725.626789] ? kasan_unpoison_shadow+0x33/0x50 [ 725.627720] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 725.628746] v9fs_mount+0x79/0x8f0 [ 725.629475] ? v9fs_write_inode+0x60/0x60 [ 725.630321] legacy_get_tree+0x105/0x220 [ 725.631145] vfs_get_tree+0x8e/0x300 [ 725.631906] path_mount+0x13be/0x20b0 [ 725.632681] ? strncpy_from_user+0x9e/0x470 [ 725.633559] ? finish_automount+0xa40/0xa40 [ 725.634451] ? getname_flags.part.0+0x1dd/0x4f0 [ 725.635393] ? _copy_from_user+0xfb/0x1b0 [ 725.636255] __x64_sys_mount+0x282/0x300 [ 725.637092] ? copy_mnt_ns+0xa00/0xa00 [ 725.637897] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 725.638984] ? syscall_enter_from_user_mode+0x1d/0x50 [ 725.640040] do_syscall_64+0x33/0x40 [ 725.640805] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 725.641851] RIP: 0033:0x7ff8f0c7cb19 [ 725.642627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 725.642715] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 725.646371] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 725.646392] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 725.646403] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 725.646414] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 725.646431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 725.655350] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 725.744035] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:48:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 20) 23:48:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 14) 23:48:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:48:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005"], 0x28}}, 0x0) 23:48:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 14) [ 737.001292] FAULT_INJECTION: forcing a failure. [ 737.001292] name failslab, interval 1, probability 0, space 0, times 0 [ 737.002783] CPU: 1 PID: 6333 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 737.003625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 737.004628] Call Trace: [ 737.004957] dump_stack+0x107/0x167 [ 737.005401] should_fail.cold+0x5/0xa [ 737.005874] ? p9_client_create+0xaf/0x1090 [ 737.006409] should_failslab+0x5/0x20 [ 737.006880] kmem_cache_alloc_trace+0x55/0x360 [ 737.007437] ? find_held_lock+0x2c/0x110 [ 737.007938] p9_client_create+0xaf/0x1090 [ 737.008439] ? lock_downgrade+0x6d0/0x6d0 [ 737.008946] ? p9_client_flush+0x430/0x430 [ 737.009448] ? lockdep_init_map_type+0x2c7/0x780 [ 737.009673] FAULT_INJECTION: forcing a failure. [ 737.009673] name failslab, interval 1, probability 0, space 0, times 0 [ 737.010022] ? rcu_read_lock_sched_held+0x3e/0x80 [ 737.010039] ? __raw_spin_lock_init+0x36/0x110 [ 737.010057] v9fs_session_init+0x1dd/0x16a0 [ 737.010084] ? kmem_cache_alloc_trace+0x151/0x360 [ 737.014718] ? v9fs_show_options+0x690/0x690 [ 737.015264] ? kasan_unpoison_shadow+0x33/0x50 [ 737.015819] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 737.016437] v9fs_mount+0x79/0x8f0 [ 737.016878] ? v9fs_write_inode+0x60/0x60 [ 737.017384] legacy_get_tree+0x105/0x220 [ 737.017877] vfs_get_tree+0x8e/0x300 [ 737.018336] path_mount+0x13be/0x20b0 [ 737.018799] ? strncpy_from_user+0x9e/0x470 [ 737.019323] ? finish_automount+0xa40/0xa40 [ 737.019844] ? getname_flags.part.0+0x1dd/0x4f0 [ 737.020400] ? _copy_from_user+0xfb/0x1b0 [ 737.020903] __x64_sys_mount+0x282/0x300 [ 737.021394] ? copy_mnt_ns+0xa00/0xa00 [ 737.021867] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 737.022513] ? syscall_enter_from_user_mode+0x1d/0x50 [ 737.023137] do_syscall_64+0x33/0x40 [ 737.023587] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 737.024205] RIP: 0033:0x7ff8f0c7cb19 [ 737.024653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 737.026866] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 737.027779] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 737.028638] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 737.029500] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 737.030465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 737.031326] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 737.032218] CPU: 0 PID: 6335 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 737.033757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 737.035489] Call Trace: [ 737.036047] dump_stack+0x107/0x167 [ 737.036812] should_fail.cold+0x5/0xa [ 737.037606] ? v9fs_mount+0x5a/0x8f0 [ 737.038400] should_failslab+0x5/0x20 [ 737.039202] kmem_cache_alloc_trace+0x55/0x360 [ 737.040152] ? v9fs_write_inode+0x60/0x60 [ 737.041011] v9fs_mount+0x5a/0x8f0 [ 737.041751] ? v9fs_write_inode+0x60/0x60 [ 737.042621] legacy_get_tree+0x105/0x220 [ 737.043470] vfs_get_tree+0x8e/0x300 [ 737.044247] path_mount+0x13be/0x20b0 [ 737.045043] ? strncpy_from_user+0x9e/0x470 [ 737.045940] ? finish_automount+0xa40/0xa40 [ 737.046846] ? getname_flags.part.0+0x1dd/0x4f0 [ 737.047808] ? _copy_from_user+0xfb/0x1b0 [ 737.048678] __x64_sys_mount+0x282/0x300 [ 737.049520] ? copy_mnt_ns+0xa00/0xa00 [ 737.050348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 737.051437] ? syscall_enter_from_user_mode+0x1d/0x50 [ 737.052508] do_syscall_64+0x33/0x40 [ 737.053283] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 737.054355] RIP: 0033:0x7fbdabcfab19 [ 737.055126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 737.058949] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 737.060524] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 737.062001] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 737.063485] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 737.064958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 737.066441] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 737.069015] FAULT_INJECTION: forcing a failure. [ 737.069015] name failslab, interval 1, probability 0, space 0, times 0 [ 737.070534] CPU: 1 PID: 6331 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 737.071442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 737.072597] Call Trace: [ 737.072945] dump_stack+0x107/0x167 [ 737.073438] should_fail.cold+0x5/0xa [ 737.073975] should_failslab+0x5/0x20 [ 737.074456] __kmalloc_node_track_caller+0x74/0x3f0 [ 737.075083] ? netlink_ack+0x1ed/0xab0 [ 737.075580] __alloc_skb+0xb1/0x620 [ 737.076046] netlink_ack+0x1ed/0xab0 [ 737.076529] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 737.077194] ? netlink_sendmsg+0xdf0/0xdf0 [ 737.077696] ? lock_release+0x6b0/0x6b0 [ 737.078207] ? netlink_deliver_tap+0xf4/0xc40 [ 737.078745] netlink_rcv_skb+0x348/0x430 [ 737.079269] ? genl_get_cmd+0x480/0x480 [ 737.079739] ? netlink_ack+0xab0/0xab0 [ 737.080218] ? netlink_deliver_tap+0x1c4/0xc40 [ 737.080762] ? is_vmalloc_addr+0x7b/0xb0 [ 737.081273] genl_rcv+0x24/0x40 [ 737.081715] netlink_unicast+0x549/0x7f0 [ 737.082237] ? netlink_attachskb+0x810/0x810 [ 737.082801] netlink_sendmsg+0x905/0xdf0 [ 737.083299] ? netlink_unicast+0x7f0/0x7f0 [ 737.083834] ? netlink_unicast+0x7f0/0x7f0 [ 737.084360] sock_sendmsg+0x154/0x190 [ 737.084855] ____sys_sendmsg+0x70d/0x870 [ 737.085400] ? kernel_sendmsg+0x50/0x50 [ 737.085933] ? do_recvmmsg+0x6d0/0x6d0 [ 737.086430] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 737.087128] ? lock_downgrade+0x6d0/0x6d0 [ 737.087683] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 737.088369] ___sys_sendmsg+0xf3/0x170 [ 737.088859] ? sendmsg_copy_msghdr+0x160/0x160 [ 737.089434] ? lock_downgrade+0x6d0/0x6d0 [ 737.089965] ? find_held_lock+0x2c/0x110 [ 737.090454] ? __fget_files+0x296/0x480 [ 737.090908] ? __fget_light+0xea/0x290 [ 737.091382] __sys_sendmsg+0xe5/0x1b0 [ 737.091814] ? __sys_sendmsg_sock+0xb0/0xb0 [ 737.092323] ? rcu_read_lock_any_held+0x75/0xa0 [ 737.092876] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 737.093494] ? syscall_enter_from_user_mode+0x1d/0x50 [ 737.094091] ? trace_hardirqs_on+0x5b/0x180 [ 737.094617] do_syscall_64+0x33/0x40 [ 737.095059] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 737.095669] RIP: 0033:0x7f9af4beeb19 [ 737.096111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 737.098286] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 737.099194] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 737.100043] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 737.100891] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 737.101737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 737.102592] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 23:48:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x2, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:48:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:48:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005"], 0x28}}, 0x0) 23:48:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:48:59 executing program 0: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:48:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:48:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:49:11 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005"], 0x28}}, 0x0) 23:49:11 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 15) 23:49:11 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 21) 23:49:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 15) 23:49:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:49:11 executing program 0: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:11 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:49:11 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 748.317266] FAULT_INJECTION: forcing a failure. [ 748.317266] name failslab, interval 1, probability 0, space 0, times 0 [ 748.319661] CPU: 0 PID: 6366 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 748.321073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 748.322797] Call Trace: [ 748.323350] dump_stack+0x107/0x167 [ 748.324106] should_fail.cold+0x5/0xa [ 748.324896] ? create_object.isra.0+0x3a/0xa20 [ 748.325846] should_failslab+0x5/0x20 [ 748.326636] kmem_cache_alloc+0x5b/0x360 [ 748.327473] create_object.isra.0+0x3a/0xa20 [ 748.328375] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 748.329420] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 748.330480] ? netlink_ack+0x1ed/0xab0 [ 748.330800] FAULT_INJECTION: forcing a failure. [ 748.330800] name failslab, interval 1, probability 0, space 0, times 0 [ 748.331283] __alloc_skb+0xb1/0x620 [ 748.331314] netlink_ack+0x1ed/0xab0 [ 748.334997] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 748.336050] ? netlink_sendmsg+0xdf0/0xdf0 [ 748.336919] ? lock_release+0x6b0/0x6b0 [ 748.337730] ? netlink_deliver_tap+0xf4/0xc40 [ 748.338674] netlink_rcv_skb+0x348/0x430 [ 748.339512] ? genl_get_cmd+0x480/0x480 [ 748.340328] ? netlink_ack+0xab0/0xab0 [ 748.341133] ? netlink_deliver_tap+0x1c4/0xc40 [ 748.342063] ? is_vmalloc_addr+0x7b/0xb0 [ 748.342908] genl_rcv+0x24/0x40 [ 748.343589] netlink_unicast+0x549/0x7f0 [ 748.344425] ? netlink_attachskb+0x810/0x810 [ 748.345335] netlink_sendmsg+0x905/0xdf0 [ 748.346170] ? netlink_unicast+0x7f0/0x7f0 [ 748.347060] ? netlink_unicast+0x7f0/0x7f0 [ 748.347911] sock_sendmsg+0x154/0x190 [ 748.348695] ____sys_sendmsg+0x70d/0x870 [ 748.349533] ? kernel_sendmsg+0x50/0x50 [ 748.350362] ? do_recvmmsg+0x6d0/0x6d0 [ 748.351164] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 748.352233] ? lock_downgrade+0x6d0/0x6d0 [ 748.353092] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 748.354164] ___sys_sendmsg+0xf3/0x170 [ 748.354971] ? sendmsg_copy_msghdr+0x160/0x160 [ 748.355914] ? lock_downgrade+0x6d0/0x6d0 [ 748.356765] ? find_held_lock+0x2c/0x110 [ 748.357608] ? __fget_files+0x296/0x480 [ 748.358445] ? __fget_light+0xea/0x290 [ 748.359261] __sys_sendmsg+0xe5/0x1b0 [ 748.360042] ? __sys_sendmsg_sock+0xb0/0xb0 [ 748.360929] ? rcu_read_lock_any_held+0x75/0xa0 [ 748.361899] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 748.363001] ? syscall_enter_from_user_mode+0x1d/0x50 [ 748.364055] ? trace_hardirqs_on+0x5b/0x180 [ 748.364951] do_syscall_64+0x33/0x40 [ 748.365715] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 748.366788] RIP: 0033:0x7f9af4beeb19 [ 748.367551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 748.371606] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 748.373168] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 748.374653] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 748.376118] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 748.377576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 748.379048] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 748.380548] CPU: 1 PID: 6374 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 748.381912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 748.383569] Call Trace: [ 748.384099] dump_stack+0x107/0x167 [ 748.384830] should_fail.cold+0x5/0xa [ 748.385589] ? create_object.isra.0+0x3a/0xa20 [ 748.386506] should_failslab+0x5/0x20 [ 748.387261] kmem_cache_alloc+0x5b/0x360 [ 748.388072] ? cred_has_capability.isra.0+0x152/0x2b0 [ 748.389100] create_object.isra.0+0x3a/0xa20 [ 748.389981] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 748.391021] kmem_cache_alloc_trace+0x151/0x360 [ 748.391954] ? v9fs_write_inode+0x60/0x60 [ 748.392781] v9fs_mount+0x5a/0x8f0 [ 748.393493] ? v9fs_write_inode+0x60/0x60 [ 748.394330] legacy_get_tree+0x105/0x220 [ 748.395150] vfs_get_tree+0x8e/0x300 [ 748.395894] path_mount+0x13be/0x20b0 [ 748.396662] ? strncpy_from_user+0x9e/0x470 [ 748.397529] ? finish_automount+0xa40/0xa40 [ 748.398411] ? getname_flags.part.0+0x1dd/0x4f0 [ 748.399335] ? _copy_from_user+0xfb/0x1b0 [ 748.400177] __x64_sys_mount+0x282/0x300 [ 748.400991] ? copy_mnt_ns+0xa00/0xa00 [ 748.401774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 748.402828] ? syscall_enter_from_user_mode+0x1d/0x50 [ 748.403858] do_syscall_64+0x33/0x40 [ 748.404596] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 748.405616] RIP: 0033:0x7fbdabcfab19 [ 748.406361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 748.410035] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 748.411576] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 748.412990] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 748.414416] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 748.415825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 748.417247] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 748.429217] FAULT_INJECTION: forcing a failure. [ 748.429217] name failslab, interval 1, probability 0, space 0, times 0 [ 748.431681] CPU: 0 PID: 6377 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 748.433078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 748.434776] Call Trace: [ 748.435327] dump_stack+0x107/0x167 [ 748.436081] should_fail.cold+0x5/0xa [ 748.436868] ? create_object.isra.0+0x3a/0xa20 [ 748.437809] should_failslab+0x5/0x20 [ 748.438620] kmem_cache_alloc+0x5b/0x360 [ 748.439464] ? kernel_text_address+0xf2/0x120 [ 748.440398] create_object.isra.0+0x3a/0xa20 [ 748.441306] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 748.442366] kmem_cache_alloc_trace+0x151/0x360 [ 748.443326] ? find_held_lock+0x2c/0x110 [ 748.444171] p9_client_create+0xaf/0x1090 [ 748.445037] ? lock_downgrade+0x6d0/0x6d0 [ 748.445895] ? p9_client_flush+0x430/0x430 [ 748.446802] ? lockdep_init_map_type+0x2c7/0x780 [ 748.447781] ? rcu_read_lock_sched_held+0x3e/0x80 [ 748.448781] ? __raw_spin_lock_init+0x36/0x110 [ 748.449735] v9fs_session_init+0x1dd/0x16a0 [ 748.450643] ? kmem_cache_alloc_trace+0x151/0x360 [ 748.451636] ? v9fs_show_options+0x690/0x690 [ 748.452563] ? kasan_unpoison_shadow+0x33/0x50 [ 748.453506] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 748.454578] v9fs_mount+0x79/0x8f0 [ 748.455315] ? v9fs_write_inode+0x60/0x60 [ 748.456173] legacy_get_tree+0x105/0x220 [ 748.457017] vfs_get_tree+0x8e/0x300 [ 748.457789] path_mount+0x13be/0x20b0 [ 748.458601] ? strncpy_from_user+0x9e/0x470 [ 748.459564] ? finish_automount+0xa40/0xa40 [ 748.460511] ? getname_flags.part.0+0x1dd/0x4f0 [ 748.461461] ? _copy_from_user+0xfb/0x1b0 [ 748.462359] __x64_sys_mount+0x282/0x300 [ 748.463198] ? copy_mnt_ns+0xa00/0xa00 [ 748.464020] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 748.465087] ? syscall_enter_from_user_mode+0x1d/0x50 [ 748.466143] do_syscall_64+0x33/0x40 [ 748.466963] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 748.468007] RIP: 0033:0x7ff8f0c7cb19 [ 748.468784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 748.472540] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 748.474138] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 748.475596] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 748.477049] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 748.478517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 748.479975] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:49:11 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:49:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:49:11 executing program 0: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:11 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005000600"], 0x28}}, 0x0) 23:49:11 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x5, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:11 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, 0x0) 23:49:11 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) [ 748.657311] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 748.697148] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) 23:49:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 22) 23:49:22 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) 23:49:22 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, 0x0) 23:49:22 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:22 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:22 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 16) 23:49:22 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 16) 23:49:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 759.940364] FAULT_INJECTION: forcing a failure. [ 759.940364] name failslab, interval 1, probability 0, space 0, times 0 [ 759.942782] CPU: 1 PID: 6406 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 759.944172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 759.945855] Call Trace: [ 759.946409] dump_stack+0x107/0x167 [ 759.947152] should_fail.cold+0x5/0xa [ 759.947293] FAULT_INJECTION: forcing a failure. [ 759.947293] name failslab, interval 1, probability 0, space 0, times 0 [ 759.947930] should_failslab+0x5/0x20 [ 759.947957] __kmalloc_track_caller+0x79/0x3c0 [ 759.951953] ? v9fs_session_init+0xa7/0x16a0 [ 759.952855] ? kernel_text_address+0xf2/0x120 [ 759.953836] kstrdup+0x36/0x70 [ 759.954510] v9fs_session_init+0xa7/0x16a0 [ 759.955378] ? find_held_lock+0x2c/0x110 [ 759.956213] ? kmem_cache_alloc_trace+0x151/0x360 [ 759.957205] ? v9fs_show_options+0x690/0x690 [ 759.958127] ? kasan_unpoison_shadow+0x33/0x50 [ 759.959073] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 759.960112] v9fs_mount+0x79/0x8f0 [ 759.960840] ? v9fs_write_inode+0x60/0x60 [ 759.961684] legacy_get_tree+0x105/0x220 [ 759.962535] vfs_get_tree+0x8e/0x300 [ 759.963271] path_mount+0x13be/0x20b0 [ 759.964059] ? strncpy_from_user+0x9e/0x470 [ 759.964942] ? finish_automount+0xa40/0xa40 [ 759.965824] ? getname_flags.part.0+0x1dd/0x4f0 [ 759.966777] ? _copy_from_user+0xfb/0x1b0 [ 759.967636] __x64_sys_mount+0x282/0x300 [ 759.968460] ? copy_mnt_ns+0xa00/0xa00 [ 759.969247] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 759.970319] ? syscall_enter_from_user_mode+0x1d/0x50 [ 759.971379] do_syscall_64+0x33/0x40 [ 759.972139] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 759.973166] RIP: 0033:0x7fbdabcfab19 [ 759.973919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 759.977656] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 759.979190] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 759.980634] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 759.982077] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 759.983534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 759.984978] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 759.986453] CPU: 0 PID: 6415 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 759.987876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 759.988459] FAULT_INJECTION: forcing a failure. [ 759.988459] name failslab, interval 1, probability 0, space 0, times 0 [ 759.989589] Call Trace: [ 759.989611] dump_stack+0x107/0x167 [ 759.989640] should_fail.cold+0x5/0xa [ 759.993904] ? __skb_ext_alloc+0x19/0x90 [ 759.994754] should_failslab+0x5/0x20 [ 759.995542] kmem_cache_alloc+0x5b/0x360 [ 759.996389] __skb_ext_alloc+0x19/0x90 [ 759.997195] skb_ext_add+0x508/0x670 [ 759.997968] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 759.999075] __alloc_skb+0x3c1/0x620 [ 759.999856] netlink_ack+0x1ed/0xab0 [ 760.000635] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 760.001703] ? netlink_sendmsg+0xdf0/0xdf0 [ 760.002589] ? lock_release+0x6b0/0x6b0 [ 760.003416] ? netlink_deliver_tap+0xf4/0xc40 [ 760.004354] netlink_rcv_skb+0x348/0x430 [ 760.005200] ? genl_get_cmd+0x480/0x480 [ 760.006029] ? netlink_ack+0xab0/0xab0 [ 760.006857] ? netlink_deliver_tap+0x1c4/0xc40 [ 760.007805] ? is_vmalloc_addr+0x7b/0xb0 [ 760.008654] genl_rcv+0x24/0x40 [ 760.009340] netlink_unicast+0x549/0x7f0 [ 760.010192] ? netlink_attachskb+0x810/0x810 [ 760.011136] netlink_sendmsg+0x905/0xdf0 [ 760.011993] ? netlink_unicast+0x7f0/0x7f0 [ 760.012885] ? netlink_unicast+0x7f0/0x7f0 [ 760.013767] sock_sendmsg+0x154/0x190 [ 760.014573] ____sys_sendmsg+0x70d/0x870 [ 760.015421] ? kernel_sendmsg+0x50/0x50 [ 760.016242] ? do_recvmmsg+0x6d0/0x6d0 [ 760.017052] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 760.018141] ? lock_downgrade+0x6d0/0x6d0 [ 760.019027] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 760.020120] ___sys_sendmsg+0xf3/0x170 [ 760.020929] ? sendmsg_copy_msghdr+0x160/0x160 [ 760.021881] ? lock_downgrade+0x6d0/0x6d0 [ 760.022751] ? find_held_lock+0x2c/0x110 [ 760.023604] ? __fget_files+0x296/0x480 [ 760.024440] ? __fget_light+0xea/0x290 [ 760.025255] __sys_sendmsg+0xe5/0x1b0 [ 760.026045] ? __sys_sendmsg_sock+0xb0/0xb0 [ 760.026954] ? rcu_read_lock_any_held+0x75/0xa0 [ 760.027937] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 760.029022] ? syscall_enter_from_user_mode+0x1d/0x50 [ 760.030090] ? trace_hardirqs_on+0x5b/0x180 [ 760.030993] do_syscall_64+0x33/0x40 [ 760.031765] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 760.032824] RIP: 0033:0x7f9af4beeb19 [ 760.033592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 760.037396] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 760.038985] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 760.040462] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 760.041939] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 760.043422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 760.044905] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 [ 760.046433] CPU: 1 PID: 6413 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 760.047826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 760.049514] Call Trace: [ 760.050059] dump_stack+0x107/0x167 [ 760.050815] should_fail.cold+0x5/0xa [ 760.051589] should_failslab+0x5/0x20 [ 760.052356] __kmalloc_track_caller+0x79/0x3c0 [ 760.053281] ? p9_client_create+0x41d/0x1090 [ 760.054174] kstrdup+0x36/0x70 [ 760.054832] p9_client_create+0x41d/0x1090 [ 760.055686] ? lock_downgrade+0x6d0/0x6d0 [ 760.056526] ? p9_client_flush+0x430/0x430 [ 760.057393] ? lockdep_init_map_type+0x2c7/0x780 [ 760.058348] ? rcu_read_lock_sched_held+0x3e/0x80 [ 760.059341] ? __raw_spin_lock_init+0x36/0x110 [ 760.060271] v9fs_session_init+0x1dd/0x16a0 [ 760.061159] ? kmem_cache_alloc_trace+0x151/0x360 [ 760.062136] ? v9fs_show_options+0x690/0x690 [ 760.063060] ? kasan_unpoison_shadow+0x33/0x50 [ 760.063984] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 760.065013] v9fs_mount+0x79/0x8f0 [ 760.065739] ? v9fs_write_inode+0x60/0x60 [ 760.066580] legacy_get_tree+0x105/0x220 [ 760.067404] vfs_get_tree+0x8e/0x300 [ 760.068158] path_mount+0x13be/0x20b0 [ 760.068932] ? strncpy_from_user+0x9e/0x470 [ 760.069806] ? finish_automount+0xa40/0xa40 [ 760.070694] ? getname_flags.part.0+0x1dd/0x4f0 [ 760.071631] ? _copy_from_user+0xfb/0x1b0 [ 760.072484] __x64_sys_mount+0x282/0x300 [ 760.073308] ? copy_mnt_ns+0xa00/0xa00 [ 760.074098] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 760.075166] ? syscall_enter_from_user_mode+0x1d/0x50 [ 760.076208] do_syscall_64+0x33/0x40 [ 760.076960] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 760.077994] RIP: 0033:0x7ff8f0c7cb19 [ 760.078762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 760.082469] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 760.084003] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 760.085440] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 760.086887] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 760.088332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 760.089769] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:49:22 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) 23:49:22 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:49:22 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x7, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:22 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, 0x0) 23:49:23 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:23 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) 23:49:23 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 760.300660] FAT-fs (loop1): bogus number of reserved sectors [ 760.301976] FAT-fs (loop1): Can't find a valid FAT filesystem 23:49:34 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 17) 23:49:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 23) 23:49:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 17) 23:49:34 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) 23:49:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x8, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:34 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 771.669267] FAULT_INJECTION: forcing a failure. [ 771.669267] name failslab, interval 1, probability 0, space 0, times 0 [ 771.671146] CPU: 0 PID: 6448 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 771.672181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 771.673481] Call Trace: [ 771.673887] dump_stack+0x107/0x167 [ 771.674462] should_fail.cold+0x5/0xa [ 771.675074] ? create_object.isra.0+0x3a/0xa20 [ 771.675763] should_failslab+0x5/0x20 [ 771.676365] kmem_cache_alloc+0x5b/0x360 [ 771.676983] ? lock_downgrade+0x6d0/0x6d0 [ 771.677624] create_object.isra.0+0x3a/0xa20 [ 771.677837] FAULT_INJECTION: forcing a failure. [ 771.677837] name failslab, interval 1, probability 0, space 0, times 0 [ 771.678290] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.678312] __kmalloc_track_caller+0x177/0x3c0 [ 771.682075] ? p9_client_create+0x41d/0x1090 [ 771.682794] kstrdup+0x36/0x70 [ 771.683297] p9_client_create+0x41d/0x1090 [ 771.683939] ? lock_downgrade+0x6d0/0x6d0 [ 771.684572] ? p9_client_flush+0x430/0x430 [ 771.685222] ? lockdep_init_map_type+0x2c7/0x780 [ 771.685947] ? rcu_read_lock_sched_held+0x3e/0x80 [ 771.686699] ? __raw_spin_lock_init+0x36/0x110 [ 771.687412] v9fs_session_init+0x1dd/0x16a0 [ 771.688072] ? kmem_cache_alloc_trace+0x151/0x360 [ 771.688812] ? v9fs_show_options+0x690/0x690 [ 771.689497] ? kasan_unpoison_shadow+0x33/0x50 [ 771.690202] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.690978] v9fs_mount+0x79/0x8f0 [ 771.691522] ? v9fs_write_inode+0x60/0x60 [ 771.692147] legacy_get_tree+0x105/0x220 [ 771.692773] vfs_get_tree+0x8e/0x300 [ 771.693341] path_mount+0x13be/0x20b0 [ 771.693941] ? strncpy_from_user+0x9e/0x470 [ 771.694608] ? finish_automount+0xa40/0xa40 [ 771.695272] ? getname_flags.part.0+0x1dd/0x4f0 [ 771.695983] ? _copy_from_user+0xfb/0x1b0 [ 771.696627] __x64_sys_mount+0x282/0x300 [ 771.697238] ? copy_mnt_ns+0xa00/0xa00 [ 771.697840] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 771.698643] ? syscall_enter_from_user_mode+0x1d/0x50 [ 771.699428] do_syscall_64+0x33/0x40 [ 771.699995] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 771.700772] RIP: 0033:0x7ff8f0c7cb19 [ 771.701339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.704121] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 771.705283] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 771.706365] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 771.707467] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 771.708560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 771.709667] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 771.710785] CPU: 1 PID: 6451 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 771.712171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 771.713841] Call Trace: [ 771.714384] dump_stack+0x107/0x167 [ 771.715131] should_fail.cold+0x5/0xa [ 771.715903] ? create_object.isra.0+0x3a/0xa20 [ 771.716828] should_failslab+0x5/0x20 [ 771.717593] kmem_cache_alloc+0x5b/0x360 [ 771.718419] create_object.isra.0+0x3a/0xa20 [ 771.719320] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.719496] 9pnet: Insufficient options for proto=fd [ 771.720343] __kmalloc_track_caller+0x177/0x3c0 [ 771.720371] ? v9fs_session_init+0xa7/0x16a0 [ 771.722962] ? kernel_text_address+0xf2/0x120 [ 771.723874] kstrdup+0x36/0x70 [ 771.724524] v9fs_session_init+0xa7/0x16a0 [ 771.725379] ? find_held_lock+0x2c/0x110 [ 771.726203] ? kmem_cache_alloc_trace+0x151/0x360 [ 771.727180] ? v9fs_show_options+0x690/0x690 [ 771.728082] ? kasan_unpoison_shadow+0x33/0x50 [ 771.729001] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.730022] v9fs_mount+0x79/0x8f0 [ 771.730754] ? v9fs_write_inode+0x60/0x60 [ 771.731594] legacy_get_tree+0x105/0x220 [ 771.732415] vfs_get_tree+0x8e/0x300 23:49:34 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 771.733166] path_mount+0x13be/0x20b0 [ 771.734061] ? strncpy_from_user+0x9e/0x470 [ 771.734946] ? finish_automount+0xa40/0xa40 [ 771.735817] ? getname_flags.part.0+0x1dd/0x4f0 [ 771.736749] ? _copy_from_user+0xfb/0x1b0 [ 771.737589] __x64_sys_mount+0x282/0x300 [ 771.738410] ? copy_mnt_ns+0xa00/0xa00 [ 771.739203] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 771.740259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 771.741291] do_syscall_64+0x33/0x40 [ 771.742050] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 771.743142] RIP: 0033:0x7fbdabcfab19 [ 771.743893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.747563] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 771.749089] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 23:49:34 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) [ 771.750510] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 771.752065] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 771.753516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 771.754980] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:49:34 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) [ 771.776108] FAULT_INJECTION: forcing a failure. [ 771.776108] name failslab, interval 1, probability 0, space 0, times 0 [ 771.778014] CPU: 0 PID: 6461 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 771.779085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 771.780388] Call Trace: [ 771.780866] dump_stack+0x107/0x167 [ 771.781523] should_fail.cold+0x5/0xa [ 771.782187] ? create_object.isra.0+0x3a/0xa20 [ 771.782998] should_failslab+0x5/0x20 [ 771.783628] kmem_cache_alloc+0x5b/0x360 [ 771.784270] create_object.isra.0+0x3a/0xa20 [ 771.784964] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.785742] kmem_cache_alloc+0x159/0x360 [ 771.786405] __skb_ext_alloc+0x19/0x90 [ 771.787184] skb_ext_add+0x508/0x670 [ 771.787833] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 771.788717] __alloc_skb+0x3c1/0x620 [ 771.789368] netlink_ack+0x1ed/0xab0 [ 771.790021] ? nl80211_crit_protocol_stop+0x3d0/0x3d0 [ 771.790207] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 771.790915] ? netlink_sendmsg+0xdf0/0xdf0 [ 771.790934] ? lock_release+0x6b0/0x6b0 [ 771.790949] ? netlink_deliver_tap+0xf4/0xc40 [ 771.790970] netlink_rcv_skb+0x348/0x430 [ 771.790987] ? genl_get_cmd+0x480/0x480 [ 771.791013] ? netlink_ack+0xab0/0xab0 [ 771.793555] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 771.794350] ? netlink_deliver_tap+0x1c4/0xc40 [ 771.794372] ? is_vmalloc_addr+0x7b/0xb0 [ 771.800057] genl_rcv+0x24/0x40 [ 771.800647] netlink_unicast+0x549/0x7f0 [ 771.801356] ? netlink_attachskb+0x810/0x810 [ 771.802066] netlink_sendmsg+0x905/0xdf0 [ 771.802727] ? netlink_unicast+0x7f0/0x7f0 [ 771.803473] ? netlink_unicast+0x7f0/0x7f0 [ 771.804159] sock_sendmsg+0x154/0x190 [ 771.804792] ____sys_sendmsg+0x70d/0x870 [ 771.805479] ? kernel_sendmsg+0x50/0x50 [ 771.806164] ? do_recvmmsg+0x6d0/0x6d0 [ 771.806898] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 771.807890] ? lock_downgrade+0x6d0/0x6d0 [ 771.808667] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 771.809520] ___sys_sendmsg+0xf3/0x170 [ 771.810150] ? sendmsg_copy_msghdr+0x160/0x160 [ 771.810956] ? lock_downgrade+0x6d0/0x6d0 [ 771.811664] ? find_held_lock+0x2c/0x110 [ 771.812452] ? __fget_files+0x296/0x480 [ 771.813124] ? __fget_light+0xea/0x290 [ 771.813753] __sys_sendmsg+0xe5/0x1b0 [ 771.814475] ? __sys_sendmsg_sock+0xb0/0xb0 [ 771.815287] ? rcu_read_lock_any_held+0x75/0xa0 [ 771.816085] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 771.816939] ? syscall_enter_from_user_mode+0x1d/0x50 [ 771.817877] ? trace_hardirqs_on+0x5b/0x180 [ 771.818597] do_syscall_64+0x33/0x40 [ 771.819223] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 771.820116] RIP: 0033:0x7f9af4beeb19 [ 771.820817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.823955] RSP: 002b:00007f9af2164188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 771.825392] RAX: ffffffffffffffda RBX: 00007f9af4d01f60 RCX: 00007f9af4beeb19 [ 771.826574] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 771.827741] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 771.828896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 771.830057] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 23:49:34 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37a023aa85f8ae633f7418f635c5826a6f0338db46d31061762fd7b2e84bd462bfb12d9d98796e5bd6ef382667"], 0x28}}, 0x0) 23:49:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 24) [ 771.867992] FAULT_INJECTION: forcing a failure. [ 771.867992] name failslab, interval 1, probability 0, space 0, times 0 [ 771.869885] CPU: 0 PID: 6466 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 771.870520] FAT-fs (loop1): bogus number of reserved sectors [ 771.870988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 771.870993] Call Trace: [ 771.871014] dump_stack+0x107/0x167 [ 771.871039] should_fail.cold+0x5/0xa [ 771.872283] FAT-fs (loop1): Can't find a valid FAT filesystem [ 771.873559] should_failslab+0x5/0x20 [ 771.873578] __kmalloc_track_caller+0x79/0x3c0 [ 771.873593] ? v9fs_session_init+0xe9/0x16a0 [ 771.873615] ? kernel_text_address+0xf2/0x120 [ 771.878883] kstrdup+0x36/0x70 23:49:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 18) [ 771.879420] v9fs_session_init+0xe9/0x16a0 [ 771.880283] ? find_held_lock+0x2c/0x110 [ 771.880977] ? kmem_cache_alloc_trace+0x151/0x360 [ 771.881782] ? v9fs_show_options+0x690/0x690 [ 771.882541] ? kasan_unpoison_shadow+0x33/0x50 [ 771.883339] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.884202] v9fs_mount+0x79/0x8f0 [ 771.884809] ? v9fs_write_inode+0x60/0x60 [ 771.885507] legacy_get_tree+0x105/0x220 [ 771.886193] vfs_get_tree+0x8e/0x300 [ 771.886846] path_mount+0x13be/0x20b0 [ 771.887485] ? strncpy_from_user+0x9e/0x470 [ 771.888216] ? finish_automount+0xa40/0xa40 [ 771.888941] ? getname_flags.part.0+0x1dd/0x4f0 [ 771.889724] ? _copy_from_user+0xfb/0x1b0 [ 771.890430] __x64_sys_mount+0x282/0x300 [ 771.891133] ? copy_mnt_ns+0xa00/0xa00 [ 771.891789] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 771.892692] ? syscall_enter_from_user_mode+0x1d/0x50 [ 771.893562] do_syscall_64+0x33/0x40 [ 771.894196] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 771.895059] RIP: 0033:0x7fbdabcfab19 [ 771.895701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.898820] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 771.900117] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 771.901317] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 771.902537] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 771.903767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 771.904998] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 771.920725] 9pnet: Insufficient options for proto=fd [ 771.929819] FAULT_INJECTION: forcing a failure. [ 771.929819] name failslab, interval 1, probability 0, space 0, times 0 [ 771.931829] CPU: 0 PID: 6472 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 771.933022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 771.934427] Call Trace: [ 771.934894] dump_stack+0x107/0x167 [ 771.935506] should_fail.cold+0x5/0xa [ 771.936160] should_failslab+0x5/0x20 [ 771.936812] __kmalloc_track_caller+0x79/0x3c0 [ 771.937606] ? p9_client_create+0x51e/0x1090 [ 771.938361] kmemdup_nul+0x2d/0xa0 [ 771.938982] p9_client_create+0x51e/0x1090 [ 771.939718] ? p9_client_flush+0x430/0x430 [ 771.940461] ? lockdep_init_map_type+0x2c7/0x780 [ 771.941264] ? rcu_read_lock_sched_held+0x3e/0x80 [ 771.942108] ? __raw_spin_lock_init+0x36/0x110 [ 771.942931] v9fs_session_init+0x1dd/0x16a0 [ 771.943687] ? kmem_cache_alloc_trace+0x151/0x360 [ 771.944511] ? v9fs_show_options+0x690/0x690 [ 771.945296] ? kasan_unpoison_shadow+0x33/0x50 [ 771.946075] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 771.946969] v9fs_mount+0x79/0x8f0 [ 771.947569] ? v9fs_write_inode+0x60/0x60 [ 771.948293] legacy_get_tree+0x105/0x220 [ 771.948993] vfs_get_tree+0x8e/0x300 [ 771.949634] path_mount+0x13be/0x20b0 [ 771.950279] ? strncpy_from_user+0x9e/0x470 [ 771.951047] ? finish_automount+0xa40/0xa40 [ 771.951785] ? getname_flags.part.0+0x1dd/0x4f0 [ 771.952587] ? _copy_from_user+0xfb/0x1b0 [ 771.953298] __x64_sys_mount+0x282/0x300 [ 771.954002] ? copy_mnt_ns+0xa00/0xa00 [ 771.954668] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 771.955572] ? syscall_enter_from_user_mode+0x1d/0x50 [ 771.956460] do_syscall_64+0x33/0x40 [ 771.957104] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 771.957979] RIP: 0033:0x7ff8f0c7cb19 [ 771.958641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.961775] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 771.963117] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 771.964354] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 771.965602] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 771.966848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 771.968077] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:49:34 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) (fail_nth: 18) 23:49:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x9, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:34 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) [ 772.053581] FAULT_INJECTION: forcing a failure. [ 772.053581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 772.056468] CPU: 1 PID: 6479 Comm: syz-executor.2 Not tainted 5.10.161 #1 [ 772.057864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 772.059572] Call Trace: [ 772.060118] dump_stack+0x107/0x167 [ 772.060866] should_fail.cold+0x5/0xa [ 772.061659] _copy_to_user+0x2e/0x180 [ 772.062445] simple_read_from_buffer+0xcc/0x160 [ 772.063427] proc_fail_nth_read+0x198/0x230 [ 772.064330] ? proc_sessionid_read+0x230/0x230 [ 772.065274] ? security_file_permission+0x24e/0x570 [ 772.066318] ? perf_trace_initcall_start+0x101/0x380 [ 772.067387] ? proc_sessionid_read+0x230/0x230 [ 772.068349] vfs_read+0x228/0x580 [ 772.069071] ksys_read+0x12d/0x260 [ 772.069805] ? vfs_write+0xa30/0xa30 [ 772.070586] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 772.071671] ? syscall_enter_from_user_mode+0x1d/0x50 [ 772.072744] do_syscall_64+0x33/0x40 [ 772.073513] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 772.074586] RIP: 0033:0x7f9af4ba169c [ 772.075359] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 772.079135] RSP: 002b:00007f9af2164170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 772.080701] RAX: ffffffffffffffda RBX: 0000000000000028 RCX: 00007f9af4ba169c [ 772.082169] RDX: 000000000000000f RSI: 00007f9af21641e0 RDI: 0000000000000004 [ 772.083642] RBP: 00007f9af21641d0 R08: 0000000000000000 R09: 0000000000000000 [ 772.085103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 772.086570] R13: 00007ffdf710266f R14: 00007f9af2164300 R15: 0000000000022000 23:49:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 19) 23:49:47 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:47 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) 23:49:47 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, 0x0, 0x0) 23:49:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:49:47 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) 23:49:47 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:47 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 25) [ 784.314414] 9pnet: Insufficient options for proto=fd [ 784.320167] FAULT_INJECTION: forcing a failure. [ 784.320167] name failslab, interval 1, probability 0, space 0, times 0 [ 784.322638] CPU: 1 PID: 6488 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 784.324125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 784.325903] Call Trace: [ 784.326477] dump_stack+0x107/0x167 [ 784.327272] should_fail.cold+0x5/0xa [ 784.328096] ? create_object.isra.0+0x3a/0xa20 [ 784.329090] should_failslab+0x5/0x20 [ 784.329916] kmem_cache_alloc+0x5b/0x360 [ 784.330825] create_object.isra.0+0x3a/0xa20 [ 784.331785] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 784.332890] __kmalloc_track_caller+0x177/0x3c0 [ 784.333890] ? v9fs_session_init+0xe9/0x16a0 [ 784.334846] ? kernel_text_address+0xf2/0x120 [ 784.335819] kstrdup+0x36/0x70 [ 784.336517] v9fs_session_init+0xe9/0x16a0 [ 784.337432] ? find_held_lock+0x2c/0x110 [ 784.338320] ? kmem_cache_alloc_trace+0x151/0x360 [ 784.339390] ? v9fs_show_options+0x690/0x690 [ 784.340353] ? kasan_unpoison_shadow+0x33/0x50 [ 784.341339] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 784.342428] v9fs_mount+0x79/0x8f0 [ 784.343206] ? v9fs_write_inode+0x60/0x60 [ 784.344099] legacy_get_tree+0x105/0x220 [ 784.344988] vfs_get_tree+0x8e/0x300 [ 784.345786] path_mount+0x13be/0x20b0 [ 784.346614] ? strncpy_from_user+0x9e/0x470 [ 784.347560] ? finish_automount+0xa40/0xa40 [ 784.348513] ? getname_flags.part.0+0x1dd/0x4f0 [ 784.349150] FAT-fs (loop1): bogus number of reserved sectors [ 784.349512] ? _copy_from_user+0xfb/0x1b0 [ 784.350170] FAT-fs (loop1): Can't find a valid FAT filesystem [ 784.351059] __x64_sys_mount+0x282/0x300 [ 784.351081] ? copy_mnt_ns+0xa00/0xa00 [ 784.353411] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 784.354537] ? syscall_enter_from_user_mode+0x1d/0x50 [ 784.355673] do_syscall_64+0x33/0x40 [ 784.356482] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 784.357588] RIP: 0033:0x7fbdabcfab19 [ 784.358405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 784.362384] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 784.364032] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 784.365560] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 784.367101] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 784.368632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 784.370170] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:49:47 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}}) 23:49:47 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:49:47 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xce, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 784.390263] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 784.396362] FAULT_INJECTION: forcing a failure. [ 784.396362] name failslab, interval 1, probability 0, space 0, times 0 [ 784.399079] CPU: 1 PID: 6505 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 784.400545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 784.402287] 9pnet: Insufficient options for proto=fd [ 784.402324] Call Trace: [ 784.403464] dump_stack+0x107/0x167 [ 784.404249] should_fail.cold+0x5/0xa [ 784.405076] ? create_object.isra.0+0x3a/0xa20 [ 784.406059] should_failslab+0x5/0x20 [ 784.406911] kmem_cache_alloc+0x5b/0x360 [ 784.407811] create_object.isra.0+0x3a/0xa20 [ 784.408775] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 784.409893] __kmalloc_track_caller+0x177/0x3c0 [ 784.410919] ? p9_client_create+0x51e/0x1090 [ 784.411885] kmemdup_nul+0x2d/0xa0 [ 784.412662] p9_client_create+0x51e/0x1090 [ 784.413580] ? p9_client_flush+0x430/0x430 [ 784.414514] ? lockdep_init_map_type+0x2c7/0x780 [ 784.415538] ? rcu_read_lock_sched_held+0x3e/0x80 [ 784.416576] ? __raw_spin_lock_init+0x36/0x110 [ 784.417579] v9fs_session_init+0x1dd/0x16a0 [ 784.418520] ? kmem_cache_alloc_trace+0x151/0x360 [ 784.419588] ? v9fs_show_options+0x690/0x690 [ 784.420554] ? kasan_unpoison_shadow+0x33/0x50 [ 784.421548] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 784.422642] v9fs_mount+0x79/0x8f0 [ 784.423434] ? v9fs_write_inode+0x60/0x60 [ 784.424358] legacy_get_tree+0x105/0x220 [ 784.425249] vfs_get_tree+0x8e/0x300 [ 784.426061] path_mount+0x13be/0x20b0 [ 784.426958] ? strncpy_from_user+0x9e/0x470 [ 784.427894] ? finish_automount+0xa40/0xa40 [ 784.428833] ? getname_flags.part.0+0x1dd/0x4f0 [ 784.429836] ? _copy_from_user+0xfb/0x1b0 [ 784.430749] __x64_sys_mount+0x282/0x300 [ 784.431630] ? copy_mnt_ns+0xa00/0xa00 [ 784.432483] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 784.433620] ? syscall_enter_from_user_mode+0x1d/0x50 [ 784.434764] do_syscall_64+0x33/0x40 [ 784.435573] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 784.436680] RIP: 0033:0x7ff8f0c7cb19 [ 784.437489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 784.441466] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 784.443309] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 784.445013] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 784.446743] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 784.448450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 784.450152] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 784.453276] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:49:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:49:47 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}}) 23:49:47 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 784.486124] 9pnet: Insufficient options for proto=fd [ 784.486476] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. 23:49:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 20) 23:49:47 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:47 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:47 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, 0x0, 0x0) [ 784.527849] FAT-fs (loop1): bogus number of reserved sectors [ 784.528524] FAT-fs (loop1): Can't find a valid FAT filesystem 23:49:47 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:49:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 784.574314] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 784.678268] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 784.682903] FAULT_INJECTION: forcing a failure. [ 784.682903] name failslab, interval 1, probability 0, space 0, times 0 [ 784.684198] CPU: 0 PID: 6534 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 784.684945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 784.685854] Call Trace: [ 784.686150] dump_stack+0x107/0x167 [ 784.686550] should_fail.cold+0x5/0xa [ 784.686985] ? p9_client_create+0xaf/0x1090 [ 784.687471] should_failslab+0x5/0x20 [ 784.687892] kmem_cache_alloc_trace+0x55/0x360 [ 784.688392] ? find_held_lock+0x2c/0x110 [ 784.688872] p9_client_create+0xaf/0x1090 [ 784.689323] ? lock_downgrade+0x6d0/0x6d0 [ 784.689791] ? p9_client_flush+0x430/0x430 [ 784.690261] ? lockdep_init_map_type+0x2c7/0x780 [ 784.690805] ? rcu_read_lock_sched_held+0x3e/0x80 [ 784.691342] ? __raw_spin_lock_init+0x36/0x110 [ 784.691862] v9fs_session_init+0x1dd/0x16a0 [ 784.692339] ? kmem_cache_alloc_trace+0x151/0x360 [ 784.692867] ? v9fs_show_options+0x690/0x690 [ 784.693357] ? kasan_unpoison_shadow+0x33/0x50 [ 784.693865] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 784.694421] v9fs_mount+0x79/0x8f0 [ 784.694823] ? v9fs_write_inode+0x60/0x60 [ 784.695280] legacy_get_tree+0x105/0x220 [ 784.695728] vfs_get_tree+0x8e/0x300 [ 784.696135] path_mount+0x13be/0x20b0 [ 784.696569] ? strncpy_from_user+0x9e/0x470 [ 784.697060] ? finish_automount+0xa40/0xa40 [ 784.697558] ? getname_flags.part.0+0x1dd/0x4f0 [ 784.698090] ? _copy_from_user+0xfb/0x1b0 [ 784.698574] __x64_sys_mount+0x282/0x300 [ 784.699068] ? copy_mnt_ns+0xa00/0xa00 [ 784.699503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 784.700114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 784.700677] do_syscall_64+0x33/0x40 [ 784.701108] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 784.701704] RIP: 0033:0x7fbdabcfab19 [ 784.702124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 784.704243] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 784.705090] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 784.705913] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 784.706735] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 784.707561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 784.708385] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:49:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 21) 23:49:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:49:58 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x2, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:58 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x300, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:49:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, 0x0, 0x0) 23:49:58 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:49:58 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 26) 23:49:58 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}}) [ 795.952315] FAULT_INJECTION: forcing a failure. [ 795.952315] name failslab, interval 1, probability 0, space 0, times 0 [ 795.953309] 9pnet: Insufficient options for proto=fd [ 795.953611] CPU: 1 PID: 6553 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 795.953625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 795.956443] Call Trace: [ 795.956762] dump_stack+0x107/0x167 [ 795.957182] should_fail.cold+0x5/0xa [ 795.957619] ? create_object.isra.0+0x3a/0xa20 [ 795.958144] should_failslab+0x5/0x20 [ 795.958568] kmem_cache_alloc+0x5b/0x360 [ 795.959034] create_object.isra.0+0x3a/0xa20 [ 795.959520] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 795.960103] __kmalloc_track_caller+0x177/0x3c0 [ 795.960630] ? p9_client_create+0x51e/0x1090 [ 795.961130] kmemdup_nul+0x2d/0xa0 [ 795.961544] p9_client_create+0x51e/0x1090 [ 795.962033] ? p9_client_flush+0x430/0x430 [ 795.962493] ? lockdep_init_map_type+0x2c7/0x780 [ 795.963043] ? rcu_read_lock_sched_held+0x3e/0x80 [ 795.963584] ? __raw_spin_lock_init+0x36/0x110 [ 795.964101] v9fs_session_init+0x1dd/0x16a0 [ 795.964597] ? kmem_cache_alloc_trace+0x151/0x360 [ 795.965148] ? v9fs_show_options+0x690/0x690 [ 795.965651] ? kasan_unpoison_shadow+0x33/0x50 [ 795.966166] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 795.966708] v9fs_mount+0x79/0x8f0 [ 795.967114] ? v9fs_write_inode+0x60/0x60 [ 795.967571] legacy_get_tree+0x105/0x220 [ 795.968033] vfs_get_tree+0x8e/0x300 [ 795.968430] path_mount+0x13be/0x20b0 [ 795.968863] ? strncpy_from_user+0x9e/0x470 [ 795.969344] ? finish_automount+0xa40/0xa40 [ 795.969834] ? getname_flags.part.0+0x1dd/0x4f0 [ 795.970330] ? _copy_from_user+0xfb/0x1b0 [ 795.970797] __x64_sys_mount+0x282/0x300 [ 795.971224] FAULT_INJECTION: forcing a failure. [ 795.971224] name failslab, interval 1, probability 0, space 0, times 0 [ 795.972468] ? copy_mnt_ns+0xa00/0xa00 [ 795.972910] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 795.973511] ? syscall_enter_from_user_mode+0x1d/0x50 [ 795.974086] do_syscall_64+0x33/0x40 [ 795.974501] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 795.975067] RIP: 0033:0x7ff8f0c7cb19 [ 795.975487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 795.977442] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 795.978269] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 795.979039] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 795.979796] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 795.980571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 795.981329] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 795.982106] CPU: 0 PID: 6558 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 795.983665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 795.985526] Call Trace: [ 795.986117] dump_stack+0x107/0x167 [ 795.986935] should_fail.cold+0x5/0xa [ 795.987782] ? create_object.isra.0+0x3a/0xa20 [ 795.988797] should_failslab+0x5/0x20 [ 795.989647] kmem_cache_alloc+0x5b/0x360 [ 795.990552] ? kernel_text_address+0xf2/0x120 [ 795.991568] create_object.isra.0+0x3a/0xa20 23:49:58 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x500, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 795.992537] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 795.993780] kmem_cache_alloc_trace+0x151/0x360 [ 795.994814] ? find_held_lock+0x2c/0x110 [ 795.995734] p9_client_create+0xaf/0x1090 [ 795.996659] ? lock_downgrade+0x6d0/0x6d0 [ 795.997591] ? p9_client_flush+0x430/0x430 [ 795.998547] ? lockdep_init_map_type+0x2c7/0x780 [ 795.999606] ? rcu_read_lock_sched_held+0x3e/0x80 [ 796.000684] ? __raw_spin_lock_init+0x36/0x110 [ 796.001705] v9fs_session_init+0x1dd/0x16a0 [ 796.002680] ? kmem_cache_alloc_trace+0x151/0x360 [ 796.003770] ? v9fs_show_options+0x690/0x690 [ 796.004762] ? kasan_unpoison_shadow+0x33/0x50 [ 796.005779] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 796.006912] v9fs_mount+0x79/0x8f0 [ 796.007715] ? v9fs_write_inode+0x60/0x60 [ 796.008628] legacy_get_tree+0x105/0x220 [ 796.009533] vfs_get_tree+0x8e/0x300 [ 796.010371] path_mount+0x13be/0x20b0 [ 796.011240] ? strncpy_from_user+0x9e/0x470 [ 796.012187] ? finish_automount+0xa40/0xa40 [ 796.013151] ? getname_flags.part.0+0x1dd/0x4f0 [ 796.014177] ? _copy_from_user+0xfb/0x1b0 [ 796.015111] __x64_sys_mount+0x282/0x300 [ 796.016010] ? copy_mnt_ns+0xa00/0xa00 [ 796.016876] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 796.018034] ? syscall_enter_from_user_mode+0x1d/0x50 [ 796.019192] do_syscall_64+0x33/0x40 [ 796.020016] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 796.021143] RIP: 0033:0x7fbdabcfab19 [ 796.021964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 796.026021] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 23:49:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 23:49:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) [ 796.027709] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 796.029342] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 796.030927] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 796.032489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 796.034056] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 796.037777] FAT-fs (loop1): bogus number of reserved sectors [ 796.038434] FAT-fs (loop1): Can't find a valid FAT filesystem [ 796.049608] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 796.062990] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 807.170466] FAULT_INJECTION: forcing a failure. [ 807.170466] name failslab, interval 1, probability 0, space 0, times 0 [ 807.171709] CPU: 0 PID: 6574 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 807.172447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 807.173337] Call Trace: [ 807.173622] dump_stack+0x107/0x167 [ 807.174023] should_fail.cold+0x5/0xa [ 807.174433] should_failslab+0x5/0x20 [ 807.174844] __kmalloc_track_caller+0x79/0x3c0 [ 807.175357] ? p9_client_create+0x41d/0x1090 [ 807.175834] kstrdup+0x36/0x70 [ 807.176178] p9_client_create+0x41d/0x1090 [ 807.176629] ? lock_downgrade+0x6d0/0x6d0 [ 807.177078] ? p9_client_flush+0x430/0x430 [ 807.177514] ? lockdep_init_map_type+0x2c7/0x780 [ 807.178019] ? rcu_read_lock_sched_held+0x3e/0x80 [ 807.178532] ? __raw_spin_lock_init+0x36/0x110 [ 807.179024] v9fs_session_init+0x1dd/0x16a0 [ 807.179485] ? kmem_cache_alloc_trace+0x151/0x360 [ 807.180001] ? v9fs_show_options+0x690/0x690 [ 807.180482] ? kasan_unpoison_shadow+0x33/0x50 [ 807.180965] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.181505] v9fs_mount+0x79/0x8f0 [ 807.181885] ? v9fs_write_inode+0x60/0x60 [ 807.182308] legacy_get_tree+0x105/0x220 [ 807.182740] vfs_get_tree+0x8e/0x300 [ 807.183142] path_mount+0x13be/0x20b0 [ 807.183545] ? strncpy_from_user+0x9e/0x470 [ 807.184006] ? finish_automount+0xa40/0xa40 [ 807.184472] ? getname_flags.part.0+0x1dd/0x4f0 [ 807.184962] ? _copy_from_user+0xfb/0x1b0 [ 807.185410] __x64_sys_mount+0x282/0x300 [ 807.185844] ? copy_mnt_ns+0xa00/0xa00 [ 807.186262] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.186798] ? syscall_enter_from_user_mode+0x1d/0x50 [ 807.187359] do_syscall_64+0x33/0x40 [ 807.187756] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 807.188284] RIP: 0033:0x7fbdabcfab19 [ 807.188678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 807.190548] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.191360] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 807.192087] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 807.192843] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 807.193600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 807.194329] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:50:09 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 27) 23:50:09 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 22) 23:50:09 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:50:09 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001380)=[{0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:09 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:09 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 23:50:09 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 1) 23:50:09 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x600, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 807.218376] FAULT_INJECTION: forcing a failure. [ 807.218376] name failslab, interval 1, probability 0, space 0, times 0 [ 807.220895] CPU: 1 PID: 6586 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 807.222359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 807.223459] FAT-fs (loop1): bogus number of reserved sectors [ 807.224107] Call Trace: [ 807.224132] dump_stack+0x107/0x167 [ 807.224155] should_fail.cold+0x5/0xa [ 807.224776] FAT-fs (loop1): Can't find a valid FAT filesystem [ 807.225318] should_failslab+0x5/0x20 [ 807.228499] __kmalloc_track_caller+0x79/0x3c0 [ 807.229470] ? strndup_user+0x74/0xe0 [ 807.230289] memdup_user+0x22/0xd0 [ 807.231055] strndup_user+0x74/0xe0 [ 807.231830] __x64_sys_mount+0x133/0x300 [ 807.232691] ? copy_mnt_ns+0xa00/0xa00 [ 807.233519] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.234622] ? syscall_enter_from_user_mode+0x1d/0x50 [ 807.235727] do_syscall_64+0x33/0x40 [ 807.236513] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 807.237591] RIP: 0033:0x7fb012c72b19 [ 807.238376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 807.242248] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.243855] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 807.245354] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 807.246851] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 807.248363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 807.249863] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:50:10 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0) 23:50:10 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 807.260700] FAULT_INJECTION: forcing a failure. [ 807.260700] name failslab, interval 1, probability 0, space 0, times 0 [ 807.263116] CPU: 1 PID: 6584 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 807.264559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 807.266315] Call Trace: [ 807.266878] dump_stack+0x107/0x167 [ 807.267689] should_fail.cold+0x5/0xa [ 807.268638] ? create_object.isra.0+0x3a/0xa20 [ 807.269631] should_failslab+0x5/0x20 [ 807.270454] kmem_cache_alloc+0x5b/0x360 [ 807.271343] ? legacy_get_tree+0x105/0x220 [ 807.272255] ? vfs_get_tree+0x8e/0x300 [ 807.273093] create_object.isra.0+0x3a/0xa20 [ 807.274043] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.275156] __kmalloc_track_caller+0x177/0x3c0 [ 807.276173] ? parse_opts.part.0+0x8e/0x340 [ 807.277121] kstrdup+0x36/0x70 [ 807.277822] parse_opts.part.0+0x8e/0x340 [ 807.278720] ? p9_fd_show_options+0x1c0/0x1c0 [ 807.279711] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.280842] ? quarantine_put+0x8b/0x1a0 [ 807.281726] ? trace_hardirqs_on+0x5b/0x180 [ 807.282661] ? kfree+0xd7/0x390 [ 807.283404] p9_fd_create+0x98/0x4a0 [ 807.284214] ? p9_conn_create+0x510/0x510 [ 807.285116] ? p9_client_create+0x798/0x1090 [ 807.286075] ? kfree+0xd7/0x390 [ 807.286794] ? do_raw_spin_unlock+0x4f/0x220 [ 807.287797] p9_client_create+0x7ff/0x1090 [ 807.288723] ? p9_client_flush+0x430/0x430 [ 807.289653] ? lockdep_init_map_type+0x2c7/0x780 [ 807.290685] ? rcu_read_lock_sched_held+0x3e/0x80 [ 807.291750] ? __raw_spin_lock_init+0x36/0x110 [ 807.292767] v9fs_session_init+0x1dd/0x16a0 [ 807.293716] ? kmem_cache_alloc_trace+0x151/0x360 [ 807.294763] ? v9fs_show_options+0x690/0x690 [ 807.295744] ? kasan_unpoison_shadow+0x33/0x50 [ 807.296746] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.297853] v9fs_mount+0x79/0x8f0 [ 807.298630] ? v9fs_write_inode+0x60/0x60 [ 807.299556] legacy_get_tree+0x105/0x220 [ 807.300447] vfs_get_tree+0x8e/0x300 [ 807.301262] path_mount+0x13be/0x20b0 [ 807.302096] ? strncpy_from_user+0x9e/0x470 [ 807.303042] ? finish_automount+0xa40/0xa40 [ 807.303982] ? getname_flags.part.0+0x1dd/0x4f0 [ 807.304989] ? _copy_from_user+0xfb/0x1b0 [ 807.305910] __x64_sys_mount+0x282/0x300 [ 807.306796] ? copy_mnt_ns+0xa00/0xa00 [ 807.307660] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.308806] ? syscall_enter_from_user_mode+0x1d/0x50 [ 807.309942] do_syscall_64+0x33/0x40 [ 807.310755] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 807.311893] RIP: 0033:0x7ff8f0c7cb19 [ 807.312705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 807.315537] FAULT_INJECTION: forcing a failure. [ 807.315537] name failslab, interval 1, probability 0, space 0, times 0 [ 807.316730] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.316752] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 807.316767] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 807.322729] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 807.324292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 807.325843] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 807.327428] CPU: 0 PID: 6597 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 807.328186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 807.329141] Call Trace: [ 807.329460] dump_stack+0x107/0x167 23:50:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001380)=[{0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 23) 23:50:10 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0) [ 807.329880] should_fail.cold+0x5/0xa [ 807.330429] ? create_object.isra.0+0x3a/0xa20 [ 807.330937] should_failslab+0x5/0x20 [ 807.331365] kmem_cache_alloc+0x5b/0x360 [ 807.331810] ? lock_downgrade+0x6d0/0x6d0 [ 807.332266] create_object.isra.0+0x3a/0xa20 [ 807.332748] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.333308] __kmalloc_track_caller+0x177/0x3c0 [ 807.333815] ? p9_client_create+0x41d/0x1090 [ 807.334305] kstrdup+0x36/0x70 [ 807.334639] p9_client_create+0x41d/0x1090 [ 807.335082] ? lock_downgrade+0x6d0/0x6d0 [ 807.335544] ? p9_client_flush+0x430/0x430 [ 807.336011] ? lockdep_init_map_type+0x2c7/0x780 [ 807.336532] ? rcu_read_lock_sched_held+0x3e/0x80 [ 807.337062] ? __raw_spin_lock_init+0x36/0x110 [ 807.337597] v9fs_session_init+0x1dd/0x16a0 [ 807.338106] ? kmem_cache_alloc_trace+0x151/0x360 [ 807.338678] ? v9fs_show_options+0x690/0x690 [ 807.339215] ? kasan_unpoison_shadow+0x33/0x50 [ 807.339749] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.340338] v9fs_mount+0x79/0x8f0 [ 807.340750] ? v9fs_write_inode+0x60/0x60 [ 807.341227] legacy_get_tree+0x105/0x220 [ 807.341654] vfs_get_tree+0x8e/0x300 [ 807.342081] path_mount+0x13be/0x20b0 [ 807.342474] ? strncpy_from_user+0x9e/0x470 [ 807.342964] ? finish_automount+0xa40/0xa40 [ 807.343464] ? getname_flags.part.0+0x1dd/0x4f0 [ 807.343992] ? _copy_from_user+0xfb/0x1b0 [ 807.344484] __x64_sys_mount+0x282/0x300 [ 807.344961] ? copy_mnt_ns+0xa00/0xa00 [ 807.345413] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.346016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 807.346613] do_syscall_64+0x33/0x40 [ 807.347045] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 807.347637] RIP: 0033:0x7fbdabcfab19 [ 807.348021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 807.350124] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.350919] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 807.351744] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 807.352478] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 807.353303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 807.354034] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 807.357029] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 807.368369] FAT-fs (loop1): bogus number of reserved sectors [ 807.369088] FAT-fs (loop1): Can't find a valid FAT filesystem 23:50:10 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x700, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 807.390037] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) 23:50:10 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000001380)=[{0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:10 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 28) 23:50:10 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 2) [ 807.460267] FAULT_INJECTION: forcing a failure. [ 807.460267] name failslab, interval 1, probability 0, space 0, times 0 [ 807.461618] CPU: 0 PID: 6609 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 807.462360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 807.463224] Call Trace: [ 807.463525] dump_stack+0x107/0x167 [ 807.463938] should_fail.cold+0x5/0xa [ 807.464362] should_failslab+0x5/0x20 [ 807.464789] __kmalloc_track_caller+0x79/0x3c0 [ 807.465293] ? match_number+0xaf/0x1d0 [ 807.465737] kmemdup_nul+0x2d/0xa0 [ 807.466126] match_number+0xaf/0x1d0 [ 807.466513] ? match_u64+0x190/0x190 [ 807.466922] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 807.467423] ? memcpy+0x39/0x60 [ 807.467798] parse_opts.part.0+0x1f3/0x340 [ 807.468258] ? p9_fd_show_options+0x1c0/0x1c0 [ 807.468775] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.469386] ? trace_hardirqs_on+0x5b/0x180 [ 807.469890] ? kfree+0xd7/0x390 [ 807.470271] p9_fd_create+0x98/0x4a0 [ 807.470704] ? p9_conn_create+0x510/0x510 [ 807.471191] ? p9_client_create+0x798/0x1090 [ 807.471691] ? kfree+0xd7/0x390 [ 807.472072] ? do_raw_spin_unlock+0x4f/0x220 [ 807.472585] p9_client_create+0x7ff/0x1090 [ 807.473081] ? p9_client_flush+0x430/0x430 [ 807.473572] ? lockdep_init_map_type+0x2c7/0x780 [ 807.474116] ? rcu_read_lock_sched_held+0x3e/0x80 [ 807.474670] ? __raw_spin_lock_init+0x36/0x110 [ 807.475218] v9fs_session_init+0x1dd/0x16a0 [ 807.475730] ? kmem_cache_alloc_trace+0x151/0x360 [ 807.476293] ? v9fs_show_options+0x690/0x690 [ 807.476819] ? kasan_unpoison_shadow+0x33/0x50 [ 807.477343] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.477927] v9fs_mount+0x79/0x8f0 [ 807.478343] ? v9fs_write_inode+0x60/0x60 [ 807.478829] legacy_get_tree+0x105/0x220 [ 807.479311] vfs_get_tree+0x8e/0x300 [ 807.479741] path_mount+0x13be/0x20b0 [ 807.480185] ? strncpy_from_user+0x9e/0x470 [ 807.480686] ? finish_automount+0xa40/0xa40 [ 807.481189] ? getname_flags.part.0+0x1dd/0x4f0 [ 807.481721] ? _copy_from_user+0xfb/0x1b0 [ 807.482202] __x64_sys_mount+0x282/0x300 [ 807.482668] ? copy_mnt_ns+0xa00/0xa00 [ 807.483134] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.483753] ? syscall_enter_from_user_mode+0x1d/0x50 [ 807.484353] do_syscall_64+0x33/0x40 [ 807.484782] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 807.484822] FAULT_INJECTION: forcing a failure. [ 807.484822] name failslab, interval 1, probability 0, space 0, times 0 [ 807.485373] RIP: 0033:0x7ff8f0c7cb19 [ 807.485383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 807.485389] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.485400] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 807.485415] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 807.492908] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 807.493734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 807.494566] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 807.495417] CPU: 1 PID: 6614 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 807.496905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 23:50:10 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0) [ 807.498705] Call Trace: [ 807.499422] dump_stack+0x107/0x167 [ 807.500211] should_fail.cold+0x5/0xa [ 807.501044] ? create_object.isra.0+0x3a/0xa20 [ 807.502047] should_failslab+0x5/0x20 [ 807.502883] kmem_cache_alloc+0x5b/0x360 [ 807.503794] create_object.isra.0+0x3a/0xa20 [ 807.504755] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 807.505874] __kmalloc_track_caller+0x177/0x3c0 [ 807.506891] ? strndup_user+0x74/0xe0 [ 807.507735] memdup_user+0x22/0xd0 [ 807.508520] strndup_user+0x74/0xe0 [ 807.509312] __x64_sys_mount+0x133/0x300 [ 807.510200] ? copy_mnt_ns+0xa00/0xa00 [ 807.511059] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 807.512208] ? syscall_enter_from_user_mode+0x1d/0x50 [ 807.513334] do_syscall_64+0x33/0x40 [ 807.514146] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 807.515279] RIP: 0033:0x7fb012c72b19 [ 807.516092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 807.520088] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.521735] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 807.522656] 9pnet: Insufficient options for proto=fd [ 807.523290] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 807.523302] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 807.523316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 807.528521] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 807.576658] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:50:20 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x900, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 818.244225] FAULT_INJECTION: forcing a failure. [ 818.244225] name failslab, interval 1, probability 0, space 0, times 0 [ 818.245630] CPU: 0 PID: 6633 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 818.246378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.247304] Call Trace: [ 818.247604] dump_stack+0x107/0x167 [ 818.248015] should_fail.cold+0x5/0xa [ 818.248387] FAULT_INJECTION: forcing a failure. [ 818.248387] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 818.248446] ? create_object.isra.0+0x3a/0xa20 [ 818.251617] should_failslab+0x5/0x20 [ 818.252039] kmem_cache_alloc+0x5b/0x360 [ 818.252491] create_object.isra.0+0x3a/0xa20 [ 818.252978] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.253544] __kmalloc_track_caller+0x177/0x3c0 [ 818.254080] ? match_number+0xaf/0x1d0 [ 818.254528] kmemdup_nul+0x2d/0xa0 [ 818.254938] match_number+0xaf/0x1d0 [ 818.255375] ? match_u64+0x190/0x190 [ 818.255801] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 818.256351] ? memcpy+0x39/0x60 [ 818.256742] parse_opts.part.0+0x1f3/0x340 [ 818.257205] ? p9_fd_show_options+0x1c0/0x1c0 [ 818.257726] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.258316] ? trace_hardirqs_on+0x5b/0x180 [ 818.258814] ? kfree+0xd7/0x390 [ 818.259201] p9_fd_create+0x98/0x4a0 [ 818.259632] ? p9_conn_create+0x510/0x510 [ 818.260106] ? p9_client_create+0x798/0x1090 [ 818.260605] ? kfree+0xd7/0x390 [ 818.260988] ? do_raw_spin_unlock+0x4f/0x220 [ 818.261495] p9_client_create+0x7ff/0x1090 [ 818.261971] ? p9_client_flush+0x430/0x430 [ 818.262455] ? lockdep_init_map_type+0x2c7/0x780 [ 818.263001] ? rcu_read_lock_sched_held+0x3e/0x80 [ 818.263561] ? __raw_spin_lock_init+0x36/0x110 [ 818.264091] v9fs_session_init+0x1dd/0x16a0 [ 818.264589] ? kmem_cache_alloc_trace+0x151/0x360 [ 818.265137] ? v9fs_show_options+0x690/0x690 [ 818.265652] ? kasan_unpoison_shadow+0x33/0x50 [ 818.266174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.266757] v9fs_mount+0x79/0x8f0 [ 818.267161] ? v9fs_write_inode+0x60/0x60 [ 818.267622] legacy_get_tree+0x105/0x220 [ 818.268068] vfs_get_tree+0x8e/0x300 [ 818.268460] path_mount+0x13be/0x20b0 [ 818.268858] ? strncpy_from_user+0x9e/0x470 [ 818.269336] ? finish_automount+0xa40/0xa40 [ 818.269811] ? getname_flags.part.0+0x1dd/0x4f0 [ 818.270323] ? _copy_from_user+0xfb/0x1b0 [ 818.270788] __x64_sys_mount+0x282/0x300 [ 818.271248] ? copy_mnt_ns+0xa00/0xa00 [ 818.271675] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.272253] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.272818] do_syscall_64+0x33/0x40 [ 818.273249] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 818.273840] RIP: 0033:0x7ff8f0c7cb19 [ 818.274271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.276159] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.277031] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 818.277858] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 818.278693] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 818.279526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.280353] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 818.281203] CPU: 1 PID: 6636 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 818.282816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 23:50:20 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2], 0x28}}, 0x0) 23:50:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 29) 23:50:21 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{0x0}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:21 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:50:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 24) 23:50:21 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 3) 23:50:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x5, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 818.284859] Call Trace: [ 818.285522] dump_stack+0x107/0x167 [ 818.286375] should_fail.cold+0x5/0xa [ 818.287276] _copy_from_user+0x2e/0x1b0 [ 818.288209] memdup_user+0x65/0xd0 [ 818.289054] strndup_user+0x74/0xe0 [ 818.289902] __x64_sys_mount+0x133/0x300 [ 818.290855] ? copy_mnt_ns+0xa00/0xa00 [ 818.291794] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.293028] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.294266] do_syscall_64+0x33/0x40 [ 818.295153] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 818.296340] RIP: 0033:0x7fb012c72b19 [ 818.297196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.301451] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.303221] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 818.303814] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 818.304874] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 818.304888] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 818.304899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 818.304911] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 818.313341] FAULT_INJECTION: forcing a failure. [ 818.313341] name failslab, interval 1, probability 0, space 0, times 0 [ 818.315975] CPU: 1 PID: 6637 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 818.317567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.319517] Call Trace: [ 818.320136] dump_stack+0x107/0x167 [ 818.320988] should_fail.cold+0x5/0xa [ 818.321879] should_failslab+0x5/0x20 [ 818.322758] __kmalloc_track_caller+0x79/0x3c0 [ 818.323820] ? p9_client_create+0x51e/0x1090 [ 818.324846] kmemdup_nul+0x2d/0xa0 [ 818.325654] p9_client_create+0x51e/0x1090 [ 818.326628] ? p9_client_flush+0x430/0x430 [ 818.327641] ? lockdep_init_map_type+0x2c7/0x780 [ 818.328730] ? rcu_read_lock_sched_held+0x3e/0x80 [ 818.329848] ? __raw_spin_lock_init+0x36/0x110 [ 818.330913] v9fs_session_init+0x1dd/0x16a0 [ 818.331932] ? kmem_cache_alloc_trace+0x151/0x360 [ 818.333041] ? v9fs_show_options+0x690/0x690 [ 818.334072] ? kasan_unpoison_shadow+0x33/0x50 [ 818.335126] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.336300] v9fs_mount+0x79/0x8f0 [ 818.337112] ? v9fs_write_inode+0x60/0x60 [ 818.338070] legacy_get_tree+0x105/0x220 [ 818.339024] vfs_get_tree+0x8e/0x300 [ 818.339895] path_mount+0x13be/0x20b0 [ 818.340775] ? strncpy_from_user+0x9e/0x470 [ 818.341770] ? finish_automount+0xa40/0xa40 [ 818.342765] ? getname_flags.part.0+0x1dd/0x4f0 [ 818.343849] ? _copy_from_user+0xfb/0x1b0 [ 818.344814] __x64_sys_mount+0x282/0x300 [ 818.345749] ? copy_mnt_ns+0xa00/0xa00 [ 818.346648] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.347876] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.349058] do_syscall_64+0x33/0x40 [ 818.349915] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 818.351085] RIP: 0033:0x7fbdabcfab19 [ 818.351960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.356166] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.357904] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 818.359555] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 818.361194] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 818.362835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.364484] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 818.368903] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 23:50:21 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf00, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 30) [ 818.392750] FAT-fs (loop1): bogus number of reserved sectors [ 818.394060] FAT-fs (loop1): Can't find a valid FAT filesystem 23:50:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 818.403836] FAULT_INJECTION: forcing a failure. [ 818.403836] name failslab, interval 1, probability 0, space 0, times 0 [ 818.406172] CPU: 1 PID: 6649 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 818.407600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.409315] Call Trace: [ 818.409875] dump_stack+0x107/0x167 [ 818.410625] should_fail.cold+0x5/0xa [ 818.411447] should_failslab+0x5/0x20 [ 818.412235] __kmalloc_track_caller+0x79/0x3c0 [ 818.413178] ? match_number+0xaf/0x1d0 [ 818.413987] ? kfree+0xd7/0x390 [ 818.414676] kmemdup_nul+0x2d/0xa0 [ 818.415433] match_number+0xaf/0x1d0 [ 818.416196] ? match_u64+0x190/0x190 [ 818.416963] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 818.417960] ? memcpy+0x39/0x60 [ 818.418644] parse_opts.part.0+0x1f3/0x340 [ 818.419534] ? p9_fd_show_options+0x1c0/0x1c0 [ 818.420468] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.421555] ? trace_hardirqs_on+0x5b/0x180 [ 818.422447] ? kfree+0xd7/0x390 [ 818.423139] p9_fd_create+0x98/0x4a0 [ 818.423918] ? p9_conn_create+0x510/0x510 [ 818.424781] ? p9_client_create+0x798/0x1090 [ 818.425689] ? kfree+0xd7/0x390 [ 818.426371] ? do_raw_spin_unlock+0x4f/0x220 [ 818.427314] p9_client_create+0x7ff/0x1090 [ 818.428195] ? p9_client_flush+0x430/0x430 23:50:21 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 4) [ 818.429068] ? lockdep_init_map_type+0x2c7/0x780 [ 818.430186] ? rcu_read_lock_sched_held+0x3e/0x80 [ 818.431198] ? __raw_spin_lock_init+0x36/0x110 [ 818.432149] v9fs_session_init+0x1dd/0x16a0 [ 818.433042] ? kmem_cache_alloc_trace+0x151/0x360 23:50:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 25) [ 818.434026] ? v9fs_show_options+0x690/0x690 [ 818.435035] ? kasan_unpoison_shadow+0x33/0x50 [ 818.436002] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.437053] v9fs_mount+0x79/0x8f0 [ 818.437785] ? v9fs_write_inode+0x60/0x60 [ 818.438639] legacy_get_tree+0x105/0x220 [ 818.439494] vfs_get_tree+0x8e/0x300 [ 818.440262] path_mount+0x13be/0x20b0 [ 818.441059] ? strncpy_from_user+0x9e/0x470 [ 818.441958] ? finish_automount+0xa40/0xa40 [ 818.442857] ? getname_flags.part.0+0x1dd/0x4f0 [ 818.443828] ? _copy_from_user+0xfb/0x1b0 [ 818.444700] __x64_sys_mount+0x282/0x300 [ 818.445526] ? copy_mnt_ns+0xa00/0xa00 [ 818.446330] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.447423] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.448492] do_syscall_64+0x33/0x40 [ 818.449266] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 818.450320] RIP: 0033:0x7ff8f0c7cb19 [ 818.451090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.454874] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.456461] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 818.457934] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 818.459417] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 818.460895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.462370] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 818.464012] 9pnet: Insufficient options for proto=fd [ 818.491810] FAULT_INJECTION: forcing a failure. [ 818.491810] name failslab, interval 1, probability 0, space 0, times 0 [ 818.493693] CPU: 0 PID: 6657 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 818.494787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.496138] Call Trace: [ 818.496476] dump_stack+0x107/0x167 [ 818.496937] should_fail.cold+0x5/0xa [ 818.497419] ? copy_mount_options+0x55/0x180 [ 818.497970] should_failslab+0x5/0x20 [ 818.498452] kmem_cache_alloc_trace+0x55/0x360 [ 818.499047] ? _copy_from_user+0xfb/0x1b0 [ 818.499580] copy_mount_options+0x55/0x180 [ 818.500113] __x64_sys_mount+0x1a8/0x300 [ 818.500613] ? copy_mnt_ns+0xa00/0xa00 [ 818.501102] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.501756] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.502417] do_syscall_64+0x33/0x40 [ 818.502894] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 818.503536] RIP: 0033:0x7fb012c72b19 [ 818.504000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.506366] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.507357] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 818.508280] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 818.509188] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 818.510094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 818.510992] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:50:21 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:50:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2], 0x28}}, 0x0) [ 818.554413] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 818.558034] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.7'. [ 818.612838] FAULT_INJECTION: forcing a failure. [ 818.612838] name failslab, interval 1, probability 0, space 0, times 0 [ 818.614149] CPU: 0 PID: 6662 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 818.614893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.615757] Call Trace: [ 818.616038] dump_stack+0x107/0x167 [ 818.616442] should_fail.cold+0x5/0xa [ 818.616864] ? create_object.isra.0+0x3a/0xa20 [ 818.617369] should_failslab+0x5/0x20 [ 818.617787] kmem_cache_alloc+0x5b/0x360 [ 818.618232] create_object.isra.0+0x3a/0xa20 [ 818.618713] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.619275] __kmalloc_track_caller+0x177/0x3c0 [ 818.619784] ? p9_client_create+0x51e/0x1090 [ 818.620254] kmemdup_nul+0x2d/0xa0 [ 818.620647] p9_client_create+0x51e/0x1090 [ 818.621112] ? p9_client_flush+0x430/0x430 [ 818.621595] ? lockdep_init_map_type+0x2c7/0x780 [ 818.622136] ? rcu_read_lock_sched_held+0x3e/0x80 [ 818.622698] ? __raw_spin_lock_init+0x36/0x110 [ 818.623248] v9fs_session_init+0x1dd/0x16a0 [ 818.623758] ? kmem_cache_alloc_trace+0x151/0x360 [ 818.624316] ? v9fs_show_options+0x690/0x690 [ 818.624835] ? kasan_unpoison_shadow+0x33/0x50 [ 818.625365] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.625888] v9fs_mount+0x79/0x8f0 [ 818.626295] ? v9fs_write_inode+0x60/0x60 [ 818.626783] legacy_get_tree+0x105/0x220 [ 818.627263] vfs_get_tree+0x8e/0x300 [ 818.627703] path_mount+0x13be/0x20b0 [ 818.628145] ? strncpy_from_user+0x9e/0x470 [ 818.628648] ? finish_automount+0xa40/0xa40 [ 818.629151] ? getname_flags.part.0+0x1dd/0x4f0 [ 818.629683] ? _copy_from_user+0xfb/0x1b0 [ 818.630170] __x64_sys_mount+0x282/0x300 [ 818.630648] ? copy_mnt_ns+0xa00/0xa00 [ 818.631104] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.631728] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.632332] do_syscall_64+0x33/0x40 [ 818.632768] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 818.633298] RIP: 0033:0x7fbdabcfab19 [ 818.633714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.635832] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.636701] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 818.637441] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 818.638256] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 818.639082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.639914] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 818.645392] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:50:34 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x7, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 31) 23:50:34 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2], 0x28}}, 0x0) [ 832.178879] FAULT_INJECTION: forcing a failure. [ 832.178879] name failslab, interval 1, probability 0, space 0, times 0 [ 832.179946] FAULT_INJECTION: forcing a failure. [ 832.179946] name failslab, interval 1, probability 0, space 0, times 0 [ 832.181471] CPU: 1 PID: 6669 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 832.184018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.185809] Call Trace: [ 832.186395] dump_stack+0x107/0x167 [ 832.187191] should_fail.cold+0x5/0xa [ 832.188029] ? create_object.isra.0+0x3a/0xa20 [ 832.189022] should_failslab+0x5/0x20 [ 832.189849] kmem_cache_alloc+0x5b/0x360 [ 832.190732] create_object.isra.0+0x3a/0xa20 [ 832.191694] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 832.192797] __kmalloc_track_caller+0x177/0x3c0 [ 832.193800] ? match_number+0xaf/0x1d0 [ 832.194650] kmemdup_nul+0x2d/0xa0 [ 832.195437] match_number+0xaf/0x1d0 [ 832.196267] ? match_u64+0x190/0x190 [ 832.197074] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 832.198114] ? memcpy+0x39/0x60 [ 832.198842] parse_opts.part.0+0x1f3/0x340 [ 832.199766] ? p9_fd_show_options+0x1c0/0x1c0 [ 832.200733] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.201864] ? trace_hardirqs_on+0x5b/0x180 [ 832.202789] ? kfree+0xd7/0x390 [ 832.203517] p9_fd_create+0x98/0x4a0 [ 832.204315] ? p9_conn_create+0x510/0x510 [ 832.205205] ? p9_client_create+0x798/0x1090 [ 832.206150] ? kfree+0xd7/0x390 [ 832.206862] ? do_raw_spin_unlock+0x4f/0x220 [ 832.207833] p9_client_create+0x7ff/0x1090 [ 832.208754] ? p9_client_flush+0x430/0x430 [ 832.209670] ? lockdep_init_map_type+0x2c7/0x780 [ 832.210690] ? rcu_read_lock_sched_held+0x3e/0x80 [ 832.211741] ? __raw_spin_lock_init+0x36/0x110 [ 832.212740] v9fs_session_init+0x1dd/0x16a0 [ 832.213678] ? kmem_cache_alloc_trace+0x151/0x360 [ 832.214720] ? v9fs_show_options+0x690/0x690 [ 832.215981] ? kasan_unpoison_shadow+0x33/0x50 [ 832.216964] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 832.218062] v9fs_mount+0x79/0x8f0 [ 832.218836] ? v9fs_write_inode+0x60/0x60 [ 832.219734] legacy_get_tree+0x105/0x220 [ 832.220617] vfs_get_tree+0x8e/0x300 [ 832.221421] path_mount+0x13be/0x20b0 [ 832.222247] ? strncpy_from_user+0x9e/0x470 [ 832.223175] ? finish_automount+0xa40/0xa40 [ 832.224115] ? getname_flags.part.0+0x1dd/0x4f0 [ 832.225116] ? _copy_from_user+0xfb/0x1b0 [ 832.226027] __x64_sys_mount+0x282/0x300 [ 832.226903] ? copy_mnt_ns+0xa00/0xa00 [ 832.227769] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.228900] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.230018] do_syscall_64+0x33/0x40 [ 832.230821] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 832.231948] RIP: 0033:0x7ff8f0c7cb19 [ 832.232748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.236700] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.238333] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 832.239884] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 832.241411] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 832.242938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 832.244477] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 832.246030] CPU: 0 PID: 6678 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 832.246833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.247811] Call Trace: [ 832.248117] dump_stack+0x107/0x167 [ 832.248537] should_fail.cold+0x5/0xa [ 832.248977] should_failslab+0x5/0x20 [ 832.249418] __kmalloc_track_caller+0x79/0x3c0 [ 832.249942] ? parse_opts.part.0+0x8e/0x340 [ 832.250444] kstrdup+0x36/0x70 [ 832.250813] parse_opts.part.0+0x8e/0x340 [ 832.251275] ? p9_fd_show_options+0x1c0/0x1c0 [ 832.251795] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.252387] ? quarantine_put+0x8b/0x1a0 [ 832.252842] ? trace_hardirqs_on+0x5b/0x180 [ 832.253354] ? kfree+0xd7/0x390 [ 832.253738] p9_fd_create+0x98/0x4a0 [ 832.254158] ? p9_conn_create+0x510/0x510 [ 832.254630] ? p9_client_create+0x798/0x1090 [ 832.255131] ? kfree+0xd7/0x390 [ 832.255521] ? do_raw_spin_unlock+0x4f/0x220 [ 832.256021] p9_client_create+0x7ff/0x1090 [ 832.256509] ? p9_client_flush+0x430/0x430 [ 832.257007] ? lockdep_init_map_type+0x2c7/0x780 [ 832.257544] ? rcu_read_lock_sched_held+0x3e/0x80 [ 832.257744] FAT-fs (loop1): bogus number of reserved sectors [ 832.258087] ? __raw_spin_lock_init+0x36/0x110 [ 832.259383] FAT-fs (loop1): Can't find a valid FAT filesystem [ 832.259823] v9fs_session_init+0x1dd/0x16a0 [ 832.259840] ? kmem_cache_alloc_trace+0x151/0x360 [ 832.259851] ? v9fs_show_options+0x690/0x690 [ 832.259871] ? kasan_unpoison_shadow+0x33/0x50 [ 832.263102] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 832.263679] v9fs_mount+0x79/0x8f0 [ 832.264084] ? v9fs_write_inode+0x60/0x60 [ 832.264557] legacy_get_tree+0x105/0x220 [ 832.265025] vfs_get_tree+0x8e/0x300 [ 832.265451] path_mount+0x13be/0x20b0 [ 832.265888] ? strncpy_from_user+0x9e/0x470 [ 832.266380] ? finish_automount+0xa40/0xa40 [ 832.266874] ? getname_flags.part.0+0x1dd/0x4f0 [ 832.267385] ? _copy_from_user+0xfb/0x1b0 [ 832.267860] __x64_sys_mount+0x282/0x300 [ 832.268303] ? copy_mnt_ns+0xa00/0xa00 [ 832.268751] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.269319] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.269914] do_syscall_64+0x33/0x40 [ 832.270324] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 832.270902] RIP: 0033:0x7fbdabcfab19 [ 832.271305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.273441] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.274315] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 832.275123] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 832.275948] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 832.276758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 832.277569] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 832.278492] 9pnet: Insufficient options for proto=fd [ 832.279256] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:50:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{0x0}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 26) 23:50:35 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xce00, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:35 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:50:35 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 5) 23:50:35 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x8, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:35 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) [ 832.323341] FAULT_INJECTION: forcing a failure. [ 832.323341] name failslab, interval 1, probability 0, space 0, times 0 [ 832.325893] CPU: 1 PID: 6685 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 832.327377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.329151] Call Trace: [ 832.329723] dump_stack+0x107/0x167 [ 832.330508] should_fail.cold+0x5/0xa [ 832.331334] ? create_object.isra.0+0x3a/0xa20 [ 832.332317] should_failslab+0x5/0x20 [ 832.333132] kmem_cache_alloc+0x5b/0x360 [ 832.334012] create_object.isra.0+0x3a/0xa20 [ 832.334970] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 832.336063] kmem_cache_alloc_trace+0x151/0x360 [ 832.337063] ? _copy_from_user+0xfb/0x1b0 [ 832.337957] copy_mount_options+0x55/0x180 [ 832.338871] __x64_sys_mount+0x1a8/0x300 [ 832.339766] ? copy_mnt_ns+0xa00/0xa00 [ 832.340616] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.341742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.342868] do_syscall_64+0x33/0x40 [ 832.343679] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 832.344793] RIP: 0033:0x7fb012c72b19 [ 832.345588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.349503] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.350421] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 832.351125] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 832.351138] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 832.351153] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 832.356666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 832.358185] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 832.362459] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.7'. 23:50:35 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{0x0}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:35 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x9, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:35 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 32) 23:50:35 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:35 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) 23:50:35 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 832.427428] FAT-fs (loop1): bogus number of reserved sectors [ 832.428804] FAT-fs (loop1): Can't find a valid FAT filesystem [ 832.430286] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.7'. [ 832.432347] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 832.433400] FAULT_INJECTION: forcing a failure. [ 832.433400] name failslab, interval 1, probability 0, space 0, times 0 [ 832.435424] CPU: 0 PID: 6701 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 832.436195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.437145] Call Trace: [ 832.437459] dump_stack+0x107/0x167 [ 832.437887] should_fail.cold+0x5/0xa [ 832.438327] ? p9_fd_create+0x161/0x4a0 [ 832.438789] should_failslab+0x5/0x20 [ 832.439228] kmem_cache_alloc_trace+0x55/0x360 [ 832.439772] p9_fd_create+0x161/0x4a0 [ 832.440209] ? p9_conn_create+0x510/0x510 [ 832.440687] ? p9_client_create+0x798/0x1090 [ 832.441189] ? kfree+0xd7/0x390 [ 832.441569] ? do_raw_spin_unlock+0x4f/0x220 [ 832.442088] p9_client_create+0x7ff/0x1090 [ 832.442587] ? p9_client_flush+0x430/0x430 [ 832.443078] ? lockdep_init_map_type+0x2c7/0x780 [ 832.443620] ? rcu_read_lock_sched_held+0x3e/0x80 [ 832.444177] ? __raw_spin_lock_init+0x36/0x110 [ 832.444711] v9fs_session_init+0x1dd/0x16a0 [ 832.445213] ? kmem_cache_alloc_trace+0x151/0x360 [ 832.445767] ? v9fs_show_options+0x690/0x690 [ 832.446285] ? kasan_unpoison_shadow+0x33/0x50 [ 832.446816] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 832.447413] v9fs_mount+0x79/0x8f0 [ 832.447823] ? v9fs_write_inode+0x60/0x60 [ 832.448305] legacy_get_tree+0x105/0x220 [ 832.448773] vfs_get_tree+0x8e/0x300 [ 832.449203] path_mount+0x13be/0x20b0 [ 832.449644] ? strncpy_from_user+0x9e/0x470 [ 832.450139] ? finish_automount+0xa40/0xa40 [ 832.450644] ? getname_flags.part.0+0x1dd/0x4f0 [ 832.451184] ? _copy_from_user+0xfb/0x1b0 [ 832.451681] __x64_sys_mount+0x282/0x300 [ 832.452156] ? copy_mnt_ns+0xa00/0xa00 [ 832.452610] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.453224] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.453823] do_syscall_64+0x33/0x40 [ 832.454255] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 832.454848] RIP: 0033:0x7ff8f0c7cb19 [ 832.455278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.457297] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.458173] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 832.458999] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 832.459831] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 832.460667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 832.461496] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:50:35 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 832.477471] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 832.554371] FAT-fs (loop1): bogus number of reserved sectors [ 832.555118] FAT-fs (loop1): Can't find a valid FAT filesystem 23:50:48 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 33) 23:50:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 845.351498] FAULT_INJECTION: forcing a failure. [ 845.351498] name failslab, interval 1, probability 0, space 0, times 0 [ 845.354380] CPU: 1 PID: 6726 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 845.356078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.358088] Call Trace: [ 845.358737] dump_stack+0x107/0x167 23:50:48 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 6) 23:50:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:50:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x34000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:48 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 27) 23:50:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x0) [ 845.359632] should_fail.cold+0x5/0xa [ 845.360750] ? create_object.isra.0+0x3a/0xa20 [ 845.361063] FAULT_INJECTION: forcing a failure. [ 845.361063] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 845.361868] should_failslab+0x5/0x20 [ 845.361891] kmem_cache_alloc+0x5b/0x360 [ 845.364952] ? legacy_get_tree+0x105/0x220 [ 845.365869] ? vfs_get_tree+0x8e/0x300 [ 845.366720] create_object.isra.0+0x3a/0xa20 [ 845.367683] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.368790] __kmalloc_track_caller+0x177/0x3c0 [ 845.369797] ? parse_opts.part.0+0x8e/0x340 [ 845.370740] kstrdup+0x36/0x70 [ 845.371447] parse_opts.part.0+0x8e/0x340 [ 845.372366] ? p9_fd_show_options+0x1c0/0x1c0 [ 845.373347] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.374497] ? quarantine_put+0x8b/0x1a0 [ 845.375371] ? trace_hardirqs_on+0x5b/0x180 [ 845.376336] ? kfree+0xd7/0x390 [ 845.377086] p9_fd_create+0x98/0x4a0 [ 845.377912] ? p9_conn_create+0x510/0x510 [ 845.378815] ? p9_client_create+0x798/0x1090 [ 845.379818] ? kfree+0xd7/0x390 [ 845.380562] ? do_raw_spin_unlock+0x4f/0x220 [ 845.381537] p9_client_create+0x7ff/0x1090 [ 845.382456] ? p9_client_flush+0x430/0x430 [ 845.383392] ? lockdep_init_map_type+0x2c7/0x780 [ 845.384418] ? rcu_read_lock_sched_held+0x3e/0x80 [ 845.385473] ? __raw_spin_lock_init+0x36/0x110 [ 845.386496] v9fs_session_init+0x1dd/0x16a0 [ 845.387435] ? kmem_cache_alloc_trace+0x151/0x360 [ 845.388496] ? v9fs_show_options+0x690/0x690 [ 845.389465] ? kasan_unpoison_shadow+0x33/0x50 [ 845.390457] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.391568] v9fs_mount+0x79/0x8f0 [ 845.392344] ? v9fs_write_inode+0x60/0x60 [ 845.393243] legacy_get_tree+0x105/0x220 [ 845.394125] vfs_get_tree+0x8e/0x300 [ 845.394935] path_mount+0x13be/0x20b0 [ 845.395781] ? strncpy_from_user+0x9e/0x470 [ 845.396715] ? finish_automount+0xa40/0xa40 [ 845.397648] ? getname_flags.part.0+0x1dd/0x4f0 [ 845.398645] ? _copy_from_user+0xfb/0x1b0 [ 845.399558] __x64_sys_mount+0x282/0x300 [ 845.400435] ? copy_mnt_ns+0xa00/0xa00 [ 845.401279] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.402407] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.403536] do_syscall_64+0x33/0x40 [ 845.404357] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 845.405463] RIP: 0033:0x7fbdabcfab19 [ 845.406272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.410241] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.411891] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 845.413427] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 845.414960] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 845.416522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 845.418058] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 845.419629] CPU: 0 PID: 6728 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 845.420376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.421333] Call Trace: [ 845.421645] dump_stack+0x107/0x167 [ 845.422101] should_fail.cold+0x5/0xa [ 845.422574] _copy_from_user+0x2e/0x1b0 [ 845.423065] copy_mount_options+0x76/0x180 [ 845.423602] __x64_sys_mount+0x1a8/0x300 [ 845.424087] ? copy_mnt_ns+0xa00/0xa00 [ 845.424547] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.425181] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.425280] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 845.425796] do_syscall_64+0x33/0x40 [ 845.425807] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 845.425813] RIP: 0033:0x7fb012c72b19 [ 845.425823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.425836] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.432231] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 845.433081] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 845.433934] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 845.434832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 845.435753] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 845.438718] FAULT_INJECTION: forcing a failure. [ 845.438718] name failslab, interval 1, probability 0, space 0, times 0 [ 845.439767] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.7'. [ 845.441290] CPU: 1 PID: 6720 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 845.443638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.444743] FAT-fs (loop1): bogus number of reserved sectors [ 845.445428] Call Trace: [ 845.445451] dump_stack+0x107/0x167 [ 845.445474] should_fail.cold+0x5/0xa [ 845.446169] FAT-fs (loop1): Can't find a valid FAT filesystem [ 845.446715] ? create_object.isra.0+0x3a/0xa20 [ 845.446736] should_failslab+0x5/0x20 [ 845.451008] kmem_cache_alloc+0x5b/0x360 [ 845.451891] ? p9_fd_show_options+0x1c0/0x1c0 [ 845.452863] create_object.isra.0+0x3a/0xa20 [ 845.453814] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.454921] kmem_cache_alloc_trace+0x151/0x360 [ 845.455935] p9_fd_create+0x161/0x4a0 [ 845.456770] ? p9_conn_create+0x510/0x510 [ 845.457660] ? p9_client_create+0x798/0x1090 [ 845.458608] ? kfree+0xd7/0x390 [ 845.459320] ? do_raw_spin_unlock+0x4f/0x220 [ 845.460296] p9_client_create+0x7ff/0x1090 [ 845.461216] ? p9_client_flush+0x430/0x430 [ 845.462137] ? lockdep_init_map_type+0x2c7/0x780 [ 845.463159] ? rcu_read_lock_sched_held+0x3e/0x80 [ 845.464209] ? __raw_spin_lock_init+0x36/0x110 [ 845.465201] v9fs_session_init+0x1dd/0x16a0 [ 845.466146] ? kmem_cache_alloc_trace+0x151/0x360 [ 845.467184] ? v9fs_show_options+0x690/0x690 [ 845.468182] ? kasan_unpoison_shadow+0x33/0x50 [ 845.469174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.470273] v9fs_mount+0x79/0x8f0 [ 845.471043] ? v9fs_write_inode+0x60/0x60 [ 845.471953] legacy_get_tree+0x105/0x220 [ 845.472841] vfs_get_tree+0x8e/0x300 [ 845.473650] path_mount+0x13be/0x20b0 [ 845.474476] ? strncpy_from_user+0x9e/0x470 [ 845.475409] ? finish_automount+0xa40/0xa40 [ 845.476359] ? getname_flags.part.0+0x1dd/0x4f0 [ 845.477359] ? _copy_from_user+0xfb/0x1b0 [ 845.478269] __x64_sys_mount+0x282/0x300 [ 845.479148] ? copy_mnt_ns+0xa00/0xa00 [ 845.480006] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.481141] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.482255] do_syscall_64+0x33/0x40 [ 845.483059] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 845.484178] RIP: 0033:0x7ff8f0c7cb19 [ 845.484983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.486655] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 845.488949] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.488975] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 845.490593] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 845.491557] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 845.491568] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 845.491580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 845.491595] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:50:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 845.531169] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.7'. 23:50:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 7) 23:50:48 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xe1, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e38266470be4673d3800a2437c1a797193c3865c5a15bf37"], 0x28}}, 0x0) 23:50:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x80000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 845.583791] FAULT_INJECTION: forcing a failure. [ 845.583791] name failslab, interval 1, probability 0, space 0, times 0 [ 845.586381] CPU: 1 PID: 6744 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 845.587876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.588586] FAT-fs (loop1): bogus number of reserved sectors [ 845.589684] Call Trace: [ 845.589712] dump_stack+0x107/0x167 [ 845.589735] should_fail.cold+0x5/0xa [ 845.590362] FAT-fs (loop1): Can't find a valid FAT filesystem [ 845.590929] ? getname_flags.part.0+0x50/0x4f0 [ 845.590951] should_failslab+0x5/0x20 [ 845.595178] kmem_cache_alloc+0x5b/0x360 [ 845.596078] getname_flags.part.0+0x50/0x4f0 [ 845.597026] ? _copy_from_user+0xfb/0x1b0 [ 845.597923] user_path_at_empty+0xa1/0x100 [ 845.598842] __x64_sys_mount+0x1e9/0x300 [ 845.599745] ? copy_mnt_ns+0xa00/0xa00 [ 845.600592] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.601727] ? syscall_enter_from_user_mode+0x1d/0x50 23:50:48 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 845.602934] do_syscall_64+0x33/0x40 [ 845.603807] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 845.604915] RIP: 0033:0x7fb012c72b19 [ 845.605721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.609700] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.611338] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 23:50:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600", 0xc}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 845.612883] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 845.614508] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 845.616062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 845.617602] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 845.720866] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) 23:50:48 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 34) 23:50:48 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x300, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600", 0xc}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:50:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x400300, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:50:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:50:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:50:48 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 28) [ 845.766164] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 845.778314] FAULT_INJECTION: forcing a failure. [ 845.778314] name failslab, interval 1, probability 0, space 0, times 0 [ 845.780813] CPU: 1 PID: 6763 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 845.782202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.783898] Call Trace: [ 845.784442] dump_stack+0x107/0x167 [ 845.785192] should_fail.cold+0x5/0xa [ 845.785973] should_failslab+0x5/0x20 [ 845.786759] __kmalloc_track_caller+0x79/0x3c0 [ 845.787710] ? match_number+0xaf/0x1d0 [ 845.788514] kmemdup_nul+0x2d/0xa0 [ 845.789245] match_number+0xaf/0x1d0 [ 845.790010] ? match_u64+0x190/0x190 [ 845.790777] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 845.791782] ? memcpy+0x39/0x60 [ 845.791797] FAULT_INJECTION: forcing a failure. [ 845.791797] name failslab, interval 1, probability 0, space 0, times 0 [ 845.794722] parse_opts.part.0+0x1f3/0x340 [ 845.795609] ? p9_fd_show_options+0x1c0/0x1c0 [ 845.796546] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.797640] ? trace_hardirqs_on+0x5b/0x180 [ 845.798525] ? kfree+0xd7/0x390 [ 845.799223] p9_fd_create+0x98/0x4a0 [ 845.800012] ? p9_conn_create+0x510/0x510 [ 845.800869] ? p9_client_create+0x798/0x1090 [ 845.801785] ? kfree+0xd7/0x390 [ 845.802455] ? do_raw_spin_unlock+0x4f/0x220 [ 845.803371] p9_client_create+0x7ff/0x1090 [ 845.804251] ? p9_client_flush+0x430/0x430 [ 845.805144] ? lockdep_init_map_type+0x2c7/0x780 [ 845.806129] ? rcu_read_lock_sched_held+0x3e/0x80 [ 845.807135] ? __raw_spin_lock_init+0x36/0x110 [ 845.808111] v9fs_session_init+0x1dd/0x16a0 [ 845.809023] ? kmem_cache_alloc_trace+0x151/0x360 [ 845.810033] ? v9fs_show_options+0x690/0x690 [ 845.810961] ? kasan_unpoison_shadow+0x33/0x50 [ 845.811927] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.813009] v9fs_mount+0x79/0x8f0 [ 845.813753] ? v9fs_write_inode+0x60/0x60 [ 845.814591] legacy_get_tree+0x105/0x220 [ 845.815454] vfs_get_tree+0x8e/0x300 [ 845.816266] path_mount+0x13be/0x20b0 [ 845.817063] ? strncpy_from_user+0x9e/0x470 [ 845.817970] ? finish_automount+0xa40/0xa40 [ 845.818881] ? getname_flags.part.0+0x1dd/0x4f0 [ 845.819862] ? _copy_from_user+0xfb/0x1b0 [ 845.820726] __x64_sys_mount+0x282/0x300 [ 845.821578] ? copy_mnt_ns+0xa00/0xa00 [ 845.822400] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.823489] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.824589] do_syscall_64+0x33/0x40 [ 845.825369] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 845.826424] RIP: 0033:0x7fbdabcfab19 [ 845.827199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.831012] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.832620] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 845.834119] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 845.835601] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 845.837099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 845.838571] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 845.840100] CPU: 0 PID: 6769 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 845.841041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.842155] Call Trace: [ 845.842517] dump_stack+0x107/0x167 [ 845.843000] should_fail.cold+0x5/0xa [ 845.843514] ? p9_client_prepare_req.part.0+0x3a/0xb30 [ 845.844222] should_failslab+0x5/0x20 [ 845.844727] kmem_cache_alloc+0x5b/0x360 [ 845.845261] ? p9_pollwait+0x1a7/0x210 [ 845.845777] p9_client_prepare_req.part.0+0x3a/0xb30 [ 845.846452] p9_client_rpc+0x220/0x1210 [ 845.846982] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 845.847704] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 845.848317] ? snd_seq_poll+0x15b/0x2d0 [ 845.848841] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 845.849557] ? p9_fd_poll+0x1e0/0x2c0 [ 845.850062] ? p9_fd_create+0x357/0x4a0 [ 845.850583] ? p9_conn_create+0x510/0x510 [ 845.851123] ? p9_client_create+0x798/0x1090 [ 845.851713] ? kfree+0xd7/0x390 [ 845.852149] ? do_raw_spin_unlock+0x4f/0x220 [ 845.852317] 9pnet: Insufficient options for proto=fd [ 845.852730] p9_client_create+0xa76/0x1090 [ 845.852747] ? p9_client_flush+0x430/0x430 [ 845.852773] ? lockdep_init_map_type+0x2c7/0x780 [ 845.855575] ? rcu_read_lock_sched_held+0x3e/0x80 [ 845.856217] ? __raw_spin_lock_init+0x36/0x110 [ 845.856831] v9fs_session_init+0x1dd/0x16a0 [ 845.857407] ? kmem_cache_alloc_trace+0x151/0x360 [ 845.858048] ? v9fs_show_options+0x690/0x690 [ 845.858636] ? kasan_unpoison_shadow+0x33/0x50 [ 845.859236] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.859944] v9fs_mount+0x79/0x8f0 [ 845.860423] ? v9fs_write_inode+0x60/0x60 [ 845.860973] legacy_get_tree+0x105/0x220 [ 845.861509] vfs_get_tree+0x8e/0x300 [ 845.862007] path_mount+0x13be/0x20b0 [ 845.862515] ? strncpy_from_user+0x9e/0x470 [ 845.863097] ? finish_automount+0xa40/0xa40 [ 845.863678] ? getname_flags.part.0+0x1dd/0x4f0 [ 845.864291] ? _copy_from_user+0xfb/0x1b0 [ 845.864839] __x64_sys_mount+0x282/0x300 [ 845.865373] ? copy_mnt_ns+0xa00/0xa00 [ 845.865891] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.866591] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.867279] do_syscall_64+0x33/0x40 [ 845.867790] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 845.868471] RIP: 0033:0x7ff8f0c7cb19 [ 845.868960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.871388] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.872421] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 845.873364] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 845.874299] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 845.875239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 845.876201] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 845.909680] FAT-fs (loop1): bogus number of reserved sectors [ 845.911038] FAT-fs (loop1): Can't find a valid FAT filesystem 23:51:00 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 8) 23:51:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600", 0xc}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:51:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 29) 23:51:00 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:51:00 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 857.495264] FAULT_INJECTION: forcing a failure. [ 857.495264] name failslab, interval 1, probability 0, space 0, times 0 [ 857.496855] CPU: 0 PID: 6787 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 857.497803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 857.498937] Call Trace: [ 857.499077] FAULT_INJECTION: forcing a failure. [ 857.499077] name failslab, interval 1, probability 0, space 0, times 0 [ 857.499322] dump_stack+0x107/0x167 [ 857.502111] should_fail.cold+0x5/0xa [ 857.502655] ? create_object.isra.0+0x3a/0xa20 [ 857.503299] should_failslab+0x5/0x20 [ 857.503853] kmem_cache_alloc+0x5b/0x360 [ 857.504424] create_object.isra.0+0x3a/0xa20 [ 857.505036] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 857.505754] __kmalloc_track_caller+0x177/0x3c0 [ 857.506401] ? match_number+0xaf/0x1d0 [ 857.506949] kmemdup_nul+0x2d/0xa0 [ 857.507448] match_number+0xaf/0x1d0 [ 857.507983] ? match_u64+0x190/0x190 [ 857.508507] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 857.509199] ? memcpy+0x39/0x60 [ 857.509666] parse_opts.part.0+0x1f3/0x340 [ 857.510268] ? p9_fd_show_options+0x1c0/0x1c0 [ 857.510915] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.511659] ? trace_hardirqs_on+0x5b/0x180 [ 857.512274] ? kfree+0xd7/0x390 [ 857.512742] p9_fd_create+0x98/0x4a0 [ 857.513262] ? p9_conn_create+0x510/0x510 [ 857.513845] ? p9_client_create+0x798/0x1090 [ 857.514460] ? kfree+0xd7/0x390 [ 857.514928] ? do_raw_spin_unlock+0x4f/0x220 [ 857.515541] p9_client_create+0x7ff/0x1090 [ 857.516148] ? p9_client_flush+0x430/0x430 [ 857.516742] ? lockdep_init_map_type+0x2c7/0x780 [ 857.517408] ? rcu_read_lock_sched_held+0x3e/0x80 [ 857.518084] ? __raw_spin_lock_init+0x36/0x110 [ 857.518730] v9fs_session_init+0x1dd/0x16a0 [ 857.519342] ? kmem_cache_alloc_trace+0x151/0x360 [ 857.520039] ? v9fs_show_options+0x690/0x690 [ 857.520672] ? kasan_unpoison_shadow+0x33/0x50 [ 857.521332] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 857.522053] v9fs_mount+0x79/0x8f0 [ 857.522552] ? v9fs_write_inode+0x60/0x60 [ 857.523133] legacy_get_tree+0x105/0x220 [ 857.523718] vfs_get_tree+0x8e/0x300 [ 857.524244] path_mount+0x13be/0x20b0 [ 857.524777] ? strncpy_from_user+0x9e/0x470 [ 857.525378] ? finish_automount+0xa40/0xa40 [ 857.525999] ? getname_flags.part.0+0x1dd/0x4f0 [ 857.526655] ? _copy_from_user+0xfb/0x1b0 [ 857.527249] __x64_sys_mount+0x282/0x300 [ 857.527835] ? copy_mnt_ns+0xa00/0xa00 [ 857.528385] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.529153] ? syscall_enter_from_user_mode+0x1d/0x50 [ 857.529885] do_syscall_64+0x33/0x40 [ 857.530411] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 857.531145] RIP: 0033:0x7fbdabcfab19 [ 857.531677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 857.534287] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.535350] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 857.536356] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 857.537355] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 857.538363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 857.539361] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 857.540403] CPU: 1 PID: 6788 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 857.541803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 857.543500] Call Trace: [ 857.544057] dump_stack+0x107/0x167 [ 857.544804] should_fail.cold+0x5/0xa [ 857.545583] ? create_object.isra.0+0x3a/0xa20 [ 857.546519] should_failslab+0x5/0x20 [ 857.547293] kmem_cache_alloc+0x5b/0x360 [ 857.548141] create_object.isra.0+0x3a/0xa20 [ 857.549043] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 857.550086] kmem_cache_alloc+0x159/0x360 [ 857.550941] getname_flags.part.0+0x50/0x4f0 [ 857.551845] ? _copy_from_user+0xfb/0x1b0 [ 857.552693] user_path_at_empty+0xa1/0x100 [ 857.553560] __x64_sys_mount+0x1e9/0x300 [ 857.554394] ? copy_mnt_ns+0xa00/0xa00 23:51:00 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x500, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:00 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf0ffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 857.555198] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.556408] ? syscall_enter_from_user_mode+0x1d/0x50 [ 857.557467] do_syscall_64+0x33/0x40 [ 857.558229] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 857.559291] RIP: 0033:0x7fb012c72b19 [ 857.560061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 857.563807] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.565363] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 857.566818] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 857.568292] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 857.569751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 857.571206] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 857.590605] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:51:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 35) [ 857.597854] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 857.602192] FAULT_INJECTION: forcing a failure. [ 857.602192] name failslab, interval 1, probability 0, space 0, times 0 [ 857.604671] CPU: 1 PID: 6800 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 857.606096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 857.607826] Call Trace: [ 857.608380] dump_stack+0x107/0x167 [ 857.609141] should_fail.cold+0x5/0xa [ 857.609933] ? create_object.isra.0+0x3a/0xa20 [ 857.610884] should_failslab+0x5/0x20 [ 857.611663] kmem_cache_alloc+0x5b/0x360 [ 857.612492] create_object.isra.0+0x3a/0xa20 [ 857.613383] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 857.614414] kmem_cache_alloc+0x159/0x360 [ 857.615269] p9_client_prepare_req.part.0+0x3a/0xb30 [ 857.616309] p9_client_rpc+0x220/0x1210 [ 857.617123] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 857.618199] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 857.619138] ? snd_seq_poll+0x15b/0x2d0 [ 857.619963] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 857.621046] ? p9_fd_poll+0x1e0/0x2c0 [ 857.621823] ? p9_fd_create+0x357/0x4a0 [ 857.622617] ? p9_conn_create+0x510/0x510 [ 857.623454] ? p9_client_create+0x798/0x1090 [ 857.624353] ? kfree+0xd7/0x390 [ 857.625029] ? do_raw_spin_unlock+0x4f/0x220 [ 857.625919] p9_client_create+0xa76/0x1090 [ 857.626785] ? p9_client_flush+0x430/0x430 [ 857.627644] ? lockdep_init_map_type+0x2c7/0x780 [ 857.628616] ? rcu_read_lock_sched_held+0x3e/0x80 [ 857.629598] ? __raw_spin_lock_init+0x36/0x110 [ 857.630526] v9fs_session_init+0x1dd/0x16a0 [ 857.631413] ? kmem_cache_alloc_trace+0x151/0x360 [ 857.632402] ? v9fs_show_options+0x690/0x690 [ 857.633313] ? kasan_unpoison_shadow+0x33/0x50 [ 857.634238] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 857.635275] v9fs_mount+0x79/0x8f0 [ 857.636009] ? v9fs_write_inode+0x60/0x60 [ 857.636853] legacy_get_tree+0x105/0x220 [ 857.637678] vfs_get_tree+0x8e/0x300 [ 857.638434] path_mount+0x13be/0x20b0 [ 857.639215] ? strncpy_from_user+0x9e/0x470 [ 857.640109] ? finish_automount+0xa40/0xa40 [ 857.640983] ? getname_flags.part.0+0x1dd/0x4f0 [ 857.641921] ? _copy_from_user+0xfb/0x1b0 [ 857.642771] __x64_sys_mount+0x282/0x300 [ 857.643593] ? copy_mnt_ns+0xa00/0xa00 [ 857.644398] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.645459] ? syscall_enter_from_user_mode+0x1d/0x50 [ 857.646502] do_syscall_64+0x33/0x40 [ 857.647257] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 857.648299] RIP: 0033:0x7ff8f0c7cb19 [ 857.649053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 857.652788] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.654349] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 857.655832] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 857.657298] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 857.658749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 857.660215] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 857.665697] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 857.670648] FAT-fs (loop1): bogus number of reserved sectors [ 857.671920] FAT-fs (loop1): Can't find a valid FAT filesystem 23:51:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 30) 23:51:00 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 9) [ 857.699535] FAULT_INJECTION: forcing a failure. [ 857.699535] name failslab, interval 1, probability 0, space 0, times 0 [ 857.701858] CPU: 1 PID: 6806 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 857.703262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 857.704969] Call Trace: [ 857.705514] dump_stack+0x107/0x167 [ 857.706263] should_fail.cold+0x5/0xa [ 857.707063] should_failslab+0x5/0x20 [ 857.707865] __kmalloc_track_caller+0x79/0x3c0 [ 857.708792] ? match_number+0xaf/0x1d0 [ 857.709580] ? kfree+0xd7/0x390 [ 857.710255] kmemdup_nul+0x2d/0xa0 [ 857.710970] match_number+0xaf/0x1d0 [ 857.711735] ? match_u64+0x190/0x190 [ 857.712531] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 857.713627] ? memcpy+0x39/0x60 [ 857.714374] parse_opts.part.0+0x1f3/0x340 [ 857.715343] ? p9_fd_show_options+0x1c0/0x1c0 [ 857.716377] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.717550] ? trace_hardirqs_on+0x5b/0x180 [ 857.718528] ? kfree+0xd7/0x390 [ 857.719279] p9_fd_create+0x98/0x4a0 [ 857.720151] ? p9_conn_create+0x510/0x510 [ 857.721079] ? p9_client_create+0x798/0x1090 [ 857.721902] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 857.722063] ? kfree+0xd7/0x390 [ 857.722084] ? do_raw_spin_unlock+0x4f/0x220 [ 857.722125] p9_client_create+0x7ff/0x1090 [ 857.726840] ? p9_client_flush+0x430/0x430 [ 857.727818] ? lockdep_init_map_type+0x2c7/0x780 [ 857.728881] ? rcu_read_lock_sched_held+0x3e/0x80 [ 857.729968] ? __raw_spin_lock_init+0x36/0x110 [ 857.731001] v9fs_session_init+0x1dd/0x16a0 [ 857.732004] ? kmem_cache_alloc_trace+0x151/0x360 [ 857.733086] ? v9fs_show_options+0x690/0x690 [ 857.734092] ? kasan_unpoison_shadow+0x33/0x50 [ 857.735119] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 857.736278] v9fs_mount+0x79/0x8f0 [ 857.737083] ? v9fs_write_inode+0x60/0x60 [ 857.738014] legacy_get_tree+0x105/0x220 [ 857.738938] vfs_get_tree+0x8e/0x300 [ 857.739787] path_mount+0x13be/0x20b0 [ 857.740650] ? strncpy_from_user+0x9e/0x470 [ 857.741626] ? finish_automount+0xa40/0xa40 [ 857.742599] ? getname_flags.part.0+0x1dd/0x4f0 [ 857.743640] ? _copy_from_user+0xfb/0x1b0 [ 857.744635] __x64_sys_mount+0x282/0x300 [ 857.745551] ? copy_mnt_ns+0xa00/0xa00 [ 857.746442] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.747660] ? syscall_enter_from_user_mode+0x1d/0x50 [ 857.748865] do_syscall_64+0x33/0x40 [ 857.749724] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 857.750891] RIP: 0033:0x7fbdabcfab19 [ 857.751760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 857.756017] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.757770] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 857.759410] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 857.761057] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 857.762693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 857.764341] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 857.766178] 9pnet: Insufficient options for proto=fd 23:51:00 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x1000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 857.827148] FAULT_INJECTION: forcing a failure. [ 857.827148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 857.829939] CPU: 1 PID: 6809 Comm: syz-executor.3 Not tainted 5.10.161 #1 23:51:00 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 857.831512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 857.833406] Call Trace: [ 857.833834] dump_stack+0x107/0x167 [ 857.834402] should_fail.cold+0x5/0xa [ 857.834993] strncpy_from_user+0x34/0x470 [ 857.835640] getname_flags.part.0+0x95/0x4f0 [ 857.836341] ? _copy_from_user+0xfb/0x1b0 [ 857.836983] user_path_at_empty+0xa1/0x100 [ 857.837649] __x64_sys_mount+0x1e9/0x300 [ 857.838286] ? copy_mnt_ns+0xa00/0xa00 [ 857.838907] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 857.839735] ? syscall_enter_from_user_mode+0x1d/0x50 [ 857.840578] do_syscall_64+0x33/0x40 [ 857.841157] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 857.842026] RIP: 0033:0x7fb012c72b19 [ 857.842611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 857.845687] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.846984] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 857.848184] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 857.849348] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 857.850507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 857.851696] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 857.893277] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. 23:51:13 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 10) 23:51:13 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000d09e2ad9ffd4e07889e382"], 0x28}}, 0x0) 23:51:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240", 0x12}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:51:13 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x600, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:13 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 36) 23:51:13 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 31) 23:51:13 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x2000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:13 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 870.519629] FAULT_INJECTION: forcing a failure. [ 870.519629] name failslab, interval 1, probability 0, space 0, times 0 [ 870.522039] CPU: 1 PID: 6835 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 870.523439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 870.525155] Call Trace: [ 870.525702] dump_stack+0x107/0x167 [ 870.526458] should_fail.cold+0x5/0xa [ 870.527241] ? create_object.isra.0+0x3a/0xa20 [ 870.528178] should_failslab+0x5/0x20 [ 870.528950] kmem_cache_alloc+0x5b/0x360 [ 870.529778] create_object.isra.0+0x3a/0xa20 [ 870.530672] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 870.531709] __kmalloc_track_caller+0x177/0x3c0 [ 870.532658] ? match_number+0xaf/0x1d0 [ 870.533459] kmemdup_nul+0x2d/0xa0 [ 870.534180] match_number+0xaf/0x1d0 [ 870.534933] ? match_u64+0x190/0x190 [ 870.535689] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 870.536675] ? memcpy+0x39/0x60 [ 870.537356] parse_opts.part.0+0x1f3/0x340 [ 870.538216] ? p9_fd_show_options+0x1c0/0x1c0 [ 870.539132] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 870.540205] ? trace_hardirqs_on+0x5b/0x180 [ 870.541079] ? kfree+0xd7/0x390 [ 870.541756] p9_fd_create+0x98/0x4a0 [ 870.542511] ? p9_conn_create+0x510/0x510 [ 870.543351] ? p9_client_create+0x798/0x1090 [ 870.544258] ? kfree+0xd7/0x390 [ 870.544930] ? do_raw_spin_unlock+0x4f/0x220 [ 870.545821] p9_client_create+0x7ff/0x1090 [ 870.546681] ? p9_client_flush+0x430/0x430 [ 870.547546] ? lockdep_init_map_type+0x2c7/0x780 [ 870.548513] ? rcu_read_lock_sched_held+0x3e/0x80 [ 870.549498] ? __raw_spin_lock_init+0x36/0x110 [ 870.550437] v9fs_session_init+0x1dd/0x16a0 [ 870.551329] ? kmem_cache_alloc_trace+0x151/0x360 [ 870.552319] ? v9fs_show_options+0x690/0x690 [ 870.553239] ? kasan_unpoison_shadow+0x33/0x50 [ 870.554167] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 870.555192] v9fs_mount+0x79/0x8f0 [ 870.555934] ? v9fs_write_inode+0x60/0x60 [ 870.556771] legacy_get_tree+0x105/0x220 [ 870.557601] vfs_get_tree+0x8e/0x300 [ 870.558353] path_mount+0x13be/0x20b0 [ 870.559132] ? strncpy_from_user+0x9e/0x470 [ 870.560025] ? finish_automount+0xa40/0xa40 [ 870.560911] ? getname_flags.part.0+0x1dd/0x4f0 [ 870.561848] ? _copy_from_user+0xfb/0x1b0 [ 870.562695] __x64_sys_mount+0x282/0x300 [ 870.563517] ? copy_mnt_ns+0xa00/0xa00 [ 870.564328] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 870.565385] ? syscall_enter_from_user_mode+0x1d/0x50 [ 870.566450] do_syscall_64+0x33/0x40 [ 870.567208] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 870.568277] RIP: 0033:0x7fbdabcfab19 [ 870.569040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.572805] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 870.574337] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 870.575782] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 870.577257] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 870.578701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.580189] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 870.586914] FAULT_INJECTION: forcing a failure. [ 870.586914] name failslab, interval 1, probability 0, space 0, times 0 [ 870.589252] CPU: 1 PID: 6838 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 870.590663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 870.592364] Call Trace: [ 870.592900] dump_stack+0x107/0x167 [ 870.593649] should_fail.cold+0x5/0xa [ 870.594423] ? p9_fcall_init+0x97/0x210 [ 870.595243] should_failslab+0x5/0x20 [ 870.596022] __kmalloc+0x72/0x3f0 [ 870.596733] p9_fcall_init+0x97/0x210 [ 870.597509] p9_client_prepare_req.part.0+0x8c/0xb30 [ 870.598543] p9_client_rpc+0x220/0x1210 [ 870.599359] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 870.600462] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 870.601415] ? snd_seq_poll+0x15b/0x2d0 [ 870.602222] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 870.603321] ? p9_fd_poll+0x1e0/0x2c0 [ 870.604106] ? p9_fd_create+0x357/0x4a0 [ 870.604922] ? p9_conn_create+0x510/0x510 [ 870.605757] ? p9_client_create+0x798/0x1090 [ 870.606647] ? kfree+0xd7/0x390 [ 870.607316] ? do_raw_spin_unlock+0x4f/0x220 [ 870.608233] p9_client_create+0xa76/0x1090 [ 870.609104] ? p9_client_flush+0x430/0x430 [ 870.609968] ? lockdep_init_map_type+0x2c7/0x780 [ 870.610930] ? rcu_read_lock_sched_held+0x3e/0x80 [ 870.611920] ? __raw_spin_lock_init+0x36/0x110 [ 870.612855] v9fs_session_init+0x1dd/0x16a0 [ 870.613746] ? kmem_cache_alloc_trace+0x151/0x360 [ 870.614720] ? v9fs_show_options+0x690/0x690 [ 870.615628] ? kasan_unpoison_shadow+0x33/0x50 [ 870.616602] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 870.617635] v9fs_mount+0x79/0x8f0 [ 870.618359] ? v9fs_write_inode+0x60/0x60 [ 870.619200] legacy_get_tree+0x105/0x220 [ 870.620046] vfs_get_tree+0x8e/0x300 [ 870.620811] path_mount+0x13be/0x20b0 [ 870.621610] ? strncpy_from_user+0x9e/0x470 [ 870.622498] ? finish_automount+0xa40/0xa40 [ 870.623394] ? getname_flags.part.0+0x1dd/0x4f0 [ 870.624395] ? _copy_from_user+0xfb/0x1b0 [ 870.625292] __x64_sys_mount+0x282/0x300 [ 870.626159] ? copy_mnt_ns+0xa00/0xa00 [ 870.626992] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 870.628100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 870.629160] do_syscall_64+0x33/0x40 [ 870.629925] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 870.630970] RIP: 0033:0x7ff8f0c7cb19 [ 870.631732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.635504] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 870.637078] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 870.638545] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 870.640003] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 870.641468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.642905] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 870.645361] FAULT_INJECTION: forcing a failure. [ 870.645361] name failslab, interval 1, probability 0, space 0, times 0 [ 870.647808] CPU: 1 PID: 6836 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 870.649225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 870.650904] Call Trace: [ 870.651442] dump_stack+0x107/0x167 [ 870.652203] should_fail.cold+0x5/0xa [ 870.652980] ? alloc_fs_context+0x57/0x840 [ 870.653842] should_failslab+0x5/0x20 [ 870.654614] kmem_cache_alloc_trace+0x55/0x360 [ 870.655548] alloc_fs_context+0x57/0x840 [ 870.656389] path_mount+0xa72/0x20b0 [ 870.657147] ? strncpy_from_user+0x9e/0x470 [ 870.658070] ? finish_automount+0xa40/0xa40 [ 870.658952] ? getname_flags.part.0+0x1dd/0x4f0 [ 870.659921] ? _copy_from_user+0xfb/0x1b0 [ 870.660773] __x64_sys_mount+0x282/0x300 [ 870.661604] ? copy_mnt_ns+0xa00/0xa00 [ 870.662406] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 870.663490] ? syscall_enter_from_user_mode+0x1d/0x50 [ 870.664550] do_syscall_64+0x33/0x40 [ 870.665305] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 870.666338] RIP: 0033:0x7fb012c72b19 [ 870.667097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.670847] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 870.672418] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 870.673876] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 870.675322] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 870.676790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.678250] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:51:13 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:51:13 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x3000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 870.697624] FAT-fs (loop1): invalid media value (0x00) [ 870.698890] FAT-fs (loop1): Can't find a valid FAT filesystem [ 870.709127] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 870.730189] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 883.400524] FAULT_INJECTION: forcing a failure. [ 883.400524] name failslab, interval 1, probability 0, space 0, times 0 23:51:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:51:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 37) 23:51:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 11) [ 883.401810] CPU: 1 PID: 6853 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 883.402730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 883.403629] Call Trace: [ 883.403918] dump_stack+0x107/0x167 [ 883.404334] should_fail.cold+0x5/0xa [ 883.404760] ? create_object.isra.0+0x3a/0xa20 [ 883.405253] should_failslab+0x5/0x20 [ 883.405679] kmem_cache_alloc+0x5b/0x360 [ 883.406138] create_object.isra.0+0x3a/0xa20 [ 883.406637] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.407186] kmem_cache_alloc_trace+0x151/0x360 [ 883.407721] alloc_fs_context+0x57/0x840 [ 883.408169] path_mount+0xa72/0x20b0 [ 883.408598] ? strncpy_from_user+0x9e/0x470 [ 883.409100] ? finish_automount+0xa40/0xa40 [ 883.409691] ? getname_flags.part.0+0x1dd/0x4f0 [ 883.410288] ? _copy_from_user+0xfb/0x1b0 [ 883.410797] __x64_sys_mount+0x282/0x300 [ 883.411364] ? copy_mnt_ns+0xa00/0xa00 [ 883.411954] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 883.412710] ? syscall_enter_from_user_mode+0x1d/0x50 [ 883.413482] do_syscall_64+0x33/0x40 [ 883.413996] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 883.414730] RIP: 0033:0x7fb012c72b19 [ 883.415268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.416470] FAULT_INJECTION: forcing a failure. [ 883.416470] name failslab, interval 1, probability 0, space 0, times 0 [ 883.417874] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 883.417891] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 883.417899] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 883.417913] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 883.423355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.424158] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 883.424972] CPU: 0 PID: 6857 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 883.426148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 883.427560] Call Trace: [ 883.428034] dump_stack+0x107/0x167 [ 883.428662] should_fail.cold+0x5/0xa [ 883.429316] ? p9_fd_create+0x161/0x4a0 [ 883.429998] should_failslab+0x5/0x20 [ 883.430653] kmem_cache_alloc_trace+0x55/0x360 [ 883.431436] p9_fd_create+0x161/0x4a0 [ 883.432098] ? p9_conn_create+0x510/0x510 [ 883.432803] ? p9_client_create+0x798/0x1090 [ 883.433553] ? kfree+0xd7/0x390 [ 883.434123] ? do_raw_spin_unlock+0x4f/0x220 [ 883.434883] p9_client_create+0x7ff/0x1090 [ 883.435613] ? p9_client_flush+0x430/0x430 23:51:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 32) 23:51:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x700, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240", 0x12}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:51:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:51:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x4000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 883.436345] ? lockdep_init_map_type+0x2c7/0x780 [ 883.437302] ? rcu_read_lock_sched_held+0x3e/0x80 [ 883.438130] ? __raw_spin_lock_init+0x36/0x110 [ 883.438918] v9fs_session_init+0x1dd/0x16a0 [ 883.439664] ? kmem_cache_alloc_trace+0x151/0x360 [ 883.440499] ? v9fs_show_options+0x690/0x690 [ 883.441263] ? kasan_unpoison_shadow+0x33/0x50 [ 883.442025] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.442887] v9fs_mount+0x79/0x8f0 [ 883.443500] ? v9fs_write_inode+0x60/0x60 [ 883.444215] legacy_get_tree+0x105/0x220 [ 883.444913] vfs_get_tree+0x8e/0x300 [ 883.445550] path_mount+0x13be/0x20b0 [ 883.446208] ? strncpy_from_user+0x9e/0x470 [ 883.446509] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 883.446948] ? finish_automount+0xa40/0xa40 [ 883.446969] ? getname_flags.part.0+0x1dd/0x4f0 [ 883.449358] ? _copy_from_user+0xfb/0x1b0 [ 883.450072] __x64_sys_mount+0x282/0x300 [ 883.450760] ? copy_mnt_ns+0xa00/0xa00 [ 883.451427] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 883.452331] ? syscall_enter_from_user_mode+0x1d/0x50 [ 883.453209] do_syscall_64+0x33/0x40 [ 883.453844] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 883.454719] RIP: 0033:0x7fbdabcfab19 [ 883.455353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.458461] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 883.459754] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 883.460962] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 883.462176] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 883.463392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.464620] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 883.471236] FAULT_INJECTION: forcing a failure. [ 883.471236] name failslab, interval 1, probability 0, space 0, times 0 [ 883.472532] CPU: 1 PID: 6863 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 883.473289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 883.474213] Call Trace: [ 883.474514] dump_stack+0x107/0x167 [ 883.474930] should_fail.cold+0x5/0xa [ 883.475359] ? legacy_init_fs_context+0x44/0xe0 23:51:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 12) [ 883.475946] should_failslab+0x5/0x20 [ 883.476501] kmem_cache_alloc_trace+0x55/0x360 [ 883.477023] ? lockdep_init_map_type+0x2c7/0x780 [ 883.477555] legacy_init_fs_context+0x44/0xe0 [ 883.478053] ? generic_parse_monolithic+0x1f0/0x1f0 [ 883.478611] alloc_fs_context+0x4f8/0x840 [ 883.479076] path_mount+0xa72/0x20b0 [ 883.479496] ? strncpy_from_user+0x9e/0x470 [ 883.479974] ? finish_automount+0xa40/0xa40 [ 883.480469] ? getname_flags.part.0+0x1dd/0x4f0 [ 883.480987] ? _copy_from_user+0xfb/0x1b0 [ 883.481455] __x64_sys_mount+0x282/0x300 [ 883.481911] ? copy_mnt_ns+0xa00/0xa00 [ 883.482350] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 883.482934] ? syscall_enter_from_user_mode+0x1d/0x50 [ 883.483506] do_syscall_64+0x33/0x40 [ 883.483920] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 883.484503] RIP: 0033:0x7fb012c72b19 [ 883.484927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.486973] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 883.487823] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 883.488632] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 883.489429] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 883.490222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.491014] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 883.503185] FAULT_INJECTION: forcing a failure. [ 883.503185] name failslab, interval 1, probability 0, space 0, times 0 [ 883.505163] CPU: 0 PID: 6861 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 883.506377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 883.507838] Call Trace: [ 883.508324] dump_stack+0x107/0x167 [ 883.508965] should_fail.cold+0x5/0xa [ 883.509623] ? create_object.isra.0+0x3a/0xa20 [ 883.510418] should_failslab+0x5/0x20 [ 883.511077] kmem_cache_alloc+0x5b/0x360 [ 883.511787] create_object.isra.0+0x3a/0xa20 [ 883.512557] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.513423] __kmalloc+0x16e/0x3f0 [ 883.514033] p9_fcall_init+0x97/0x210 [ 883.514689] p9_client_prepare_req.part.0+0x8c/0xb30 [ 883.515558] p9_client_rpc+0x220/0x1210 [ 883.516265] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 883.517177] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 883.517970] ? snd_seq_poll+0x15b/0x2d0 [ 883.518649] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 883.519576] ? p9_fd_poll+0x1e0/0x2c0 [ 883.520247] ? p9_fd_create+0x357/0x4a0 [ 883.520922] ? p9_conn_create+0x510/0x510 [ 883.521627] ? p9_client_create+0x798/0x1090 [ 883.522372] ? kfree+0xd7/0x390 23:51:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 13) [ 883.522937] ? do_raw_spin_unlock+0x4f/0x220 [ 883.523790] p9_client_create+0xa76/0x1090 [ 883.524533] ? p9_client_flush+0x430/0x430 [ 883.525259] ? lockdep_init_map_type+0x2c7/0x780 [ 883.526064] ? rcu_read_lock_sched_held+0x3e/0x80 [ 883.526887] ? __raw_spin_lock_init+0x36/0x110 [ 883.527675] v9fs_session_init+0x1dd/0x16a0 [ 883.528428] ? kmem_cache_alloc_trace+0x151/0x360 [ 883.529247] ? v9fs_show_options+0x690/0x690 [ 883.529991] ? kasan_unpoison_shadow+0x33/0x50 [ 883.530764] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.531634] v9fs_mount+0x79/0x8f0 [ 883.532255] ? v9fs_write_inode+0x60/0x60 [ 883.532951] legacy_get_tree+0x105/0x220 [ 883.533643] vfs_get_tree+0x8e/0x300 23:51:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 33) 23:51:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x5000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 883.534300] path_mount+0x13be/0x20b0 [ 883.534985] ? strncpy_from_user+0x9e/0x470 [ 883.535733] ? finish_automount+0xa40/0xa40 [ 883.536481] ? getname_flags.part.0+0x1dd/0x4f0 [ 883.537273] ? _copy_from_user+0xfb/0x1b0 [ 883.537982] __x64_sys_mount+0x282/0x300 [ 883.538665] ? copy_mnt_ns+0xa00/0xa00 [ 883.539320] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 883.540224] ? syscall_enter_from_user_mode+0x1d/0x50 [ 883.541101] do_syscall_64+0x33/0x40 [ 883.541739] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 883.542620] RIP: 0033:0x7ff8f0c7cb19 [ 883.543257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.545691] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 883.546386] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 883.549005] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 883.550171] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 883.551353] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 883.552550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.553758] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 883.555723] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 883.560633] FAT-fs (loop1): invalid media value (0x00) [ 883.561615] FAT-fs (loop1): Can't find a valid FAT filesystem 23:51:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x900, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 883.598058] FAULT_INJECTION: forcing a failure. [ 883.598058] name failslab, interval 1, probability 0, space 0, times 0 [ 883.600046] CPU: 0 PID: 6875 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 883.601221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 883.602629] Call Trace: [ 883.602827] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 883.603084] dump_stack+0x107/0x167 [ 883.603102] should_fail.cold+0x5/0xa [ 883.605264] ? create_object.isra.0+0x3a/0xa20 [ 883.606039] should_failslab+0x5/0x20 [ 883.606680] kmem_cache_alloc+0x5b/0x360 [ 883.607366] create_object.isra.0+0x3a/0xa20 [ 883.608131] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.608999] kmem_cache_alloc_trace+0x151/0x360 [ 883.609797] ? lockdep_init_map_type+0x2c7/0x780 [ 883.610599] legacy_init_fs_context+0x44/0xe0 [ 883.611364] ? generic_parse_monolithic+0x1f0/0x1f0 [ 883.612219] alloc_fs_context+0x4f8/0x840 [ 883.612931] path_mount+0xa72/0x20b0 [ 883.613568] ? strncpy_from_user+0x9e/0x470 [ 883.614298] ? finish_automount+0xa40/0xa40 [ 883.615045] ? getname_flags.part.0+0x1dd/0x4f0 [ 883.615843] ? _copy_from_user+0xfb/0x1b0 [ 883.616583] __x64_sys_mount+0x282/0x300 [ 883.617272] ? copy_mnt_ns+0xa00/0xa00 [ 883.617932] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 883.618822] ? syscall_enter_from_user_mode+0x1d/0x50 [ 883.619702] do_syscall_64+0x33/0x40 [ 883.620339] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 883.621209] RIP: 0033:0x7fb012c72b19 [ 883.621838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.624967] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 883.626251] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 883.627455] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 883.628636] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 883.629807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.630978] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 883.643047] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 883.663373] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 883.676509] FAULT_INJECTION: forcing a failure. [ 883.676509] name failslab, interval 1, probability 0, space 0, times 0 [ 883.678817] CPU: 0 PID: 6885 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 883.679968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 883.681369] Call Trace: [ 883.681826] dump_stack+0x107/0x167 [ 883.682450] should_fail.cold+0x5/0xa [ 883.683099] ? create_object.isra.0+0x3a/0xa20 [ 883.683872] should_failslab+0x5/0x20 [ 883.684537] kmem_cache_alloc+0x5b/0x360 [ 883.685234] ? p9_fd_show_options+0x1c0/0x1c0 [ 883.686000] create_object.isra.0+0x3a/0xa20 [ 883.686746] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.687614] kmem_cache_alloc_trace+0x151/0x360 [ 883.688417] p9_fd_create+0x161/0x4a0 [ 883.689066] ? p9_conn_create+0x510/0x510 [ 883.689777] ? p9_client_create+0x798/0x1090 [ 883.690533] ? kfree+0xd7/0x390 [ 883.691098] ? do_raw_spin_unlock+0x4f/0x220 [ 883.691859] p9_client_create+0x7ff/0x1090 [ 883.692598] ? p9_client_flush+0x430/0x430 [ 883.693337] ? lockdep_init_map_type+0x2c7/0x780 [ 883.694139] ? rcu_read_lock_sched_held+0x3e/0x80 [ 883.694999] ? __raw_spin_lock_init+0x36/0x110 [ 883.695785] v9fs_session_init+0x1dd/0x16a0 [ 883.696536] ? kmem_cache_alloc_trace+0x151/0x360 [ 883.697365] ? v9fs_show_options+0x690/0x690 [ 883.698128] ? kasan_unpoison_shadow+0x33/0x50 [ 883.698903] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 883.699765] v9fs_mount+0x79/0x8f0 [ 883.700389] ? v9fs_write_inode+0x60/0x60 [ 883.701099] legacy_get_tree+0x105/0x220 [ 883.701811] vfs_get_tree+0x8e/0x300 [ 883.702442] path_mount+0x13be/0x20b0 [ 883.703096] ? strncpy_from_user+0x9e/0x470 [ 883.703838] ? finish_automount+0xa40/0xa40 [ 883.704594] ? getname_flags.part.0+0x1dd/0x4f0 [ 883.705387] ? _copy_from_user+0xfb/0x1b0 [ 883.706105] __x64_sys_mount+0x282/0x300 [ 883.706806] ? copy_mnt_ns+0xa00/0xa00 [ 883.707481] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 883.708383] ? syscall_enter_from_user_mode+0x1d/0x50 [ 883.709258] do_syscall_64+0x33/0x40 [ 883.709895] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 883.710785] RIP: 0033:0x7fbdabcfab19 [ 883.711513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.714651] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 883.715942] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 883.717167] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 883.718377] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 883.719585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.720805] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 883.732774] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 895.158003] FAT-fs (loop1): invalid media value (0x00) [ 895.159255] FAT-fs (loop1): Can't find a valid FAT filesystem 23:51:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 34) 23:51:37 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 38) 23:51:37 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x6000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:51:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240", 0x12}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:51:37 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf00, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 14) 23:51:37 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 895.206443] FAULT_INJECTION: forcing a failure. [ 895.206443] name failslab, interval 1, probability 0, space 0, times 0 [ 895.208964] CPU: 0 PID: 6907 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 895.209258] FAULT_INJECTION: forcing a failure. [ 895.209258] name failslab, interval 1, probability 0, space 0, times 0 [ 895.210407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 895.210414] Call Trace: [ 895.210439] dump_stack+0x107/0x167 [ 895.210461] should_fail.cold+0x5/0xa [ 895.210483] ? p9_fcall_init+0x97/0x210 [ 895.217379] should_failslab+0x5/0x20 [ 895.218158] __kmalloc+0x72/0x3f0 [ 895.218898] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.219955] p9_fcall_init+0x97/0x210 [ 895.220773] p9_client_prepare_req.part.0+0xf4/0xb30 [ 895.221837] p9_client_rpc+0x220/0x1210 [ 895.222667] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 895.223772] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 895.224751] ? snd_seq_poll+0x15b/0x2d0 [ 895.225577] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 895.226704] ? p9_fd_poll+0x1e0/0x2c0 [ 895.227510] ? p9_fd_create+0x357/0x4a0 [ 895.228345] ? p9_conn_create+0x510/0x510 [ 895.229200] ? p9_client_create+0x798/0x1090 [ 895.230107] ? kfree+0xd7/0x390 [ 895.230940] ? do_raw_spin_unlock+0x4f/0x220 [ 895.232113] p9_client_create+0xa76/0x1090 [ 895.233255] ? p9_client_flush+0x430/0x430 [ 895.234389] ? lockdep_init_map_type+0x2c7/0x780 [ 895.235469] ? rcu_read_lock_sched_held+0x3e/0x80 [ 895.236503] ? __raw_spin_lock_init+0x36/0x110 [ 895.237485] v9fs_session_init+0x1dd/0x16a0 [ 895.238425] ? kmem_cache_alloc_trace+0x151/0x360 [ 895.239458] ? v9fs_show_options+0x690/0x690 [ 895.240423] ? kasan_unpoison_shadow+0x33/0x50 [ 895.241398] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.242497] v9fs_mount+0x79/0x8f0 [ 895.243260] ? v9fs_write_inode+0x60/0x60 [ 895.244121] legacy_get_tree+0x105/0x220 [ 895.245003] vfs_get_tree+0x8e/0x300 [ 895.245797] path_mount+0x13be/0x20b0 [ 895.246620] ? strncpy_from_user+0x9e/0x470 [ 895.247526] ? finish_automount+0xa40/0xa40 [ 895.248461] ? getname_flags.part.0+0x1dd/0x4f0 [ 895.249434] ? _copy_from_user+0xfb/0x1b0 [ 895.250329] __x64_sys_mount+0x282/0x300 [ 895.251171] ? copy_mnt_ns+0xa00/0xa00 [ 895.252004] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 895.253138] ? syscall_enter_from_user_mode+0x1d/0x50 [ 895.254265] do_syscall_64+0x33/0x40 [ 895.255044] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 895.256128] RIP: 0033:0x7ff8f0c7cb19 [ 895.256933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.260856] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 895.262488] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 895.263998] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 895.265532] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 895.267046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.268566] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 895.270092] CPU: 1 PID: 6910 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 895.270359] FAULT_INJECTION: forcing a failure. [ 895.270359] name failslab, interval 1, probability 0, space 0, times 0 [ 895.271485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 895.271491] Call Trace: [ 895.271513] dump_stack+0x107/0x167 [ 895.271536] should_fail.cold+0x5/0xa [ 895.277503] ? p9_client_prepare_req.part.0+0x3a/0xb30 [ 895.278565] should_failslab+0x5/0x20 [ 895.279340] kmem_cache_alloc+0x5b/0x360 [ 895.280166] ? p9_pollwait+0x1a7/0x210 [ 895.280965] p9_client_prepare_req.part.0+0x3a/0xb30 [ 895.282015] p9_client_rpc+0x220/0x1210 [ 895.282840] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 895.283920] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 895.284884] ? snd_seq_poll+0x15b/0x2d0 [ 895.285695] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 895.286789] ? p9_fd_poll+0x1e0/0x2c0 [ 895.287566] ? p9_fd_create+0x357/0x4a0 [ 895.288380] ? p9_conn_create+0x510/0x510 [ 895.289218] ? p9_client_create+0x798/0x1090 [ 895.290107] ? kfree+0xd7/0x390 [ 895.290774] ? do_raw_spin_unlock+0x4f/0x220 [ 895.291665] p9_client_create+0xa76/0x1090 [ 895.292539] ? p9_client_flush+0x430/0x430 [ 895.293413] ? lockdep_init_map_type+0x2c7/0x780 [ 895.294372] ? rcu_read_lock_sched_held+0x3e/0x80 [ 895.295355] ? __raw_spin_lock_init+0x36/0x110 [ 895.296300] v9fs_session_init+0x1dd/0x16a0 [ 895.297181] ? kmem_cache_alloc_trace+0x151/0x360 [ 895.298161] ? v9fs_show_options+0x690/0x690 [ 895.299069] ? kasan_unpoison_shadow+0x33/0x50 [ 895.299996] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.301036] v9fs_mount+0x79/0x8f0 [ 895.301764] ? v9fs_write_inode+0x60/0x60 [ 895.302602] legacy_get_tree+0x105/0x220 [ 895.303432] vfs_get_tree+0x8e/0x300 [ 895.304203] path_mount+0x13be/0x20b0 [ 895.304985] ? strncpy_from_user+0x9e/0x470 [ 895.305862] ? finish_automount+0xa40/0xa40 [ 895.306744] ? getname_flags.part.0+0x1dd/0x4f0 [ 895.307679] ? _copy_from_user+0xfb/0x1b0 [ 895.308539] __x64_sys_mount+0x282/0x300 [ 895.309363] ? copy_mnt_ns+0xa00/0xa00 [ 895.310168] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 895.311229] ? syscall_enter_from_user_mode+0x1d/0x50 [ 895.312283] do_syscall_64+0x33/0x40 [ 895.313040] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 895.314078] RIP: 0033:0x7fbdabcfab19 [ 895.314835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.318633] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 895.320188] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 895.321635] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 895.323077] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 895.324531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.325965] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 895.327437] CPU: 0 PID: 6912 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 895.328916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 895.330679] Call Trace: [ 895.331246] dump_stack+0x107/0x167 [ 895.332008] should_fail.cold+0x5/0xa [ 895.332895] ? v9fs_mount+0x5a/0x8f0 [ 895.333894] should_failslab+0x5/0x20 [ 895.334907] kmem_cache_alloc_trace+0x55/0x360 [ 895.336017] ? v9fs_write_inode+0x60/0x60 [ 895.336914] v9fs_mount+0x5a/0x8f0 [ 895.337672] ? v9fs_write_inode+0x60/0x60 [ 895.338556] legacy_get_tree+0x105/0x220 [ 895.339430] vfs_get_tree+0x8e/0x300 [ 895.340246] path_mount+0x13be/0x20b0 [ 895.341044] ? strncpy_from_user+0x9e/0x470 [ 895.341961] ? finish_automount+0xa40/0xa40 [ 895.342874] ? getname_flags.part.0+0x1dd/0x4f0 [ 895.343865] ? _copy_from_user+0xfb/0x1b0 [ 895.344780] __x64_sys_mount+0x282/0x300 [ 895.345642] ? copy_mnt_ns+0xa00/0xa00 [ 895.346468] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 895.347583] ? syscall_enter_from_user_mode+0x1d/0x50 [ 895.348680] do_syscall_64+0x33/0x40 [ 895.349476] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 895.350550] RIP: 0033:0x7fb012c72b19 [ 895.351346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.355184] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 895.356828] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 895.358336] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 895.359857] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 895.361387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.362884] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:51:38 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x7000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:38 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xe100, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:38 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21010000000000000000060000000800", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:51:38 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006000000"], 0x28}}, 0x0) 23:51:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 35) 23:51:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000", 0x15}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 895.458738] FAT-fs (loop1): invalid media value (0x00) [ 895.459931] FAT-fs (loop1): Can't find a valid FAT filesystem 23:51:38 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 39) 23:51:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000", 0x15}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:51:38 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 15) [ 895.534501] FAULT_INJECTION: forcing a failure. [ 895.534501] name failslab, interval 1, probability 0, space 0, times 0 [ 895.537239] CPU: 0 PID: 6929 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 895.539152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 895.541075] Call Trace: [ 895.541819] dump_stack+0x107/0x167 [ 895.542669] should_fail.cold+0x5/0xa [ 895.543736] ? create_object.isra.0+0x3a/0xa20 [ 895.544828] should_failslab+0x5/0x20 [ 895.545711] kmem_cache_alloc+0x5b/0x360 [ 895.546655] create_object.isra.0+0x3a/0xa20 [ 895.547882] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.549069] kmem_cache_alloc+0x159/0x360 [ 895.550239] p9_client_prepare_req.part.0+0x3a/0xb30 [ 895.551420] p9_client_rpc+0x220/0x1210 [ 895.552546] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 895.553773] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 895.555062] ? snd_seq_poll+0x15b/0x2d0 [ 895.555987] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 895.557508] ? p9_fd_poll+0x1e0/0x2c0 [ 895.558399] ? p9_fd_create+0x357/0x4a0 [ 895.559505] ? p9_conn_create+0x510/0x510 [ 895.560476] ? p9_client_create+0x798/0x1090 [ 895.561665] ? kfree+0xd7/0x390 [ 895.562437] ? do_raw_spin_unlock+0x4f/0x220 [ 895.563453] p9_client_create+0xa76/0x1090 [ 895.564459] ? p9_client_flush+0x430/0x430 [ 895.565460] ? lockdep_init_map_type+0x2c7/0x780 [ 895.566544] ? rcu_read_lock_sched_held+0x3e/0x80 [ 895.567656] ? __raw_spin_lock_init+0x36/0x110 [ 895.568722] v9fs_session_init+0x1dd/0x16a0 [ 895.569730] ? kmem_cache_alloc_trace+0x151/0x360 [ 895.570838] ? v9fs_show_options+0x690/0x690 [ 895.571860] ? kasan_unpoison_shadow+0x33/0x50 [ 895.572914] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.574079] v9fs_mount+0x79/0x8f0 [ 895.574903] ? v9fs_write_inode+0x60/0x60 [ 895.575850] legacy_get_tree+0x105/0x220 [ 895.576770] vfs_get_tree+0x8e/0x300 [ 895.577541] path_mount+0x13be/0x20b0 [ 895.578328] ? strncpy_from_user+0x9e/0x470 [ 895.579214] ? finish_automount+0xa40/0xa40 [ 895.580104] ? getname_flags.part.0+0x1dd/0x4f0 [ 895.581065] ? _copy_from_user+0xfb/0x1b0 [ 895.581932] __x64_sys_mount+0x282/0x300 [ 895.582767] ? copy_mnt_ns+0xa00/0xa00 [ 895.583576] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 895.584659] ? syscall_enter_from_user_mode+0x1d/0x50 [ 895.585724] do_syscall_64+0x33/0x40 [ 895.586479] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 895.587534] RIP: 0033:0x7fbdabcfab19 [ 895.588313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.592396] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 895.594144] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 895.595779] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 895.597429] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 895.599071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.600731] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 895.603921] FAULT_INJECTION: forcing a failure. [ 895.603921] name failslab, interval 1, probability 0, space 0, times 0 [ 895.606279] CPU: 1 PID: 6928 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 895.607673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 895.609387] Call Trace: [ 895.609941] dump_stack+0x107/0x167 [ 895.610697] should_fail.cold+0x5/0xa [ 895.611496] ? create_object.isra.0+0x3a/0xa20 [ 895.612439] should_failslab+0x5/0x20 [ 895.613216] kmem_cache_alloc+0x5b/0x360 [ 895.614053] create_object.isra.0+0x3a/0xa20 [ 895.614950] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.615978] __kmalloc+0x16e/0x3f0 [ 895.616729] p9_fcall_init+0x97/0x210 [ 895.617497] p9_client_prepare_req.part.0+0xf4/0xb30 [ 895.618533] p9_client_rpc+0x220/0x1210 [ 895.619341] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 895.620428] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 895.621371] ? snd_seq_poll+0x15b/0x2d0 [ 895.622176] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 895.623268] ? p9_fd_poll+0x1e0/0x2c0 [ 895.624044] ? p9_fd_create+0x357/0x4a0 [ 895.624860] ? p9_conn_create+0x510/0x510 [ 895.625697] ? p9_client_create+0x798/0x1090 [ 895.626584] ? kfree+0xd7/0x390 [ 895.627253] ? do_raw_spin_unlock+0x4f/0x220 [ 895.628154] p9_client_create+0xa76/0x1090 [ 895.629020] ? p9_client_flush+0x430/0x430 23:51:38 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x9000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:38 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 895.629884] ? lockdep_init_map_type+0x2c7/0x780 [ 895.630989] ? rcu_read_lock_sched_held+0x3e/0x80 [ 895.631975] ? __raw_spin_lock_init+0x36/0x110 [ 895.632946] v9fs_session_init+0x1dd/0x16a0 [ 895.633845] ? kmem_cache_alloc_trace+0x151/0x360 [ 895.634814] ? v9fs_show_options+0x690/0x690 [ 895.635728] ? kasan_unpoison_shadow+0x33/0x50 [ 895.636674] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.637688] v9fs_mount+0x79/0x8f0 [ 895.638431] ? v9fs_write_inode+0x60/0x60 [ 895.639277] legacy_get_tree+0x105/0x220 [ 895.640114] vfs_get_tree+0x8e/0x300 [ 895.640895] path_mount+0x13be/0x20b0 [ 895.641695] ? strncpy_from_user+0x9e/0x470 [ 895.642563] ? finish_automount+0xa40/0xa40 [ 895.643438] ? getname_flags.part.0+0x1dd/0x4f0 [ 895.644383] ? _copy_from_user+0xfb/0x1b0 [ 895.645228] __x64_sys_mount+0x282/0x300 [ 895.646059] ? copy_mnt_ns+0xa00/0xa00 [ 895.646860] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 895.647934] ? syscall_enter_from_user_mode+0x1d/0x50 [ 895.648997] do_syscall_64+0x33/0x40 [ 895.649774] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 895.650791] RIP: 0033:0x7ff8f0c7cb19 [ 895.651546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.655279] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 895.656395] FAT-fs (loop1): invalid media value (0x00) [ 895.656829] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 895.656841] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 895.656853] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 895.656872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.658000] FAT-fs (loop1): Can't find a valid FAT filesystem [ 895.659389] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 23:51:38 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 895.676635] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 895.678336] kernel write not supported for file /snd/seq (pid: 6317 comm: kworker/1:0) [ 895.708700] FAULT_INJECTION: forcing a failure. [ 895.708700] name failslab, interval 1, probability 0, space 0, times 0 [ 895.711335] CPU: 0 PID: 6938 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 895.712757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 895.714828] Call Trace: [ 895.715385] dump_stack+0x107/0x167 [ 895.716322] should_fail.cold+0x5/0xa [ 895.717122] ? create_object.isra.0+0x3a/0xa20 [ 895.718264] should_failslab+0x5/0x20 [ 895.719053] kmem_cache_alloc+0x5b/0x360 [ 895.720066] ? cred_has_capability.isra.0+0x152/0x2b0 [ 895.721148] create_object.isra.0+0x3a/0xa20 [ 895.722249] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 895.723305] kmem_cache_alloc_trace+0x151/0x360 [ 895.724490] ? v9fs_write_inode+0x60/0x60 [ 895.725349] v9fs_mount+0x5a/0x8f0 [ 895.726236] ? v9fs_write_inode+0x60/0x60 [ 895.727096] legacy_get_tree+0x105/0x220 [ 895.728112] vfs_get_tree+0x8e/0x300 [ 895.728899] path_mount+0x13be/0x20b0 [ 895.729856] ? strncpy_from_user+0x9e/0x470 [ 895.730751] ? finish_automount+0xa40/0xa40 [ 895.731827] ? getname_flags.part.0+0x1dd/0x4f0 [ 895.732807] ? _copy_from_user+0xfb/0x1b0 [ 895.733857] __x64_sys_mount+0x282/0x300 [ 895.734698] ? copy_mnt_ns+0xa00/0xa00 [ 895.735671] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 895.736766] ? syscall_enter_from_user_mode+0x1d/0x50 [ 895.738056] do_syscall_64+0x33/0x40 [ 895.738834] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 895.740109] RIP: 0033:0x7fb012c72b19 [ 895.740911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.745498] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 895.747068] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 895.748855] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 895.750328] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 895.751804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.753357] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 895.760852] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 895.768167] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. 23:51:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x34000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) 23:51:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 40) 23:51:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000", 0x15}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:51:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 36) 23:51:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21010000000000000000060000000800", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:51:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 16) 23:51:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 909.283923] FAULT_INJECTION: forcing a failure. [ 909.283923] name failslab, interval 1, probability 0, space 0, times 0 [ 909.286441] CPU: 1 PID: 6960 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 909.287913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 909.289717] Call Trace: [ 909.290297] dump_stack+0x107/0x167 [ 909.291093] should_fail.cold+0x5/0xa [ 909.291929] should_failslab+0x5/0x20 [ 909.292765] __kmalloc_track_caller+0x79/0x3c0 [ 909.293765] ? v9fs_session_init+0xa7/0x16a0 [ 909.294702] ? kernel_text_address+0xf2/0x120 [ 909.295676] kstrdup+0x36/0x70 [ 909.296400] v9fs_session_init+0xa7/0x16a0 [ 909.297298] ? find_held_lock+0x2c/0x110 [ 909.298187] ? kmem_cache_alloc_trace+0x151/0x360 [ 909.299208] ? v9fs_show_options+0x690/0x690 [ 909.300187] ? kasan_unpoison_shadow+0x33/0x50 [ 909.301187] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.302271] v9fs_mount+0x79/0x8f0 [ 909.303054] ? v9fs_write_inode+0x60/0x60 [ 909.303944] legacy_get_tree+0x105/0x220 [ 909.304821] vfs_get_tree+0x8e/0x300 [ 909.305645] path_mount+0x13be/0x20b0 [ 909.306472] ? strncpy_from_user+0x9e/0x470 [ 909.307429] ? finish_automount+0xa40/0xa40 [ 909.308393] ? getname_flags.part.0+0x1dd/0x4f0 [ 909.309420] ? _copy_from_user+0xfb/0x1b0 [ 909.310331] __x64_sys_mount+0x282/0x300 [ 909.311193] ? copy_mnt_ns+0xa00/0xa00 [ 909.312053] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 909.313205] ? syscall_enter_from_user_mode+0x1d/0x50 [ 909.314305] do_syscall_64+0x33/0x40 [ 909.315095] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 909.316214] RIP: 0033:0x7fb012c72b19 [ 909.317027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 909.318407] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 909.321042] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 909.321068] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 909.325184] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 909.326731] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 909.328242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 909.329787] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 909.332647] FAULT_INJECTION: forcing a failure. [ 909.332647] name failslab, interval 1, probability 0, space 0, times 0 [ 909.335344] CPU: 1 PID: 6958 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 909.336856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 909.338631] Call Trace: [ 909.339199] dump_stack+0x107/0x167 [ 909.339992] should_fail.cold+0x5/0xa [ 909.340838] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 909.342105] should_failslab+0x5/0x20 [ 909.342945] kmem_cache_alloc+0x5b/0x360 [ 909.343832] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 909.345081] idr_get_free+0x4b5/0x8f0 [ 909.345909] idr_alloc_u32+0x170/0x2d0 [ 909.346782] ? __fprop_inc_percpu_max+0x130/0x130 23:51:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x9effffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 909.347814] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 909.349124] ? lock_release+0x6b0/0x6b0 [ 909.350008] idr_alloc+0xc2/0x130 [ 909.350778] ? idr_alloc_u32+0x2d0/0x2d0 [ 909.351674] ? rwlock_bug.part.0+0x90/0x90 23:51:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04"], 0x28}}, 0x0) [ 909.352643] p9_client_prepare_req.part.0+0x625/0xb30 [ 909.353826] p9_client_rpc+0x220/0x1210 [ 909.354685] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 909.355816] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 909.356851] ? snd_seq_poll+0x15b/0x2d0 [ 909.357722] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 909.358903] ? p9_fd_poll+0x1e0/0x2c0 [ 909.359752] ? p9_fd_create+0x357/0x4a0 [ 909.360614] ? p9_conn_create+0x510/0x510 [ 909.361524] ? p9_client_create+0x798/0x1090 [ 909.362457] ? kfree+0xd7/0x390 [ 909.363164] ? do_raw_spin_unlock+0x4f/0x220 [ 909.364111] p9_client_create+0xa76/0x1090 [ 909.365034] ? p9_client_flush+0x430/0x430 [ 909.365947] ? lockdep_init_map_type+0x2c7/0x780 [ 909.366955] ? rcu_read_lock_sched_held+0x3e/0x80 [ 909.367990] ? __raw_spin_lock_init+0x36/0x110 [ 909.369008] v9fs_session_init+0x1dd/0x16a0 [ 909.369940] ? kmem_cache_alloc_trace+0x151/0x360 [ 909.370986] ? v9fs_show_options+0x690/0x690 [ 909.371976] ? kasan_unpoison_shadow+0x33/0x50 [ 909.372990] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 23:51:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xce000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 909.374094] v9fs_mount+0x79/0x8f0 [ 909.374970] ? v9fs_write_inode+0x60/0x60 [ 909.375883] legacy_get_tree+0x105/0x220 [ 909.376787] vfs_get_tree+0x8e/0x300 [ 909.377241] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 909.377609] path_mount+0x13be/0x20b0 [ 909.379447] ? strncpy_from_user+0x9e/0x470 [ 909.380401] ? finish_automount+0xa40/0xa40 [ 909.381361] ? getname_flags.part.0+0x1dd/0x4f0 [ 909.382374] ? _copy_from_user+0xfb/0x1b0 [ 909.383303] __x64_sys_mount+0x282/0x300 [ 909.384187] ? copy_mnt_ns+0xa00/0xa00 [ 909.385061] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 909.386219] ? syscall_enter_from_user_mode+0x1d/0x50 [ 909.387356] do_syscall_64+0x33/0x40 [ 909.388164] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 909.389280] RIP: 0033:0x7ff8f0c7cb19 [ 909.390077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 909.394049] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 909.395699] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 909.397244] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 909.398792] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 909.400342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 909.401888] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 909.403847] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:51:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x80000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005"], 0x28}}, 0x0) [ 909.422247] FAULT_INJECTION: forcing a failure. [ 909.422247] name failslab, interval 1, probability 0, space 0, times 0 [ 909.423503] CPU: 0 PID: 6981 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 909.424282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 909.425260] Call Trace: [ 909.425552] dump_stack+0x107/0x167 [ 909.425956] should_fail.cold+0x5/0xa [ 909.426372] ? p9_fcall_init+0x97/0x210 [ 909.426802] should_failslab+0x5/0x20 [ 909.427225] __kmalloc+0x72/0x3f0 [ 909.427607] p9_fcall_init+0x97/0x210 [ 909.428026] p9_client_prepare_req.part.0+0x8c/0xb30 [ 909.428597] p9_client_rpc+0x220/0x1210 [ 909.429026] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 909.429651] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 909.430161] ? snd_seq_poll+0x15b/0x2d0 [ 909.430596] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 909.431182] ? p9_fd_poll+0x1e0/0x2c0 [ 909.431598] ? p9_fd_create+0x357/0x4a0 [ 909.432038] ? p9_conn_create+0x510/0x510 [ 909.432508] ? p9_client_create+0x798/0x1090 [ 909.432988] ? kfree+0xd7/0x390 [ 909.433377] ? do_raw_spin_unlock+0x4f/0x220 [ 909.433888] p9_client_create+0xa76/0x1090 [ 909.434360] ? p9_client_flush+0x430/0x430 [ 909.434855] ? lockdep_init_map_type+0x2c7/0x780 [ 909.435377] ? rcu_read_lock_sched_held+0x3e/0x80 [ 909.435900] ? __raw_spin_lock_init+0x36/0x110 [ 909.436417] v9fs_session_init+0x1dd/0x16a0 [ 909.436911] ? kmem_cache_alloc_trace+0x151/0x360 [ 909.437430] ? v9fs_show_options+0x690/0x690 [ 909.437923] ? kasan_unpoison_shadow+0x33/0x50 [ 909.438415] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.438992] v9fs_mount+0x79/0x8f0 [ 909.439387] ? v9fs_write_inode+0x60/0x60 [ 909.439852] legacy_get_tree+0x105/0x220 [ 909.440333] vfs_get_tree+0x8e/0x300 [ 909.440764] path_mount+0x13be/0x20b0 [ 909.441182] ? strncpy_from_user+0x9e/0x470 [ 909.441689] ? finish_automount+0xa40/0xa40 [ 909.442184] ? getname_flags.part.0+0x1dd/0x4f0 [ 909.442717] ? _copy_from_user+0xfb/0x1b0 [ 909.443183] __x64_sys_mount+0x282/0x300 [ 909.443643] ? copy_mnt_ns+0xa00/0xa00 [ 909.444062] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 909.444637] ? syscall_enter_from_user_mode+0x1d/0x50 [ 909.445193] do_syscall_64+0x33/0x40 [ 909.445620] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 909.446173] RIP: 0033:0x7fbdabcfab19 [ 909.446577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 909.448563] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 909.449384] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 909.450184] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 909.451005] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 909.451823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 909.452640] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:51:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21010000000000000000060000000800", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:51:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf0ffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:51:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000080003", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 909.495617] FAT-fs (loop1): invalid media value (0x00) [ 909.496879] FAT-fs (loop1): Can't find a valid FAT filesystem [ 909.550370] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 23:51:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 17) 23:51:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 37) 23:51:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 41) [ 909.595439] FAULT_INJECTION: forcing a failure. [ 909.595439] name failslab, interval 1, probability 0, space 0, times 0 [ 909.596740] CPU: 0 PID: 6997 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 909.597477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 909.598374] Call Trace: [ 909.598694] dump_stack+0x107/0x167 [ 909.599092] should_fail.cold+0x5/0xa [ 909.599536] ? create_object.isra.0+0x3a/0xa20 [ 909.600037] should_failslab+0x5/0x20 [ 909.600485] kmem_cache_alloc+0x5b/0x360 [ 909.600953] create_object.isra.0+0x3a/0xa20 [ 909.601469] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.602049] __kmalloc_track_caller+0x177/0x3c0 [ 909.602568] ? v9fs_session_init+0xa7/0x16a0 [ 909.603040] ? kernel_text_address+0xf2/0x120 [ 909.603565] kstrdup+0x36/0x70 [ 909.603934] v9fs_session_init+0xa7/0x16a0 [ 909.604405] ? find_held_lock+0x2c/0x110 [ 909.604878] ? kmem_cache_alloc_trace+0x151/0x360 [ 909.605414] ? v9fs_show_options+0x690/0x690 [ 909.605932] ? kasan_unpoison_shadow+0x33/0x50 [ 909.606460] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.607060] v9fs_mount+0x79/0x8f0 [ 909.607471] ? v9fs_write_inode+0x60/0x60 [ 909.607954] legacy_get_tree+0x105/0x220 [ 909.608441] vfs_get_tree+0x8e/0x300 [ 909.608868] path_mount+0x13be/0x20b0 [ 909.609316] ? strncpy_from_user+0x9e/0x470 [ 909.609821] ? finish_automount+0xa40/0xa40 [ 909.610304] ? getname_flags.part.0+0x1dd/0x4f0 [ 909.610841] ? _copy_from_user+0xfb/0x1b0 [ 909.611316] __x64_sys_mount+0x282/0x300 [ 909.611753] ? copy_mnt_ns+0xa00/0xa00 [ 909.612172] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 909.612780] ? syscall_enter_from_user_mode+0x1d/0x50 [ 909.613368] do_syscall_64+0x33/0x40 [ 909.613798] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 909.614388] RIP: 0033:0x7fb012c72b19 [ 909.614815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 909.616857] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 909.617675] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 909.618450] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 909.619231] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 909.620008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 909.620797] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 909.644542] FAULT_INJECTION: forcing a failure. [ 909.644542] name failslab, interval 1, probability 0, space 0, times 0 [ 909.646985] CPU: 1 PID: 6999 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 909.648477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 909.650272] Call Trace: [ 909.650854] dump_stack+0x107/0x167 [ 909.651649] should_fail.cold+0x5/0xa [ 909.651856] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 909.652501] ? create_object.isra.0+0x3a/0xa20 [ 909.654347] should_failslab+0x5/0x20 [ 909.655178] kmem_cache_alloc+0x5b/0x360 [ 909.656074] create_object.isra.0+0x3a/0xa20 [ 909.657034] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.658146] kmem_cache_alloc+0x159/0x360 [ 909.659063] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 909.660280] idr_get_free+0x4b5/0x8f0 [ 909.661144] idr_alloc_u32+0x170/0x2d0 [ 909.662007] ? __fprop_inc_percpu_max+0x130/0x130 [ 909.663059] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 909.664214] ? lock_release+0x6b0/0x6b0 [ 909.665080] idr_alloc+0xc2/0x130 [ 909.665836] ? idr_alloc_u32+0x2d0/0x2d0 [ 909.666706] ? rwlock_bug.part.0+0x90/0x90 [ 909.667627] p9_client_prepare_req.part.0+0x625/0xb30 [ 909.668763] p9_client_rpc+0x220/0x1210 [ 909.669635] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 909.670778] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 909.671781] ? snd_seq_poll+0x15b/0x2d0 [ 909.672658] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 909.673821] ? p9_fd_poll+0x1e0/0x2c0 [ 909.674654] ? p9_fd_create+0x357/0x4a0 [ 909.675521] ? p9_conn_create+0x510/0x510 [ 909.676427] ? p9_client_create+0x798/0x1090 [ 909.677393] ? kfree+0xd7/0x390 [ 909.678119] ? do_raw_spin_unlock+0x4f/0x220 [ 909.679070] p9_client_create+0xa76/0x1090 [ 909.679987] ? p9_client_flush+0x430/0x430 [ 909.680917] ? lockdep_init_map_type+0x2c7/0x780 [ 909.681945] ? rcu_read_lock_sched_held+0x3e/0x80 [ 909.683009] ? __raw_spin_lock_init+0x36/0x110 [ 909.684016] v9fs_session_init+0x1dd/0x16a0 [ 909.684989] ? kmem_cache_alloc_trace+0x151/0x360 [ 909.686036] ? v9fs_show_options+0x690/0x690 [ 909.687010] ? kasan_unpoison_shadow+0x33/0x50 [ 909.687999] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.689105] v9fs_mount+0x79/0x8f0 [ 909.689880] ? v9fs_write_inode+0x60/0x60 [ 909.690780] legacy_get_tree+0x105/0x220 [ 909.691663] vfs_get_tree+0x8e/0x300 [ 909.692487] path_mount+0x13be/0x20b0 [ 909.693326] ? strncpy_from_user+0x9e/0x470 [ 909.694263] ? finish_automount+0xa40/0xa40 [ 909.695200] ? getname_flags.part.0+0x1dd/0x4f0 [ 909.696209] ? _copy_from_user+0xfb/0x1b0 [ 909.697136] __x64_sys_mount+0x282/0x300 [ 909.698022] ? copy_mnt_ns+0xa00/0xa00 [ 909.698870] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 909.700008] ? syscall_enter_from_user_mode+0x1d/0x50 [ 909.701145] do_syscall_64+0x33/0x40 [ 909.701950] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 909.703063] RIP: 0033:0x7ff8f0c7cb19 [ 909.703874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 909.707868] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 909.709534] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 909.711078] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 909.712627] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 909.714167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 909.715730] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 909.717542] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 909.726449] FAULT_INJECTION: forcing a failure. [ 909.726449] name failslab, interval 1, probability 0, space 0, times 0 [ 909.729014] CPU: 1 PID: 7001 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 909.730503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 909.732308] Call Trace: [ 909.732914] dump_stack+0x107/0x167 [ 909.733723] should_fail.cold+0x5/0xa [ 909.734557] ? create_object.isra.0+0x3a/0xa20 [ 909.735559] should_failslab+0x5/0x20 [ 909.736397] kmem_cache_alloc+0x5b/0x360 [ 909.737294] create_object.isra.0+0x3a/0xa20 [ 909.738246] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.739349] __kmalloc+0x16e/0x3f0 [ 909.740118] p9_fcall_init+0x97/0x210 [ 909.740952] p9_client_prepare_req.part.0+0x8c/0xb30 [ 909.742054] p9_client_rpc+0x220/0x1210 [ 909.742931] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 909.744091] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 909.745128] ? snd_seq_poll+0x15b/0x2d0 [ 909.745990] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 909.747165] ? p9_fd_poll+0x1e0/0x2c0 [ 909.747993] ? p9_fd_create+0x357/0x4a0 [ 909.748862] ? p9_conn_create+0x510/0x510 [ 909.749756] ? p9_client_create+0x798/0x1090 [ 909.750703] ? kfree+0xd7/0x390 [ 909.751419] ? do_raw_spin_unlock+0x4f/0x220 [ 909.752386] p9_client_create+0xa76/0x1090 [ 909.753308] ? p9_client_flush+0x430/0x430 [ 909.754236] ? lockdep_init_map_type+0x2c7/0x780 [ 909.755291] ? rcu_read_lock_sched_held+0x3e/0x80 [ 909.756370] ? __raw_spin_lock_init+0x36/0x110 [ 909.757381] v9fs_session_init+0x1dd/0x16a0 [ 909.758334] ? kmem_cache_alloc_trace+0x151/0x360 [ 909.759386] ? v9fs_show_options+0x690/0x690 [ 909.760368] ? kasan_unpoison_shadow+0x33/0x50 [ 909.761363] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 909.762481] v9fs_mount+0x79/0x8f0 [ 909.763254] ? v9fs_write_inode+0x60/0x60 [ 909.764154] legacy_get_tree+0x105/0x220 [ 909.765060] vfs_get_tree+0x8e/0x300 [ 909.765873] path_mount+0x13be/0x20b0 [ 909.766700] ? strncpy_from_user+0x9e/0x470 [ 909.767638] ? finish_automount+0xa40/0xa40 [ 909.768597] ? getname_flags.part.0+0x1dd/0x4f0 [ 909.769603] ? _copy_from_user+0xfb/0x1b0 [ 909.770511] __x64_sys_mount+0x282/0x300 [ 909.771369] ? copy_mnt_ns+0xa00/0xa00 [ 909.772218] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 909.773364] ? syscall_enter_from_user_mode+0x1d/0x50 [ 909.774477] do_syscall_64+0x33/0x40 [ 909.775276] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 909.776401] RIP: 0033:0x7fbdabcfab19 [ 909.777203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 909.781181] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 909.782822] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 909.784383] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 909.785919] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 909.787461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 909.789002] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 909.791140] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:52:05 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 42) 23:52:05 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x400300, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 38) 23:52:05 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 18) [ 922.256393] FAULT_INJECTION: forcing a failure. [ 922.256393] name failslab, interval 1, probability 0, space 0, times 0 [ 922.258977] CPU: 1 PID: 7015 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 922.260438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.262220] Call Trace: [ 922.262811] dump_stack+0x107/0x167 [ 922.263606] should_fail.cold+0x5/0xa [ 922.264436] ? p9_fcall_init+0x97/0x210 [ 922.265307] should_failslab+0x5/0x20 [ 922.266144] __kmalloc+0x72/0x3f0 [ 922.266909] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.268034] p9_fcall_init+0x97/0x210 [ 922.268169] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 922.268896] p9_client_prepare_req.part.0+0xf4/0xb30 [ 922.268924] p9_client_rpc+0x220/0x1210 [ 922.271805] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 922.272984] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 922.273999] ? snd_seq_poll+0x15b/0x2d0 [ 922.274894] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 23:52:05 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005"], 0x28}}, 0x0) 23:52:05 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xfffff000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f8", 0x16}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:52:05 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000080003", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 922.276049] ? p9_fd_poll+0x1e0/0x2c0 [ 922.276970] ? p9_fd_create+0x357/0x4a0 [ 922.277850] ? p9_conn_create+0x510/0x510 [ 922.278754] ? p9_client_create+0x798/0x1090 [ 922.279693] ? kfree+0xd7/0x390 [ 922.280415] ? do_raw_spin_unlock+0x4f/0x220 [ 922.281392] p9_client_create+0xa76/0x1090 [ 922.282302] ? p9_client_flush+0x430/0x430 [ 922.283251] ? lockdep_init_map_type+0x2c7/0x780 [ 922.284287] ? rcu_read_lock_sched_held+0x3e/0x80 [ 922.285370] ? __raw_spin_lock_init+0x36/0x110 [ 922.286384] v9fs_session_init+0x1dd/0x16a0 [ 922.287334] ? kmem_cache_alloc_trace+0x151/0x360 [ 922.288373] ? v9fs_show_options+0x690/0x690 [ 922.289388] ? kasan_unpoison_shadow+0x33/0x50 [ 922.290386] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.291508] v9fs_mount+0x79/0x8f0 [ 922.292270] ? v9fs_write_inode+0x60/0x60 [ 922.293192] legacy_get_tree+0x105/0x220 [ 922.294085] vfs_get_tree+0x8e/0x300 [ 922.294885] path_mount+0x13be/0x20b0 [ 922.295708] ? strncpy_from_user+0x9e/0x470 [ 922.296648] ? finish_automount+0xa40/0xa40 [ 922.297594] ? getname_flags.part.0+0x1dd/0x4f0 [ 922.298608] ? _copy_from_user+0xfb/0x1b0 [ 922.299503] __x64_sys_mount+0x282/0x300 [ 922.300391] ? copy_mnt_ns+0xa00/0xa00 [ 922.301247] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.302396] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.303530] do_syscall_64+0x33/0x40 [ 922.304347] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 922.305489] RIP: 0033:0x7fbdabcfab19 [ 922.306303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.308259] FAT-fs (loop1): bogus number of FAT sectors [ 922.310327] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 922.310349] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 922.310364] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 922.310973] FAT-fs (loop1): Can't find a valid FAT filesystem [ 922.312610] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 922.312622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 922.312636] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 922.322398] FAULT_INJECTION: forcing a failure. [ 922.322398] name failslab, interval 1, probability 0, space 0, times 0 [ 922.323637] CPU: 0 PID: 7022 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 922.324390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.325305] Call Trace: [ 922.325604] dump_stack+0x107/0x167 [ 922.326007] should_fail.cold+0x5/0xa [ 922.326427] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 922.327053] should_failslab+0x5/0x20 [ 922.327475] kmem_cache_alloc+0x5b/0x360 [ 922.327925] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 922.328570] idr_get_free+0x4b5/0x8f0 [ 922.329012] idr_alloc_u32+0x170/0x2d0 [ 922.329444] ? __fprop_inc_percpu_max+0x130/0x130 [ 922.329983] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 922.330581] ? lock_release+0x6b0/0x6b0 [ 922.331037] idr_alloc+0xc2/0x130 [ 922.331421] ? idr_alloc_u32+0x2d0/0x2d0 [ 922.331871] ? rwlock_bug.part.0+0x90/0x90 [ 922.332342] p9_client_prepare_req.part.0+0x625/0xb30 [ 922.332918] p9_client_rpc+0x220/0x1210 [ 922.333360] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 922.333948] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 922.334473] ? snd_seq_poll+0x15b/0x2d0 [ 922.334912] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 922.335517] ? p9_fd_poll+0x1e0/0x2c0 [ 922.335943] ? p9_fd_create+0x357/0x4a0 [ 922.336377] ? p9_conn_create+0x510/0x510 [ 922.336862] ? p9_client_create+0x798/0x1090 [ 922.337354] ? kfree+0xd7/0x390 [ 922.337728] ? do_raw_spin_unlock+0x4f/0x220 [ 922.338210] p9_client_create+0xa76/0x1090 [ 922.338703] ? p9_client_flush+0x430/0x430 [ 922.339206] ? lockdep_init_map_type+0x2c7/0x780 [ 922.339721] ? rcu_read_lock_sched_held+0x3e/0x80 [ 922.340250] ? __raw_spin_lock_init+0x36/0x110 [ 922.340763] v9fs_session_init+0x1dd/0x16a0 [ 922.341253] ? kmem_cache_alloc_trace+0x151/0x360 [ 922.341792] ? v9fs_show_options+0x690/0x690 [ 922.342292] ? kasan_unpoison_shadow+0x33/0x50 [ 922.342800] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.343358] v9fs_mount+0x79/0x8f0 [ 922.343749] ? v9fs_write_inode+0x60/0x60 [ 922.344216] legacy_get_tree+0x105/0x220 [ 922.344689] vfs_get_tree+0x8e/0x300 [ 922.345122] path_mount+0x13be/0x20b0 [ 922.345553] ? strncpy_from_user+0x9e/0x470 [ 922.346043] ? finish_automount+0xa40/0xa40 [ 922.346526] ? getname_flags.part.0+0x1dd/0x4f0 [ 922.347039] ? _copy_from_user+0xfb/0x1b0 [ 922.347512] __x64_sys_mount+0x282/0x300 [ 922.347977] ? copy_mnt_ns+0xa00/0xa00 [ 922.348407] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.348992] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.349562] do_syscall_64+0x33/0x40 [ 922.349973] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 922.350541] RIP: 0033:0x7ff8f0c7cb19 [ 922.350949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.352987] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 922.353821] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 922.354597] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 922.355074] FAULT_INJECTION: forcing a failure. [ 922.355074] name failslab, interval 1, probability 0, space 0, times 0 [ 922.355388] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 922.355402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 922.359432] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 922.360273] CPU: 1 PID: 7010 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 922.361762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.363593] Call Trace: [ 922.364182] dump_stack+0x107/0x167 [ 922.364989] should_fail.cold+0x5/0xa [ 922.365866] should_failslab+0x5/0x20 [ 922.366701] __kmalloc_track_caller+0x79/0x3c0 [ 922.367712] ? v9fs_session_init+0xe9/0x16a0 [ 922.368710] ? kernel_text_address+0xf2/0x120 [ 922.369236] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:52:05 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000080003", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:52:05 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005"], 0x28}}, 0x0) [ 922.369708] kstrdup+0x36/0x70 [ 922.369730] v9fs_session_init+0xe9/0x16a0 [ 922.372289] ? find_held_lock+0x2c/0x110 [ 922.373215] ? kmem_cache_alloc_trace+0x151/0x360 [ 922.374252] ? v9fs_show_options+0x690/0x690 [ 922.375232] ? kasan_unpoison_shadow+0x33/0x50 [ 922.376214] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.377341] v9fs_mount+0x79/0x8f0 [ 922.378120] ? v9fs_write_inode+0x60/0x60 [ 922.379030] legacy_get_tree+0x105/0x220 [ 922.379926] vfs_get_tree+0x8e/0x300 [ 922.380751] path_mount+0x13be/0x20b0 [ 922.381565] ? strncpy_from_user+0x9e/0x470 [ 922.382531] ? finish_automount+0xa40/0xa40 [ 922.383497] ? getname_flags.part.0+0x1dd/0x4f0 [ 922.384502] ? _copy_from_user+0xfb/0x1b0 [ 922.385437] __x64_sys_mount+0x282/0x300 [ 922.386343] ? copy_mnt_ns+0xa00/0xa00 [ 922.387214] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.388389] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.389531] do_syscall_64+0x33/0x40 [ 922.390340] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 922.391455] RIP: 0033:0x7fb012c72b19 [ 922.392271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.396307] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 922.397952] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 922.399474] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 922.401041] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 922.402597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 922.404161] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:52:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f8", 0x16}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:52:05 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf0ffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:05 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 19) [ 922.454726] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. [ 922.478913] FAT-fs (loop1): bogus number of FAT sectors [ 922.479536] FAT-fs (loop1): Can't find a valid FAT filesystem [ 922.500798] FAULT_INJECTION: forcing a failure. [ 922.500798] name failslab, interval 1, probability 0, space 0, times 0 [ 922.502065] CPU: 0 PID: 7039 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 922.502815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.503732] Call Trace: [ 922.504034] dump_stack+0x107/0x167 [ 922.504449] should_fail.cold+0x5/0xa [ 922.504876] ? create_object.isra.0+0x3a/0xa20 [ 922.505374] should_failslab+0x5/0x20 [ 922.505801] kmem_cache_alloc+0x5b/0x360 [ 922.506253] create_object.isra.0+0x3a/0xa20 [ 922.506744] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.507309] __kmalloc_track_caller+0x177/0x3c0 [ 922.507828] ? v9fs_session_init+0xe9/0x16a0 [ 922.508325] ? kernel_text_address+0xf2/0x120 [ 922.508828] kstrdup+0x36/0x70 [ 922.509183] v9fs_session_init+0xe9/0x16a0 [ 922.509654] ? find_held_lock+0x2c/0x110 [ 922.510102] ? kmem_cache_alloc_trace+0x151/0x360 [ 922.510625] ? v9fs_show_options+0x690/0x690 [ 922.511119] ? kasan_unpoison_shadow+0x33/0x50 [ 922.511626] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.512205] v9fs_mount+0x79/0x8f0 [ 922.512611] ? v9fs_write_inode+0x60/0x60 [ 922.513086] legacy_get_tree+0x105/0x220 [ 922.513549] vfs_get_tree+0x8e/0x300 [ 922.513967] path_mount+0x13be/0x20b0 [ 922.514387] ? strncpy_from_user+0x9e/0x470 [ 922.514870] ? finish_automount+0xa40/0xa40 [ 922.515347] ? getname_flags.part.0+0x1dd/0x4f0 [ 922.515870] ? _copy_from_user+0xfb/0x1b0 [ 922.516338] __x64_sys_mount+0x282/0x300 [ 922.516793] ? copy_mnt_ns+0xa00/0xa00 [ 922.517241] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.517823] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.518401] do_syscall_64+0x33/0x40 [ 922.518816] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 922.519385] RIP: 0033:0x7fb012c72b19 [ 922.519796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.521824] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 922.522669] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 922.523454] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 922.524228] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 922.525025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 922.525798] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:52:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f8", 0x16}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:52:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 39) 23:52:05 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xffffff7f, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:05 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 43) [ 922.574467] FAT-fs (loop1): bogus number of FAT sectors [ 922.574844] FAULT_INJECTION: forcing a failure. [ 922.574844] name failslab, interval 1, probability 0, space 0, times 0 [ 922.575150] FAT-fs (loop1): Can't find a valid FAT filesystem [ 922.577599] CPU: 1 PID: 7042 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 922.579353] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 922.579640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.579647] Call Trace: [ 922.579678] dump_stack+0x107/0x167 [ 922.583641] should_fail.cold+0x5/0xa [ 922.584470] ? create_object.isra.0+0x3a/0xa20 [ 922.585465] should_failslab+0x5/0x20 [ 922.586316] kmem_cache_alloc+0x5b/0x360 [ 922.587202] create_object.isra.0+0x3a/0xa20 [ 922.588153] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.589264] __kmalloc+0x16e/0x3f0 [ 922.590032] p9_fcall_init+0x97/0x210 [ 922.590851] p9_client_prepare_req.part.0+0xf4/0xb30 [ 922.591977] p9_client_rpc+0x220/0x1210 [ 922.592864] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 922.594008] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 922.595038] ? snd_seq_poll+0x15b/0x2d0 [ 922.595418] FAULT_INJECTION: forcing a failure. [ 922.595418] name failslab, interval 1, probability 0, space 0, times 0 [ 922.595934] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 922.598352] ? p9_fd_poll+0x1e0/0x2c0 [ 922.599186] ? p9_fd_create+0x357/0x4a0 [ 922.600043] ? p9_conn_create+0x510/0x510 [ 922.600948] ? p9_client_create+0x798/0x1090 [ 922.601891] ? kfree+0xd7/0x390 [ 922.602599] ? do_raw_spin_unlock+0x4f/0x220 [ 922.603551] p9_client_create+0xa76/0x1090 [ 922.604464] ? p9_client_flush+0x430/0x430 [ 922.605416] ? lockdep_init_map_type+0x2c7/0x780 [ 922.606460] ? rcu_read_lock_sched_held+0x3e/0x80 [ 922.607497] ? __raw_spin_lock_init+0x36/0x110 [ 922.608507] v9fs_session_init+0x1dd/0x16a0 [ 922.609458] ? kmem_cache_alloc_trace+0x151/0x360 [ 922.610498] ? v9fs_show_options+0x690/0x690 [ 922.611467] ? kasan_unpoison_shadow+0x33/0x50 [ 922.612455] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.613585] v9fs_mount+0x79/0x8f0 [ 922.614345] ? v9fs_write_inode+0x60/0x60 [ 922.615267] legacy_get_tree+0x105/0x220 [ 922.616166] vfs_get_tree+0x8e/0x300 [ 922.616971] path_mount+0x13be/0x20b0 [ 922.617779] ? strncpy_from_user+0x9e/0x470 [ 922.618793] ? finish_automount+0xa40/0xa40 [ 922.619781] ? getname_flags.part.0+0x1dd/0x4f0 [ 922.620860] ? _copy_from_user+0xfb/0x1b0 [ 922.621827] __x64_sys_mount+0x282/0x300 [ 922.622747] ? copy_mnt_ns+0xa00/0xa00 [ 922.623639] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.624858] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.625978] do_syscall_64+0x33/0x40 [ 922.626774] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 922.627811] RIP: 0033:0x7fbdabcfab19 [ 922.628566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.632206] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 922.633811] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 922.635324] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 922.636816] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 922.638227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 922.639637] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 922.641082] CPU: 0 PID: 7049 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 922.641429] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 922.642490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.642497] Call Trace: [ 922.642517] dump_stack+0x107/0x167 [ 922.642539] should_fail.cold+0x5/0xa [ 922.648008] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 922.649253] should_failslab+0x5/0x20 [ 922.650019] kmem_cache_alloc+0x5b/0x360 [ 922.650872] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 922.652035] idr_get_free+0x4b5/0x8f0 [ 922.652864] idr_alloc_u32+0x170/0x2d0 [ 922.653657] ? __fprop_inc_percpu_max+0x130/0x130 [ 922.654669] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 922.655781] ? lock_release+0x6b0/0x6b0 [ 922.656634] idr_alloc+0xc2/0x130 [ 922.657339] ? idr_alloc_u32+0x2d0/0x2d0 [ 922.658198] ? rwlock_bug.part.0+0x90/0x90 [ 922.659056] p9_client_prepare_req.part.0+0x625/0xb30 [ 922.660141] p9_client_rpc+0x220/0x1210 [ 922.660995] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 922.662103] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 922.663078] ? snd_seq_poll+0x15b/0x2d0 [ 922.663908] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 922.665028] ? p9_fd_poll+0x1e0/0x2c0 [ 922.665833] ? p9_fd_create+0x357/0x4a0 [ 922.666657] ? p9_conn_create+0x510/0x510 [ 922.667527] ? p9_client_create+0x798/0x1090 [ 922.668440] ? kfree+0xd7/0x390 [ 922.669160] ? do_raw_spin_unlock+0x4f/0x220 [ 922.670056] p9_client_create+0xa76/0x1090 [ 922.670911] ? p9_client_flush+0x430/0x430 [ 922.671795] ? lockdep_init_map_type+0x2c7/0x780 [ 922.672794] ? rcu_read_lock_sched_held+0x3e/0x80 [ 922.673774] ? __raw_spin_lock_init+0x36/0x110 [ 922.674736] v9fs_session_init+0x1dd/0x16a0 [ 922.675631] ? kmem_cache_alloc_trace+0x151/0x360 [ 922.676607] ? v9fs_show_options+0x690/0x690 [ 922.677556] ? kasan_unpoison_shadow+0x33/0x50 [ 922.678525] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.679547] v9fs_mount+0x79/0x8f0 [ 922.680283] ? v9fs_write_inode+0x60/0x60 [ 922.681162] legacy_get_tree+0x105/0x220 [ 922.681990] vfs_get_tree+0x8e/0x300 [ 922.682765] path_mount+0x13be/0x20b0 [ 922.683568] ? strncpy_from_user+0x9e/0x470 [ 922.684471] ? finish_automount+0xa40/0xa40 [ 922.685363] ? getname_flags.part.0+0x1dd/0x4f0 [ 922.686330] ? _copy_from_user+0xfb/0x1b0 [ 922.687217] __x64_sys_mount+0x282/0x300 [ 922.688062] ? copy_mnt_ns+0xa00/0xa00 [ 922.688885] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.689988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.691020] do_syscall_64+0x33/0x40 [ 922.691792] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 922.692827] RIP: 0033:0x7ff8f0c7cb19 [ 922.693598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.697274] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 922.698791] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 922.700217] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 922.701727] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 922.703168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 922.704643] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 922.712114] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:52:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 20) 23:52:17 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:52:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, 0x0) 23:52:17 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 44) 23:52:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="04001780080005000600"], 0x28}}, 0x0) 23:52:17 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x1000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:17 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xffffff9e, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 40) [ 934.832968] FAULT_INJECTION: forcing a failure. [ 934.832968] name failslab, interval 1, probability 0, space 0, times 0 [ 934.834661] CPU: 0 PID: 7066 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 934.835716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 934.837019] Call Trace: [ 934.837435] dump_stack+0x107/0x167 [ 934.838003] should_fail.cold+0x5/0xa [ 934.838594] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 934.839490] should_failslab+0x5/0x20 [ 934.840084] kmem_cache_alloc+0x5b/0x360 [ 934.840715] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 934.841553] idr_get_free+0x4b5/0x8f0 [ 934.842137] idr_alloc_u32+0x170/0x2d0 [ 934.842724] ? __fprop_inc_percpu_max+0x130/0x130 [ 934.843446] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 934.844240] ? lock_release+0x6b0/0x6b0 [ 934.844846] idr_alloc+0xc2/0x130 [ 934.845367] ? idr_alloc_u32+0x2d0/0x2d0 [ 934.845728] FAULT_INJECTION: forcing a failure. [ 934.845728] name failslab, interval 1, probability 0, space 0, times 0 [ 934.845966] ? rwlock_bug.part.0+0x90/0x90 [ 934.845989] p9_client_prepare_req.part.0+0x625/0xb30 [ 934.849749] p9_client_rpc+0x220/0x1210 [ 934.850343] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 934.851130] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 934.851818] ? snd_seq_poll+0x15b/0x2d0 [ 934.852406] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 934.853211] ? p9_fd_poll+0x1e0/0x2c0 [ 934.853779] ? p9_fd_create+0x357/0x4a0 [ 934.854364] ? p9_conn_create+0x510/0x510 [ 934.854972] ? p9_client_create+0x798/0x1090 [ 934.855619] ? kfree+0xd7/0x390 [ 934.856107] ? do_raw_spin_unlock+0x4f/0x220 [ 934.856765] p9_client_create+0xa76/0x1090 [ 934.857396] ? p9_client_flush+0x430/0x430 [ 934.858025] ? lockdep_init_map_type+0x2c7/0x780 [ 934.858724] ? rcu_read_lock_sched_held+0x3e/0x80 [ 934.859441] ? __raw_spin_lock_init+0x36/0x110 [ 934.860124] v9fs_session_init+0x1dd/0x16a0 [ 934.860788] ? kmem_cache_alloc_trace+0x151/0x360 [ 934.861503] ? v9fs_show_options+0x690/0x690 [ 934.862168] ? kasan_unpoison_shadow+0x33/0x50 [ 934.862845] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 934.863595] v9fs_mount+0x79/0x8f0 [ 934.864125] ? v9fs_write_inode+0x60/0x60 [ 934.864748] legacy_get_tree+0x105/0x220 [ 934.865352] vfs_get_tree+0x8e/0x300 [ 934.865905] path_mount+0x13be/0x20b0 [ 934.866470] ? strncpy_from_user+0x9e/0x470 [ 934.867105] ? finish_automount+0xa40/0xa40 [ 934.867744] ? getname_flags.part.0+0x1dd/0x4f0 [ 934.868425] ? _copy_from_user+0xfb/0x1b0 [ 934.869053] __x64_sys_mount+0x282/0x300 [ 934.869657] ? copy_mnt_ns+0xa00/0xa00 [ 934.870235] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 934.871010] ? syscall_enter_from_user_mode+0x1d/0x50 [ 934.871770] do_syscall_64+0x33/0x40 [ 934.872321] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 934.873093] RIP: 0033:0x7ff8f0c7cb19 [ 934.873646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 934.876346] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 934.877510] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 934.878561] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 934.879610] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 934.880671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 934.881723] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 934.882803] CPU: 1 PID: 7065 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 934.882921] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 934.884276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 934.884282] Call Trace: [ 934.884310] dump_stack+0x107/0x167 [ 934.888541] should_fail.cold+0x5/0xa [ 934.889376] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 934.890619] should_failslab+0x5/0x20 [ 934.891442] kmem_cache_alloc+0x5b/0x360 [ 934.892328] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 934.893548] idr_get_free+0x4b5/0x8f0 [ 934.894393] idr_alloc_u32+0x170/0x2d0 [ 934.895244] ? __fprop_inc_percpu_max+0x130/0x130 [ 934.896292] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 934.897445] ? lock_release+0x6b0/0x6b0 [ 934.898299] idr_alloc+0xc2/0x130 [ 934.899040] ? idr_alloc_u32+0x2d0/0x2d0 [ 934.899910] ? rwlock_bug.part.0+0x90/0x90 [ 934.900835] p9_client_prepare_req.part.0+0x625/0xb30 [ 934.901940] p9_client_rpc+0x220/0x1210 [ 934.902799] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 934.903936] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 934.904944] ? snd_seq_poll+0x15b/0x2d0 [ 934.905794] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 934.906946] ? p9_fd_poll+0x1e0/0x2c0 [ 934.907765] ? p9_fd_create+0x357/0x4a0 [ 934.908620] ? p9_conn_create+0x510/0x510 [ 934.909519] ? p9_client_create+0x798/0x1090 [ 934.910459] ? kfree+0xd7/0x390 [ 934.911168] ? do_raw_spin_unlock+0x4f/0x220 [ 934.912113] p9_client_create+0xa76/0x1090 [ 934.913036] ? p9_client_flush+0x430/0x430 [ 934.913949] ? lockdep_init_map_type+0x2c7/0x780 [ 934.914955] ? rcu_read_lock_sched_held+0x3e/0x80 [ 934.915989] ? __raw_spin_lock_init+0x36/0x110 [ 934.916994] v9fs_session_init+0x1dd/0x16a0 [ 934.917939] ? kmem_cache_alloc_trace+0x151/0x360 [ 934.918974] ? v9fs_show_options+0x690/0x690 [ 934.919942] ? kasan_unpoison_shadow+0x33/0x50 [ 934.920931] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 934.922032] v9fs_mount+0x79/0x8f0 [ 934.922800] ? v9fs_write_inode+0x60/0x60 [ 934.923691] legacy_get_tree+0x105/0x220 [ 934.924566] vfs_get_tree+0x8e/0x300 [ 934.925377] path_mount+0x13be/0x20b0 [ 934.926196] ? strncpy_from_user+0x9e/0x470 [ 934.927122] ? finish_automount+0xa40/0xa40 [ 934.928049] ? getname_flags.part.0+0x1dd/0x4f0 [ 934.929052] ? _copy_from_user+0xfb/0x1b0 [ 934.929953] __x64_sys_mount+0x282/0x300 [ 934.930828] ? copy_mnt_ns+0xa00/0xa00 [ 934.931666] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 934.932809] ? syscall_enter_from_user_mode+0x1d/0x50 [ 934.933915] do_syscall_64+0x33/0x40 [ 934.934706] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 934.935789] RIP: 0033:0x7fbdabcfab19 [ 934.936576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 934.940465] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 934.942094] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 934.943602] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 934.945128] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 934.946634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 934.948141] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 934.949952] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:52:17 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x2000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:17 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xfffffff0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 934.962356] FAULT_INJECTION: forcing a failure. [ 934.962356] name failslab, interval 1, probability 0, space 0, times 0 [ 934.964906] CPU: 1 PID: 7062 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 934.966353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 934.968097] Call Trace: [ 934.968672] dump_stack+0x107/0x167 [ 934.969447] should_fail.cold+0x5/0xa [ 934.970246] ? p9_client_create+0xaf/0x1090 [ 934.971153] should_failslab+0x5/0x20 [ 934.971951] kmem_cache_alloc_trace+0x55/0x360 [ 934.972921] ? find_held_lock+0x2c/0x110 [ 934.973781] p9_client_create+0xaf/0x1090 [ 934.974656] ? lock_downgrade+0x6d0/0x6d0 [ 934.975531] ? p9_client_flush+0x430/0x430 [ 934.976430] ? lockdep_init_map_type+0x2c7/0x780 [ 934.977429] ? rcu_read_lock_sched_held+0x3e/0x80 [ 934.978447] ? __raw_spin_lock_init+0x36/0x110 [ 934.979414] v9fs_session_init+0x1dd/0x16a0 [ 934.980325] ? kmem_cache_alloc_trace+0x151/0x360 [ 934.981340] ? v9fs_show_options+0x690/0x690 23:52:17 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 45) [ 934.982276] ? kasan_unpoison_shadow+0x33/0x50 23:52:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) [ 934.983318] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 934.984454] v9fs_mount+0x79/0x8f0 [ 934.985204] ? v9fs_write_inode+0x60/0x60 23:52:17 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 934.986049] legacy_get_tree+0x105/0x220 [ 934.986957] vfs_get_tree+0x8e/0x300 [ 934.987719] path_mount+0x13be/0x20b0 [ 934.988520] ? strncpy_from_user+0x9e/0x470 [ 934.989418] ? finish_automount+0xa40/0xa40 [ 934.990326] ? getname_flags.part.0+0x1dd/0x4f0 [ 934.991298] ? _copy_from_user+0xfb/0x1b0 [ 934.992179] __x64_sys_mount+0x282/0x300 [ 934.993052] ? copy_mnt_ns+0xa00/0xa00 [ 934.993874] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 934.994974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 934.996059] do_syscall_64+0x33/0x40 [ 934.996850] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 934.997913] RIP: 0033:0x7fb012c72b19 [ 934.998685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 935.002499] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 935.004077] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 935.005560] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 935.007039] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 935.008517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 935.010002] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:52:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) [ 935.118282] FAULT_INJECTION: forcing a failure. [ 935.118282] name failslab, interval 1, probability 0, space 0, times 0 [ 935.119869] CPU: 0 PID: 7092 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 935.120846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 935.122002] Call Trace: [ 935.122383] dump_stack+0x107/0x167 [ 935.122887] should_fail.cold+0x5/0xa [ 935.123411] ? create_object.isra.0+0x3a/0xa20 [ 935.124041] should_failslab+0x5/0x20 [ 935.124570] kmem_cache_alloc+0x5b/0x360 [ 935.125160] create_object.isra.0+0x3a/0xa20 [ 935.125772] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 935.126478] kmem_cache_alloc+0x159/0x360 [ 935.127056] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 935.127831] idr_get_free+0x4b5/0x8f0 [ 935.128376] idr_alloc_u32+0x170/0x2d0 [ 935.128936] ? __fprop_inc_percpu_max+0x130/0x130 [ 935.129603] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 935.130338] ? lock_release+0x6b0/0x6b0 [ 935.130891] idr_alloc+0xc2/0x130 [ 935.131377] ? idr_alloc_u32+0x2d0/0x2d0 [ 935.131955] ? rwlock_bug.part.0+0x90/0x90 [ 935.132549] p9_client_prepare_req.part.0+0x625/0xb30 [ 935.133279] p9_client_rpc+0x220/0x1210 [ 935.133839] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 935.134579] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 935.135243] ? snd_seq_poll+0x15b/0x2d0 [ 935.135796] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 935.136563] ? p9_fd_poll+0x1e0/0x2c0 [ 935.137115] ? p9_fd_create+0x357/0x4a0 [ 935.137671] ? p9_conn_create+0x510/0x510 [ 935.138239] ? p9_client_create+0x798/0x1090 [ 935.138850] ? kfree+0xd7/0x390 [ 935.139303] ? do_raw_spin_unlock+0x4f/0x220 [ 935.139915] p9_client_create+0xa76/0x1090 [ 935.140502] ? p9_client_flush+0x430/0x430 [ 935.141105] ? lockdep_init_map_type+0x2c7/0x780 [ 935.141760] ? rcu_read_lock_sched_held+0x3e/0x80 [ 935.142427] ? __raw_spin_lock_init+0x36/0x110 [ 935.143063] v9fs_session_init+0x1dd/0x16a0 [ 935.143663] ? kmem_cache_alloc_trace+0x151/0x360 [ 935.144325] ? v9fs_show_options+0x690/0x690 [ 935.144969] ? kasan_unpoison_shadow+0x33/0x50 [ 935.145595] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 935.146300] v9fs_mount+0x79/0x8f0 [ 935.146808] ? v9fs_write_inode+0x60/0x60 [ 935.147400] legacy_get_tree+0x105/0x220 [ 935.147964] vfs_get_tree+0x8e/0x300 [ 935.148478] path_mount+0x13be/0x20b0 [ 935.149015] ? strncpy_from_user+0x9e/0x470 [ 935.149620] ? finish_automount+0xa40/0xa40 [ 935.150227] ? getname_flags.part.0+0x1dd/0x4f0 [ 935.150883] ? _copy_from_user+0xfb/0x1b0 [ 935.151466] __x64_sys_mount+0x282/0x300 [ 935.152031] ? copy_mnt_ns+0xa00/0xa00 [ 935.152576] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 935.153322] ? syscall_enter_from_user_mode+0x1d/0x50 [ 935.154037] do_syscall_64+0x33/0x40 [ 935.154553] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 935.155255] RIP: 0033:0x7ff8f0c7cb19 [ 935.155774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 935.158371] RSP: 002b:00007ff8ee1f2188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 935.159437] RAX: ffffffffffffffda RBX: 00007ff8f0d8ff60 RCX: 00007ff8f0c7cb19 [ 935.160439] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 935.161449] RBP: 00007ff8ee1f21d0 R08: 0000000020000180 R09: 0000000000000000 [ 935.162452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 935.163468] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 935.164724] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:52:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, 0x0) 23:52:17 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x3000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 41) 23:52:29 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 46) 23:52:29 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 21) 23:52:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, 0x0) 23:52:29 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:29 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:52:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) 23:52:29 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x4000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 946.919386] FAULT_INJECTION: forcing a failure. [ 946.919386] name failslab, interval 1, probability 0, space 0, times 0 [ 946.921115] CPU: 0 PID: 7105 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 946.922163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 946.923411] Call Trace: [ 946.923815] dump_stack+0x107/0x167 [ 946.924370] should_fail.cold+0x5/0xa [ 946.924959] ? create_object.isra.0+0x3a/0xa20 [ 946.925654] should_failslab+0x5/0x20 [ 946.926242] kmem_cache_alloc+0x5b/0x360 [ 946.926862] create_object.isra.0+0x3a/0xa20 [ 946.927536] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 946.928312] kmem_cache_alloc+0x159/0x360 [ 946.928970] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 946.929829] idr_get_free+0x4b5/0x8f0 [ 946.930445] idr_alloc_u32+0x170/0x2d0 [ 946.931053] ? __fprop_inc_percpu_max+0x130/0x130 [ 946.931804] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 946.932637] ? lock_release+0x6b0/0x6b0 [ 946.933273] idr_alloc+0xc2/0x130 [ 946.933812] ? idr_alloc_u32+0x2d0/0x2d0 [ 946.934442] ? rwlock_bug.part.0+0x90/0x90 [ 946.935107] p9_client_prepare_req.part.0+0x625/0xb30 [ 946.935911] p9_client_rpc+0x220/0x1210 [ 946.936534] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 946.937369] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 946.938053] ? snd_seq_poll+0x15b/0x2d0 [ 946.938678] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 946.939514] ? p9_fd_poll+0x1e0/0x2c0 [ 946.940109] ? p9_fd_create+0x357/0x4a0 [ 946.940725] ? p9_conn_create+0x510/0x510 [ 946.941376] ? p9_client_create+0x798/0x1090 [ 946.942058] ? kfree+0xd7/0x390 [ 946.942573] ? do_raw_spin_unlock+0x4f/0x220 [ 946.943266] p9_client_create+0xa76/0x1090 [ 946.943930] ? p9_client_flush+0x430/0x430 [ 946.944590] ? lockdep_init_map_type+0x2c7/0x780 [ 946.945331] ? rcu_read_lock_sched_held+0x3e/0x80 [ 946.946088] ? __raw_spin_lock_init+0x36/0x110 [ 946.946796] v9fs_session_init+0x1dd/0x16a0 [ 946.947466] ? kmem_cache_alloc_trace+0x151/0x360 [ 946.948213] ? v9fs_show_options+0x690/0x690 [ 946.948920] ? kasan_unpoison_shadow+0x33/0x50 [ 946.949627] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 946.950397] v9fs_mount+0x79/0x8f0 [ 946.950965] ? v9fs_write_inode+0x60/0x60 [ 946.951274] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 946.951599] legacy_get_tree+0x105/0x220 [ 946.951618] vfs_get_tree+0x8e/0x300 [ 946.951639] path_mount+0x13be/0x20b0 [ 946.954900] FAULT_INJECTION: forcing a failure. [ 946.954900] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 946.955167] ? strncpy_from_user+0x9e/0x470 [ 946.958342] ? finish_automount+0xa40/0xa40 [ 946.959000] ? getname_flags.part.0+0x1dd/0x4f0 [ 946.959702] ? _copy_from_user+0xfb/0x1b0 [ 946.960351] __x64_sys_mount+0x282/0x300 [ 946.960975] ? copy_mnt_ns+0xa00/0xa00 [ 946.961594] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 946.962391] ? syscall_enter_from_user_mode+0x1d/0x50 [ 946.963194] do_syscall_64+0x33/0x40 [ 946.963762] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 946.964537] RIP: 0033:0x7fbdabcfab19 [ 946.965142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 946.967991] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 946.969153] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 946.970220] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 946.971283] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 946.972349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 946.973429] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 946.974536] CPU: 1 PID: 7117 Comm: syz-executor.6 Not tainted 5.10.161 #1 [ 946.976050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 946.977887] Call Trace: [ 946.978475] dump_stack+0x107/0x167 [ 946.979284] should_fail.cold+0x5/0xa [ 946.979954] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 946.980137] _copy_to_user+0x2e/0x180 [ 946.982171] simple_read_from_buffer+0xcc/0x160 [ 946.983214] proc_fail_nth_read+0x198/0x230 [ 946.984167] ? proc_sessionid_read+0x230/0x230 [ 946.985189] ? security_file_permission+0x24e/0x570 [ 946.986288] ? perf_trace_initcall_start+0x101/0x380 [ 946.987417] ? proc_sessionid_read+0x230/0x230 [ 946.988424] vfs_read+0x228/0x580 [ 946.989216] ksys_read+0x12d/0x260 [ 946.990004] ? vfs_write+0xa30/0xa30 [ 946.990833] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 946.991978] ? syscall_enter_from_user_mode+0x1d/0x50 [ 946.993123] do_syscall_64+0x33/0x40 [ 946.993943] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 946.995060] RIP: 0033:0x7ff8f0c2f69c [ 946.995886] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 946.999908] RSP: 002b:00007ff8ee1f2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 947.001589] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007ff8f0c2f69c [ 947.003143] RDX: 000000000000000f RSI: 00007ff8ee1f21e0 RDI: 0000000000000004 [ 947.004697] RBP: 00007ff8ee1f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 947.006259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 947.007815] R13: 00007fff6b44828f R14: 00007ff8ee1f2300 R15: 0000000000022000 [ 947.013131] FAULT_INJECTION: forcing a failure. [ 947.013131] name failslab, interval 1, probability 0, space 0, times 0 [ 947.014987] CPU: 0 PID: 7108 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 947.016072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 947.017373] Call Trace: [ 947.017785] dump_stack+0x107/0x167 [ 947.018338] should_fail.cold+0x5/0xa [ 947.018934] ? create_object.isra.0+0x3a/0xa20 [ 947.019620] should_failslab+0x5/0x20 [ 947.020210] kmem_cache_alloc+0x5b/0x360 [ 947.020849] ? kernel_text_address+0xf2/0x120 [ 947.021548] create_object.isra.0+0x3a/0xa20 [ 947.022213] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 947.022998] kmem_cache_alloc_trace+0x151/0x360 [ 947.023687] ? find_held_lock+0x2c/0x110 [ 947.024316] p9_client_create+0xaf/0x1090 [ 947.024968] ? lock_downgrade+0x6d0/0x6d0 [ 947.025610] ? p9_client_flush+0x430/0x430 [ 947.026264] ? lockdep_init_map_type+0x2c7/0x780 [ 947.026998] ? rcu_read_lock_sched_held+0x3e/0x80 [ 947.027741] ? __raw_spin_lock_init+0x36/0x110 [ 947.028452] v9fs_session_init+0x1dd/0x16a0 [ 947.029139] ? kmem_cache_alloc_trace+0x151/0x360 [ 947.029882] ? v9fs_show_options+0x690/0x690 [ 947.030548] ? kasan_unpoison_shadow+0x33/0x50 [ 947.031249] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 947.032026] v9fs_mount+0x79/0x8f0 [ 947.032579] ? v9fs_write_inode+0x60/0x60 [ 947.033238] legacy_get_tree+0x105/0x220 [ 947.033866] vfs_get_tree+0x8e/0x300 [ 947.034438] path_mount+0x13be/0x20b0 [ 947.035027] ? strncpy_from_user+0x9e/0x470 [ 947.035693] ? finish_automount+0xa40/0xa40 [ 947.036359] ? getname_flags.part.0+0x1dd/0x4f0 [ 947.037076] ? _copy_from_user+0xfb/0x1b0 [ 947.037716] __x64_sys_mount+0x282/0x300 [ 947.038345] ? copy_mnt_ns+0xa00/0xa00 [ 947.038927] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 947.039739] ? syscall_enter_from_user_mode+0x1d/0x50 [ 947.040553] do_syscall_64+0x33/0x40 [ 947.041151] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 947.041947] RIP: 0033:0x7fb012c72b19 [ 947.042535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 947.045407] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 947.046589] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 947.047695] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 947.048795] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 947.049923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 947.051034] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:52:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 947.072224] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:52:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 42) 23:52:29 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 947.124830] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 947.143067] FAULT_INJECTION: forcing a failure. 23:52:29 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:52:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)) [ 947.143067] name failslab, interval 1, probability 0, space 0, times 0 [ 947.145466] CPU: 1 PID: 7127 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 947.146844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 947.148513] Call Trace: [ 947.149084] dump_stack+0x107/0x167 [ 947.149830] should_fail.cold+0x5/0xa [ 947.150604] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 947.151772] should_failslab+0x5/0x20 [ 947.152543] kmem_cache_alloc+0x5b/0x360 [ 947.153390] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 947.154527] idr_get_free+0x4b5/0x8f0 [ 947.155331] idr_alloc_u32+0x170/0x2d0 [ 947.156129] ? __fprop_inc_percpu_max+0x130/0x130 [ 947.157120] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 947.158211] ? lock_release+0x6b0/0x6b0 [ 947.159032] idr_alloc+0xc2/0x130 [ 947.159733] ? idr_alloc_u32+0x2d0/0x2d0 [ 947.160553] ? rwlock_bug.part.0+0x90/0x90 [ 947.161455] p9_client_prepare_req.part.0+0x625/0xb30 [ 947.162513] p9_client_rpc+0x220/0x1210 [ 947.163342] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 947.164433] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 947.165390] ? snd_seq_poll+0x15b/0x2d0 [ 947.166197] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 947.167287] ? p9_fd_poll+0x1e0/0x2c0 [ 947.168077] ? p9_fd_create+0x357/0x4a0 [ 947.168887] ? p9_conn_create+0x510/0x510 [ 947.169722] ? p9_client_create+0x798/0x1090 [ 947.170611] ? kfree+0xd7/0x390 [ 947.171285] ? do_raw_spin_unlock+0x4f/0x220 [ 947.172186] p9_client_create+0xa76/0x1090 [ 947.173073] ? p9_client_flush+0x430/0x430 [ 947.173935] ? lockdep_init_map_type+0x2c7/0x780 [ 947.174888] ? rcu_read_lock_sched_held+0x3e/0x80 [ 947.175871] ? __raw_spin_lock_init+0x36/0x110 [ 947.176815] v9fs_session_init+0x1dd/0x16a0 [ 947.177712] ? kmem_cache_alloc_trace+0x151/0x360 [ 947.178689] ? v9fs_show_options+0x690/0x690 [ 947.179605] ? kasan_unpoison_shadow+0x33/0x50 [ 947.180525] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 947.181572] v9fs_mount+0x79/0x8f0 [ 947.182295] ? v9fs_write_inode+0x60/0x60 [ 947.183137] legacy_get_tree+0x105/0x220 [ 947.183964] vfs_get_tree+0x8e/0x300 [ 947.184725] path_mount+0x13be/0x20b0 [ 947.185519] ? strncpy_from_user+0x9e/0x470 [ 947.186407] ? finish_automount+0xa40/0xa40 [ 947.187292] ? getname_flags.part.0+0x1dd/0x4f0 [ 947.188240] ? _copy_from_user+0xfb/0x1b0 [ 947.189108] __x64_sys_mount+0x282/0x300 [ 947.189942] ? copy_mnt_ns+0xa00/0xa00 [ 947.190735] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 947.191798] ? syscall_enter_from_user_mode+0x1d/0x50 [ 947.192864] do_syscall_64+0x33/0x40 [ 947.193620] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 947.194666] RIP: 0033:0x7fbdabcfab19 [ 947.195428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 947.199177] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 947.200717] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 947.202184] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 947.203629] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 947.205075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 947.206524] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 947.210650] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:52:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 43) 23:52:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)) [ 961.543933] FAULT_INJECTION: forcing a failure. [ 961.543933] name failslab, interval 1, probability 0, space 0, times 0 [ 961.545314] CPU: 0 PID: 7149 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 961.546117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 961.547068] Call Trace: [ 961.547374] dump_stack+0x107/0x167 [ 961.547802] should_fail.cold+0x5/0xa [ 961.548247] should_failslab+0x5/0x20 [ 961.548695] __kmalloc_track_caller+0x79/0x3c0 [ 961.549233] ? p9_client_create+0x41d/0x1090 [ 961.549747] kstrdup+0x36/0x70 [ 961.550117] p9_client_create+0x41d/0x1090 [ 961.550605] ? lock_downgrade+0x6d0/0x6d0 [ 961.551059] ? p9_client_flush+0x430/0x430 [ 961.551558] ? lockdep_init_map_type+0x2c7/0x780 [ 961.552098] ? rcu_read_lock_sched_held+0x3e/0x80 [ 961.552663] ? __raw_spin_lock_init+0x36/0x110 [ 961.553213] v9fs_session_init+0x1dd/0x16a0 [ 961.553722] ? kmem_cache_alloc_trace+0x151/0x360 [ 961.554278] ? v9fs_show_options+0x690/0x690 [ 961.554801] ? kasan_unpoison_shadow+0x33/0x50 [ 961.555329] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 961.555919] v9fs_mount+0x79/0x8f0 [ 961.556313] ? v9fs_write_inode+0x60/0x60 [ 961.556794] legacy_get_tree+0x105/0x220 [ 961.557290] vfs_get_tree+0x8e/0x300 [ 961.557719] path_mount+0x13be/0x20b0 [ 961.558175] ? strncpy_from_user+0x9e/0x470 [ 961.558680] ? finish_automount+0xa40/0xa40 [ 961.559188] ? getname_flags.part.0+0x1dd/0x4f0 [ 961.559722] ? _copy_from_user+0xfb/0x1b0 [ 961.560207] __x64_sys_mount+0x282/0x300 [ 961.560671] ? copy_mnt_ns+0xa00/0xa00 [ 961.561119] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 961.561723] ? syscall_enter_from_user_mode+0x1d/0x50 [ 961.562323] do_syscall_64+0x33/0x40 [ 961.562766] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 961.563359] RIP: 0033:0x7fb012c72b19 [ 961.563794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 961.564968] FAULT_INJECTION: forcing a failure. [ 961.564968] name failslab, interval 1, probability 0, space 0, times 0 [ 961.565929] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 961.569096] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 961.569915] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 961.570743] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 961.571582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 961.572394] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 961.573236] CPU: 1 PID: 7153 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 961.574609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 961.576274] Call Trace: [ 961.576820] dump_stack+0x107/0x167 [ 961.577572] should_fail.cold+0x5/0xa [ 961.578345] ? create_object.isra.0+0x3a/0xa20 [ 961.579267] should_failslab+0x5/0x20 [ 961.580036] kmem_cache_alloc+0x5b/0x360 [ 961.580859] create_object.isra.0+0x3a/0xa20 [ 961.581754] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 961.582782] kmem_cache_alloc+0x159/0x360 [ 961.583648] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 961.584776] idr_get_free+0x4b5/0x8f0 [ 961.585586] idr_alloc_u32+0x170/0x2d0 [ 961.586380] ? __fprop_inc_percpu_max+0x130/0x130 [ 961.587369] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 961.588437] ? lock_release+0x6b0/0x6b0 [ 961.589248] idr_alloc+0xc2/0x130 [ 961.589950] ? idr_alloc_u32+0x2d0/0x2d0 [ 961.590763] ? rwlock_bug.part.0+0x90/0x90 [ 961.591622] p9_client_prepare_req.part.0+0x625/0xb30 [ 961.592660] p9_client_rpc+0x220/0x1210 [ 961.593488] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 961.594555] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 961.595488] ? snd_seq_poll+0x15b/0x2d0 [ 961.596314] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 961.597406] ? p9_fd_poll+0x1e0/0x2c0 [ 961.598181] ? p9_fd_create+0x357/0x4a0 [ 961.598980] ? p9_conn_create+0x510/0x510 [ 961.599828] ? p9_client_create+0x798/0x1090 [ 961.600708] ? kfree+0xd7/0x390 [ 961.601388] ? do_raw_spin_unlock+0x4f/0x220 [ 961.602275] p9_client_create+0xa76/0x1090 [ 961.603157] ? p9_client_flush+0x430/0x430 [ 961.604013] ? lockdep_init_map_type+0x2c7/0x780 [ 961.604981] ? rcu_read_lock_sched_held+0x3e/0x80 [ 961.605977] ? __raw_spin_lock_init+0x36/0x110 [ 961.606911] v9fs_session_init+0x1dd/0x16a0 [ 961.607791] ? kmem_cache_alloc_trace+0x151/0x360 [ 961.608770] ? v9fs_show_options+0x690/0x690 [ 961.609683] ? kasan_unpoison_shadow+0x33/0x50 [ 961.610613] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 961.611638] v9fs_mount+0x79/0x8f0 [ 961.612367] ? v9fs_write_inode+0x60/0x60 [ 961.613210] legacy_get_tree+0x105/0x220 [ 961.614044] vfs_get_tree+0x8e/0x300 [ 961.614798] path_mount+0x13be/0x20b0 [ 961.615589] ? strncpy_from_user+0x9e/0x470 [ 961.616460] ? finish_automount+0xa40/0xa40 [ 961.617367] ? getname_flags.part.0+0x1dd/0x4f0 [ 961.618302] ? _copy_from_user+0xfb/0x1b0 [ 961.619164] __x64_sys_mount+0x282/0x300 [ 961.619983] ? copy_mnt_ns+0xa00/0xa00 [ 961.620787] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 961.621852] ? syscall_enter_from_user_mode+0x1d/0x50 [ 961.622918] do_syscall_64+0x33/0x40 [ 961.623670] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 961.624707] RIP: 0033:0x7fbdabcfab19 [ 961.625477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 961.629196] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 961.630731] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 961.632168] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 961.633609] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 961.635045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 961.636479] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 961.642686] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 961.647398] FAT-fs (loop1): Directory bread(block 3) failed 23:52:44 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x5000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:44 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xf, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:44 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:52:44 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 22) 23:52:44 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x7, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:52:44 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) 23:52:44 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:52:44 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x6000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:44 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:52:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 44) [ 961.792947] FAULT_INJECTION: forcing a failure. [ 961.792947] name failslab, interval 1, probability 0, space 0, times 0 [ 961.794236] CPU: 0 PID: 7170 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 961.794992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 961.795891] Call Trace: [ 961.796195] dump_stack+0x107/0x167 [ 961.796606] should_fail.cold+0x5/0xa [ 961.797041] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 961.797674] should_failslab+0x5/0x20 [ 961.798108] kmem_cache_alloc+0x5b/0x360 [ 961.798555] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 961.799171] idr_get_free+0x4b5/0x8f0 [ 961.799612] idr_alloc_u32+0x170/0x2d0 [ 961.800047] ? __fprop_inc_percpu_max+0x130/0x130 [ 961.800578] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 961.801185] ? lock_release+0x6b0/0x6b0 [ 961.801623] idr_alloc+0xc2/0x130 [ 961.802011] ? idr_alloc_u32+0x2d0/0x2d0 [ 961.802461] ? rwlock_bug.part.0+0x90/0x90 [ 961.802938] p9_client_prepare_req.part.0+0x625/0xb30 [ 961.803509] p9_client_rpc+0x220/0x1210 [ 961.803963] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 961.804561] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 961.805089] ? snd_seq_poll+0x15b/0x2d0 [ 961.805536] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 961.806153] ? p9_fd_poll+0x1e0/0x2c0 [ 961.806589] ? p9_fd_create+0x357/0x4a0 [ 961.807055] ? p9_conn_create+0x510/0x510 [ 961.807530] ? p9_client_create+0x798/0x1090 [ 961.808043] ? kfree+0xd7/0x390 [ 961.808411] ? do_raw_spin_unlock+0x4f/0x220 [ 961.808919] p9_client_create+0xa76/0x1090 [ 961.809407] ? p9_client_flush+0x430/0x430 [ 961.809897] ? lockdep_init_map_type+0x2c7/0x780 [ 961.810425] ? rcu_read_lock_sched_held+0x3e/0x80 [ 961.810980] ? __raw_spin_lock_init+0x36/0x110 [ 961.811504] v9fs_session_init+0x1dd/0x16a0 [ 961.812019] ? kmem_cache_alloc_trace+0x151/0x360 [ 961.812554] ? v9fs_show_options+0x690/0x690 [ 961.813092] ? kasan_unpoison_shadow+0x33/0x50 [ 961.813603] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 961.814192] v9fs_mount+0x79/0x8f0 [ 961.814594] ? v9fs_write_inode+0x60/0x60 [ 961.815070] legacy_get_tree+0x105/0x220 [ 961.815532] vfs_get_tree+0x8e/0x300 [ 961.815967] path_mount+0x13be/0x20b0 [ 961.816396] ? strncpy_from_user+0x9e/0x470 [ 961.816900] ? finish_automount+0xa40/0xa40 [ 961.817396] ? getname_flags.part.0+0x1dd/0x4f0 [ 961.817945] ? _copy_from_user+0xfb/0x1b0 [ 961.818415] __x64_sys_mount+0x282/0x300 [ 961.818887] ? copy_mnt_ns+0xa00/0xa00 [ 961.819325] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 961.819939] ? syscall_enter_from_user_mode+0x1d/0x50 [ 961.820517] do_syscall_64+0x33/0x40 [ 961.820946] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 961.821536] RIP: 0033:0x7fbdabcfab19 [ 961.821971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 961.824004] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 961.824896] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 961.825728] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 961.826548] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 961.827379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 961.828204] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 961.829246] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:52:55 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 45) 23:52:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:52:55 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 23) 23:52:55 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:55 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)) 23:52:55 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x7000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:55 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) [ 972.849747] FAULT_INJECTION: forcing a failure. [ 972.849747] name failslab, interval 1, probability 0, space 0, times 0 [ 972.852317] CPU: 1 PID: 7182 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 972.853859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.855714] Call Trace: [ 972.856318] dump_stack+0x107/0x167 [ 972.857164] should_fail.cold+0x5/0xa [ 972.858024] ? create_object.isra.0+0x3a/0xa20 [ 972.859055] should_failslab+0x5/0x20 [ 972.859918] kmem_cache_alloc+0x5b/0x360 [ 972.860834] ? lock_downgrade+0x6d0/0x6d0 [ 972.861781] create_object.isra.0+0x3a/0xa20 [ 972.862777] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.863926] __kmalloc_track_caller+0x177/0x3c0 [ 972.864971] ? p9_client_create+0x41d/0x1090 [ 972.865979] kstrdup+0x36/0x70 [ 972.866709] p9_client_create+0x41d/0x1090 [ 972.867659] ? lock_downgrade+0x6d0/0x6d0 [ 972.868590] ? p9_client_flush+0x430/0x430 [ 972.869567] ? lockdep_init_map_type+0x2c7/0x780 [ 972.870625] ? rcu_read_lock_sched_held+0x3e/0x80 [ 972.871707] ? __raw_spin_lock_init+0x36/0x110 [ 972.872741] v9fs_session_init+0x1dd/0x16a0 [ 972.873725] ? kmem_cache_alloc_trace+0x151/0x360 [ 972.874802] ? v9fs_show_options+0x690/0x690 [ 972.875806] ? kasan_unpoison_shadow+0x33/0x50 [ 972.876827] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.877982] v9fs_mount+0x79/0x8f0 [ 972.878774] ? v9fs_write_inode+0x60/0x60 [ 972.879706] legacy_get_tree+0x105/0x220 [ 972.880622] vfs_get_tree+0x8e/0x300 [ 972.881457] path_mount+0x13be/0x20b0 [ 972.882313] ? strncpy_from_user+0x9e/0x470 [ 972.883305] ? finish_automount+0xa40/0xa40 [ 972.884295] ? getname_flags.part.0+0x1dd/0x4f0 [ 972.885401] ? _copy_from_user+0xfb/0x1b0 [ 972.886335] __x64_sys_mount+0x282/0x300 [ 972.887271] ? copy_mnt_ns+0xa00/0xa00 [ 972.888130] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.889309] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.890476] do_syscall_64+0x33/0x40 [ 972.891310] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 972.892447] RIP: 0033:0x7fb012c72b19 [ 972.893286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.897549] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 972.899164] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 972.900580] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 972.901984] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 972.903423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 972.904869] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:52:55 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x9, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:52:55 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xc0, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 972.916520] FAULT_INJECTION: forcing a failure. [ 972.916520] name failslab, interval 1, probability 0, space 0, times 0 [ 972.918267] CPU: 0 PID: 7186 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 972.919326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.920607] Call Trace: [ 972.921022] dump_stack+0x107/0x167 [ 972.921595] should_fail.cold+0x5/0xa [ 972.922191] ? ___slab_alloc+0x155/0x700 [ 972.922836] ? create_object.isra.0+0x3a/0xa20 [ 972.923559] should_failslab+0x5/0x20 [ 972.924149] kmem_cache_alloc+0x5b/0x360 [ 972.924789] create_object.isra.0+0x3a/0xa20 [ 972.925482] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.926302] kmem_cache_alloc+0x159/0x360 [ 972.926965] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 972.927847] idr_get_free+0x4b5/0x8f0 [ 972.928461] idr_alloc_u32+0x170/0x2d0 [ 972.929057] ? __fprop_inc_percpu_max+0x130/0x130 [ 972.929846] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 972.930705] ? lock_release+0x6b0/0x6b0 [ 972.931347] idr_alloc+0xc2/0x130 [ 972.931893] ? idr_alloc_u32+0x2d0/0x2d0 [ 972.932524] ? rwlock_bug.part.0+0x90/0x90 [ 972.933169] p9_client_prepare_req.part.0+0x625/0xb30 [ 972.933995] p9_client_rpc+0x220/0x1210 [ 972.934639] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 972.935487] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 972.936228] ? snd_seq_poll+0x15b/0x2d0 [ 972.936870] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 972.937737] ? p9_fd_poll+0x1e0/0x2c0 [ 972.938366] ? p9_fd_create+0x357/0x4a0 [ 972.938995] ? p9_conn_create+0x510/0x510 [ 972.939668] ? p9_client_create+0x798/0x1090 [ 972.940374] ? kfree+0xd7/0x390 [ 972.940891] ? do_raw_spin_unlock+0x4f/0x220 [ 972.941607] p9_client_create+0xa76/0x1090 [ 972.942290] ? p9_client_flush+0x430/0x430 [ 972.942968] ? lockdep_init_map_type+0x2c7/0x780 [ 972.943726] ? rcu_read_lock_sched_held+0x3e/0x80 [ 972.944489] ? __raw_spin_lock_init+0x36/0x110 [ 972.945222] v9fs_session_init+0x1dd/0x16a0 [ 972.945906] ? kmem_cache_alloc_trace+0x151/0x360 [ 972.946687] ? v9fs_show_options+0x690/0x690 [ 972.947406] ? kasan_unpoison_shadow+0x33/0x50 [ 972.948137] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.948925] v9fs_mount+0x79/0x8f0 [ 972.949496] ? v9fs_write_inode+0x60/0x60 [ 972.950153] legacy_get_tree+0x105/0x220 [ 972.950786] vfs_get_tree+0x8e/0x300 [ 972.951365] path_mount+0x13be/0x20b0 [ 972.951958] ? strncpy_from_user+0x9e/0x470 [ 972.952640] ? finish_automount+0xa40/0xa40 [ 972.953325] ? getname_flags.part.0+0x1dd/0x4f0 [ 972.954045] ? _copy_from_user+0xfb/0x1b0 [ 972.954697] __x64_sys_mount+0x282/0x300 [ 972.955336] ? copy_mnt_ns+0xa00/0xa00 [ 972.955950] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.956766] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.957585] do_syscall_64+0x33/0x40 [ 972.958163] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 972.958957] RIP: 0033:0x7fbdabcfab19 [ 972.959538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.962420] RSP: 002b:00007fbda9270188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 23:52:55 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 972.963617] RAX: ffffffffffffffda RBX: 00007fbdabe0df60 RCX: 00007fbdabcfab19 [ 972.964806] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 972.965916] RBP: 00007fbda92701d0 R08: 0000000020000180 R09: 0000000000000000 [ 972.967003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 972.968093] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 [ 972.969475] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 972.979850] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 972.983692] FAT-fs (loop1): Directory bread(block 3) failed 23:52:55 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 24) 23:52:55 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 46) [ 973.100239] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 973.101771] FAULT_INJECTION: forcing a failure. [ 973.101771] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 973.103621] CPU: 0 PID: 7208 Comm: syz-executor.4 Not tainted 5.10.161 #1 [ 973.104678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 973.105953] Call Trace: [ 973.106375] dump_stack+0x107/0x167 [ 973.106929] should_fail.cold+0x5/0xa [ 973.107512] _copy_to_user+0x2e/0x180 [ 973.108108] simple_read_from_buffer+0xcc/0x160 [ 973.108829] proc_fail_nth_read+0x198/0x230 [ 973.109497] ? proc_sessionid_read+0x230/0x230 [ 973.110193] ? security_file_permission+0x24e/0x570 [ 973.110933] ? perf_trace_initcall_start+0x101/0x380 [ 973.111704] ? proc_sessionid_read+0x230/0x230 [ 973.112383] vfs_read+0x228/0x580 [ 973.112915] ksys_read+0x12d/0x260 [ 973.113454] ? vfs_write+0xa30/0xa30 [ 973.114025] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 973.114805] ? syscall_enter_from_user_mode+0x1d/0x50 [ 973.115590] do_syscall_64+0x33/0x40 [ 973.116144] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 973.116926] RIP: 0033:0x7fbdabcad69c [ 973.117499] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 973.120334] RSP: 002b:00007fbda9270170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 973.121462] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fbdabcad69c [ 973.122516] RDX: 000000000000000f RSI: 00007fbda92701e0 RDI: 0000000000000004 [ 973.123564] RBP: 00007fbda92701d0 R08: 0000000000000000 R09: 0000000000000000 [ 973.124605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 973.125708] R13: 00007fff51eaab1f R14: 00007fbda9270300 R15: 0000000000022000 23:52:55 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0400178008000500"], 0x28}}, 0x0) [ 973.147288] FAULT_INJECTION: forcing a failure. 23:52:55 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 973.147288] name failslab, interval 1, probability 0, space 0, times 0 [ 973.149946] CPU: 1 PID: 7209 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 973.151389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 23:52:55 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:52:55 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x9000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:52:55 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xec0, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 973.153154] Call Trace: [ 973.153803] dump_stack+0x107/0x167 [ 973.154589] should_fail.cold+0x5/0xa [ 973.155410] should_failslab+0x5/0x20 [ 973.156231] __kmalloc_track_caller+0x79/0x3c0 [ 973.157230] ? p9_client_create+0x51e/0x1090 [ 973.158179] kmemdup_nul+0x2d/0xa0 [ 973.158931] p9_client_create+0x51e/0x1090 [ 973.159853] ? p9_client_flush+0x430/0x430 [ 973.160851] ? lockdep_init_map_type+0x2c7/0x780 [ 973.161940] ? rcu_read_lock_sched_held+0x3e/0x80 [ 973.162968] ? __raw_spin_lock_init+0x36/0x110 [ 973.163955] v9fs_session_init+0x1dd/0x16a0 [ 973.164883] ? kmem_cache_alloc_trace+0x151/0x360 [ 973.165920] ? v9fs_show_options+0x690/0x690 [ 973.166931] ? kasan_unpoison_shadow+0x33/0x50 [ 973.168018] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 973.169094] v9fs_mount+0x79/0x8f0 [ 973.169864] ? v9fs_write_inode+0x60/0x60 [ 973.170751] legacy_get_tree+0x105/0x220 [ 973.171735] vfs_get_tree+0x8e/0x300 [ 973.172519] path_mount+0x13be/0x20b0 [ 973.173343] ? strncpy_from_user+0x9e/0x470 [ 973.174256] ? finish_automount+0xa40/0xa40 [ 973.175167] ? getname_flags.part.0+0x1dd/0x4f0 [ 973.176143] ? _copy_from_user+0xfb/0x1b0 [ 973.177022] __x64_sys_mount+0x282/0x300 [ 973.177938] ? copy_mnt_ns+0xa00/0xa00 [ 973.178814] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 973.179966] ? syscall_enter_from_user_mode+0x1d/0x50 [ 973.181046] do_syscall_64+0x33/0x40 [ 973.181845] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 973.182916] RIP: 0033:0x7fb012c72b19 [ 973.183836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 973.188033] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 973.189699] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 973.191241] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 973.192749] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 973.194278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 973.195763] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:53:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:06 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 25) 23:53:06 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 1) 23:53:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x33fe0, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x10, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 983.678315] FAULT_INJECTION: forcing a failure. [ 983.678315] name failslab, interval 1, probability 0, space 0, times 0 [ 983.679646] CPU: 1 PID: 7232 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 983.680364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 983.681282] Call Trace: [ 983.681590] dump_stack+0x107/0x167 [ 983.681992] should_fail.cold+0x5/0xa [ 983.682411] ? create_object.isra.0+0x3a/0xa20 [ 983.682918] should_failslab+0x5/0x20 [ 983.683340] kmem_cache_alloc+0x5b/0x360 [ 983.683796] create_object.isra.0+0x3a/0xa20 [ 983.684275] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 983.684829] __kmalloc_track_caller+0x177/0x3c0 [ 983.685358] ? p9_client_create+0x51e/0x1090 [ 983.685843] kmemdup_nul+0x2d/0xa0 [ 983.686217] p9_client_create+0x51e/0x1090 [ 983.686686] ? p9_client_flush+0x430/0x430 [ 983.687158] ? lockdep_init_map_type+0x2c7/0x780 [ 983.687672] ? rcu_read_lock_sched_held+0x3e/0x80 [ 983.688199] ? __raw_spin_lock_init+0x36/0x110 [ 983.688704] v9fs_session_init+0x1dd/0x16a0 [ 983.689181] ? kmem_cache_alloc_trace+0x151/0x360 [ 983.689706] ? v9fs_show_options+0x690/0x690 [ 983.690202] ? kasan_unpoison_shadow+0x33/0x50 [ 983.690685] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 983.691251] v9fs_mount+0x79/0x8f0 [ 983.691628] ? v9fs_write_inode+0x60/0x60 [ 983.692090] legacy_get_tree+0x105/0x220 [ 983.692519] vfs_get_tree+0x8e/0x300 [ 983.692943] path_mount+0x13be/0x20b0 [ 983.693358] ? strncpy_from_user+0x9e/0x470 [ 983.693839] ? finish_automount+0xa40/0xa40 [ 983.694321] ? getname_flags.part.0+0x1dd/0x4f0 [ 983.694827] ? _copy_from_user+0xfb/0x1b0 [ 983.695281] __x64_sys_mount+0x282/0x300 [ 983.695724] ? copy_mnt_ns+0xa00/0xa00 [ 983.696151] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 983.696722] ? syscall_enter_from_user_mode+0x1d/0x50 [ 983.697292] do_syscall_64+0x33/0x40 [ 983.697697] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 983.698257] RIP: 0033:0x7fb012c72b19 [ 983.698666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 983.698955] FAULT_INJECTION: forcing a failure. [ 983.698955] name failslab, interval 1, probability 0, space 0, times 0 [ 983.700654] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 983.700665] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 983.700671] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 983.700677] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 983.700683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 983.700699] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 983.707802] CPU: 0 PID: 7242 Comm: syz-executor.1 Not tainted 5.10.161 #1 23:53:06 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 983.709292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 983.711034] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 983.711187] Call Trace: [ 983.712619] dump_stack+0x107/0x167 [ 983.713426] should_fail.cold+0x5/0xa [ 983.714254] ? __do_sys_memfd_create+0xfb/0x450 [ 983.715266] should_failslab+0x5/0x20 [ 983.716094] __kmalloc+0x72/0x3f0 [ 983.716855] __do_sys_memfd_create+0xfb/0x450 [ 983.717837] ? ksys_write+0x1a9/0x260 [ 983.718666] ? memfd_file_seals_ptr+0x170/0x170 [ 983.719700] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 983.720838] ? syscall_enter_from_user_mode+0x1d/0x50 [ 983.722005] do_syscall_64+0x33/0x40 [ 983.722817] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 983.723947] RIP: 0033:0x7f21cd568b19 [ 983.724758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 983.728806] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 983.730475] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 983.732045] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 983.733599] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 983.735163] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 983.736712] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 23:53:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x20000068, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 983.753290] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 23:53:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x700, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x900, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:06 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x9effffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x7ffff000, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:06 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 983.844208] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:53:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:06 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 26) 23:53:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xfffffdef, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 983.908058] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 983.929270] FAULT_INJECTION: forcing a failure. [ 983.929270] name failslab, interval 1, probability 0, space 0, times 0 [ 983.930599] CPU: 1 PID: 7278 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 983.931364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 983.932298] Call Trace: [ 983.932602] dump_stack+0x107/0x167 [ 983.933016] should_fail.cold+0x5/0xa [ 983.933462] should_failslab+0x5/0x20 [ 983.933890] __kmalloc_track_caller+0x79/0x3c0 [ 983.934406] ? parse_opts.part.0+0x8e/0x340 [ 983.934894] kstrdup+0x36/0x70 [ 983.935259] parse_opts.part.0+0x8e/0x340 [ 983.935724] ? p9_fd_show_options+0x1c0/0x1c0 [ 983.936215] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 983.936807] ? quarantine_put+0x8b/0x1a0 [ 983.937265] ? trace_hardirqs_on+0x5b/0x180 [ 983.937762] ? kfree+0xd7/0x390 [ 983.938141] p9_fd_create+0x98/0x4a0 [ 983.938555] ? p9_conn_create+0x510/0x510 [ 983.939021] ? p9_client_create+0x798/0x1090 [ 983.939512] ? kfree+0xd7/0x390 [ 983.939884] ? do_raw_spin_unlock+0x4f/0x220 [ 983.940379] p9_client_create+0x7ff/0x1090 [ 983.940826] ? p9_client_flush+0x430/0x430 [ 983.941318] ? lockdep_init_map_type+0x2c7/0x780 [ 983.941851] ? rcu_read_lock_sched_held+0x3e/0x80 [ 983.942402] ? __raw_spin_lock_init+0x36/0x110 [ 983.942921] v9fs_session_init+0x1dd/0x16a0 [ 983.943408] ? kmem_cache_alloc_trace+0x151/0x360 [ 983.943944] ? v9fs_show_options+0x690/0x690 [ 983.944456] ? kasan_unpoison_shadow+0x33/0x50 [ 983.944963] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 983.945534] v9fs_mount+0x79/0x8f0 [ 983.945936] ? v9fs_write_inode+0x60/0x60 [ 983.946397] legacy_get_tree+0x105/0x220 [ 983.946853] vfs_get_tree+0x8e/0x300 [ 983.947276] path_mount+0x13be/0x20b0 [ 983.947700] ? strncpy_from_user+0x9e/0x470 [ 983.948179] ? finish_automount+0xa40/0xa40 [ 983.948661] ? getname_flags.part.0+0x1dd/0x4f0 [ 983.949185] ? _copy_from_user+0xfb/0x1b0 [ 983.949634] __x64_sys_mount+0x282/0x300 [ 983.950093] ? copy_mnt_ns+0xa00/0xa00 [ 983.950528] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 983.951110] ? syscall_enter_from_user_mode+0x1d/0x50 [ 983.951683] do_syscall_64+0x33/0x40 [ 983.952105] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 983.952685] RIP: 0033:0x7fb012c72b19 [ 983.953102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 983.955027] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 983.955886] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 983.956689] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 983.957501] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 983.958260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 983.959065] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 983.959978] 9pnet: Insufficient options for proto=fd 23:53:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 2) 23:53:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x7, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 984.017968] FAULT_INJECTION: forcing a failure. [ 984.017968] name failslab, interval 1, probability 0, space 0, times 0 [ 984.019226] CPU: 1 PID: 7286 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 984.019984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 984.020895] Call Trace: [ 984.021190] dump_stack+0x107/0x167 [ 984.021607] should_fail.cold+0x5/0xa [ 984.022024] ? create_object.isra.0+0x3a/0xa20 [ 984.022541] should_failslab+0x5/0x20 [ 984.022971] kmem_cache_alloc+0x5b/0x360 [ 984.023442] create_object.isra.0+0x3a/0xa20 [ 984.023943] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 984.024519] __kmalloc+0x16e/0x3f0 [ 984.024931] __do_sys_memfd_create+0xfb/0x450 [ 984.025422] ? ksys_write+0x1a9/0x260 [ 984.025854] ? memfd_file_seals_ptr+0x170/0x170 [ 984.026388] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 984.026967] ? syscall_enter_from_user_mode+0x1d/0x50 [ 984.027541] do_syscall_64+0x33/0x40 [ 984.027953] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 984.028527] RIP: 0033:0x7f21cd568b19 [ 984.028937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 984.030939] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 984.031780] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 984.032585] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 984.033399] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 984.034209] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 984.035017] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 984.078644] FAT-fs (loop1): Directory bread(block 3) failed [ 995.020145] FAULT_INJECTION: forcing a failure. [ 995.020145] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 995.021493] CPU: 1 PID: 7295 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 995.022253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 995.023125] Call Trace: [ 995.023411] dump_stack+0x107/0x167 [ 995.023800] should_fail.cold+0x5/0xa [ 995.024216] _copy_from_user+0x2e/0x1b0 [ 995.024652] __do_sys_memfd_create+0x16d/0x450 [ 995.025143] ? memfd_file_seals_ptr+0x170/0x170 [ 995.025652] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 995.026212] ? syscall_enter_from_user_mode+0x1d/0x50 [ 995.026752] do_syscall_64+0x33/0x40 [ 995.027144] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 995.027687] RIP: 0033:0x7f21cd568b19 [ 995.028084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 995.030038] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 995.030833] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 995.031589] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 995.032345] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 995.033098] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 995.033863] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 23:53:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 3) 23:53:17 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xe1000000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 27) 23:53:17 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:17 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:17 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1020, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 995.060308] FAULT_INJECTION: forcing a failure. [ 995.060308] name failslab, interval 1, probability 0, space 0, times 0 [ 995.061588] CPU: 1 PID: 7305 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 995.062308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 995.063177] Call Trace: [ 995.063456] dump_stack+0x107/0x167 [ 995.063845] should_fail.cold+0x5/0xa [ 995.064257] ? create_object.isra.0+0x3a/0xa20 [ 995.064739] should_failslab+0x5/0x20 [ 995.065147] kmem_cache_alloc+0x5b/0x360 [ 995.065589] ? legacy_get_tree+0x105/0x220 [ 995.066037] ? vfs_get_tree+0x8e/0x300 [ 995.066447] create_object.isra.0+0x3a/0xa20 [ 995.066698] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 995.066917] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 995.066938] __kmalloc_track_caller+0x177/0x3c0 [ 995.069767] ? parse_opts.part.0+0x8e/0x340 [ 995.070237] kstrdup+0x36/0x70 [ 995.070581] parse_opts.part.0+0x8e/0x340 [ 995.071021] ? p9_fd_show_options+0x1c0/0x1c0 [ 995.071501] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 995.072054] ? quarantine_put+0x8b/0x1a0 [ 995.072484] ? trace_hardirqs_on+0x5b/0x180 [ 995.072940] ? kfree+0xd7/0x390 [ 995.073303] p9_fd_create+0x98/0x4a0 [ 995.073707] ? p9_conn_create+0x510/0x510 [ 995.074144] ? p9_client_create+0x798/0x1090 [ 995.074613] ? kfree+0xd7/0x390 [ 995.074969] ? do_raw_spin_unlock+0x4f/0x220 [ 995.075442] p9_client_create+0x7ff/0x1090 [ 995.075900] ? p9_client_flush+0x430/0x430 [ 995.076355] ? lockdep_init_map_type+0x2c7/0x780 [ 995.076860] ? rcu_read_lock_sched_held+0x3e/0x80 [ 995.077375] ? __raw_spin_lock_init+0x36/0x110 [ 995.077885] v9fs_session_init+0x1dd/0x16a0 [ 995.078348] ? kmem_cache_alloc_trace+0x151/0x360 [ 995.078858] ? v9fs_show_options+0x690/0x690 [ 995.079339] ? kasan_unpoison_shadow+0x33/0x50 [ 995.079828] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 995.080361] v9fs_mount+0x79/0x8f0 [ 995.080737] ? v9fs_write_inode+0x60/0x60 [ 995.081177] legacy_get_tree+0x105/0x220 [ 995.081623] vfs_get_tree+0x8e/0x300 [ 995.082029] path_mount+0x13be/0x20b0 [ 995.082445] ? strncpy_from_user+0x9e/0x470 [ 995.082905] ? finish_automount+0xa40/0xa40 [ 995.083369] ? getname_flags.part.0+0x1dd/0x4f0 [ 995.083860] ? _copy_from_user+0xfb/0x1b0 [ 995.084302] __x64_sys_mount+0x282/0x300 [ 995.084731] ? copy_mnt_ns+0xa00/0xa00 [ 995.085146] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 995.085706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 995.086263] do_syscall_64+0x33/0x40 [ 995.086656] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 995.087193] RIP: 0033:0x7fb012c72b19 [ 995.087589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 995.089529] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 995.090339] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 995.091083] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 995.091838] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 995.092582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 995.093335] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:53:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:17 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x2, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:17 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 995.223779] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:53:28 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x9, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:28 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:28 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 28) 23:53:28 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1006.198070] FAULT_INJECTION: forcing a failure. [ 1006.198070] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.200660] CPU: 1 PID: 7334 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1006.202180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1006.203982] Call Trace: [ 1006.204564] dump_stack+0x107/0x167 [ 1006.205357] should_fail.cold+0x5/0xa [ 1006.206197] ? shmem_alloc_inode+0x18/0x40 [ 1006.207132] should_failslab+0x5/0x20 [ 1006.207970] kmem_cache_alloc+0x5b/0x360 [ 1006.208868] ? shmem_destroy_inode+0x70/0x70 [ 1006.209835] shmem_alloc_inode+0x18/0x40 [ 1006.210715] ? shmem_destroy_inode+0x70/0x70 [ 1006.211669] alloc_inode+0x63/0x240 [ 1006.212458] new_inode+0x23/0x250 [ 1006.213218] shmem_get_inode+0x15e/0xbc0 [ 1006.214129] __shmem_file_setup+0xb8/0x320 [ 1006.215047] ? _copy_from_user+0xfb/0x1b0 [ 1006.215953] __do_sys_memfd_create+0x275/0x450 [ 1006.216946] ? memfd_file_seals_ptr+0x170/0x170 [ 1006.217968] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.219108] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1006.220232] do_syscall_64+0x33/0x40 [ 1006.221043] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1006.222162] RIP: 0033:0x7f21cd568b19 [ 1006.222973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.227002] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1006.228691] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1006.230267] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1006.231822] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1006.233395] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1006.234978] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 23:53:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 4) 23:53:28 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x3, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:28 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:28 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xf0ffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1006.253554] FAULT_INJECTION: forcing a failure. [ 1006.253554] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.256361] CPU: 1 PID: 7341 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1006.257860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1006.259679] Call Trace: [ 1006.260258] dump_stack+0x107/0x167 [ 1006.261065] should_fail.cold+0x5/0xa [ 1006.261921] should_failslab+0x5/0x20 [ 1006.262758] __kmalloc_track_caller+0x79/0x3c0 [ 1006.263749] ? match_number+0xaf/0x1d0 [ 1006.264616] kmemdup_nul+0x2d/0xa0 [ 1006.265397] match_number+0xaf/0x1d0 [ 1006.266219] ? match_u64+0x190/0x190 [ 1006.267068] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 1006.268119] ? memcpy+0x39/0x60 [ 1006.268860] parse_opts.part.0+0x1f3/0x340 [ 1006.269808] ? p9_fd_show_options+0x1c0/0x1c0 [ 1006.270811] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.271970] ? trace_hardirqs_on+0x5b/0x180 [ 1006.272926] ? kfree+0xd7/0x390 [ 1006.273669] p9_fd_create+0x98/0x4a0 [ 1006.274486] ? p9_conn_create+0x510/0x510 [ 1006.275392] ? p9_client_create+0x798/0x1090 [ 1006.276360] ? kfree+0xd7/0x390 [ 1006.277090] ? do_raw_spin_unlock+0x4f/0x220 [ 1006.278086] p9_client_create+0x7ff/0x1090 [ 1006.279030] ? p9_client_flush+0x430/0x430 [ 1006.279950] ? lockdep_init_map_type+0x2c7/0x780 [ 1006.280996] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1006.282053] ? __raw_spin_lock_init+0x36/0x110 [ 1006.283069] v9fs_session_init+0x1dd/0x16a0 [ 1006.284010] ? kmem_cache_alloc_trace+0x151/0x360 [ 1006.285071] ? v9fs_show_options+0x690/0x690 [ 1006.286064] ? kasan_unpoison_shadow+0x33/0x50 [ 1006.287067] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1006.288169] v9fs_mount+0x79/0x8f0 [ 1006.288955] ? v9fs_write_inode+0x60/0x60 [ 1006.289870] legacy_get_tree+0x105/0x220 [ 1006.290768] vfs_get_tree+0x8e/0x300 [ 1006.291592] path_mount+0x13be/0x20b0 [ 1006.292433] ? strncpy_from_user+0x9e/0x470 [ 1006.293386] ? finish_automount+0xa40/0xa40 [ 1006.294343] ? getname_flags.part.0+0x1dd/0x4f0 [ 1006.295360] ? _copy_from_user+0xfb/0x1b0 [ 1006.296284] __x64_sys_mount+0x282/0x300 [ 1006.297184] ? copy_mnt_ns+0xa00/0xa00 [ 1006.298075] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.299242] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1006.300372] do_syscall_64+0x33/0x40 [ 1006.301196] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1006.302330] RIP: 0033:0x7fb012c72b19 [ 1006.303146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.307222] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1006.308869] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1006.310432] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1006.311994] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1006.313549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1006.315098] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:53:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:29 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:29 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2010, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:29 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x4, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:29 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xfffff000, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:29 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 5) 23:53:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1006.468884] 9pnet: Insufficient options for proto=fd [ 1006.504732] FAULT_INJECTION: forcing a failure. [ 1006.504732] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.507384] CPU: 1 PID: 7365 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1006.508929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1006.510831] Call Trace: [ 1006.511444] dump_stack+0x107/0x167 [ 1006.512277] should_fail.cold+0x5/0xa [ 1006.513159] ? create_object.isra.0+0x3a/0xa20 [ 1006.514211] should_failslab+0x5/0x20 [ 1006.515075] kmem_cache_alloc+0x5b/0x360 [ 1006.516006] create_object.isra.0+0x3a/0xa20 [ 1006.516997] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1006.518161] kmem_cache_alloc+0x159/0x360 [ 1006.519095] ? shmem_destroy_inode+0x70/0x70 [ 1006.520112] shmem_alloc_inode+0x18/0x40 [ 1006.521006] ? shmem_destroy_inode+0x70/0x70 [ 1006.522006] alloc_inode+0x63/0x240 [ 1006.522829] new_inode+0x23/0x250 [ 1006.523634] shmem_get_inode+0x15e/0xbc0 [ 1006.524583] __shmem_file_setup+0xb8/0x320 [ 1006.525535] ? _copy_from_user+0xfb/0x1b0 [ 1006.526497] __do_sys_memfd_create+0x275/0x450 [ 1006.527539] ? memfd_file_seals_ptr+0x170/0x170 [ 1006.528594] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.529825] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1006.529970] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1006.530947] do_syscall_64+0x33/0x40 [ 1006.530970] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1006.530992] RIP: 0033:0x7f21cd568b19 [ 1006.535503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.539621] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1006.541253] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1006.542848] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1006.544455] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1006.546097] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1006.547715] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1006.589901] FAT-fs (loop1): Directory bread(block 3) failed 23:53:40 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 6) 23:53:40 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xffffff7f, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:40 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:40 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:40 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x10, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:40 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 29) 23:53:40 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x5, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1018.179934] FAULT_INJECTION: forcing a failure. [ 1018.179934] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.182262] CPU: 1 PID: 7386 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1018.183625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1018.185263] Call Trace: [ 1018.185830] dump_stack+0x107/0x167 [ 1018.186567] should_fail.cold+0x5/0xa [ 1018.187339] ? security_inode_alloc+0x34/0x160 [ 1018.188255] should_failslab+0x5/0x20 [ 1018.189011] kmem_cache_alloc+0x5b/0x360 [ 1018.190031] security_inode_alloc+0x34/0x160 [ 1018.190922] inode_init_always+0xa4e/0xd10 [ 1018.191955] ? shmem_destroy_inode+0x70/0x70 [ 1018.192837] alloc_inode+0x84/0x240 [ 1018.193749] new_inode+0x23/0x250 [ 1018.194613] shmem_get_inode+0x15e/0xbc0 [ 1018.195622] __shmem_file_setup+0xb8/0x320 [ 1018.196650] ? _copy_from_user+0xfb/0x1b0 [ 1018.197486] __do_sys_memfd_create+0x275/0x450 [ 1018.198458] ? memfd_file_seals_ptr+0x170/0x170 [ 1018.199407] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1018.200460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1018.201503] do_syscall_64+0x33/0x40 [ 1018.202273] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1018.203301] RIP: 0033:0x7f21cd568b19 [ 1018.204054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1018.207750] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1018.209270] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1018.210731] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1018.212151] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1018.213578] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1018.215022] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1018.235514] FAULT_INJECTION: forcing a failure. [ 1018.235514] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.237826] CPU: 1 PID: 7400 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1018.239197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1018.240862] Call Trace: [ 1018.241417] dump_stack+0x107/0x167 [ 1018.242165] should_fail.cold+0x5/0xa [ 1018.242932] ? create_object.isra.0+0x3a/0xa20 [ 1018.243844] should_failslab+0x5/0x20 [ 1018.244602] kmem_cache_alloc+0x5b/0x360 [ 1018.245417] create_object.isra.0+0x3a/0xa20 [ 1018.246301] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1018.247320] __kmalloc_track_caller+0x177/0x3c0 [ 1018.248248] ? match_number+0xaf/0x1d0 [ 1018.249034] kmemdup_nul+0x2d/0xa0 [ 1018.249750] match_number+0xaf/0x1d0 [ 1018.250499] ? match_u64+0x190/0x190 [ 1018.251240] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 1018.252206] ? memcpy+0x39/0x60 [ 1018.252872] parse_opts.part.0+0x1f3/0x340 [ 1018.253739] ? p9_fd_show_options+0x1c0/0x1c0 [ 1018.254645] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1018.255693] ? trace_hardirqs_on+0x5b/0x180 [ 1018.256577] ? kfree+0xd7/0x390 [ 1018.257253] p9_fd_create+0x98/0x4a0 [ 1018.258001] ? p9_conn_create+0x510/0x510 [ 1018.258823] ? p9_client_create+0x798/0x1090 [ 1018.259700] ? kfree+0xd7/0x390 [ 1018.260360] ? do_raw_spin_unlock+0x4f/0x220 [ 1018.261242] p9_client_create+0x7ff/0x1090 [ 1018.262102] ? p9_client_flush+0x430/0x430 [ 1018.262954] ? lockdep_init_map_type+0x2c7/0x780 [ 1018.263901] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1018.264864] ? __raw_spin_lock_init+0x36/0x110 [ 1018.265795] v9fs_session_init+0x1dd/0x16a0 [ 1018.266670] ? kmem_cache_alloc_trace+0x151/0x360 [ 1018.267634] ? v9fs_show_options+0x690/0x690 [ 1018.268529] ? kasan_unpoison_shadow+0x33/0x50 [ 1018.269440] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1018.270466] v9fs_mount+0x79/0x8f0 [ 1018.271177] ? v9fs_write_inode+0x60/0x60 [ 1018.272007] legacy_get_tree+0x105/0x220 [ 1018.272848] vfs_get_tree+0x8e/0x300 [ 1018.273595] path_mount+0x13be/0x20b0 [ 1018.274386] ? strncpy_from_user+0x9e/0x470 [ 1018.275249] ? finish_automount+0xa40/0xa40 [ 1018.276112] ? getname_flags.part.0+0x1dd/0x4f0 [ 1018.277042] ? _copy_from_user+0xfb/0x1b0 [ 1018.277888] __x64_sys_mount+0x282/0x300 [ 1018.278706] ? copy_mnt_ns+0xa00/0xa00 [ 1018.279520] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1018.280640] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1018.281757] do_syscall_64+0x33/0x40 [ 1018.282542] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1018.283617] RIP: 0033:0x7fb012c72b19 [ 1018.284400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1018.288311] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1018.289889] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1018.291349] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1018.292812] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1018.294287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1018.295757] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1018.300243] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 23:53:41 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x6, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:41 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:41 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xffffff9e, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x700, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:41 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xedc0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:41 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:41 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xfffffff0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1018.426933] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 23:53:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x900, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1018.494013] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:53:53 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 30) 23:53:53 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1030.912316] FAULT_INJECTION: forcing a failure. [ 1030.912316] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.914693] CPU: 1 PID: 7443 Comm: syz-executor.1 Not tainted 5.10.161 #1 23:53:53 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x80000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:53 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0xffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:53 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x7, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:53 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:53:53 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 7) [ 1030.916070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1030.917981] Call Trace: [ 1030.918533] dump_stack+0x107/0x167 [ 1030.919286] should_fail.cold+0x5/0xa [ 1030.920078] ? create_object.isra.0+0x3a/0xa20 [ 1030.921025] should_failslab+0x5/0x20 [ 1030.921808] kmem_cache_alloc+0x5b/0x360 [ 1030.922676] create_object.isra.0+0x3a/0xa20 [ 1030.923579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1030.924627] kmem_cache_alloc+0x159/0x360 [ 1030.925492] security_inode_alloc+0x34/0x160 [ 1030.926409] inode_init_always+0xa4e/0xd10 [ 1030.927269] ? shmem_destroy_inode+0x70/0x70 [ 1030.928163] alloc_inode+0x84/0x240 [ 1030.928905] new_inode+0x23/0x250 [ 1030.929615] shmem_get_inode+0x15e/0xbc0 [ 1030.930475] __shmem_file_setup+0xb8/0x320 [ 1030.930563] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1030.931349] ? _copy_from_user+0xfb/0x1b0 [ 1030.931371] __do_sys_memfd_create+0x275/0x450 [ 1030.931396] ? memfd_file_seals_ptr+0x170/0x170 [ 1030.935852] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1030.936930] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1030.938001] do_syscall_64+0x33/0x40 [ 1030.938760] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1030.939814] RIP: 0033:0x7f21cd568b19 [ 1030.940572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1030.944388] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1030.945958] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1030.947401] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1030.948858] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1030.950339] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1030.951803] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1030.960304] FAULT_INJECTION: forcing a failure. [ 1030.960304] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.962664] CPU: 1 PID: 7448 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1030.964069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1030.965778] Call Trace: [ 1030.966323] dump_stack+0x107/0x167 [ 1030.967079] should_fail.cold+0x5/0xa [ 1030.967872] should_failslab+0x5/0x20 [ 1030.968657] __kmalloc_track_caller+0x79/0x3c0 [ 1030.969586] ? match_number+0xaf/0x1d0 [ 1030.970404] ? kfree+0xd7/0x390 [ 1030.971081] kmemdup_nul+0x2d/0xa0 [ 1030.971813] match_number+0xaf/0x1d0 [ 1030.972572] ? match_u64+0x190/0x190 [ 1030.973343] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 1030.974338] ? memcpy+0x39/0x60 [ 1030.975015] parse_opts.part.0+0x1f3/0x340 [ 1030.975878] ? p9_fd_show_options+0x1c0/0x1c0 [ 1030.976801] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1030.977867] ? trace_hardirqs_on+0x5b/0x180 [ 1030.978768] ? kfree+0xd7/0x390 [ 1030.979451] p9_fd_create+0x98/0x4a0 [ 1030.980214] ? p9_conn_create+0x510/0x510 [ 1030.981059] ? p9_client_create+0x798/0x1090 [ 1030.981961] ? kfree+0xd7/0x390 [ 1030.982633] ? do_raw_spin_unlock+0x4f/0x220 [ 1030.983533] p9_client_create+0x7ff/0x1090 [ 1030.984404] ? p9_client_flush+0x430/0x430 [ 1030.985275] ? lockdep_init_map_type+0x2c7/0x780 [ 1030.986278] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1030.987263] ? __raw_spin_lock_init+0x36/0x110 [ 1030.988195] v9fs_session_init+0x1dd/0x16a0 [ 1030.989085] ? kmem_cache_alloc_trace+0x151/0x360 [ 1030.990077] ? v9fs_show_options+0x690/0x690 [ 1030.990987] ? kasan_unpoison_shadow+0x33/0x50 [ 1030.991928] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1030.992975] v9fs_mount+0x79/0x8f0 [ 1030.993702] ? v9fs_write_inode+0x60/0x60 [ 1030.994567] legacy_get_tree+0x105/0x220 [ 1030.995396] vfs_get_tree+0x8e/0x300 [ 1030.996154] path_mount+0x13be/0x20b0 [ 1030.996932] ? strncpy_from_user+0x9e/0x470 [ 1030.997812] ? finish_automount+0xa40/0xa40 [ 1030.998707] ? getname_flags.part.0+0x1dd/0x4f0 [ 1030.999650] ? _copy_from_user+0xfb/0x1b0 [ 1031.000501] __x64_sys_mount+0x282/0x300 [ 1031.001327] ? copy_mnt_ns+0xa00/0xa00 [ 1031.002134] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1031.003202] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1031.004257] do_syscall_64+0x33/0x40 [ 1031.005013] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1031.006090] RIP: 0033:0x7fb012c72b19 [ 1031.006846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1031.010602] RSP: 002b:00007fb0101c7188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1031.012152] RAX: ffffffffffffffda RBX: 00007fb012d86020 RCX: 00007fb012c72b19 [ 1031.013597] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1031.015057] RBP: 00007fb0101c71d0 R08: 0000000020000180 R09: 0000000000000000 [ 1031.016503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1031.017982] R13: 00007ffe32d71b4f R14: 00007fb0101c7300 R15: 0000000000022000 [ 1031.019609] 9pnet: Insufficient options for proto=fd 23:53:53 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xf, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:53 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1031.069776] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 23:53:53 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x8, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:53:53 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:53:53 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 1) 23:53:53 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1031.109306] FAULT_INJECTION: forcing a failure. [ 1031.109306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1031.111862] CPU: 1 PID: 7461 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1031.113253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1031.114982] Call Trace: [ 1031.115531] dump_stack+0x107/0x167 [ 1031.116284] should_fail.cold+0x5/0xa [ 1031.117074] _copy_from_user+0x2e/0x1b0 [ 1031.117914] __copy_msghdr_from_user+0x91/0x4b0 [ 1031.118872] ? __ia32_sys_shutdown+0x80/0x80 [ 1031.119774] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1031.120849] ? __lock_acquire+0x1657/0x5b00 [ 1031.121747] ? __lock_acquire+0xbb1/0x5b00 [ 1031.122644] sendmsg_copy_msghdr+0xa1/0x160 [ 1031.123528] ? do_recvmmsg+0x6d0/0x6d0 [ 1031.124331] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1031.125397] ? lock_downgrade+0x6d0/0x6d0 [ 1031.126250] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1031.127314] ___sys_sendmsg+0xc6/0x170 [ 1031.128100] ? sendmsg_copy_msghdr+0x160/0x160 [ 1031.129025] ? __fget_files+0x26d/0x480 [ 1031.129833] ? lock_downgrade+0x6d0/0x6d0 [ 1031.130688] ? find_held_lock+0x2c/0x110 [ 1031.131528] ? __fget_files+0x296/0x480 [ 1031.132356] ? __fget_light+0xea/0x290 [ 1031.133151] __sys_sendmsg+0xe5/0x1b0 [ 1031.133947] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1031.134834] ? rcu_read_lock_any_held+0x75/0xa0 [ 1031.135793] ? fput_many+0x2f/0x1a0 [ 1031.136537] ? ksys_write+0x1a9/0x260 [ 1031.137323] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1031.138403] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1031.139451] ? trace_hardirqs_on+0x5b/0x180 [ 1031.140334] do_syscall_64+0x33/0x40 [ 1031.141094] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1031.142161] RIP: 0033:0x7f2b3a370b19 [ 1031.142918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1031.146670] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1031.148221] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1031.149672] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1031.151145] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1031.152607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1031.154066] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1031.196491] FAT-fs (loop1): Directory bread(block 3) failed 23:54:08 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x9, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:08 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:08 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xc0, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:08 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 2) 23:54:08 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 31) 23:54:08 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 8) 23:54:08 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1045.320241] FAULT_INJECTION: forcing a failure. [ 1045.320241] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.321112] FAULT_INJECTION: forcing a failure. [ 1045.321112] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.322792] CPU: 1 PID: 7493 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1045.325334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1045.327134] Call Trace: [ 1045.327709] dump_stack+0x107/0x167 [ 1045.328496] should_fail.cold+0x5/0xa [ 1045.329314] ? __d_alloc+0x2a/0x990 [ 1045.330117] should_failslab+0x5/0x20 [ 1045.330963] kmem_cache_alloc+0x5b/0x360 [ 1045.331857] ? trace_hardirqs_on+0x5b/0x180 [ 1045.332809] __d_alloc+0x2a/0x990 [ 1045.333559] d_alloc_pseudo+0x19/0x70 [ 1045.334401] alloc_file_pseudo+0xce/0x250 [ 1045.335290] ? alloc_file+0x5a0/0x5a0 [ 1045.336129] ? shmem_get_inode+0x55c/0xbc0 [ 1045.337042] __shmem_file_setup+0x144/0x320 [ 1045.337993] ? _copy_from_user+0xfb/0x1b0 [ 1045.338896] __do_sys_memfd_create+0x275/0x450 [ 1045.339875] ? memfd_file_seals_ptr+0x170/0x170 [ 1045.340887] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1045.342007] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1045.343142] do_syscall_64+0x33/0x40 [ 1045.343945] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1045.345056] RIP: 0033:0x7f21cd568b19 [ 1045.345852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1045.349844] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1045.351508] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1045.353056] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1045.354627] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1045.356180] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1045.357735] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1045.359311] CPU: 0 PID: 7487 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1045.360091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1045.361039] Call Trace: [ 1045.361345] dump_stack+0x107/0x167 [ 1045.361767] should_fail.cold+0x5/0xa [ 1045.362212] ? create_object.isra.0+0x3a/0xa20 [ 1045.362733] should_failslab+0x5/0x20 [ 1045.363166] kmem_cache_alloc+0x5b/0x360 [ 1045.363651] create_object.isra.0+0x3a/0xa20 [ 1045.364156] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1045.364714] __kmalloc_track_caller+0x177/0x3c0 [ 1045.365248] ? match_number+0xaf/0x1d0 [ 1045.365701] kmemdup_nul+0x2d/0xa0 [ 1045.366117] match_number+0xaf/0x1d0 [ 1045.366539] ? match_u64+0x190/0x190 [ 1045.366942] ? __kmalloc_track_caller+0x2d4/0x3c0 [ 1045.367497] ? memcpy+0x39/0x60 [ 1045.367858] parse_opts.part.0+0x1f3/0x340 [ 1045.368343] ? p9_fd_show_options+0x1c0/0x1c0 [ 1045.368831] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1045.369432] ? trace_hardirqs_on+0x5b/0x180 [ 1045.369900] ? kfree+0xd7/0x390 [ 1045.370292] p9_fd_create+0x98/0x4a0 [ 1045.370713] ? p9_conn_create+0x510/0x510 [ 1045.371169] ? p9_client_create+0x798/0x1090 [ 1045.371673] ? kfree+0xd7/0x390 [ 1045.372056] ? do_raw_spin_unlock+0x4f/0x220 [ 1045.372537] p9_client_create+0x7ff/0x1090 [ 1045.373014] ? p9_client_flush+0x430/0x430 [ 1045.373497] ? lockdep_init_map_type+0x2c7/0x780 [ 1045.374031] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1045.374579] ? __raw_spin_lock_init+0x36/0x110 [ 1045.375105] v9fs_session_init+0x1dd/0x16a0 [ 1045.375595] ? kmem_cache_alloc_trace+0x151/0x360 [ 1045.376145] ? v9fs_show_options+0x690/0x690 [ 1045.376647] ? kasan_unpoison_shadow+0x33/0x50 [ 1045.377169] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1045.377739] v9fs_mount+0x79/0x8f0 [ 1045.378165] ? v9fs_write_inode+0x60/0x60 [ 1045.378630] legacy_get_tree+0x105/0x220 [ 1045.379089] vfs_get_tree+0x8e/0x300 [ 1045.379506] path_mount+0x13be/0x20b0 [ 1045.379949] ? strncpy_from_user+0x9e/0x470 [ 1045.380451] ? finish_automount+0xa40/0xa40 [ 1045.380948] ? getname_flags.part.0+0x1dd/0x4f0 [ 1045.381471] ? _copy_from_user+0xfb/0x1b0 [ 1045.381949] __x64_sys_mount+0x282/0x300 [ 1045.382420] ? copy_mnt_ns+0xa00/0xa00 [ 1045.382881] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1045.383476] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1045.384047] do_syscall_64+0x33/0x40 [ 1045.384463] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1045.385032] RIP: 0033:0x7fb012c72b19 [ 1045.385448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1045.387544] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1045.388386] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1045.389179] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1045.389978] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1045.390791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1045.391598] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1045.395787] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1045.397538] FAULT_INJECTION: forcing a failure. [ 1045.397538] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1045.398882] CPU: 0 PID: 7490 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1045.399656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1045.400608] Call Trace: [ 1045.400909] dump_stack+0x107/0x167 [ 1045.401324] should_fail.cold+0x5/0xa [ 1045.401763] _copy_from_user+0x2e/0x1b0 [ 1045.402227] iovec_from_user+0x141/0x400 [ 1045.402692] __import_iovec+0x67/0x590 [ 1045.403133] ? __ia32_sys_shutdown+0x80/0x80 [ 1045.403631] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1045.404232] import_iovec+0x83/0xb0 [ 1045.404648] sendmsg_copy_msghdr+0x131/0x160 [ 1045.405150] ? do_recvmmsg+0x6d0/0x6d0 [ 1045.405599] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1045.406214] ? lock_downgrade+0x6d0/0x6d0 [ 1045.406689] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1045.407301] ___sys_sendmsg+0xc6/0x170 [ 1045.407753] ? sendmsg_copy_msghdr+0x160/0x160 [ 1045.408288] ? __fget_files+0x26d/0x480 [ 1045.408754] ? lock_downgrade+0x6d0/0x6d0 [ 1045.409225] ? find_held_lock+0x2c/0x110 [ 1045.409692] ? __fget_files+0x296/0x480 [ 1045.410160] ? __fget_light+0xea/0x290 [ 1045.410602] __sys_sendmsg+0xe5/0x1b0 [ 1045.411029] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1045.411520] ? rcu_read_lock_any_held+0x75/0xa0 [ 1045.412044] ? fput_many+0x2f/0x1a0 [ 1045.412455] ? ksys_write+0x1a9/0x260 [ 1045.412892] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1045.413487] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1045.414078] ? trace_hardirqs_on+0x5b/0x180 [ 1045.414571] do_syscall_64+0x33/0x40 [ 1045.414994] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1045.415583] RIP: 0033:0x7f2b3a370b19 [ 1045.416012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1045.418092] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1045.418957] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1045.419757] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1045.420555] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1045.421354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1045.422167] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:54:08 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xec0, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:08 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1020, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:08 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x7000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:08 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1045.472120] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:54:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:08 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x33fe0, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2010, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:21 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 32) 23:54:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:21 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xce, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:21 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 3) 23:54:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x20000068, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:21 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 9) [ 1058.699125] FAULT_INJECTION: forcing a failure. [ 1058.699125] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.700872] CPU: 1 PID: 7542 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1058.701811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.702936] Call Trace: [ 1058.703316] dump_stack+0x107/0x167 [ 1058.703832] should_fail.cold+0x5/0xa [ 1058.704382] ? __alloc_skb+0x6d/0x620 [ 1058.704938] should_failslab+0x5/0x20 [ 1058.705490] kmem_cache_alloc_node+0x55/0x370 [ 1058.706137] __alloc_skb+0x6d/0x620 [ 1058.706684] netlink_sendmsg+0x98e/0xdf0 [ 1058.707282] ? netlink_unicast+0x7f0/0x7f0 [ 1058.707897] ? netlink_unicast+0x7f0/0x7f0 [ 1058.708504] sock_sendmsg+0x154/0x190 [ 1058.709044] ____sys_sendmsg+0x70d/0x870 [ 1058.709621] ? kernel_sendmsg+0x50/0x50 [ 1058.710168] ? do_recvmmsg+0x6d0/0x6d0 [ 1058.710725] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.711454] ? lock_downgrade+0x6d0/0x6d0 [ 1058.712027] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.712439] FAULT_INJECTION: forcing a failure. [ 1058.712439] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.712755] ___sys_sendmsg+0xf3/0x170 [ 1058.712768] ? sendmsg_copy_msghdr+0x160/0x160 [ 1058.712785] ? lock_downgrade+0x6d0/0x6d0 [ 1058.712799] ? find_held_lock+0x2c/0x110 [ 1058.712818] ? __fget_files+0x296/0x480 [ 1058.718028] ? __fget_light+0xea/0x290 [ 1058.718584] __sys_sendmsg+0xe5/0x1b0 [ 1058.719117] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1058.719712] ? rcu_read_lock_any_held+0x75/0xa0 [ 1058.720367] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.721096] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.721809] ? trace_hardirqs_on+0x5b/0x180 [ 1058.722423] do_syscall_64+0x33/0x40 [ 1058.722940] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1058.723652] RIP: 0033:0x7f2b3a370b19 [ 1058.724173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.726749] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1058.727811] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1058.728798] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1058.729784] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1058.730779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1058.731765] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1058.732783] CPU: 0 PID: 7548 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1058.734234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.735989] Call Trace: [ 1058.736549] dump_stack+0x107/0x167 23:54:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1058.737324] should_fail.cold+0x5/0xa [ 1058.738251] ? create_object.isra.0+0x3a/0xa20 [ 1058.739238] should_failslab+0x5/0x20 [ 1058.740052] kmem_cache_alloc+0x5b/0x360 [ 1058.740936] create_object.isra.0+0x3a/0xa20 [ 1058.741905] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.743008] kmem_cache_alloc+0x159/0x360 [ 1058.743900] ? trace_hardirqs_on+0x5b/0x180 [ 1058.744831] __d_alloc+0x2a/0x990 [ 1058.745589] d_alloc_pseudo+0x19/0x70 [ 1058.746424] alloc_file_pseudo+0xce/0x250 [ 1058.747310] ? alloc_file+0x5a0/0x5a0 [ 1058.748134] ? shmem_get_inode+0x55c/0xbc0 [ 1058.749050] __shmem_file_setup+0x144/0x320 [ 1058.749976] ? _copy_from_user+0xfb/0x1b0 [ 1058.750877] __do_sys_memfd_create+0x275/0x450 [ 1058.751860] ? memfd_file_seals_ptr+0x170/0x170 [ 1058.752863] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.753990] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.755118] do_syscall_64+0x33/0x40 [ 1058.755925] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1058.757040] RIP: 0033:0x7f21cd568b19 [ 1058.757857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.761816] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1058.763460] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1058.764991] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1058.766544] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1058.768074] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1058.769604] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 23:54:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x9000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1058.783468] FAULT_INJECTION: forcing a failure. [ 1058.783468] name failslab, interval 1, probability 0, space 0, times 0 23:54:21 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1058.785958] CPU: 0 PID: 7547 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1058.787512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.789322] Call Trace: [ 1058.789895] dump_stack+0x107/0x167 [ 1058.790690] should_fail.cold+0x5/0xa [ 1058.791510] ? p9_fd_create+0x161/0x4a0 [ 1058.792373] should_failslab+0x5/0x20 [ 1058.793188] kmem_cache_alloc_trace+0x55/0x360 [ 1058.794174] p9_fd_create+0x161/0x4a0 [ 1058.795014] ? p9_conn_create+0x510/0x510 [ 1058.795900] ? p9_client_create+0x798/0x1090 [ 1058.796843] ? kfree+0xd7/0x390 [ 1058.797556] ? do_raw_spin_unlock+0x4f/0x220 [ 1058.798528] p9_client_create+0x7ff/0x1090 [ 1058.799447] ? p9_client_flush+0x430/0x430 [ 1058.800369] ? lockdep_init_map_type+0x2c7/0x780 [ 1058.801387] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1058.802437] ? __raw_spin_lock_init+0x36/0x110 [ 1058.803429] v9fs_session_init+0x1dd/0x16a0 [ 1058.804385] ? kmem_cache_alloc_trace+0x151/0x360 [ 1058.805422] ? v9fs_show_options+0x690/0x690 [ 1058.806400] ? kasan_unpoison_shadow+0x33/0x50 [ 1058.807386] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 23:54:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1058.808479] v9fs_mount+0x79/0x8f0 [ 1058.809280] ? v9fs_write_inode+0x60/0x60 [ 1058.810174] legacy_get_tree+0x105/0x220 [ 1058.811059] vfs_get_tree+0x8e/0x300 [ 1058.811864] path_mount+0x13be/0x20b0 [ 1058.812687] ? strncpy_from_user+0x9e/0x470 [ 1058.813627] ? finish_automount+0xa40/0xa40 [ 1058.814582] ? getname_flags.part.0+0x1dd/0x4f0 [ 1058.815577] ? _copy_from_user+0xfb/0x1b0 [ 1058.816480] __x64_sys_mount+0x282/0x300 [ 1058.817355] ? copy_mnt_ns+0xa00/0xa00 [ 1058.818199] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.819332] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.820484] do_syscall_64+0x33/0x40 [ 1058.821292] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1058.822404] RIP: 0033:0x7fb012c72b19 [ 1058.823206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.827166] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1058.828801] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1058.830336] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1058.831866] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1058.833384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1058.834927] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:54:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1058.847979] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1058.858199] FAT-fs (loop1): Directory bread(block 3) failed 23:54:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x7ffff000, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xedc0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 10) 23:54:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 33) 23:54:33 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:33 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 4) 23:54:33 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x300, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x80000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:33 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0xfffffdef, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1070.912834] FAULT_INJECTION: forcing a failure. [ 1070.912834] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.914890] CPU: 1 PID: 7581 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1070.916167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1070.917708] Call Trace: [ 1070.918203] dump_stack+0x107/0x167 [ 1070.918898] should_fail.cold+0x5/0xa [ 1070.919610] ? create_object.isra.0+0x3a/0xa20 [ 1070.920464] should_failslab+0x5/0x20 [ 1070.921187] kmem_cache_alloc+0x5b/0x360 [ 1070.921956] ? p9_fd_show_options+0x1c0/0x1c0 [ 1070.922831] create_object.isra.0+0x3a/0xa20 [ 1070.923709] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1070.924725] kmem_cache_alloc_trace+0x151/0x360 [ 1070.925658] p9_fd_create+0x161/0x4a0 [ 1070.926426] ? p9_conn_create+0x510/0x510 [ 1070.927252] ? p9_client_create+0x798/0x1090 [ 1070.928128] ? kfree+0xd7/0x390 [ 1070.928790] ? do_raw_spin_unlock+0x4f/0x220 [ 1070.929699] p9_client_create+0x7ff/0x1090 [ 1070.930560] ? p9_client_flush+0x430/0x430 [ 1070.931401] ? lockdep_init_map_type+0x2c7/0x780 [ 1070.932308] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1070.933231] ? __raw_spin_lock_init+0x36/0x110 [ 1070.934107] v9fs_session_init+0x1dd/0x16a0 [ 1070.934957] ? kmem_cache_alloc_trace+0x151/0x360 [ 1070.935877] ? v9fs_show_options+0x690/0x690 [ 1070.936724] ? kasan_unpoison_shadow+0x33/0x50 [ 1070.937610] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1070.938361] FAULT_INJECTION: forcing a failure. [ 1070.938361] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.938591] v9fs_mount+0x79/0x8f0 [ 1070.938612] ? v9fs_write_inode+0x60/0x60 [ 1070.938637] legacy_get_tree+0x105/0x220 [ 1070.943465] vfs_get_tree+0x8e/0x300 [ 1070.944214] path_mount+0x13be/0x20b0 [ 1070.944979] ? strncpy_from_user+0x9e/0x470 [ 1070.945837] ? finish_automount+0xa40/0xa40 [ 1070.946764] ? getname_flags.part.0+0x1dd/0x4f0 [ 1070.947696] ? _copy_from_user+0xfb/0x1b0 [ 1070.948536] __x64_sys_mount+0x282/0x300 [ 1070.949352] ? copy_mnt_ns+0xa00/0xa00 [ 1070.950132] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1070.951190] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1070.952197] do_syscall_64+0x33/0x40 [ 1070.952928] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1070.953928] RIP: 0033:0x7fb012c72b19 [ 1070.954676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1070.958266] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1070.959792] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1070.961180] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1070.962545] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1070.963888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1070.965227] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1070.966614] CPU: 0 PID: 7587 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1070.968170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1070.970056] Call Trace: [ 1070.970672] dump_stack+0x107/0x167 [ 1070.971506] should_fail.cold+0x5/0xa [ 1070.972383] ? __alloc_file+0x21/0x320 [ 1070.973281] should_failslab+0x5/0x20 [ 1070.974151] kmem_cache_alloc+0x5b/0x360 [ 1070.975099] __alloc_file+0x21/0x320 [ 1070.975971] alloc_empty_file+0x6d/0x170 [ 1070.976918] alloc_file+0x59/0x5a0 [ 1070.977753] alloc_file_pseudo+0x16a/0x250 [ 1070.978752] ? alloc_file+0x5a0/0x5a0 [ 1070.979647] ? shmem_get_inode+0x55c/0xbc0 [ 1070.980637] __shmem_file_setup+0x144/0x320 [ 1070.981633] ? _copy_from_user+0xfb/0x1b0 [ 1070.982614] __do_sys_memfd_create+0x275/0x450 [ 1070.983669] ? memfd_file_seals_ptr+0x170/0x170 [ 1070.984747] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1070.985957] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1070.987172] do_syscall_64+0x33/0x40 [ 1070.988041] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1070.989220] RIP: 0033:0x7f21cd568b19 [ 1070.990077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1070.994303] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1070.996057] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1070.997694] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1070.999419] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1071.001066] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1071.002709] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1071.019358] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1071.023145] FAULT_INJECTION: forcing a failure. [ 1071.023145] name failslab, interval 1, probability 0, space 0, times 0 [ 1071.025924] CPU: 0 PID: 7593 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1071.027608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.029615] Call Trace: [ 1071.030271] dump_stack+0x107/0x167 [ 1071.031180] should_fail.cold+0x5/0xa [ 1071.032115] ? create_object.isra.0+0x3a/0xa20 [ 1071.033225] should_failslab+0x5/0x20 [ 1071.034151] kmem_cache_alloc+0x5b/0x360 [ 1071.035162] create_object.isra.0+0x3a/0xa20 [ 1071.036242] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1071.037486] kmem_cache_alloc_node+0x169/0x370 [ 1071.038652] __alloc_skb+0x6d/0x620 [ 1071.039502] netlink_sendmsg+0x98e/0xdf0 [ 1071.040639] ? netlink_unicast+0x7f0/0x7f0 [ 1071.041629] ? netlink_unicast+0x7f0/0x7f0 [ 1071.042830] sock_sendmsg+0x154/0x190 [ 1071.043720] ____sys_sendmsg+0x70d/0x870 [ 1071.044855] ? kernel_sendmsg+0x50/0x50 23:54:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x10000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1071.045769] ? do_recvmmsg+0x6d0/0x6d0 [ 1071.047009] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1071.048466] ? lock_downgrade+0x6d0/0x6d0 [ 1071.049427] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1071.050912] ___sys_sendmsg+0xf3/0x170 [ 1071.051814] ? sendmsg_copy_msghdr+0x160/0x160 [ 1071.053094] ? lock_downgrade+0x6d0/0x6d0 [ 1071.054063] ? find_held_lock+0x2c/0x110 23:54:33 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x500, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1071.055067] ? __fget_files+0x296/0x480 [ 1071.056074] ? __fget_light+0xea/0x290 [ 1071.057030] __sys_sendmsg+0xe5/0x1b0 [ 1071.057962] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1071.059038] ? rcu_read_lock_any_held+0x75/0xa0 [ 1071.060208] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1071.061490] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1071.062768] ? trace_hardirqs_on+0x5b/0x180 [ 1071.063825] do_syscall_64+0x33/0x40 [ 1071.064747] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1071.065996] RIP: 0033:0x7f2b3a370b19 [ 1071.066926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1071.071322] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1071.073069] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1071.074711] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1071.076334] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1071.077963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1071.079608] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:54:33 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1071.145886] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:54:33 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:33 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x2, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1071.226352] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 23:54:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x600, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x20000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1071.288432] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1084.925369] FAULT_INJECTION: forcing a failure. [ 1084.925369] name failslab, interval 1, probability 0, space 0, times 0 [ 1084.927723] CPU: 1 PID: 7630 Comm: syz-executor.1 Not tainted 5.10.161 #1 23:54:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 11) 23:54:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:47 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x20100000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:47 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x700, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1084.929122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1084.931088] Call Trace: [ 1084.931644] dump_stack+0x107/0x167 [ 1084.932401] should_fail.cold+0x5/0xa [ 1084.933193] ? create_object.isra.0+0x3a/0xa20 23:54:47 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x3, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:47 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21010000000000000000060000000800", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:47 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 5) 23:54:47 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 34) [ 1084.934122] should_failslab+0x5/0x20 [ 1084.935001] kmem_cache_alloc+0x5b/0x360 [ 1084.935835] create_object.isra.0+0x3a/0xa20 [ 1084.936732] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1084.937780] kmem_cache_alloc+0x159/0x360 [ 1084.938653] __alloc_file+0x21/0x320 [ 1084.939416] alloc_empty_file+0x6d/0x170 [ 1084.940252] alloc_file+0x59/0x5a0 [ 1084.940987] alloc_file_pseudo+0x16a/0x250 23:54:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x7000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1084.941849] ? alloc_file+0x5a0/0x5a0 [ 1084.942707] ? shmem_get_inode+0x55c/0xbc0 [ 1084.943585] __shmem_file_setup+0x144/0x320 [ 1084.944457] ? _copy_from_user+0xfb/0x1b0 [ 1084.945310] __do_sys_memfd_create+0x275/0x450 [ 1084.946230] ? memfd_file_seals_ptr+0x170/0x170 [ 1084.947196] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1084.948259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1084.949305] do_syscall_64+0x33/0x40 [ 1084.950060] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1084.951124] RIP: 0033:0x7f21cd568b19 [ 1084.951885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1084.955623] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1084.957160] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1084.958626] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1084.960064] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1084.961495] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1084.962957] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1084.989552] FAULT_INJECTION: forcing a failure. [ 1084.989552] name failslab, interval 1, probability 0, space 0, times 0 [ 1084.990852] CPU: 0 PID: 7643 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1084.991646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1084.992596] Call Trace: [ 1084.992909] dump_stack+0x107/0x167 [ 1084.993330] should_fail.cold+0x5/0xa [ 1084.993775] ? p9_client_prepare_req.part.0+0x3a/0xb30 [ 1084.994377] should_failslab+0x5/0x20 [ 1084.994835] kmem_cache_alloc+0x5b/0x360 [ 1084.995302] ? p9_pollwait+0x1a7/0x210 [ 1084.995759] p9_client_prepare_req.part.0+0x3a/0xb30 [ 1084.996355] p9_client_rpc+0x220/0x1210 [ 1084.996824] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1084.997407] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1084.997948] ? snd_seq_poll+0x15b/0x2d0 [ 1084.998389] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1084.999026] ? p9_fd_poll+0x1e0/0x2c0 [ 1084.999451] ? p9_fd_create+0x357/0x4a0 [ 1084.999911] ? p9_conn_create+0x510/0x510 [ 1085.000373] ? p9_client_create+0x798/0x1090 [ 1085.000877] ? kfree+0xd7/0x390 [ 1085.001244] ? do_raw_spin_unlock+0x4f/0x220 [ 1085.001757] p9_client_create+0xa76/0x1090 [ 1085.002221] ? p9_client_flush+0x430/0x430 [ 1085.002393] kernel write not supported for file /snd/seq (pid: 7529 comm: kworker/1:1) [ 1085.002731] ? lockdep_init_map_type+0x2c7/0x780 [ 1085.002745] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1085.002764] ? __raw_spin_lock_init+0x36/0x110 [ 1085.005973] v9fs_session_init+0x1dd/0x16a0 [ 1085.006473] ? kmem_cache_alloc_trace+0x151/0x360 [ 1085.007045] ? v9fs_show_options+0x690/0x690 [ 1085.007563] ? kasan_unpoison_shadow+0x33/0x50 [ 1085.008106] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1085.008664] v9fs_mount+0x79/0x8f0 [ 1085.008698] FAULT_INJECTION: forcing a failure. [ 1085.008698] name failslab, interval 1, probability 0, space 0, times 0 [ 1085.009082] ? v9fs_write_inode+0x60/0x60 [ 1085.009094] legacy_get_tree+0x105/0x220 [ 1085.009109] vfs_get_tree+0x8e/0x300 [ 1085.009131] path_mount+0x13be/0x20b0 [ 1085.013152] ? strncpy_from_user+0x9e/0x470 [ 1085.013658] ? finish_automount+0xa40/0xa40 [ 1085.014163] ? getname_flags.part.0+0x1dd/0x4f0 [ 1085.014723] ? _copy_from_user+0xfb/0x1b0 [ 1085.015214] __x64_sys_mount+0x282/0x300 [ 1085.015687] ? copy_mnt_ns+0xa00/0xa00 [ 1085.016139] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1085.016758] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1085.017331] do_syscall_64+0x33/0x40 [ 1085.017775] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1085.018334] RIP: 0033:0x7fb012c72b19 [ 1085.018780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1085.020905] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1085.021743] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1085.022563] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1085.023408] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1085.024241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1085.025086] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1085.025942] CPU: 1 PID: 7645 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1085.027335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1085.029010] Call Trace: [ 1085.029550] dump_stack+0x107/0x167 [ 1085.030291] should_fail.cold+0x5/0xa [ 1085.031091] should_failslab+0x5/0x20 [ 1085.031862] __kmalloc_node_track_caller+0x74/0x3f0 [ 1085.032868] ? netlink_sendmsg+0x98e/0xdf0 [ 1085.033728] __alloc_skb+0xb1/0x620 [ 1085.034468] netlink_sendmsg+0x98e/0xdf0 [ 1085.035311] ? netlink_unicast+0x7f0/0x7f0 [ 1085.036177] ? netlink_unicast+0x7f0/0x7f0 [ 1085.037055] sock_sendmsg+0x154/0x190 [ 1085.037828] ____sys_sendmsg+0x70d/0x870 [ 1085.038675] ? kernel_sendmsg+0x50/0x50 [ 1085.039474] ? do_recvmmsg+0x6d0/0x6d0 [ 1085.040283] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1085.041343] ? lock_downgrade+0x6d0/0x6d0 23:54:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1085.042196] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1085.043407] ___sys_sendmsg+0xf3/0x170 [ 1085.044198] ? sendmsg_copy_msghdr+0x160/0x160 [ 1085.045135] ? lock_downgrade+0x6d0/0x6d0 [ 1085.045986] ? find_held_lock+0x2c/0x110 [ 1085.046839] ? __fget_files+0x296/0x480 [ 1085.047660] ? __fget_light+0xea/0x290 [ 1085.048454] __sys_sendmsg+0xe5/0x1b0 [ 1085.049230] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1085.050102] ? rcu_read_lock_any_held+0x75/0xa0 [ 1085.051068] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1085.052130] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1085.053181] ? trace_hardirqs_on+0x5b/0x180 [ 1085.054061] do_syscall_64+0x33/0x40 [ 1085.054827] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1085.055868] RIP: 0033:0x7f2b3a370b19 [ 1085.056631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1085.060364] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1085.061905] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1085.063355] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1085.064802] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1085.066240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1085.067694] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:54:47 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x900, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:47 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21010000000000000000060000000800", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x9000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:47 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x4, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:47 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1085.223122] FAT-fs (loop1): Directory bread(block 3) failed 23:54:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 12) 23:54:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 6) 23:54:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf00, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x5, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21010000000000000000060000000800", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 35) 23:54:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8cffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1096.394917] FAULT_INJECTION: forcing a failure. [ 1096.394917] name failslab, interval 1, probability 0, space 0, times 0 [ 1096.397633] CPU: 0 PID: 7679 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1096.399291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1096.401265] Call Trace: [ 1096.401907] dump_stack+0x107/0x167 [ 1096.401979] FAULT_INJECTION: forcing a failure. [ 1096.401979] name failslab, interval 1, probability 0, space 0, times 0 [ 1096.402789] should_fail.cold+0x5/0xa [ 1096.402818] ? create_object.isra.0+0x3a/0xa20 [ 1096.406945] should_failslab+0x5/0x20 [ 1096.407863] kmem_cache_alloc+0x5b/0x360 [ 1096.408842] create_object.isra.0+0x3a/0xa20 [ 1096.409905] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1096.411138] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 1096.412391] ? netlink_sendmsg+0x98e/0xdf0 [ 1096.413411] __alloc_skb+0xb1/0x620 [ 1096.414294] netlink_sendmsg+0x98e/0xdf0 [ 1096.415294] ? netlink_unicast+0x7f0/0x7f0 [ 1096.416327] ? netlink_unicast+0x7f0/0x7f0 [ 1096.417352] sock_sendmsg+0x154/0x190 [ 1096.418277] ____sys_sendmsg+0x70d/0x870 [ 1096.419282] ? kernel_sendmsg+0x50/0x50 [ 1096.420244] ? do_recvmmsg+0x6d0/0x6d0 [ 1096.421195] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1096.422463] ? lock_downgrade+0x6d0/0x6d0 [ 1096.423490] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1096.424764] ___sys_sendmsg+0xf3/0x170 [ 1096.425708] ? sendmsg_copy_msghdr+0x160/0x160 [ 1096.426837] ? lock_downgrade+0x6d0/0x6d0 [ 1096.427844] ? find_held_lock+0x2c/0x110 [ 1096.428836] ? __fget_files+0x296/0x480 [ 1096.429809] ? __fget_light+0xea/0x290 [ 1096.430765] __sys_sendmsg+0xe5/0x1b0 [ 1096.431687] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1096.432637] ? rcu_read_lock_any_held+0x75/0xa0 [ 1096.433616] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1096.434701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1096.435775] ? trace_hardirqs_on+0x5b/0x180 [ 1096.436667] do_syscall_64+0x33/0x40 [ 1096.437439] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1096.438498] RIP: 0033:0x7f2b3a370b19 [ 1096.439283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1096.443081] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1096.444652] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1096.446125] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1096.447616] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1096.449091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1096.450566] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1096.452076] CPU: 1 PID: 7687 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1096.453476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1096.455170] Call Trace: [ 1096.455711] dump_stack+0x107/0x167 [ 1096.456458] should_fail.cold+0x5/0xa [ 1096.457241] ? security_file_alloc+0x34/0x170 [ 1096.458158] should_failslab+0x5/0x20 [ 1096.458949] kmem_cache_alloc+0x5b/0x360 [ 1096.459784] security_file_alloc+0x34/0x170 [ 1096.460669] __alloc_file+0xb6/0x320 [ 1096.461434] alloc_empty_file+0x6d/0x170 [ 1096.462265] alloc_file+0x59/0x5a0 [ 1096.463009] alloc_file_pseudo+0x16a/0x250 [ 1096.463875] ? alloc_file+0x5a0/0x5a0 [ 1096.464662] ? shmem_get_inode+0x55c/0xbc0 [ 1096.465534] __shmem_file_setup+0x144/0x320 [ 1096.466414] ? _copy_from_user+0xfb/0x1b0 [ 1096.467282] __do_sys_memfd_create+0x275/0x450 [ 1096.468215] ? memfd_file_seals_ptr+0x170/0x170 [ 1096.469168] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1096.470238] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1096.471299] do_syscall_64+0x33/0x40 [ 1096.472060] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1096.473105] RIP: 0033:0x7f21cd568b19 [ 1096.473866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1096.477628] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1096.479183] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1096.480634] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1096.482089] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1096.483555] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1096.485005] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1096.502412] FAULT_INJECTION: forcing a failure. [ 1096.502412] name failslab, interval 1, probability 0, space 0, times 0 [ 1096.504789] CPU: 0 PID: 7692 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1096.506233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1096.508022] Call Trace: [ 1096.508577] dump_stack+0x107/0x167 [ 1096.509341] should_fail.cold+0x5/0xa [ 1096.510141] ? create_object.isra.0+0x3a/0xa20 [ 1096.511108] should_failslab+0x5/0x20 [ 1096.511909] kmem_cache_alloc+0x5b/0x360 [ 1096.512794] create_object.isra.0+0x3a/0xa20 [ 1096.513738] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1096.514821] kmem_cache_alloc+0x159/0x360 [ 1096.515718] p9_client_prepare_req.part.0+0x3a/0xb30 [ 1096.516793] p9_client_rpc+0x220/0x1210 [ 1096.517633] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1096.518784] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1096.519763] ? snd_seq_poll+0x15b/0x2d0 [ 1096.520605] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1096.521745] ? p9_fd_poll+0x1e0/0x2c0 [ 1096.522547] ? p9_fd_create+0x357/0x4a0 [ 1096.523382] ? p9_conn_create+0x510/0x510 [ 1096.524242] ? p9_client_create+0x798/0x1090 [ 1096.525157] ? kfree+0xd7/0x390 [ 1096.525847] ? do_raw_spin_unlock+0x4f/0x220 [ 1096.526789] p9_client_create+0xa76/0x1090 [ 1096.527682] ? p9_client_flush+0x430/0x430 [ 1096.528570] ? lockdep_init_map_type+0x2c7/0x780 [ 1096.529557] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1096.530568] ? __raw_spin_lock_init+0x36/0x110 [ 1096.531532] v9fs_session_init+0x1dd/0x16a0 [ 1096.532443] ? kmem_cache_alloc_trace+0x151/0x360 [ 1096.533450] ? v9fs_show_options+0x690/0x690 [ 1096.534412] ? kasan_unpoison_shadow+0x33/0x50 [ 1096.535386] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1096.536467] v9fs_mount+0x79/0x8f0 [ 1096.537212] ? v9fs_write_inode+0x60/0x60 [ 1096.538087] legacy_get_tree+0x105/0x220 [ 1096.538948] vfs_get_tree+0x8e/0x300 [ 1096.539751] path_mount+0x13be/0x20b0 [ 1096.540568] ? strncpy_from_user+0x9e/0x470 [ 1096.541511] ? finish_automount+0xa40/0xa40 [ 1096.542440] ? getname_flags.part.0+0x1dd/0x4f0 [ 1096.543636] ? _copy_from_user+0xfb/0x1b0 [ 1096.544673] __x64_sys_mount+0x282/0x300 [ 1096.545693] ? copy_mnt_ns+0xa00/0xa00 [ 1096.546658] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1096.547998] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1096.549271] do_syscall_64+0x33/0x40 [ 1096.550187] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1096.551455] RIP: 0033:0x7fb012c72b19 [ 1096.552377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1096.556904] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1096.558802] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1096.560361] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1096.561844] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1096.563340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1096.564826] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:54:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xce00, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:54:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x6, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000080003", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:54:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xc0ed0000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1096.628845] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:54:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x7, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:54:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1096.688308] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 23:54:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x10000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:11 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xf6ffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:11 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 7) 23:55:11 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 36) 23:55:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x20000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1108.898468] FAULT_INJECTION: forcing a failure. [ 1108.898468] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.900535] CPU: 0 PID: 7725 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1108.901788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.903312] Call Trace: [ 1108.903801] dump_stack+0x107/0x167 [ 1108.904469] should_fail.cold+0x5/0xa [ 1108.905166] ? __skb_ext_alloc+0x19/0x90 [ 1108.905912] should_failslab+0x5/0x20 [ 1108.906607] kmem_cache_alloc+0x5b/0x360 [ 1108.907379] __skb_ext_alloc+0x19/0x90 [ 1108.908094] skb_ext_add+0x508/0x670 [ 1108.908672] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1108.909630] __alloc_skb+0x3c1/0x620 [ 1108.910215] netlink_sendmsg+0x98e/0xdf0 [ 1108.910869] FAULT_INJECTION: forcing a failure. [ 1108.910869] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.910967] ? netlink_unicast+0x7f0/0x7f0 [ 1108.914414] ? netlink_unicast+0x7f0/0x7f0 [ 1108.915103] sock_sendmsg+0x154/0x190 [ 1108.915716] ____sys_sendmsg+0x70d/0x870 [ 1108.916368] ? kernel_sendmsg+0x50/0x50 [ 1108.916952] ? do_recvmmsg+0x6d0/0x6d0 [ 1108.917587] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.918542] ? lock_downgrade+0x6d0/0x6d0 [ 1108.919197] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.920152] ___sys_sendmsg+0xf3/0x170 [ 1108.920766] ? sendmsg_copy_msghdr+0x160/0x160 [ 1108.921600] ? lock_downgrade+0x6d0/0x6d0 [ 1108.922279] ? find_held_lock+0x2c/0x110 [ 1108.923032] ? __fget_files+0x296/0x480 [ 1108.923657] ? __fget_light+0xea/0x290 [ 1108.924368] __sys_sendmsg+0xe5/0x1b0 [ 1108.924963] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1108.925737] ? rcu_read_lock_any_held+0x75/0xa0 [ 1108.926450] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.927298] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.928068] ? trace_hardirqs_on+0x5b/0x180 [ 1108.928719] do_syscall_64+0x33/0x40 [ 1108.929274] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1108.930058] RIP: 0033:0x7f2b3a370b19 [ 1108.930618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.933396] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1108.934552] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1108.935644] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1108.936708] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1108.937761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1108.938817] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1108.939913] CPU: 1 PID: 7727 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1108.941417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.943321] Call Trace: [ 1108.943369] FAULT_INJECTION: forcing a failure. [ 1108.943369] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.943968] dump_stack+0x107/0x167 [ 1108.943993] should_fail.cold+0x5/0xa [ 1108.947464] ? p9_fcall_init+0x97/0x210 [ 1108.948530] should_failslab+0x5/0x20 [ 1108.949447] __kmalloc+0x72/0x3f0 [ 1108.950384] p9_fcall_init+0x97/0x210 [ 1108.951318] p9_client_prepare_req.part.0+0x8c/0xb30 [ 1108.952522] p9_client_rpc+0x220/0x1210 [ 1108.953484] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1108.954741] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1108.955865] ? snd_seq_poll+0x15b/0x2d0 [ 1108.956809] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1108.958104] ? p9_fd_poll+0x1e0/0x2c0 [ 1108.959063] ? p9_fd_create+0x357/0x4a0 [ 1108.960117] ? p9_conn_create+0x510/0x510 [ 1108.961114] ? p9_client_create+0x798/0x1090 [ 1108.962282] ? kfree+0xd7/0x390 [ 1108.963076] ? do_raw_spin_unlock+0x4f/0x220 [ 1108.964256] p9_client_create+0xa76/0x1090 [ 1108.965273] ? p9_client_flush+0x430/0x430 [ 1108.966408] ? lockdep_init_map_type+0x2c7/0x780 [ 1108.967559] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1108.968845] ? __raw_spin_lock_init+0x36/0x110 [ 1108.969941] v9fs_session_init+0x1dd/0x16a0 [ 1108.971109] ? kmem_cache_alloc_trace+0x151/0x360 [ 1108.972249] ? v9fs_show_options+0x690/0x690 [ 1108.973428] ? kasan_unpoison_shadow+0x33/0x50 [ 1108.974504] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1108.975852] v9fs_mount+0x79/0x8f0 [ 1108.976707] ? v9fs_write_inode+0x60/0x60 [ 1108.977804] legacy_get_tree+0x105/0x220 [ 1108.978775] vfs_get_tree+0x8e/0x300 [ 1108.979783] path_mount+0x13be/0x20b0 [ 1108.980691] ? strncpy_from_user+0x9e/0x470 [ 1108.981832] ? finish_automount+0xa40/0xa40 [ 1108.982854] ? getname_flags.part.0+0x1dd/0x4f0 [ 1108.984012] ? _copy_from_user+0xfb/0x1b0 [ 1108.985023] __x64_sys_mount+0x282/0x300 [ 1108.986011] ? copy_mnt_ns+0xa00/0xa00 [ 1108.986979] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.988249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.989496] do_syscall_64+0x33/0x40 [ 1108.990404] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1108.991651] RIP: 0033:0x7fb012c72b19 [ 1108.992557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.997011] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1108.998863] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1109.000589] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1109.002302] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1109.004042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1109.005766] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1109.007540] CPU: 0 PID: 7736 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1109.008560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.009855] Call Trace: [ 1109.010262] dump_stack+0x107/0x167 [ 1109.010834] should_fail.cold+0x5/0xa [ 1109.011400] ? create_object.isra.0+0x3a/0xa20 [ 1109.012077] should_failslab+0x5/0x20 [ 1109.012673] kmem_cache_alloc+0x5b/0x360 [ 1109.013294] ? percpu_ref_put_many.constprop.0+0x4e/0x100 [ 1109.014139] create_object.isra.0+0x3a/0xa20 [ 1109.014820] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1109.015591] kmem_cache_alloc+0x159/0x360 [ 1109.016196] security_file_alloc+0x34/0x170 [ 1109.016826] __alloc_file+0xb6/0x320 [ 1109.017373] alloc_empty_file+0x6d/0x170 [ 1109.017965] alloc_file+0x59/0x5a0 [ 1109.018490] alloc_file_pseudo+0x16a/0x250 [ 1109.019119] ? alloc_file+0x5a0/0x5a0 [ 1109.019676] ? shmem_get_inode+0x55c/0xbc0 [ 1109.020299] __shmem_file_setup+0x144/0x320 [ 1109.020918] ? _copy_from_user+0xfb/0x1b0 [ 1109.021520] __do_sys_memfd_create+0x275/0x450 [ 1109.022188] ? memfd_file_seals_ptr+0x170/0x170 [ 1109.022871] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1109.023665] ? syscall_enter_from_user_mode+0x1d/0x50 23:55:11 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x8, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:11 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x34000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 13) 23:55:11 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000080003", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1109.024419] do_syscall_64+0x33/0x40 [ 1109.025142] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1109.025889] RIP: 0033:0x7f21cd568b19 [ 1109.026434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1109.029115] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1109.030217] RAX: ffffffffffffffda RBX: 0000000020001380 RCX: 00007f21cd568b19 [ 1109.031267] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f21cd5c20fb [ 1109.032196] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1109.032308] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 1109.032324] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1109.036399] R13: 0000000020000100 R14: 0000000000001000 R15: 0000000020000140 [ 1109.039508] kernel write not supported for file /snd/seq (pid: 7529 comm: kworker/1:1) 23:55:11 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x9, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1109.080370] FAT-fs (loop1): Directory bread(block 3) failed 23:55:11 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 8) 23:55:11 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfeffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 14) 23:55:11 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 37) 23:55:11 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2101000000000000000006000000080003", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:55:11 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x80000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1109.147167] FAULT_INJECTION: forcing a failure. [ 1109.147167] name failslab, interval 1, probability 0, space 0, times 0 [ 1109.148928] CPU: 0 PID: 7748 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1109.149897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.151281] Call Trace: [ 1109.151666] dump_stack+0x107/0x167 [ 1109.152177] should_fail.cold+0x5/0xa [ 1109.152714] ? create_object.isra.0+0x3a/0xa20 [ 1109.153344] should_failslab+0x5/0x20 [ 1109.153864] kmem_cache_alloc+0x5b/0x360 [ 1109.154411] create_object.isra.0+0x3a/0xa20 [ 1109.155021] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1109.155712] kmem_cache_alloc+0x159/0x360 [ 1109.156289] __skb_ext_alloc+0x19/0x90 [ 1109.156834] skb_ext_add+0x508/0x670 [ 1109.157350] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1109.158088] __alloc_skb+0x3c1/0x620 [ 1109.158622] netlink_sendmsg+0x98e/0xdf0 [ 1109.159201] ? netlink_unicast+0x7f0/0x7f0 [ 1109.159801] ? netlink_unicast+0x7f0/0x7f0 [ 1109.160397] sock_sendmsg+0x154/0x190 [ 1109.160933] ____sys_sendmsg+0x70d/0x870 [ 1109.161500] ? kernel_sendmsg+0x50/0x50 [ 1109.162055] ? do_recvmmsg+0x6d0/0x6d0 [ 1109.162601] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1109.163347] ? lock_downgrade+0x6d0/0x6d0 [ 1109.163936] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1109.164674] ___sys_sendmsg+0xf3/0x170 [ 1109.165218] ? sendmsg_copy_msghdr+0x160/0x160 [ 1109.165857] ? lock_downgrade+0x6d0/0x6d0 [ 1109.166451] ? find_held_lock+0x2c/0x110 [ 1109.167060] ? __fget_files+0x296/0x480 [ 1109.167639] ? __fget_light+0xea/0x290 [ 1109.168213] __sys_sendmsg+0xe5/0x1b0 [ 1109.168769] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1109.169395] ? rcu_read_lock_any_held+0x75/0xa0 [ 1109.170089] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1109.170854] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1109.171625] ? trace_hardirqs_on+0x5b/0x180 [ 1109.172258] do_syscall_64+0x33/0x40 [ 1109.172799] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1109.173539] RIP: 0033:0x7f2b3a370b19 [ 1109.174077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1109.176721] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1109.177819] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1109.178839] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1109.179884] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1109.180911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1109.181933] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:55:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x20100000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1109.196598] FAULT_INJECTION: forcing a failure. [ 1109.196598] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 1109.199633] CPU: 1 PID: 7756 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1109.201029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.202717] Call Trace: [ 1109.203276] dump_stack+0x107/0x167 [ 1109.204070] should_fail.cold+0x5/0xa [ 1109.204182] FAULT_INJECTION: forcing a failure. [ 1109.204182] name failslab, interval 1, probability 0, space 0, times 0 [ 1109.204885] __alloc_pages_nodemask+0x182/0x680 [ 1109.207440] ? __alloc_pages_slowpath.constprop.0+0x2220/0x2220 [ 1109.208701] ? lock_downgrade+0x6d0/0x6d0 [ 1109.209576] alloc_pages_vma+0xbb/0x410 [ 1109.210394] shmem_alloc_page+0x10f/0x1e0 [ 1109.211294] ? shmem_init_inode+0x20/0x20 [ 1109.212173] ? percpu_counter_add_batch+0x8b/0x140 [ 1109.213176] ? __vm_enough_memory+0x184/0x360 [ 1109.214109] shmem_getpage_gfp.constprop.0+0x512/0x1920 [ 1109.215223] ? shmem_unuse_inode+0xed0/0xed0 [ 1109.216124] ? ktime_get_coarse_real_ts64+0x15a/0x190 [ 1109.217174] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1109.218223] shmem_write_begin+0xf7/0x1d0 [ 1109.219083] generic_perform_write+0x20a/0x4f0 [ 1109.220032] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4a0/0x4a0 [ 1109.221506] ? evict_inodes+0x420/0x420 [ 1109.222319] ? generic_write_checks+0x2ad/0x390 [ 1109.223294] __generic_file_write_iter+0x39d/0x5d0 [ 1109.224301] generic_file_write_iter+0xdb/0x230 [ 1109.225245] ? iov_iter_init+0x3c/0x130 [ 1109.226055] new_sync_write+0x42c/0x660 [ 1109.226870] ? new_sync_read+0x6f0/0x6f0 [ 1109.227713] ? __x64_sys_pwrite64+0x201/0x260 [ 1109.228631] ? lock_release+0x6b0/0x6b0 [ 1109.229439] ? selinux_file_permission+0x36/0x510 [ 1109.230448] vfs_write+0x747/0xa30 [ 1109.231222] __x64_sys_pwrite64+0x201/0x260 [ 1109.232103] ? ksys_pwrite64+0x1b0/0x1b0 [ 1109.232940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1109.234011] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1109.235074] do_syscall_64+0x33/0x40 [ 1109.235831] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1109.236874] RIP: 0033:0x7f21cd51bab7 [ 1109.237635] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1109.241408] RSP: 002b:00007f21caaddf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1109.242966] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51bab7 [ 1109.244443] RDX: 0000000000000017 RSI: 0000000020010000 RDI: 0000000000000004 [ 1109.245918] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.247400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1109.248868] R13: 0000000000000004 R14: 0000000020001380 R15: 0000000000000000 [ 1109.250379] CPU: 0 PID: 7757 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1109.251366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.252591] Call Trace: [ 1109.252979] dump_stack+0x107/0x167 [ 1109.253510] should_fail.cold+0x5/0xa [ 1109.254065] ? create_object.isra.0+0x3a/0xa20 [ 1109.254706] should_failslab+0x5/0x20 [ 1109.255254] kmem_cache_alloc+0x5b/0x360 [ 1109.255823] create_object.isra.0+0x3a/0xa20 [ 1109.256445] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1109.256744] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1109.257146] __kmalloc+0x16e/0x3f0 [ 1109.257163] p9_fcall_init+0x97/0x210 [ 1109.257185] p9_client_prepare_req.part.0+0x8c/0xb30 [ 1109.260627] p9_client_rpc+0x220/0x1210 [ 1109.261212] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1109.261951] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1109.262612] ? snd_seq_poll+0x15b/0x2d0 [ 1109.263204] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1109.263996] ? p9_fd_poll+0x1e0/0x2c0 [ 1109.264529] ? p9_fd_create+0x357/0x4a0 [ 1109.265078] ? p9_conn_create+0x510/0x510 [ 1109.265674] ? p9_client_create+0x798/0x1090 [ 1109.266306] ? kfree+0xd7/0x390 [ 1109.266758] ? do_raw_spin_unlock+0x4f/0x220 [ 1109.267395] p9_client_create+0xa76/0x1090 [ 1109.268011] ? p9_client_flush+0x430/0x430 [ 1109.268610] ? lockdep_init_map_type+0x2c7/0x780 [ 1109.269260] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1109.269940] ? __raw_spin_lock_init+0x36/0x110 [ 1109.270613] v9fs_session_init+0x1dd/0x16a0 [ 1109.271244] ? kmem_cache_alloc_trace+0x151/0x360 [ 1109.271906] ? v9fs_show_options+0x690/0x690 [ 1109.272542] ? kasan_unpoison_shadow+0x33/0x50 [ 1109.273189] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1109.273873] v9fs_mount+0x79/0x8f0 [ 1109.274362] ? v9fs_write_inode+0x60/0x60 [ 1109.274968] legacy_get_tree+0x105/0x220 [ 1109.275540] vfs_get_tree+0x8e/0x300 [ 1109.276060] path_mount+0x13be/0x20b0 [ 1109.276581] ? strncpy_from_user+0x9e/0x470 [ 1109.277207] ? finish_automount+0xa40/0xa40 [ 1109.277811] ? getname_flags.part.0+0x1dd/0x4f0 [ 1109.278452] ? _copy_from_user+0xfb/0x1b0 [ 1109.279054] __x64_sys_mount+0x282/0x300 [ 1109.279649] ? copy_mnt_ns+0xa00/0xa00 [ 1109.280182] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1109.280916] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1109.281615] do_syscall_64+0x33/0x40 [ 1109.282132] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1109.282867] RIP: 0033:0x7fb012c72b19 [ 1109.283397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1109.285924] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1109.287029] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1109.288058] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1109.289016] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1109.290042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1109.291040] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:55:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1109.325435] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1109.368943] FAT-fs (loop1): bogus number of reserved sectors [ 1109.370259] FAT-fs (loop1): Can't find a valid FAT filesystem [ 1109.412743] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:55:23 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 38) 23:55:23 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:55:23 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 15) 23:55:23 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xe1, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:23 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffff0000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:23 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 9) 23:55:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:23 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x400300, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1120.362923] FAULT_INJECTION: forcing a failure. [ 1120.362923] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1120.365592] CPU: 1 PID: 7793 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1120.367180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.368922] Call Trace: [ 1120.369479] dump_stack+0x107/0x167 [ 1120.370211] should_fail.cold+0x5/0xa [ 1120.370975] ? iov_iter_fault_in_readable+0x9a/0x410 [ 1120.372077] iov_iter_copy_from_user_atomic+0x49b/0xc60 [ 1120.373178] ? shmem_write_begin+0xf7/0x1d0 [ 1120.374057] ? shmem_write_begin+0x100/0x1d0 [ 1120.374962] generic_perform_write+0x279/0x4f0 [ 1120.375922] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4a0/0x4a0 [ 1120.377407] ? evict_inodes+0x420/0x420 [ 1120.378228] ? generic_write_checks+0x2ad/0x390 [ 1120.379193] __generic_file_write_iter+0x39d/0x5d0 [ 1120.380195] generic_file_write_iter+0xdb/0x230 [ 1120.381134] ? iov_iter_init+0x3c/0x130 [ 1120.381935] new_sync_write+0x42c/0x660 [ 1120.382752] ? new_sync_read+0x6f0/0x6f0 [ 1120.383598] ? __x64_sys_pwrite64+0x201/0x260 [ 1120.384518] ? lock_release+0x6b0/0x6b0 [ 1120.385335] ? selinux_file_permission+0x36/0x510 [ 1120.386348] vfs_write+0x747/0xa30 [ 1120.387110] __x64_sys_pwrite64+0x201/0x260 [ 1120.387982] ? ksys_pwrite64+0x1b0/0x1b0 [ 1120.388818] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.389884] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.390935] do_syscall_64+0x33/0x40 [ 1120.391702] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1120.392751] RIP: 0033:0x7f21cd51bab7 [ 1120.393514] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1120.397252] RSP: 002b:00007f21caaddf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1120.398795] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51bab7 [ 1120.400249] RDX: 0000000000000017 RSI: 0000000020010000 RDI: 0000000000000004 [ 1120.401682] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1120.403149] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1120.404583] R13: 0000000000000004 R14: 0000000020001380 R15: 0000000000000000 [ 1120.411983] FAULT_INJECTION: forcing a failure. [ 1120.411983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1120.414362] CPU: 1 PID: 7786 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1120.415752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.417414] Call Trace: [ 1120.417953] dump_stack+0x107/0x167 [ 1120.418697] should_fail.cold+0x5/0xa [ 1120.419480] _copy_from_iter_full+0x1ff/0x940 [ 1120.420383] ? __check_object_size+0x319/0x440 [ 1120.421310] netlink_sendmsg+0x86f/0xdf0 [ 1120.422146] ? netlink_unicast+0x7f0/0x7f0 [ 1120.423005] ? netlink_unicast+0x7f0/0x7f0 [ 1120.423884] sock_sendmsg+0x154/0x190 [ 1120.424663] ____sys_sendmsg+0x70d/0x870 [ 1120.425498] ? kernel_sendmsg+0x50/0x50 [ 1120.426296] ? do_recvmmsg+0x6d0/0x6d0 [ 1120.427087] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1120.428151] ? lock_downgrade+0x6d0/0x6d0 [ 1120.428991] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1120.430052] ___sys_sendmsg+0xf3/0x170 [ 1120.430848] ? sendmsg_copy_msghdr+0x160/0x160 [ 1120.431811] ? lock_downgrade+0x6d0/0x6d0 [ 1120.432644] ? find_held_lock+0x2c/0x110 [ 1120.433479] ? __fget_files+0x296/0x480 [ 1120.434289] ? __fget_light+0xea/0x290 [ 1120.435095] __sys_sendmsg+0xe5/0x1b0 [ 1120.435861] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1120.436424] FAULT_INJECTION: forcing a failure. [ 1120.436424] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.436722] ? rcu_read_lock_any_held+0x75/0xa0 [ 1120.436761] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.436788] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.442062] ? trace_hardirqs_on+0x5b/0x180 [ 1120.442929] do_syscall_64+0x33/0x40 [ 1120.443711] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1120.444739] RIP: 0033:0x7f2b3a370b19 [ 1120.445497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.449177] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1120.450720] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1120.452170] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1120.453611] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1120.455044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1120.456473] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1120.457948] CPU: 0 PID: 7790 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1120.459595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.461303] Call Trace: [ 1120.461858] dump_stack+0x107/0x167 [ 1120.462619] should_fail.cold+0x5/0xa [ 1120.463415] ? p9_fcall_init+0x97/0x210 [ 1120.464231] should_failslab+0x5/0x20 [ 1120.465016] __kmalloc+0x72/0x3f0 [ 1120.465745] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1120.466809] p9_fcall_init+0x97/0x210 [ 1120.467618] p9_client_prepare_req.part.0+0xf4/0xb30 [ 1120.468690] p9_client_rpc+0x220/0x1210 [ 1120.469543] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1120.470650] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1120.471649] ? snd_seq_poll+0x15b/0x2d0 [ 1120.472471] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1120.473586] ? p9_fd_poll+0x1e0/0x2c0 [ 1120.474414] ? p9_fd_create+0x357/0x4a0 [ 1120.475263] ? p9_conn_create+0x510/0x510 [ 1120.476156] ? p9_client_create+0x798/0x1090 [ 1120.477103] ? kfree+0xd7/0x390 [ 1120.477796] ? do_raw_spin_unlock+0x4f/0x220 [ 1120.478741] p9_client_create+0xa76/0x1090 [ 1120.479645] ? p9_client_flush+0x430/0x430 [ 1120.480540] ? lockdep_init_map_type+0x2c7/0x780 [ 1120.481539] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1120.482543] ? __raw_spin_lock_init+0x36/0x110 [ 1120.483532] v9fs_session_init+0x1dd/0x16a0 [ 1120.484446] ? kmem_cache_alloc_trace+0x151/0x360 [ 1120.485452] ? v9fs_show_options+0x690/0x690 [ 1120.486384] ? kasan_unpoison_shadow+0x33/0x50 [ 1120.487361] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1120.488419] v9fs_mount+0x79/0x8f0 [ 1120.489159] ? v9fs_write_inode+0x60/0x60 [ 1120.490034] legacy_get_tree+0x105/0x220 [ 1120.490892] vfs_get_tree+0x8e/0x300 [ 1120.491680] path_mount+0x13be/0x20b0 [ 1120.492521] ? strncpy_from_user+0x9e/0x470 [ 1120.493441] ? finish_automount+0xa40/0xa40 [ 1120.494374] ? getname_flags.part.0+0x1dd/0x4f0 [ 1120.495387] ? _copy_from_user+0xfb/0x1b0 [ 1120.496333] __x64_sys_mount+0x282/0x300 [ 1120.497250] ? copy_mnt_ns+0xa00/0xa00 [ 1120.498060] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.499171] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.500308] do_syscall_64+0x33/0x40 [ 1120.501085] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1120.502146] RIP: 0033:0x7fb012c72b19 [ 1120.502931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.506772] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1120.508396] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1120.509854] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1120.511337] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1120.512808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1120.514280] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:55:23 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:23 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf0ffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8cffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:23 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff7f, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:23 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1120.565005] FAT-fs (loop1): Directory bread(block 3) failed 23:55:23 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 10) [ 1120.682317] FAULT_INJECTION: forcing a failure. [ 1120.682317] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.684910] CPU: 0 PID: 7813 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1120.686332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.688099] Call Trace: [ 1120.688686] dump_stack+0x107/0x167 [ 1120.689464] should_fail.cold+0x5/0xa [ 1120.690276] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1120.691685] should_failslab+0x5/0x20 [ 1120.692480] __kmalloc+0x72/0x3f0 [ 1120.693231] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1120.694566] genl_family_rcv_msg_doit+0xda/0x330 [ 1120.695576] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1120.696947] ? cap_capable+0x1d6/0x240 [ 1120.697783] ? security_capable+0x95/0xc0 [ 1120.698665] ? ns_capable+0xdd/0x100 [ 1120.699476] genl_rcv_msg+0x33c/0x5a0 [ 1120.700285] ? genl_get_cmd+0x480/0x480 [ 1120.701121] ? nl80211_notify_iface+0x180/0x180 [ 1120.702105] ? lock_release+0x6b0/0x6b0 [ 1120.702949] ? netlink_deliver_tap+0xf4/0xc40 [ 1120.703916] netlink_rcv_skb+0x14b/0x430 [ 1120.704788] ? genl_get_cmd+0x480/0x480 [ 1120.705635] ? netlink_ack+0xab0/0xab0 [ 1120.706458] ? netlink_deliver_tap+0x1c4/0xc40 [ 1120.707422] ? is_vmalloc_addr+0x7b/0xb0 [ 1120.708282] genl_rcv+0x24/0x40 [ 1120.708971] netlink_unicast+0x549/0x7f0 [ 1120.709828] ? netlink_attachskb+0x810/0x810 [ 1120.710765] netlink_sendmsg+0x905/0xdf0 [ 1120.711647] ? netlink_unicast+0x7f0/0x7f0 [ 1120.712561] ? netlink_unicast+0x7f0/0x7f0 [ 1120.713462] sock_sendmsg+0x154/0x190 [ 1120.714281] ____sys_sendmsg+0x70d/0x870 [ 1120.715149] ? kernel_sendmsg+0x50/0x50 [ 1120.715986] ? do_recvmmsg+0x6d0/0x6d0 [ 1120.716819] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1120.717939] ? lock_downgrade+0x6d0/0x6d0 [ 1120.718826] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1120.719948] ___sys_sendmsg+0xf3/0x170 [ 1120.720753] ? sendmsg_copy_msghdr+0x160/0x160 [ 1120.721712] ? lock_downgrade+0x6d0/0x6d0 [ 1120.722582] ? find_held_lock+0x2c/0x110 [ 1120.723449] ? __fget_files+0x296/0x480 [ 1120.724294] ? __fget_light+0xea/0x290 [ 1120.725110] __sys_sendmsg+0xe5/0x1b0 [ 1120.725913] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1120.726817] ? rcu_read_lock_any_held+0x75/0xa0 [ 1120.727830] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.728937] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.730006] ? trace_hardirqs_on+0x5b/0x180 [ 1120.730920] do_syscall_64+0x33/0x40 [ 1120.731719] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1120.732794] RIP: 0033:0x7f2b3a370b19 [ 1120.733578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.737453] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1120.739057] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1120.740549] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1120.742051] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1120.743546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1120.745037] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:55:36 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 11) 23:55:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:55:36 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x1000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:36 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 39) 23:55:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 16) 23:55:36 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x300, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:36 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xc0ed0000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:36 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff8c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1133.897726] FAULT_INJECTION: forcing a failure. [ 1133.897726] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.899670] FAULT_INJECTION: forcing a failure. [ 1133.899670] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.900103] CPU: 0 PID: 7831 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1133.903733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1133.905434] Call Trace: [ 1133.905985] dump_stack+0x107/0x167 [ 1133.906742] should_fail.cold+0x5/0xa [ 1133.907553] ? create_object.isra.0+0x3a/0xa20 [ 1133.908498] should_failslab+0x5/0x20 [ 1133.909278] kmem_cache_alloc+0x5b/0x360 [ 1133.910118] create_object.isra.0+0x3a/0xa20 [ 1133.911027] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1133.912084] __kmalloc+0x16e/0x3f0 [ 1133.912821] p9_fcall_init+0x97/0x210 [ 1133.913610] p9_client_prepare_req.part.0+0xf4/0xb30 [ 1133.914659] p9_client_rpc+0x220/0x1210 [ 1133.915500] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1133.916595] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1133.917559] ? snd_seq_poll+0x15b/0x2d0 [ 1133.918378] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1133.919509] ? p9_fd_poll+0x1e0/0x2c0 [ 1133.920301] ? p9_fd_create+0x357/0x4a0 [ 1133.921120] ? p9_conn_create+0x510/0x510 [ 1133.921974] ? p9_client_create+0x798/0x1090 [ 1133.922877] ? kfree+0xd7/0x390 [ 1133.923570] ? do_raw_spin_unlock+0x4f/0x220 [ 1133.924487] p9_client_create+0xa76/0x1090 [ 1133.925352] ? p9_client_flush+0x430/0x430 [ 1133.926268] ? lockdep_init_map_type+0x2c7/0x780 [ 1133.927258] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1133.928244] ? __raw_spin_lock_init+0x36/0x110 [ 1133.929191] v9fs_session_init+0x1dd/0x16a0 [ 1133.930082] ? kmem_cache_alloc_trace+0x151/0x360 [ 1133.931113] ? v9fs_show_options+0x690/0x690 [ 1133.932188] ? kasan_unpoison_shadow+0x33/0x50 [ 1133.933244] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1133.934414] v9fs_mount+0x79/0x8f0 [ 1133.935240] ? v9fs_write_inode+0x60/0x60 [ 1133.936205] legacy_get_tree+0x105/0x220 [ 1133.937146] vfs_get_tree+0x8e/0x300 [ 1133.938010] path_mount+0x13be/0x20b0 [ 1133.938894] ? strncpy_from_user+0x9e/0x470 [ 1133.939901] ? finish_automount+0xa40/0xa40 [ 1133.940898] ? getname_flags.part.0+0x1dd/0x4f0 [ 1133.941967] ? _copy_from_user+0xfb/0x1b0 [ 1133.942934] __x64_sys_mount+0x282/0x300 [ 1133.943890] ? copy_mnt_ns+0xa00/0xa00 [ 1133.944746] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1133.945828] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1133.946889] do_syscall_64+0x33/0x40 [ 1133.947668] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1133.948722] RIP: 0033:0x7fb012c72b19 [ 1133.949491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1133.953271] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1133.954840] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1133.956311] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1133.957776] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1133.959253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1133.960723] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1133.962231] CPU: 1 PID: 7836 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1133.963684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1133.963769] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1133.965374] Call Trace: [ 1133.965411] dump_stack+0x107/0x167 [ 1133.965437] should_fail.cold+0x5/0xa [ 1133.968998] FAULT_INJECTION: forcing a failure. [ 1133.968998] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.969055] ? getname_flags.part.0+0x50/0x4f0 [ 1133.972220] should_failslab+0x5/0x20 [ 1133.972998] kmem_cache_alloc+0x5b/0x360 [ 1133.973836] getname_flags.part.0+0x50/0x4f0 [ 1133.974742] getname+0x8e/0xd0 [ 1133.975414] do_sys_openat2+0xf9/0x420 [ 1133.976211] ? build_open_flags+0x690/0x690 [ 1133.977124] ? rcu_read_lock_any_held+0x75/0xa0 [ 1133.978072] __x64_sys_openat+0x13f/0x1f0 [ 1133.978926] ? __ia32_sys_open+0x1c0/0x1c0 [ 1133.979817] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1133.980880] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1133.981941] do_syscall_64+0x33/0x40 [ 1133.982692] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1133.983745] RIP: 0033:0x7f21cd51ba04 [ 1133.984498] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1133.988253] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1133.989790] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1133.991251] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1133.992739] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1133.994184] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1133.995695] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1133.997181] CPU: 0 PID: 7837 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1133.998607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1134.000379] Call Trace: [ 1134.000999] dump_stack+0x107/0x167 [ 1134.001853] should_fail.cold+0x5/0xa [ 1134.002744] ? create_object.isra.0+0x3a/0xa20 [ 1134.003820] should_failslab+0x5/0x20 [ 1134.004707] kmem_cache_alloc+0x5b/0x360 [ 1134.005655] create_object.isra.0+0x3a/0xa20 [ 1134.006679] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1134.007880] __kmalloc+0x16e/0x3f0 [ 1134.008725] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1134.010200] genl_family_rcv_msg_doit+0xda/0x330 [ 1134.011419] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1134.012942] ? cap_capable+0x1d6/0x240 [ 1134.013848] ? security_capable+0x95/0xc0 [ 1134.014807] ? ns_capable+0xdd/0x100 [ 1134.015693] genl_rcv_msg+0x33c/0x5a0 [ 1134.016577] ? genl_get_cmd+0x480/0x480 [ 1134.017497] ? nl80211_notify_iface+0x180/0x180 [ 1134.018570] ? lock_release+0x6b0/0x6b0 [ 1134.019493] ? netlink_deliver_tap+0xf4/0xc40 [ 1134.020529] netlink_rcv_skb+0x14b/0x430 [ 1134.021465] ? genl_get_cmd+0x480/0x480 [ 1134.022381] ? netlink_ack+0xab0/0xab0 [ 1134.023293] ? netlink_deliver_tap+0x1c4/0xc40 [ 1134.024341] ? is_vmalloc_addr+0x7b/0xb0 [ 1134.025279] genl_rcv+0x24/0x40 [ 1134.026035] netlink_unicast+0x549/0x7f0 [ 1134.026975] ? netlink_attachskb+0x810/0x810 [ 1134.028013] netlink_sendmsg+0x905/0xdf0 [ 1134.028958] ? netlink_unicast+0x7f0/0x7f0 [ 1134.029943] ? netlink_unicast+0x7f0/0x7f0 [ 1134.030923] sock_sendmsg+0x154/0x190 [ 1134.031814] ____sys_sendmsg+0x70d/0x870 [ 1134.032750] ? kernel_sendmsg+0x50/0x50 [ 1134.033658] ? do_recvmmsg+0x6d0/0x6d0 [ 1134.034550] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1134.035770] ? lock_downgrade+0x6d0/0x6d0 [ 1134.036730] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1134.037941] ___sys_sendmsg+0xf3/0x170 [ 1134.038841] ? sendmsg_copy_msghdr+0x160/0x160 [ 1134.039911] ? lock_downgrade+0x6d0/0x6d0 [ 1134.040869] ? find_held_lock+0x2c/0x110 [ 1134.041813] ? __fget_files+0x296/0x480 [ 1134.042745] ? __fget_light+0xea/0x290 [ 1134.043667] __sys_sendmsg+0xe5/0x1b0 [ 1134.044544] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1134.045534] ? rcu_read_lock_any_held+0x75/0xa0 [ 1134.046628] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1134.047846] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1134.048926] ? trace_hardirqs_on+0x5b/0x180 [ 1134.049825] do_syscall_64+0x33/0x40 [ 1134.050601] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1134.051661] RIP: 0033:0x7f2b3a370b19 [ 1134.052425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1134.056536] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1134.058280] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1134.059915] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1134.061544] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1134.063170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1134.064807] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:55:36 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x500, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 17) 23:55:36 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x2000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:36 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfffffff6, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:36 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x600, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1134.175909] FAULT_INJECTION: forcing a failure. [ 1134.175909] name failslab, interval 1, probability 0, space 0, times 0 [ 1134.178803] CPU: 0 PID: 7847 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1134.180485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1134.182501] Call Trace: [ 1134.183164] dump_stack+0x107/0x167 [ 1134.184082] should_fail.cold+0x5/0xa [ 1134.185022] ? create_object.isra.0+0x3a/0xa20 [ 1134.186140] should_failslab+0x5/0x20 [ 1134.187074] kmem_cache_alloc+0x5b/0x360 [ 1134.188083] create_object.isra.0+0x3a/0xa20 [ 1134.189165] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1134.190421] kmem_cache_alloc+0x159/0x360 [ 1134.191516] getname_flags.part.0+0x50/0x4f0 [ 1134.192539] getname+0x8e/0xd0 [ 1134.193405] do_sys_openat2+0xf9/0x420 [ 1134.194360] ? build_open_flags+0x690/0x690 [ 1134.195440] ? rcu_read_lock_any_held+0x75/0xa0 [ 1134.196593] __x64_sys_openat+0x13f/0x1f0 [ 1134.197612] ? __ia32_sys_open+0x1c0/0x1c0 [ 1134.198661] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1134.199966] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1134.201233] do_syscall_64+0x33/0x40 [ 1134.202153] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1134.203434] RIP: 0033:0x7f21cd51ba04 [ 1134.204355] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1134.208866] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1134.210752] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1134.212504] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1134.214243] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1134.215990] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1134.217713] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:55:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xf6ffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 40) [ 1134.306847] FAULT_INJECTION: forcing a failure. [ 1134.306847] name failslab, interval 1, probability 0, space 0, times 0 [ 1134.309599] CPU: 0 PID: 7861 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1134.311265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1134.313301] Call Trace: [ 1134.313957] dump_stack+0x107/0x167 [ 1134.314803] should_fail.cold+0x5/0xa [ 1134.315715] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1134.317030] should_failslab+0x5/0x20 [ 1134.317908] kmem_cache_alloc+0x5b/0x360 [ 1134.318856] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1134.320156] idr_get_free+0x4b5/0x8f0 [ 1134.321055] idr_alloc_u32+0x170/0x2d0 [ 1134.321961] ? __fprop_inc_percpu_max+0x130/0x130 [ 1134.323077] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 1134.324315] ? lock_release+0x6b0/0x6b0 [ 1134.325163] idr_alloc+0xc2/0x130 [ 1134.325879] ? idr_alloc_u32+0x2d0/0x2d0 [ 1134.326723] ? rwlock_bug.part.0+0x90/0x90 [ 1134.327629] p9_client_prepare_req.part.0+0x625/0xb30 [ 1134.328711] p9_client_rpc+0x220/0x1210 [ 1134.329543] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1134.330644] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1134.331596] ? snd_seq_poll+0x15b/0x2d0 [ 1134.332427] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1134.333537] ? p9_fd_poll+0x1e0/0x2c0 [ 1134.334335] ? p9_fd_create+0x357/0x4a0 [ 1134.335248] ? p9_conn_create+0x510/0x510 [ 1134.336208] ? p9_client_create+0x798/0x1090 [ 1134.337290] ? kfree+0xd7/0x390 [ 1134.338102] ? do_raw_spin_unlock+0x4f/0x220 [ 1134.339193] p9_client_create+0xa76/0x1090 [ 1134.340261] ? p9_client_flush+0x430/0x430 [ 1134.341308] ? lockdep_init_map_type+0x2c7/0x780 [ 1134.342468] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1134.343689] ? __raw_spin_lock_init+0x36/0x110 [ 1134.344827] v9fs_session_init+0x1dd/0x16a0 [ 1134.345908] ? kmem_cache_alloc_trace+0x151/0x360 [ 1134.347090] ? v9fs_show_options+0x690/0x690 [ 1134.348214] ? kasan_unpoison_shadow+0x33/0x50 [ 1134.349347] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1134.350590] v9fs_mount+0x79/0x8f0 [ 1134.351380] ? v9fs_write_inode+0x60/0x60 [ 1134.352288] legacy_get_tree+0x105/0x220 [ 1134.353183] vfs_get_tree+0x8e/0x300 [ 1134.354001] path_mount+0x13be/0x20b0 [ 1134.354835] ? strncpy_from_user+0x9e/0x470 [ 1134.355796] ? finish_automount+0xa40/0xa40 [ 1134.356741] ? getname_flags.part.0+0x1dd/0x4f0 [ 1134.357756] ? _copy_from_user+0xfb/0x1b0 [ 1134.358674] __x64_sys_mount+0x282/0x300 [ 1134.359576] ? copy_mnt_ns+0xa00/0xa00 [ 1134.360432] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1134.361582] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1134.362709] do_syscall_64+0x33/0x40 [ 1134.363532] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1134.364793] RIP: 0033:0x7fb012c72b19 [ 1134.365708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1134.370226] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1134.372109] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1134.373596] FAULT_INJECTION: forcing a failure. [ 1134.373596] name failslab, interval 1, probability 0, space 0, times 0 [ 1134.373855] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1134.373870] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1134.373892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1134.373907] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1134.382544] CPU: 1 PID: 7869 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1134.382781] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:55:37 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 12) 23:55:37 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x3000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:55:37 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x700, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1134.383969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1134.383977] Call Trace: [ 1134.384010] dump_stack+0x107/0x167 [ 1134.384038] should_fail.cold+0x5/0xa [ 1134.389592] ? __alloc_skb+0x6d/0x620 [ 1134.390381] should_failslab+0x5/0x20 [ 1134.391163] kmem_cache_alloc_node+0x55/0x370 [ 1134.392097] __alloc_skb+0x6d/0x620 [ 1134.392845] nl80211_notify_iface+0x2e/0x180 [ 1134.393743] nl80211_set_interface+0x720/0x910 [ 1134.394676] ? nl80211_post_doit+0x2e0/0x2e0 [ 1134.395596] ? nl80211_notify_iface+0x180/0x180 [ 1134.396552] ? nl80211_pre_doit+0xa2/0x630 [ 1134.397429] genl_family_rcv_msg_doit+0x22d/0x330 [ 1134.398412] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1134.399809] ? cap_capable+0x1d6/0x240 [ 1134.400618] ? ns_capable+0xdd/0x100 [ 1134.401398] genl_rcv_msg+0x33c/0x5a0 [ 1134.402181] ? genl_get_cmd+0x480/0x480 [ 1134.402990] ? nl80211_notify_iface+0x180/0x180 [ 1134.403969] ? lock_release+0x6b0/0x6b0 [ 1134.404778] ? netlink_deliver_tap+0xf4/0xc40 [ 1134.405688] netlink_rcv_skb+0x14b/0x430 [ 1134.406521] ? genl_get_cmd+0x480/0x480 [ 1134.407350] ? netlink_ack+0xab0/0xab0 [ 1134.408161] ? netlink_deliver_tap+0x1c4/0xc40 [ 1134.409097] ? is_vmalloc_addr+0x7b/0xb0 [ 1134.409933] genl_rcv+0x24/0x40 [ 1134.410603] netlink_unicast+0x549/0x7f0 [ 1134.411458] ? netlink_attachskb+0x810/0x810 [ 1134.412372] netlink_sendmsg+0x905/0xdf0 [ 1134.413207] ? netlink_unicast+0x7f0/0x7f0 [ 1134.414081] ? netlink_unicast+0x7f0/0x7f0 [ 1134.414972] sock_sendmsg+0x154/0x190 [ 1134.415766] ____sys_sendmsg+0x70d/0x870 [ 1134.416598] ? kernel_sendmsg+0x50/0x50 [ 1134.417410] ? do_recvmmsg+0x6d0/0x6d0 [ 1134.418199] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1134.419284] ? lock_downgrade+0x6d0/0x6d0 [ 1134.420126] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1134.421206] ___sys_sendmsg+0xf3/0x170 [ 1134.421999] ? sendmsg_copy_msghdr+0x160/0x160 [ 1134.422935] ? lock_downgrade+0x6d0/0x6d0 [ 1134.423802] ? find_held_lock+0x2c/0x110 [ 1134.424644] ? __fget_files+0x296/0x480 [ 1134.425462] ? __fget_light+0xea/0x290 [ 1134.426264] __sys_sendmsg+0xe5/0x1b0 [ 1134.427038] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1134.427944] ? rcu_read_lock_any_held+0x75/0xa0 [ 1134.428920] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1134.430016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1134.431070] ? trace_hardirqs_on+0x5b/0x180 [ 1134.431975] do_syscall_64+0x33/0x40 [ 1134.432749] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1134.433790] RIP: 0033:0x7f2b3a370b19 [ 1134.434552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1134.438323] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1134.439890] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1134.441344] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1134.442812] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1134.444282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1134.445769] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1134.499933] FAT-fs (loop1): Directory bread(block 3) failed [ 1146.951596] FAULT_INJECTION: forcing a failure. [ 1146.951596] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1146.954222] CPU: 0 PID: 7885 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1146.955761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1146.957588] Call Trace: [ 1146.958176] dump_stack+0x107/0x167 [ 1146.958992] should_fail.cold+0x5/0xa [ 1146.959892] strncpy_from_user+0x34/0x470 [ 1146.960854] getname_flags.part.0+0x95/0x4f0 [ 1146.961890] getname+0x8e/0xd0 [ 1146.962637] do_sys_openat2+0xf9/0x420 [ 1146.963551] ? build_open_flags+0x690/0x690 [ 1146.964544] ? rcu_read_lock_any_held+0x75/0xa0 [ 1146.965588] __x64_sys_openat+0x13f/0x1f0 [ 1146.966505] ? __ia32_sys_open+0x1c0/0x1c0 [ 1146.967482] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1146.968650] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1146.969787] do_syscall_64+0x33/0x40 [ 1146.970602] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1146.971802] RIP: 0033:0x7f21cd51ba04 [ 1146.972735] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1146.976765] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1146.978668] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1146.980462] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1146.982237] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1146.984043] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1146.985825] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:55:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 18) 23:55:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfeffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 41) 23:55:49 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r1, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:55:49 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfffffffe, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x4000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 13) 23:55:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x900, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1147.011097] FAULT_INJECTION: forcing a failure. [ 1147.011097] name failslab, interval 1, probability 0, space 0, times 0 [ 1147.013589] CPU: 0 PID: 7895 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1147.015341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1147.017196] Call Trace: [ 1147.017865] dump_stack+0x107/0x167 [ 1147.018676] should_fail.cold+0x5/0xa [ 1147.019637] ? create_object.isra.0+0x3a/0xa20 [ 1147.020678] should_failslab+0x5/0x20 [ 1147.021615] kmem_cache_alloc+0x5b/0x360 [ 1147.022615] ? ieee80211_set_mon_options+0x4c1/0x810 [ 1147.023901] create_object.isra.0+0x3a/0xa20 [ 1147.025002] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1147.026265] kmem_cache_alloc_node+0x169/0x370 [ 1147.027431] __alloc_skb+0x6d/0x620 [ 1147.028336] nl80211_notify_iface+0x2e/0x180 [ 1147.029578] nl80211_set_interface+0x720/0x910 [ 1147.030708] ? nl80211_post_doit+0x2e0/0x2e0 [ 1147.031955] ? nl80211_notify_iface+0x180/0x180 [ 1147.033232] ? nl80211_pre_doit+0xa2/0x630 [ 1147.034301] genl_family_rcv_msg_doit+0x22d/0x330 [ 1147.035543] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1147.037170] ? cap_capable+0x1d6/0x240 [ 1147.038153] ? ns_capable+0xdd/0x100 [ 1147.039096] genl_rcv_msg+0x33c/0x5a0 [ 1147.040161] ? genl_get_cmd+0x480/0x480 [ 1147.041158] ? nl80211_notify_iface+0x180/0x180 [ 1147.042346] ? lock_release+0x6b0/0x6b0 [ 1147.043332] ? netlink_deliver_tap+0xf4/0xc40 [ 1147.044444] netlink_rcv_skb+0x14b/0x430 [ 1147.045302] ? genl_get_cmd+0x480/0x480 [ 1147.046135] ? netlink_ack+0xab0/0xab0 [ 1147.046957] ? netlink_deliver_tap+0x1c4/0xc40 [ 1147.047937] ? is_vmalloc_addr+0x7b/0xb0 [ 1147.048791] genl_rcv+0x24/0x40 [ 1147.049479] netlink_unicast+0x549/0x7f0 [ 1147.050337] ? netlink_attachskb+0x810/0x810 [ 1147.051267] netlink_sendmsg+0x905/0xdf0 [ 1147.052131] ? netlink_unicast+0x7f0/0x7f0 [ 1147.053025] ? netlink_unicast+0x7f0/0x7f0 [ 1147.053909] sock_sendmsg+0x154/0x190 [ 1147.054706] ____sys_sendmsg+0x70d/0x870 [ 1147.055577] ? kernel_sendmsg+0x50/0x50 [ 1147.056415] ? do_recvmmsg+0x6d0/0x6d0 [ 1147.057247] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1147.058340] ? lock_downgrade+0x6d0/0x6d0 [ 1147.059216] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1147.060322] ___sys_sendmsg+0xf3/0x170 [ 1147.061130] ? sendmsg_copy_msghdr+0x160/0x160 [ 1147.062080] ? lock_downgrade+0x6d0/0x6d0 [ 1147.062941] ? find_held_lock+0x2c/0x110 [ 1147.063799] ? __fget_files+0x296/0x480 [ 1147.064631] ? __fget_light+0xea/0x290 [ 1147.065442] __sys_sendmsg+0xe5/0x1b0 [ 1147.066229] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1147.067127] ? rcu_read_lock_any_held+0x75/0xa0 [ 1147.068129] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1147.069213] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1147.070275] ? trace_hardirqs_on+0x5b/0x180 [ 1147.071169] do_syscall_64+0x33/0x40 [ 1147.071954] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1147.073019] RIP: 0033:0x7f2b3a370b19 [ 1147.073794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1147.077597] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1147.079166] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1147.080643] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1147.082111] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1147.083598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1147.085072] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1147.092234] FAULT_INJECTION: forcing a failure. [ 1147.092234] name failslab, interval 1, probability 0, space 0, times 0 [ 1147.094559] CPU: 0 PID: 7900 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1147.095998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1147.097744] Call Trace: [ 1147.098304] dump_stack+0x107/0x167 23:55:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf00, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1147.099069] should_fail.cold+0x5/0xa [ 1147.100056] ? create_object.isra.0+0x3a/0xa20 [ 1147.101026] should_failslab+0x5/0x20 [ 1147.101819] kmem_cache_alloc+0x5b/0x360 [ 1147.102668] create_object.isra.0+0x3a/0xa20 [ 1147.103607] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1147.104670] kmem_cache_alloc+0x159/0x360 [ 1147.105544] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1147.106710] idr_get_free+0x4b5/0x8f0 [ 1147.107535] idr_alloc_u32+0x170/0x2d0 [ 1147.108350] ? __fprop_inc_percpu_max+0x130/0x130 [ 1147.109357] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 1147.110466] ? lock_release+0x6b0/0x6b0 [ 1147.111301] idr_alloc+0xc2/0x130 [ 1147.112045] ? idr_alloc_u32+0x2d0/0x2d0 [ 1147.112893] ? rwlock_bug.part.0+0x90/0x90 [ 1147.113784] p9_client_prepare_req.part.0+0x625/0xb30 [ 1147.114865] p9_client_rpc+0x220/0x1210 [ 1147.115710] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1147.116820] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1147.117785] ? snd_seq_poll+0x15b/0x2d0 [ 1147.118617] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1147.119747] ? p9_fd_poll+0x1e0/0x2c0 [ 1147.120547] ? p9_fd_create+0x357/0x4a0 [ 1147.121369] ? p9_conn_create+0x510/0x510 [ 1147.122227] ? p9_client_create+0x798/0x1090 [ 1147.123144] ? kfree+0xd7/0x390 [ 1147.123846] ? do_raw_spin_unlock+0x4f/0x220 [ 1147.124762] p9_client_create+0xa76/0x1090 [ 1147.125652] ? p9_client_flush+0x430/0x430 [ 1147.126540] ? lockdep_init_map_type+0x2c7/0x780 [ 1147.127531] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1147.128540] ? __raw_spin_lock_init+0x36/0x110 [ 1147.129498] v9fs_session_init+0x1dd/0x16a0 [ 1147.130414] ? kmem_cache_alloc_trace+0x151/0x360 [ 1147.131436] ? v9fs_show_options+0x690/0x690 [ 1147.132367] ? kasan_unpoison_shadow+0x33/0x50 [ 1147.133319] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1147.134381] v9fs_mount+0x79/0x8f0 [ 1147.135143] ? v9fs_write_inode+0x60/0x60 [ 1147.136005] legacy_get_tree+0x105/0x220 [ 1147.136865] vfs_get_tree+0x8e/0x300 [ 1147.137653] path_mount+0x13be/0x20b0 [ 1147.138460] ? strncpy_from_user+0x9e/0x470 [ 1147.139367] ? finish_automount+0xa40/0xa40 [ 1147.140306] ? getname_flags.part.0+0x1dd/0x4f0 [ 1147.141289] ? _copy_from_user+0xfb/0x1b0 [ 1147.142173] __x64_sys_mount+0x282/0x300 [ 1147.143027] ? copy_mnt_ns+0xa00/0xa00 [ 1147.143856] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1147.144962] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1147.146050] do_syscall_64+0x33/0x40 [ 1147.146835] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1147.147920] RIP: 0033:0x7fb012c72b19 [ 1147.148706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1147.152579] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1147.154172] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1147.155671] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1147.157159] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1147.158647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1147.160147] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1147.162117] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:55:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffff0000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 19) 23:55:50 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xedc000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:50 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff7f, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:55:50 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xe100, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:50 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x5000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:55:50 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:55:50 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 42) [ 1147.264396] FAULT_INJECTION: forcing a failure. [ 1147.264396] name failslab, interval 1, probability 0, space 0, times 0 [ 1147.266891] CPU: 0 PID: 7912 Comm: syz-executor.1 Not tainted 5.10.161 #1 23:55:50 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 14) [ 1147.268335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1147.270195] Call Trace: [ 1147.270760] dump_stack+0x107/0x167 [ 1147.271558] should_fail.cold+0x5/0xa [ 1147.272357] ? __alloc_file+0x21/0x320 [ 1147.273174] should_failslab+0x5/0x20 [ 1147.273985] kmem_cache_alloc+0x5b/0x360 [ 1147.274843] __alloc_file+0x21/0x320 [ 1147.275649] alloc_empty_file+0x6d/0x170 [ 1147.276501] path_openat+0xde/0x26d0 [ 1147.277297] ? path_lookupat+0x860/0x860 [ 1147.278157] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1147.279253] ? lock_acquire+0x197/0x490 [ 1147.280121] do_filp_open+0x17e/0x3d0 [ 1147.280922] ? may_open_dev+0xf0/0xf0 [ 1147.281721] ? __alloc_fd+0x2a5/0x620 [ 1147.282519] ? lock_downgrade+0x6d0/0x6d0 [ 1147.283417] ? rwlock_bug.part.0+0x90/0x90 [ 1147.284321] ? _raw_spin_unlock+0x1a/0x30 [ 1147.285184] ? __alloc_fd+0x2a5/0x620 [ 1147.285990] do_sys_openat2+0x171/0x420 [ 1147.286821] ? build_open_flags+0x690/0x690 [ 1147.287744] ? rcu_read_lock_any_held+0x75/0xa0 [ 1147.288720] __x64_sys_openat+0x13f/0x1f0 [ 1147.289586] ? __ia32_sys_open+0x1c0/0x1c0 [ 1147.290475] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1147.291593] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1147.292672] do_syscall_64+0x33/0x40 [ 1147.293454] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1147.294521] RIP: 0033:0x7f21cd51ba04 [ 1147.295300] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1147.299130] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1147.300744] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1147.302229] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1147.303730] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1147.305214] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1147.306698] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1147.339006] FAULT_INJECTION: forcing a failure. [ 1147.339006] name failslab, interval 1, probability 0, space 0, times 0 [ 1147.341508] CPU: 0 PID: 7916 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1147.342953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1147.344718] Call Trace: [ 1147.345275] dump_stack+0x107/0x167 [ 1147.346040] should_fail.cold+0x5/0xa [ 1147.346848] should_failslab+0x5/0x20 [ 1147.347673] __kmalloc_node_track_caller+0x74/0x3f0 [ 1147.348718] ? nl80211_notify_iface+0x2e/0x180 [ 1147.349676] __alloc_skb+0xb1/0x620 [ 1147.350449] nl80211_notify_iface+0x2e/0x180 [ 1147.351371] nl80211_set_interface+0x720/0x910 [ 1147.352351] ? nl80211_post_doit+0x2e0/0x2e0 [ 1147.353275] ? nl80211_notify_iface+0x180/0x180 [ 1147.354254] ? nl80211_pre_doit+0xa2/0x630 [ 1147.355155] genl_family_rcv_msg_doit+0x22d/0x330 [ 1147.356221] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1147.357603] ? cap_capable+0x1d6/0x240 [ 1147.358446] ? ns_capable+0xdd/0x100 [ 1147.359233] genl_rcv_msg+0x33c/0x5a0 [ 1147.360052] ? genl_get_cmd+0x480/0x480 [ 1147.360885] ? nl80211_notify_iface+0x180/0x180 [ 1147.361865] ? lock_release+0x6b0/0x6b0 [ 1147.362696] ? netlink_deliver_tap+0xf4/0xc40 [ 1147.363648] netlink_rcv_skb+0x14b/0x430 [ 1147.364500] ? genl_get_cmd+0x480/0x480 [ 1147.365336] ? netlink_ack+0xab0/0xab0 [ 1147.366161] ? netlink_deliver_tap+0x1c4/0xc40 [ 1147.367116] ? is_vmalloc_addr+0x7b/0xb0 [ 1147.367981] genl_rcv+0x24/0x40 [ 1147.368673] netlink_unicast+0x549/0x7f0 [ 1147.369529] ? netlink_attachskb+0x810/0x810 [ 1147.370462] netlink_sendmsg+0x905/0xdf0 [ 1147.371320] ? netlink_unicast+0x7f0/0x7f0 [ 1147.371710] FAULT_INJECTION: forcing a failure. [ 1147.371710] name failslab, interval 1, probability 0, space 0, times 0 [ 1147.372272] ? netlink_unicast+0x7f0/0x7f0 [ 1147.375643] sock_sendmsg+0x154/0x190 [ 1147.376444] ____sys_sendmsg+0x70d/0x870 [ 1147.377299] ? kernel_sendmsg+0x50/0x50 [ 1147.378127] ? do_recvmmsg+0x6d0/0x6d0 [ 1147.378943] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1147.380069] ___sys_sendmsg+0xf3/0x170 [ 1147.380888] ? sendmsg_copy_msghdr+0x160/0x160 [ 1147.381844] ? lock_downgrade+0x6d0/0x6d0 [ 1147.382720] ? finish_task_switch+0x126/0x5d0 [ 1147.383661] ? lock_downgrade+0x6d0/0x6d0 [ 1147.384564] ? __fget_files+0x296/0x480 [ 1147.385410] ? __fget_light+0xea/0x290 [ 1147.386261] __sys_sendmsg+0xe5/0x1b0 [ 1147.387054] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1147.387971] ? io_schedule_timeout+0x140/0x140 [ 1147.388940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1147.390035] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1147.391108] ? trace_hardirqs_on+0x5b/0x180 [ 1147.392031] do_syscall_64+0x33/0x40 [ 1147.392814] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1147.393882] RIP: 0033:0x7f2b3a370b19 [ 1147.394664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1147.398505] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1147.400102] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1147.401588] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1147.403071] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1147.404571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1147.406056] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1147.407591] CPU: 1 PID: 7927 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1147.409175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1147.411038] Call Trace: [ 1147.411670] dump_stack+0x107/0x167 [ 1147.412538] should_fail.cold+0x5/0xa [ 1147.413406] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1147.414705] should_failslab+0x5/0x20 [ 1147.415576] kmem_cache_alloc+0x5b/0x360 [ 1147.416539] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1147.417796] idr_get_free+0x4b5/0x8f0 [ 1147.418674] idr_alloc_u32+0x170/0x2d0 [ 1147.419583] ? __fprop_inc_percpu_max+0x130/0x130 [ 1147.420709] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 1147.421910] ? lock_release+0x6b0/0x6b0 [ 1147.422810] idr_alloc+0xc2/0x130 [ 1147.423608] ? idr_alloc_u32+0x2d0/0x2d0 [ 1147.424561] ? rwlock_bug.part.0+0x90/0x90 [ 1147.425530] p9_client_prepare_req.part.0+0x625/0xb30 [ 1147.426694] p9_client_rpc+0x220/0x1210 [ 1147.427629] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1147.428857] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1147.429898] ? snd_seq_poll+0x15b/0x2d0 [ 1147.430791] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1147.432028] ? p9_fd_poll+0x1e0/0x2c0 [ 1147.432929] ? p9_fd_create+0x357/0x4a0 [ 1147.433821] ? p9_conn_create+0x510/0x510 [ 1147.434746] ? p9_client_create+0x798/0x1090 [ 1147.435748] ? kfree+0xd7/0x390 [ 1147.436532] ? do_raw_spin_unlock+0x4f/0x220 [ 1147.437529] p9_client_create+0xa76/0x1090 [ 1147.438488] ? p9_client_flush+0x430/0x430 [ 1147.439675] ? lockdep_init_map_type+0x2c7/0x780 [ 1147.441029] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1147.442410] ? __raw_spin_lock_init+0x36/0x110 [ 1147.443750] v9fs_session_init+0x1dd/0x16a0 [ 1147.444903] ? kmem_cache_alloc_trace+0x151/0x360 [ 1147.446010] ? v9fs_show_options+0x690/0x690 [ 1147.447052] ? kasan_unpoison_shadow+0x33/0x50 [ 1147.448122] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1147.449310] v9fs_mount+0x79/0x8f0 [ 1147.450119] ? v9fs_write_inode+0x60/0x60 [ 1147.451066] legacy_get_tree+0x105/0x220 [ 1147.452014] vfs_get_tree+0x8e/0x300 [ 1147.452895] path_mount+0x13be/0x20b0 [ 1147.453779] ? strncpy_from_user+0x9e/0x470 [ 1147.454767] ? finish_automount+0xa40/0xa40 [ 1147.455786] ? getname_flags.part.0+0x1dd/0x4f0 [ 1147.456946] ? _copy_from_user+0xfb/0x1b0 [ 1147.457904] __x64_sys_mount+0x282/0x300 [ 1147.458818] ? copy_mnt_ns+0xa00/0xa00 [ 1147.459709] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1147.460882] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1147.462039] do_syscall_64+0x33/0x40 [ 1147.462874] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1147.464041] RIP: 0033:0x7fb012c72b19 [ 1147.464895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1147.468983] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1147.470681] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1147.472280] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1147.473869] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1147.475482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1147.477070] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1147.486751] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1160.312104] FAULT_INJECTION: forcing a failure. [ 1160.312104] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.313404] CPU: 0 PID: 7939 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1160.314129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.314998] Call Trace: [ 1160.315286] dump_stack+0x107/0x167 [ 1160.315705] should_fail.cold+0x5/0xa [ 1160.316113] ? create_object.isra.0+0x3a/0xa20 [ 1160.316594] should_failslab+0x5/0x20 [ 1160.316998] kmem_cache_alloc+0x5b/0x360 [ 1160.317429] create_object.isra.0+0x3a/0xa20 [ 1160.317889] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1160.318424] kmem_cache_alloc+0x159/0x360 [ 1160.318865] __alloc_file+0x21/0x320 [ 1160.319263] alloc_empty_file+0x6d/0x170 [ 1160.319712] path_openat+0xde/0x26d0 [ 1160.320114] ? path_lookupat+0x860/0x860 [ 1160.320546] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1160.321095] ? lock_acquire+0x197/0x490 [ 1160.321520] do_filp_open+0x17e/0x3d0 [ 1160.321920] ? may_open_dev+0xf0/0xf0 [ 1160.322438] ? __alloc_fd+0x2a5/0x620 [ 1160.322957] ? lock_downgrade+0x6d0/0x6d0 [ 1160.323516] ? rwlock_bug.part.0+0x90/0x90 [ 1160.324101] ? _raw_spin_unlock+0x1a/0x30 [ 1160.324658] ? __alloc_fd+0x2a5/0x620 [ 1160.325176] do_sys_openat2+0x171/0x420 [ 1160.325711] ? build_open_flags+0x690/0x690 [ 1160.326298] ? rcu_read_lock_any_held+0x75/0xa0 [ 1160.326930] __x64_sys_openat+0x13f/0x1f0 [ 1160.327488] ? __ia32_sys_open+0x1c0/0x1c0 [ 1160.328075] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1160.328778] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1160.329473] do_syscall_64+0x33/0x40 [ 1160.329972] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1160.330660] RIP: 0033:0x7f21cd51ba04 [ 1160.331144] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1160.333067] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1160.333866] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1160.334610] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1160.335352] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1160.336112] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1160.336903] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1160.353139] FAULT_INJECTION: forcing a failure. [ 1160.353139] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.354385] CPU: 0 PID: 7949 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1160.355144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.356087] Call Trace: [ 1160.356390] dump_stack+0x107/0x167 [ 1160.356803] should_fail.cold+0x5/0xa [ 1160.357231] ? create_object.isra.0+0x3a/0xa20 [ 1160.357763] should_failslab+0x5/0x20 [ 1160.358186] kmem_cache_alloc+0x5b/0x360 [ 1160.358653] create_object.isra.0+0x3a/0xa20 [ 1160.359144] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1160.359749] kmem_cache_alloc+0x159/0x360 [ 1160.360215] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1160.360862] idr_get_free+0x4b5/0x8f0 [ 1160.361293] idr_alloc_u32+0x170/0x2d0 [ 1160.361744] ? __fprop_inc_percpu_max+0x130/0x130 [ 1160.362274] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 1160.362897] ? lock_release+0x6b0/0x6b0 [ 1160.363350] idr_alloc+0xc2/0x130 [ 1160.363746] ? idr_alloc_u32+0x2d0/0x2d0 [ 1160.364200] ? rwlock_bug.part.0+0x90/0x90 [ 1160.364687] p9_client_prepare_req.part.0+0x625/0xb30 [ 1160.365264] p9_client_rpc+0x220/0x1210 [ 1160.365723] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1160.366316] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1160.366849] ? snd_seq_poll+0x15b/0x2d0 [ 1160.367297] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1160.367930] ? p9_fd_poll+0x1e0/0x2c0 [ 1160.368361] ? p9_fd_create+0x357/0x4a0 [ 1160.368815] ? p9_conn_create+0x510/0x510 [ 1160.369272] ? p9_client_create+0x798/0x1090 [ 1160.369762] ? kfree+0xd7/0x390 [ 1160.370131] ? do_raw_spin_unlock+0x4f/0x220 [ 1160.370630] p9_client_create+0xa76/0x1090 [ 1160.371109] ? p9_client_flush+0x430/0x430 [ 1160.371594] ? lockdep_init_map_type+0x2c7/0x780 [ 1160.371687] FAULT_INJECTION: forcing a failure. [ 1160.371687] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.372125] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1160.372144] ? __raw_spin_lock_init+0x36/0x110 [ 1160.375510] v9fs_session_init+0x1dd/0x16a0 [ 1160.376002] ? kmem_cache_alloc_trace+0x151/0x360 [ 1160.376541] ? v9fs_show_options+0x690/0x690 [ 1160.377065] ? kasan_unpoison_shadow+0x33/0x50 [ 1160.377577] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1160.378157] v9fs_mount+0x79/0x8f0 [ 1160.378558] ? v9fs_write_inode+0x60/0x60 [ 1160.379039] legacy_get_tree+0x105/0x220 [ 1160.379497] vfs_get_tree+0x8e/0x300 [ 1160.379941] path_mount+0x13be/0x20b0 [ 1160.380373] ? strncpy_from_user+0x9e/0x470 [ 1160.380856] ? finish_automount+0xa40/0xa40 [ 1160.381345] ? getname_flags.part.0+0x1dd/0x4f0 [ 1160.381861] ? _copy_from_user+0xfb/0x1b0 [ 1160.382347] __x64_sys_mount+0x282/0x300 [ 1160.382805] ? copy_mnt_ns+0xa00/0xa00 [ 1160.383253] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1160.383837] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1160.384428] do_syscall_64+0x33/0x40 [ 1160.384838] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1160.385431] RIP: 0033:0x7fb012c72b19 [ 1160.385845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1160.387930] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1160.388785] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1160.389583] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1160.390400] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1160.391218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1160.392054] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1160.392902] CPU: 1 PID: 7952 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1160.394371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.395276] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1160.396155] Call Trace: [ 1160.396179] dump_stack+0x107/0x167 [ 1160.396204] should_fail.cold+0x5/0xa [ 1160.399209] ? create_object.isra.0+0x3a/0xa20 [ 1160.400198] should_failslab+0x5/0x20 [ 1160.401011] kmem_cache_alloc+0x5b/0x360 [ 1160.401886] create_object.isra.0+0x3a/0xa20 [ 1160.402821] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1160.403914] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 1160.404992] ? nl80211_notify_iface+0x2e/0x180 23:56:03 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 15) 23:56:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 20) 23:56:03 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:03 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 43) 23:56:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff8c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:03 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:03 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:03 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x6000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1160.405971] __alloc_skb+0xb1/0x620 [ 1160.406965] nl80211_notify_iface+0x2e/0x180 [ 1160.407930] nl80211_set_interface+0x720/0x910 [ 1160.408904] ? nl80211_post_doit+0x2e0/0x2e0 [ 1160.409833] ? nl80211_notify_iface+0x180/0x180 [ 1160.410828] ? nl80211_pre_doit+0xa2/0x630 [ 1160.411747] genl_family_rcv_msg_doit+0x22d/0x330 [ 1160.412776] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1160.414499] ? cap_capable+0x1d6/0x240 [ 1160.415368] ? ns_capable+0xdd/0x100 [ 1160.416305] genl_rcv_msg+0x33c/0x5a0 [ 1160.417115] ? genl_get_cmd+0x480/0x480 [ 1160.417953] ? nl80211_notify_iface+0x180/0x180 23:56:03 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1160.418940] ? lock_release+0x6b0/0x6b0 [ 1160.419898] ? netlink_deliver_tap+0xf4/0xc40 23:56:03 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 44) [ 1160.420866] netlink_rcv_skb+0x14b/0x430 [ 1160.421838] ? genl_get_cmd+0x480/0x480 [ 1160.422701] ? netlink_ack+0xab0/0xab0 [ 1160.423575] ? netlink_deliver_tap+0x1c4/0xc40 [ 1160.424564] ? is_vmalloc_addr+0x7b/0xb0 [ 1160.425489] genl_rcv+0x24/0x40 [ 1160.426233] netlink_unicast+0x549/0x7f0 [ 1160.427160] ? netlink_attachskb+0x810/0x810 [ 1160.428181] netlink_sendmsg+0x905/0xdf0 [ 1160.429106] ? netlink_unicast+0x7f0/0x7f0 [ 1160.430078] ? netlink_unicast+0x7f0/0x7f0 [ 1160.431051] sock_sendmsg+0x154/0x190 [ 1160.431924] ____sys_sendmsg+0x70d/0x870 [ 1160.432839] ? kernel_sendmsg+0x50/0x50 [ 1160.433726] ? do_recvmmsg+0x6d0/0x6d0 [ 1160.434603] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1160.435803] ? lock_downgrade+0x6d0/0x6d0 [ 1160.436743] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1160.437918] ___sys_sendmsg+0xf3/0x170 [ 1160.438792] ? sendmsg_copy_msghdr+0x160/0x160 [ 1160.439839] ? lock_downgrade+0x6d0/0x6d0 [ 1160.440772] ? find_held_lock+0x2c/0x110 [ 1160.441692] ? __fget_files+0x296/0x480 [ 1160.442597] ? __fget_light+0xea/0x290 [ 1160.443481] __sys_sendmsg+0xe5/0x1b0 [ 1160.444360] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1160.445330] ? rcu_read_lock_any_held+0x75/0xa0 [ 1160.446414] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1160.447598] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1160.448747] ? trace_hardirqs_on+0x5b/0x180 [ 1160.449715] do_syscall_64+0x33/0x40 [ 1160.450554] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1160.451721] RIP: 0033:0x7f2b3a370b19 [ 1160.452555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1160.456641] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1160.458334] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1160.459943] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1160.461545] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1160.463126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1160.464725] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1160.527050] FAT-fs (loop1): Directory bread(block 3) failed [ 1160.564398] FAULT_INJECTION: forcing a failure. [ 1160.564398] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.566992] CPU: 0 PID: 7962 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1160.568412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.570477] Call Trace: [ 1160.571051] dump_stack+0x107/0x167 [ 1160.571978] should_fail.cold+0x5/0xa [ 1160.572770] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1160.574205] should_failslab+0x5/0x20 [ 1160.574992] kmem_cache_alloc+0x5b/0x360 [ 1160.575919] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1160.577066] idr_get_free+0x4b5/0x8f0 [ 1160.577859] idr_alloc_u32+0x170/0x2d0 [ 1160.578661] ? __fprop_inc_percpu_max+0x130/0x130 [ 1160.579669] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 1160.580773] ? lock_release+0x6b0/0x6b0 [ 1160.581590] idr_alloc+0xc2/0x130 [ 1160.582303] ? idr_alloc_u32+0x2d0/0x2d0 [ 1160.583144] ? rwlock_bug.part.0+0x90/0x90 [ 1160.584054] p9_client_prepare_req.part.0+0x625/0xb30 [ 1160.585243] p9_client_rpc+0x220/0x1210 [ 1160.586170] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1160.587405] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1160.588487] ? snd_seq_poll+0x15b/0x2d0 [ 1160.589406] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1160.590648] ? p9_fd_poll+0x1e0/0x2c0 [ 1160.591584] ? p9_fd_create+0x357/0x4a0 [ 1160.592564] ? p9_conn_create+0x510/0x510 [ 1160.593583] ? p9_client_create+0x798/0x1090 [ 1160.594660] ? kfree+0xd7/0x390 [ 1160.595473] ? do_raw_spin_unlock+0x4f/0x220 [ 1160.596577] p9_client_create+0xa76/0x1090 [ 1160.597626] ? p9_client_flush+0x430/0x430 [ 1160.598682] ? lockdep_init_map_type+0x2c7/0x780 [ 1160.599856] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1160.601051] ? __raw_spin_lock_init+0x36/0x110 [ 1160.602197] v9fs_session_init+0x1dd/0x16a0 [ 1160.603216] ? kmem_cache_alloc_trace+0x151/0x360 [ 1160.604248] ? v9fs_show_options+0x690/0x690 [ 1160.605174] ? kasan_unpoison_shadow+0x33/0x50 [ 1160.606125] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1160.607159] v9fs_mount+0x79/0x8f0 [ 1160.607910] ? v9fs_write_inode+0x60/0x60 [ 1160.608853] legacy_get_tree+0x105/0x220 [ 1160.609806] vfs_get_tree+0x8e/0x300 [ 1160.610666] path_mount+0x13be/0x20b0 [ 1160.611573] ? strncpy_from_user+0x9e/0x470 [ 1160.612583] ? finish_automount+0xa40/0xa40 [ 1160.613582] ? getname_flags.part.0+0x1dd/0x4f0 [ 1160.614651] ? _copy_from_user+0xfb/0x1b0 [ 1160.615633] __x64_sys_mount+0x282/0x300 [ 1160.616572] ? copy_mnt_ns+0xa00/0xa00 [ 1160.617478] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1160.618700] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1160.619903] do_syscall_64+0x33/0x40 [ 1160.620815] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1160.622076] RIP: 0033:0x7fb012c72b19 [ 1160.622989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1160.627507] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1160.629393] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1160.631146] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1160.632908] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1160.634587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1160.636245] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1160.638196] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:56:03 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x34000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:03 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfffffff6, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:03 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 16) 23:56:03 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x7000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 21) [ 1160.775254] FAULT_INJECTION: forcing a failure. [ 1160.775254] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.777669] CPU: 1 PID: 7975 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1160.779033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.780727] Call Trace: [ 1160.781272] dump_stack+0x107/0x167 [ 1160.782016] should_fail.cold+0x5/0xa [ 1160.782793] ? __skb_ext_alloc+0x19/0x90 [ 1160.783631] should_failslab+0x5/0x20 [ 1160.784407] kmem_cache_alloc+0x5b/0x360 [ 1160.785240] __skb_ext_alloc+0x19/0x90 [ 1160.786022] skb_ext_add+0x508/0x670 [ 1160.786770] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1160.787841] __alloc_skb+0x3c1/0x620 [ 1160.788591] nl80211_notify_iface+0x2e/0x180 [ 1160.789480] nl80211_set_interface+0x720/0x910 [ 1160.790391] ? nl80211_post_doit+0x2e0/0x2e0 [ 1160.791278] ? nl80211_notify_iface+0x180/0x180 [ 1160.792228] ? nl80211_pre_doit+0xa2/0x630 [ 1160.793088] genl_family_rcv_msg_doit+0x22d/0x330 [ 1160.794084] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1160.794861] FAULT_INJECTION: forcing a failure. [ 1160.794861] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.795386] ? cap_capable+0x1d6/0x240 [ 1160.795423] ? ns_capable+0xdd/0x100 [ 1160.799245] genl_rcv_msg+0x33c/0x5a0 [ 1160.800054] ? genl_get_cmd+0x480/0x480 [ 1160.800874] ? nl80211_notify_iface+0x180/0x180 [ 1160.801813] ? lock_release+0x6b0/0x6b0 [ 1160.802611] ? netlink_deliver_tap+0xf4/0xc40 [ 1160.803518] netlink_rcv_skb+0x14b/0x430 [ 1160.804343] ? genl_get_cmd+0x480/0x480 [ 1160.805143] ? netlink_ack+0xab0/0xab0 [ 1160.805935] ? netlink_deliver_tap+0x1c4/0xc40 [ 1160.806852] ? is_vmalloc_addr+0x7b/0xb0 [ 1160.807679] genl_rcv+0x24/0x40 [ 1160.808342] netlink_unicast+0x549/0x7f0 [ 1160.809161] ? netlink_attachskb+0x810/0x810 [ 1160.810366] netlink_sendmsg+0x905/0xdf0 [ 1160.811291] ? netlink_unicast+0x7f0/0x7f0 [ 1160.812286] ? netlink_unicast+0x7f0/0x7f0 [ 1160.813244] sock_sendmsg+0x154/0x190 [ 1160.814108] ____sys_sendmsg+0x70d/0x870 [ 1160.815031] ? kernel_sendmsg+0x50/0x50 [ 1160.815935] ? do_recvmmsg+0x6d0/0x6d0 [ 1160.816818] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1160.818000] ? lock_downgrade+0x6d0/0x6d0 [ 1160.818938] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1160.820157] ___sys_sendmsg+0xf3/0x170 [ 1160.821037] ? sendmsg_copy_msghdr+0x160/0x160 [ 1160.822072] ? lock_downgrade+0x6d0/0x6d0 [ 1160.823006] ? find_held_lock+0x2c/0x110 [ 1160.823941] ? __fget_files+0x296/0x480 [ 1160.824846] ? __fget_light+0xea/0x290 [ 1160.825730] __sys_sendmsg+0xe5/0x1b0 [ 1160.826582] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1160.827559] ? rcu_read_lock_any_held+0x75/0xa0 [ 1160.828638] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1160.829816] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1160.830970] ? trace_hardirqs_on+0x5b/0x180 [ 1160.831966] do_syscall_64+0x33/0x40 [ 1160.832808] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1160.833955] RIP: 0033:0x7f2b3a370b19 [ 1160.834794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1160.838913] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1160.840639] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1160.842234] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1160.843853] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1160.845448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1160.847050] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 [ 1160.848700] CPU: 0 PID: 7979 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1160.850282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.852215] Call Trace: [ 1160.852824] dump_stack+0x107/0x167 [ 1160.853661] should_fail.cold+0x5/0xa [ 1160.854538] ? security_file_alloc+0x34/0x170 [ 1160.855580] should_failslab+0x5/0x20 [ 1160.856450] kmem_cache_alloc+0x5b/0x360 [ 1160.857386] security_file_alloc+0x34/0x170 [ 1160.858380] __alloc_file+0xb6/0x320 [ 1160.859233] alloc_empty_file+0x6d/0x170 [ 1160.860172] path_openat+0xde/0x26d0 [ 1160.861040] ? path_lookupat+0x860/0x860 [ 1160.861972] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1160.863166] ? lock_acquire+0x197/0x490 [ 1160.864110] do_filp_open+0x17e/0x3d0 [ 1160.864983] ? may_open_dev+0xf0/0xf0 [ 1160.865857] ? __alloc_fd+0x2a5/0x620 [ 1160.866732] ? lock_downgrade+0x6d0/0x6d0 [ 1160.867702] ? rwlock_bug.part.0+0x90/0x90 [ 1160.868696] ? _raw_spin_unlock+0x1a/0x30 [ 1160.869645] ? __alloc_fd+0x2a5/0x620 [ 1160.870532] do_sys_openat2+0x171/0x420 [ 1160.871450] ? build_open_flags+0x690/0x690 [ 1160.872459] ? rcu_read_lock_any_held+0x75/0xa0 [ 1160.873532] __x64_sys_openat+0x13f/0x1f0 [ 1160.874484] ? __ia32_sys_open+0x1c0/0x1c0 [ 1160.875466] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1160.876691] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1160.877873] do_syscall_64+0x33/0x40 [ 1160.878728] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1160.879908] RIP: 0033:0x7f21cd51ba04 [ 1160.880760] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1160.885004] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1160.886749] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1160.888392] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1160.890023] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1160.891667] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1160.893298] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:56:16 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 17) 23:56:16 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x100000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:16 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x9000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:16 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x80000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:16 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:16 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfffffffe, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:16 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 22) 23:56:16 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 45) [ 1173.958521] FAULT_INJECTION: forcing a failure. [ 1173.958521] name failslab, interval 1, probability 0, space 0, times 0 [ 1173.960861] CPU: 1 PID: 8004 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1173.962218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1173.963857] Call Trace: [ 1173.964393] dump_stack+0x107/0x167 [ 1173.965117] should_fail.cold+0x5/0xa [ 1173.965875] ? create_object.isra.0+0x3a/0xa20 [ 1173.966778] should_failslab+0x5/0x20 [ 1173.967542] kmem_cache_alloc+0x5b/0x360 [ 1173.968357] ? percpu_ref_put_many.constprop.0+0x4e/0x100 [ 1173.969444] create_object.isra.0+0x3a/0xa20 [ 1173.970325] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1173.971328] kmem_cache_alloc+0x159/0x360 [ 1173.972179] security_file_alloc+0x34/0x170 [ 1173.973036] __alloc_file+0xb6/0x320 [ 1173.973779] alloc_empty_file+0x6d/0x170 [ 1173.974605] path_openat+0xde/0x26d0 [ 1173.975356] ? path_lookupat+0x860/0x860 [ 1173.976181] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1173.977232] do_filp_open+0x17e/0x3d0 [ 1173.977986] ? may_open_dev+0xf0/0xf0 [ 1173.978760] ? __alloc_fd+0x2a5/0x620 [ 1173.979513] ? lock_downgrade+0x6d0/0x6d0 [ 1173.980364] ? rwlock_bug.part.0+0x90/0x90 [ 1173.981234] ? _raw_spin_unlock+0x1a/0x30 [ 1173.982074] ? __alloc_fd+0x2a5/0x620 [ 1173.982859] do_sys_openat2+0x171/0x420 [ 1173.983670] ? build_open_flags+0x690/0x690 [ 1173.984572] ? rcu_read_lock_any_held+0x75/0xa0 [ 1173.985524] __x64_sys_openat+0x13f/0x1f0 [ 1173.986365] ? __ia32_sys_open+0x1c0/0x1c0 [ 1173.987248] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1173.988318] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1173.989343] do_syscall_64+0x33/0x40 [ 1173.990091] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1173.991118] RIP: 0033:0x7f21cd51ba04 [ 1173.991900] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1173.995581] RSP: 002b:00007f21caadded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1173.997120] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd51ba04 [ 1173.998555] RDX: 0000000000000002 RSI: 00007f21caade000 RDI: 00000000ffffff9c [ 1173.999992] RBP: 00007f21caade000 R08: 0000000000000000 R09: ffffffffffffffff [ 1174.001425] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1174.002859] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1174.010524] FAULT_INJECTION: forcing a failure. [ 1174.010524] name failslab, interval 1, probability 0, space 0, times 0 [ 1174.011129] FAULT_INJECTION: forcing a failure. [ 1174.011129] name failslab, interval 1, probability 0, space 0, times 0 [ 1174.013115] CPU: 0 PID: 8001 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1174.013127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1174.013133] Call Trace: [ 1174.013156] dump_stack+0x107/0x167 [ 1174.013184] should_fail.cold+0x5/0xa [ 1174.020538] ? create_object.isra.0+0x3a/0xa20 [ 1174.021472] should_failslab+0x5/0x20 [ 1174.022252] kmem_cache_alloc+0x5b/0x360 [ 1174.023092] create_object.isra.0+0x3a/0xa20 [ 1174.024001] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1174.025046] kmem_cache_alloc+0x159/0x360 [ 1174.025908] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1174.027051] idr_get_free+0x4b5/0x8f0 [ 1174.027871] idr_alloc_u32+0x170/0x2d0 [ 1174.028681] ? __fprop_inc_percpu_max+0x130/0x130 [ 1174.029674] ? p9_client_prepare_req.part.0+0x20a/0xb30 [ 1174.030766] ? lock_release+0x6b0/0x6b0 [ 1174.031591] idr_alloc+0xc2/0x130 [ 1174.032311] ? idr_alloc_u32+0x2d0/0x2d0 [ 1174.033143] ? rwlock_bug.part.0+0x90/0x90 [ 1174.034026] p9_client_prepare_req.part.0+0x625/0xb30 [ 1174.035091] p9_client_rpc+0x220/0x1210 [ 1174.035934] ? p9_client_prepare_req.part.0+0xb30/0xb30 [ 1174.037028] ? snd_seq_fifo_poll_wait+0x93/0xc0 [ 1174.037979] ? snd_seq_poll+0x15b/0x2d0 [ 1174.038797] ? snd_seq_info_dump_subscribers+0x4f0/0x4f0 [ 1174.039905] ? p9_fd_poll+0x1e0/0x2c0 [ 1174.040693] ? p9_fd_create+0x357/0x4a0 [ 1174.041504] ? p9_conn_create+0x510/0x510 [ 1174.042351] ? p9_client_create+0x798/0x1090 [ 1174.043246] ? kfree+0xd7/0x390 [ 1174.043929] ? do_raw_spin_unlock+0x4f/0x220 [ 1174.044837] p9_client_create+0xa76/0x1090 [ 1174.045713] ? p9_client_flush+0x430/0x430 [ 1174.046583] ? lockdep_init_map_type+0x2c7/0x780 [ 1174.047548] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1174.048551] ? __raw_spin_lock_init+0x36/0x110 [ 1174.049497] v9fs_session_init+0x1dd/0x16a0 [ 1174.050392] ? kmem_cache_alloc_trace+0x151/0x360 [ 1174.051381] ? v9fs_show_options+0x690/0x690 [ 1174.052306] ? kasan_unpoison_shadow+0x33/0x50 [ 1174.053243] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1174.054287] v9fs_mount+0x79/0x8f0 [ 1174.055019] ? v9fs_write_inode+0x60/0x60 [ 1174.055883] legacy_get_tree+0x105/0x220 [ 1174.056721] vfs_get_tree+0x8e/0x300 [ 1174.057493] path_mount+0x13be/0x20b0 [ 1174.058280] ? strncpy_from_user+0x9e/0x470 [ 1174.059164] ? finish_automount+0xa40/0xa40 [ 1174.060058] ? getname_flags.part.0+0x1dd/0x4f0 [ 1174.061003] ? _copy_from_user+0xfb/0x1b0 [ 1174.061866] __x64_sys_mount+0x282/0x300 [ 1174.062726] ? copy_mnt_ns+0xa00/0xa00 [ 1174.063531] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1174.064630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1174.065693] do_syscall_64+0x33/0x40 [ 1174.066474] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1174.067525] RIP: 0033:0x7fb012c72b19 [ 1174.068321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1174.072111] RSP: 002b:00007fb0101e8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1174.073682] RAX: ffffffffffffffda RBX: 00007fb012d85f60 RCX: 00007fb012c72b19 [ 1174.075149] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1174.076638] RBP: 00007fb0101e81d0 R08: 0000000020000180 R09: 0000000000000000 [ 1174.078121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1174.079612] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 [ 1174.081133] CPU: 1 PID: 8007 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1174.081260] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1174.082500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1174.082506] Call Trace: [ 1174.082528] dump_stack+0x107/0x167 [ 1174.082552] should_fail.cold+0x5/0xa [ 1174.087763] ? create_object.isra.0+0x3a/0xa20 [ 1174.088692] should_failslab+0x5/0x20 [ 1174.089453] kmem_cache_alloc+0x5b/0x360 [ 1174.090277] create_object.isra.0+0x3a/0xa20 [ 1174.091168] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1174.092220] kmem_cache_alloc+0x159/0x360 [ 1174.093070] __skb_ext_alloc+0x19/0x90 [ 1174.093852] skb_ext_add+0x508/0x670 [ 1174.094599] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1174.095665] __alloc_skb+0x3c1/0x620 [ 1174.096428] nl80211_notify_iface+0x2e/0x180 [ 1174.097320] nl80211_set_interface+0x720/0x910 [ 1174.098246] ? nl80211_post_doit+0x2e0/0x2e0 [ 1174.099141] ? nl80211_notify_iface+0x180/0x180 [ 1174.100126] ? nl80211_pre_doit+0xa2/0x630 [ 1174.100991] genl_family_rcv_msg_doit+0x22d/0x330 [ 1174.101964] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1174.103287] ? cap_capable+0x1d6/0x240 [ 1174.104094] ? ns_capable+0xdd/0x100 [ 1174.104851] genl_rcv_msg+0x33c/0x5a0 [ 1174.105625] ? genl_get_cmd+0x480/0x480 [ 1174.106429] ? nl80211_notify_iface+0x180/0x180 [ 1174.107373] ? lock_release+0x6b0/0x6b0 [ 1174.108180] ? netlink_deliver_tap+0xf4/0xc40 [ 1174.109087] netlink_rcv_skb+0x14b/0x430 [ 1174.109909] ? genl_get_cmd+0x480/0x480 [ 1174.110717] ? netlink_ack+0xab0/0xab0 [ 1174.111510] ? netlink_deliver_tap+0x1c4/0xc40 [ 1174.112441] ? is_vmalloc_addr+0x7b/0xb0 [ 1174.113267] genl_rcv+0x24/0x40 [ 1174.113932] netlink_unicast+0x549/0x7f0 [ 1174.114758] ? netlink_attachskb+0x810/0x810 [ 1174.115657] netlink_sendmsg+0x905/0xdf0 [ 1174.116502] ? netlink_unicast+0x7f0/0x7f0 [ 1174.117369] ? netlink_unicast+0x7f0/0x7f0 [ 1174.118222] sock_sendmsg+0x154/0x190 [ 1174.118992] ____sys_sendmsg+0x70d/0x870 [ 1174.119819] ? kernel_sendmsg+0x50/0x50 [ 1174.120615] ? do_recvmmsg+0x6d0/0x6d0 [ 1174.121400] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1174.122454] ? lock_downgrade+0x6d0/0x6d0 [ 1174.123290] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1174.124360] ___sys_sendmsg+0xf3/0x170 [ 1174.125144] ? sendmsg_copy_msghdr+0x160/0x160 [ 1174.126068] ? lock_downgrade+0x6d0/0x6d0 [ 1174.126906] ? find_held_lock+0x2c/0x110 [ 1174.127743] ? __fget_files+0x296/0x480 [ 1174.128556] ? __fget_light+0xea/0x290 [ 1174.129347] __sys_sendmsg+0xe5/0x1b0 [ 1174.130112] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1174.130976] ? rcu_read_lock_any_held+0x75/0xa0 [ 1174.131955] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1174.133007] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1174.134048] ? trace_hardirqs_on+0x5b/0x180 [ 1174.134917] do_syscall_64+0x33/0x40 [ 1174.135670] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1174.136705] RIP: 0033:0x7f2b3a370b19 [ 1174.137453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1174.141145] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1174.142672] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1174.144110] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1174.145539] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1174.146969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1174.148403] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:56:16 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x200000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:16 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:16 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xedc000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:16 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x400300, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1174.179828] FAT-fs (loop1): Directory bread(block 3) failed 23:56:16 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 18) 23:56:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) (fail_nth: 46) [ 1174.249116] FAULT_INJECTION: forcing a failure. [ 1174.249116] name failslab, interval 1, probability 0, space 0, times 0 [ 1174.251433] CPU: 1 PID: 8022 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1174.252818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1174.254494] Call Trace: [ 1174.255053] dump_stack+0x107/0x167 [ 1174.255815] should_fail.cold+0x5/0xa [ 1174.256596] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1174.257578] should_failslab+0x5/0x20 [ 1174.258348] __kmalloc_node_track_caller+0x74/0x3f0 [ 1174.259352] ? netlink_trim+0x1ee/0x250 [ 1174.260184] pskb_expand_head+0x15a/0x1040 [ 1174.261039] ? nl80211_send_iface+0xadd/0x1b50 [ 1174.261972] netlink_trim+0x1ee/0x250 [ 1174.262745] netlink_broadcast_filtered+0x60/0xdc0 [ 1174.263736] ? __skb_ext_alloc+0x6e/0x90 [ 1174.264551] ? skb_ext_add+0x4e3/0x670 [ 1174.265347] netlink_broadcast+0x35/0x50 [ 1174.266170] nl80211_notify_iface+0x116/0x180 [ 1174.267075] nl80211_set_interface+0x720/0x910 [ 1174.268016] ? nl80211_post_doit+0x2e0/0x2e0 [ 1174.268900] ? nl80211_notify_iface+0x180/0x180 [ 1174.269843] ? nl80211_pre_doit+0xa2/0x630 [ 1174.270704] genl_family_rcv_msg_doit+0x22d/0x330 [ 1174.271679] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1174.273006] ? cap_capable+0x1d6/0x240 [ 1174.273807] ? ns_capable+0xdd/0x100 [ 1174.274562] genl_rcv_msg+0x33c/0x5a0 [ 1174.275336] ? genl_get_cmd+0x480/0x480 [ 1174.276145] ? nl80211_notify_iface+0x180/0x180 [ 1174.277088] ? lock_release+0x6b0/0x6b0 [ 1174.277886] ? netlink_deliver_tap+0xf4/0xc40 [ 1174.278794] netlink_rcv_skb+0x14b/0x430 [ 1174.279618] ? genl_get_cmd+0x480/0x480 [ 1174.280436] ? netlink_ack+0xab0/0xab0 [ 1174.281230] ? netlink_deliver_tap+0x1c4/0xc40 [ 1174.282146] ? is_vmalloc_addr+0x7b/0xb0 [ 1174.282982] genl_rcv+0x24/0x40 [ 1174.283654] netlink_unicast+0x549/0x7f0 [ 1174.284489] ? netlink_attachskb+0x810/0x810 [ 1174.285397] netlink_sendmsg+0x905/0xdf0 [ 1174.286223] ? netlink_unicast+0x7f0/0x7f0 [ 1174.287094] ? netlink_unicast+0x7f0/0x7f0 [ 1174.287988] sock_sendmsg+0x154/0x190 [ 1174.288762] ____sys_sendmsg+0x70d/0x870 [ 1174.289587] ? kernel_sendmsg+0x50/0x50 [ 1174.290387] ? do_recvmmsg+0x6d0/0x6d0 [ 1174.291180] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1174.292246] ? lock_downgrade+0x6d0/0x6d0 [ 1174.293085] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1174.294143] ___sys_sendmsg+0xf3/0x170 [ 1174.294933] ? sendmsg_copy_msghdr+0x160/0x160 [ 1174.295866] ? lock_downgrade+0x6d0/0x6d0 [ 1174.296705] ? find_held_lock+0x2c/0x110 [ 1174.297532] ? __fget_files+0x296/0x480 [ 1174.298345] ? __fget_light+0xea/0x290 [ 1174.299141] __sys_sendmsg+0xe5/0x1b0 [ 1174.299925] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1174.300794] ? rcu_read_lock_any_held+0x75/0xa0 [ 1174.301756] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1174.302814] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1174.303858] ? trace_hardirqs_on+0x5b/0x180 [ 1174.304731] do_syscall_64+0x33/0x40 [ 1174.305484] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1174.306516] RIP: 0033:0x7f2b3a370b19 [ 1174.307273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1174.310983] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1174.312517] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1174.313952] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1174.315382] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1174.316828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1174.318262] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:56:17 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf0ffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:17 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x9effffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1174.473947] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1174.477110] FAULT_INJECTION: forcing a failure. [ 1174.477110] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1174.479518] CPU: 1 PID: 8033 Comm: syz-executor.3 Not tainted 5.10.161 #1 [ 1174.480916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1174.482590] Call Trace: [ 1174.483132] dump_stack+0x107/0x167 [ 1174.483877] should_fail.cold+0x5/0xa [ 1174.484651] _copy_to_user+0x2e/0x180 [ 1174.485425] simple_read_from_buffer+0xcc/0x160 [ 1174.486367] proc_fail_nth_read+0x198/0x230 [ 1174.487238] ? proc_sessionid_read+0x230/0x230 [ 1174.488175] ? security_file_permission+0x24e/0x570 [ 1174.489178] ? perf_trace_initcall_start+0x101/0x380 [ 1174.490204] ? proc_sessionid_read+0x230/0x230 [ 1174.491125] vfs_read+0x228/0x580 [ 1174.491842] ksys_read+0x12d/0x260 [ 1174.492559] ? vfs_write+0xa30/0xa30 [ 1174.493317] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1174.494374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1174.495416] do_syscall_64+0x33/0x40 [ 1174.496180] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1174.497208] RIP: 0033:0x7fb012c2569c [ 1174.497958] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1174.501641] RSP: 002b:00007fb0101e8170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1174.503166] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fb012c2569c [ 1174.504613] RDX: 000000000000000f RSI: 00007fb0101e81e0 RDI: 0000000000000004 [ 1174.506043] RBP: 00007fb0101e81d0 R08: 0000000000000000 R09: 0000000000000000 [ 1174.507476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1174.508914] R13: 00007ffe32d71b4f R14: 00007fb0101e8300 R15: 0000000000022000 23:56:32 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1189.685786] FAULT_INJECTION: forcing a failure. [ 1189.685786] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.688553] CPU: 1 PID: 8051 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1189.689933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.691610] Call Trace: [ 1189.692162] dump_stack+0x107/0x167 [ 1189.692909] should_fail.cold+0x5/0xa [ 1189.693689] ? __kthread_create_on_node+0xd1/0x400 23:56:32 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x700000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:32 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 19) 23:56:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 23) 23:56:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:32 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x1000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:32 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xce000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1189.694684] should_failslab+0x5/0x20 [ 1189.695702] kmem_cache_alloc_trace+0x55/0x360 [ 1189.696682] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1189.697633] __kthread_create_on_node+0xd1/0x400 [ 1189.698588] ? __kthread_parkme+0x1d0/0x1d0 [ 1189.699467] ? __mutex_lock+0x425/0x1260 [ 1189.700292] ? loop_configure+0xcb5/0x1480 [ 1189.701147] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1189.702058] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1189.703625] kthread_create_on_node+0xbb/0x100 [ 1189.703677] ? __kthread_create_on_node+0x400/0x400 [ 1189.705731] ? lockdep_init_map_type+0x2c7/0x780 [ 1189.706696] ? lockdep_init_map_type+0x2c7/0x780 [ 1189.707642] loop_configure+0x3e3/0x1480 [ 1189.708485] lo_ioctl+0xa72/0x1760 [ 1189.709189] ? avc_has_extended_perms+0x7f1/0xec0 [ 1189.710166] ? loop_set_status_old+0x250/0x250 [ 1189.711081] ? avc_ss_reset+0x180/0x180 [ 1189.711883] ? find_held_lock+0x2c/0x110 [ 1189.712718] ? __lock_acquire+0xbb1/0x5b00 [ 1189.713612] ? selinux_inode_getsecctx+0x90/0x90 [ 1189.714553] ? generic_block_fiemap+0x60/0x60 [ 1189.715443] ? loop_set_status_old+0x250/0x250 [ 1189.716365] blkdev_ioctl+0x291/0x710 [ 1189.717126] ? blkdev_common_ioctl+0x1870/0x1870 [ 1189.718066] ? selinux_file_ioctl+0xb1/0x260 [ 1189.718937] block_ioctl+0xf9/0x140 [ 1189.719652] ? blkdev_read_iter+0x1c0/0x1c0 [ 1189.720513] __x64_sys_ioctl+0x19a/0x210 [ 1189.721321] do_syscall_64+0x33/0x40 [ 1189.722059] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1189.723070] RIP: 0033:0x7f21cd5688d7 [ 1189.723822] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.727522] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1189.729039] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1189.730451] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1189.731860] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1189.733281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1189.734692] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1189.748529] FAULT_INJECTION: forcing a failure. [ 1189.748529] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.751239] CPU: 0 PID: 8049 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1189.752776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.754645] Call Trace: [ 1189.755256] dump_stack+0x107/0x167 [ 1189.756110] should_fail.cold+0x5/0xa [ 1189.756976] ? create_object.isra.0+0x3a/0xa20 [ 1189.758000] should_failslab+0x5/0x20 [ 1189.758873] kmem_cache_alloc+0x5b/0x360 [ 1189.759787] ? mutex_lock_io_nested+0x1110/0x1110 [ 1189.760877] create_object.isra.0+0x3a/0xa20 [ 1189.761860] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1189.763000] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 1189.764148] ? netlink_trim+0x1ee/0x250 [ 1189.765044] pskb_expand_head+0x15a/0x1040 [ 1189.765984] ? nl80211_send_iface+0xadd/0x1b50 [ 1189.767011] netlink_trim+0x1ee/0x250 [ 1189.767864] netlink_broadcast_filtered+0x60/0xdc0 [ 1189.768969] ? __skb_ext_alloc+0x6e/0x90 [ 1189.769874] ? skb_ext_add+0x4e3/0x670 [ 1189.770755] netlink_broadcast+0x35/0x50 [ 1189.771668] nl80211_notify_iface+0x116/0x180 [ 1189.772693] nl80211_set_interface+0x720/0x910 [ 1189.773716] ? nl80211_post_doit+0x2e0/0x2e0 [ 1189.774694] ? nl80211_notify_iface+0x180/0x180 [ 1189.775738] ? nl80211_pre_doit+0xa2/0x630 [ 1189.776709] genl_family_rcv_msg_doit+0x22d/0x330 [ 1189.777795] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1189.779269] ? cap_capable+0x1d6/0x240 [ 1189.780163] ? ns_capable+0xdd/0x100 [ 1189.781007] genl_rcv_msg+0x33c/0x5a0 [ 1189.781867] ? genl_get_cmd+0x480/0x480 [ 1189.782764] ? nl80211_notify_iface+0x180/0x180 [ 1189.783811] ? lock_release+0x6b0/0x6b0 [ 1189.784720] ? netlink_deliver_tap+0xf4/0xc40 [ 1189.785733] netlink_rcv_skb+0x14b/0x430 [ 1189.786641] ? genl_get_cmd+0x480/0x480 [ 1189.787533] ? netlink_ack+0xab0/0xab0 [ 1189.788421] ? netlink_deliver_tap+0x1c4/0xc40 [ 1189.789451] ? is_vmalloc_addr+0x7b/0xb0 [ 1189.790368] genl_rcv+0x24/0x40 [ 1189.791105] netlink_unicast+0x549/0x7f0 [ 1189.792036] ? netlink_attachskb+0x810/0x810 [ 1189.793033] netlink_sendmsg+0x905/0xdf0 [ 1189.793950] ? netlink_unicast+0x7f0/0x7f0 [ 1189.794908] ? netlink_unicast+0x7f0/0x7f0 [ 1189.795853] sock_sendmsg+0x154/0x190 [ 1189.796721] ____sys_sendmsg+0x70d/0x870 [ 1189.797639] ? kernel_sendmsg+0x50/0x50 [ 1189.798523] ? do_recvmmsg+0x6d0/0x6d0 [ 1189.799396] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1189.800581] ? lock_downgrade+0x6d0/0x6d0 [ 1189.801516] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1189.802692] ___sys_sendmsg+0xf3/0x170 [ 1189.803559] ? sendmsg_copy_msghdr+0x160/0x160 [ 1189.804603] ? lock_downgrade+0x6d0/0x6d0 [ 1189.805525] ? find_held_lock+0x2c/0x110 [ 1189.806441] ? __fget_files+0x296/0x480 [ 1189.807340] ? __fget_light+0xea/0x290 [ 1189.808228] __sys_sendmsg+0xe5/0x1b0 [ 1189.809075] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1189.810034] ? rcu_read_lock_any_held+0x75/0xa0 [ 1189.811087] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.812263] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.813410] ? trace_hardirqs_on+0x5b/0x180 [ 1189.814376] do_syscall_64+0x33/0x40 [ 1189.815205] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1189.816375] RIP: 0033:0x7f2b3a370b19 [ 1189.817206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.821299] RSP: 002b:00007f2b378e6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1189.822994] RAX: ffffffffffffffda RBX: 00007f2b3a483f60 RCX: 00007f2b3a370b19 [ 1189.824589] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1189.826179] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1189.827767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1189.829373] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:56:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:32 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x800000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:44 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 20) 23:56:44 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x900000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:44 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x100000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:44 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x2000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:44 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 24) [ 1202.009654] FAULT_INJECTION: forcing a failure. [ 1202.009654] name failslab, interval 1, probability 0, space 0, times 0 [ 1202.012057] CPU: 1 PID: 8076 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1202.013520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1202.015271] Call Trace: [ 1202.015839] dump_stack+0x107/0x167 [ 1202.016625] should_fail.cold+0x5/0xa [ 1202.017436] ? create_object.isra.0+0x3a/0xa20 [ 1202.018407] should_failslab+0x5/0x20 [ 1202.019214] kmem_cache_alloc+0x5b/0x360 23:56:44 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf0ffffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1202.020105] create_object.isra.0+0x3a/0xa20 [ 1202.021125] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1202.022202] kmem_cache_alloc_trace+0x151/0x360 [ 1202.023258] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1202.024333] __kthread_create_on_node+0xd1/0x400 [ 1202.025404] ? __kthread_parkme+0x1d0/0x1d0 [ 1202.026386] ? __mutex_lock+0x425/0x1260 [ 1202.027294] ? loop_configure+0xcb5/0x1480 [ 1202.028264] ? loop_info64_to_compat+0x5f0/0x5f0 [ 1202.029330] kthread_create_on_node+0xbb/0x100 [ 1202.030362] ? __kthread_create_on_node+0x400/0x400 [ 1202.031483] ? lockdep_init_map_type+0x2c7/0x780 [ 1202.032581] ? lockdep_init_map_type+0x2c7/0x780 [ 1202.033653] loop_configure+0x3e3/0x1480 [ 1202.034575] lo_ioctl+0xa72/0x1760 [ 1202.035373] ? avc_has_extended_perms+0x7f1/0xec0 [ 1202.036471] ? loop_set_status_old+0x250/0x250 [ 1202.036927] FAULT_INJECTION: forcing a failure. [ 1202.036927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1202.037498] ? avc_ss_reset+0x180/0x180 [ 1202.037523] ? find_held_lock+0x2c/0x110 [ 1202.040874] ? __lock_acquire+0xbb1/0x5b00 [ 1202.041886] ? selinux_inode_getsecctx+0x90/0x90 [ 1202.042946] ? generic_block_fiemap+0x60/0x60 [ 1202.043959] ? loop_set_status_old+0x250/0x250 [ 1202.045012] blkdev_ioctl+0x291/0x710 [ 1202.045878] ? blkdev_common_ioctl+0x1870/0x1870 [ 1202.046949] ? selinux_file_ioctl+0xb1/0x260 [ 1202.047941] block_ioctl+0xf9/0x140 [ 1202.048762] ? blkdev_read_iter+0x1c0/0x1c0 [ 1202.049737] __x64_sys_ioctl+0x19a/0x210 [ 1202.050650] do_syscall_64+0x33/0x40 [ 1202.051494] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1202.052664] RIP: 0033:0x7f21cd5688d7 [ 1202.053510] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1202.057640] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1202.059354] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1202.060962] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1202.062561] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1202.064190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1202.065796] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1202.067427] CPU: 0 PID: 8084 Comm: syz-executor.7 Not tainted 5.10.161 #1 [ 1202.068361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1202.069466] Call Trace: [ 1202.069825] dump_stack+0x107/0x167 [ 1202.070313] should_fail.cold+0x5/0xa [ 1202.070826] _copy_to_user+0x2e/0x180 [ 1202.071341] simple_read_from_buffer+0xcc/0x160 [ 1202.071971] proc_fail_nth_read+0x198/0x230 [ 1202.072459] ? proc_sessionid_read+0x230/0x230 [ 1202.072922] ? security_file_permission+0x24e/0x570 [ 1202.073425] ? perf_trace_initcall_start+0x101/0x380 [ 1202.073941] ? proc_sessionid_read+0x230/0x230 [ 1202.074402] vfs_read+0x228/0x580 [ 1202.074758] ksys_read+0x12d/0x260 [ 1202.075118] ? vfs_write+0xa30/0xa30 [ 1202.075498] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1202.076030] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1202.076560] do_syscall_64+0x33/0x40 [ 1202.076939] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1202.077462] RIP: 0033:0x7f2b3a32369c [ 1202.077841] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1202.079689] RSP: 002b:00007f2b378e6170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1202.080471] RAX: ffffffffffffffda RBX: 0000000000000028 RCX: 00007f2b3a32369c [ 1202.081191] RDX: 000000000000000f RSI: 00007f2b378e61e0 RDI: 0000000000000005 [ 1202.081913] RBP: 00007f2b378e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1202.082634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1202.083356] R13: 00007ffe2f80f22f R14: 00007f2b378e6300 R15: 0000000000022000 23:56:44 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:44 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:44 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x3000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:44 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x7, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x200000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:44 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xfffff000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:44 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1202.212977] FAT-fs (loop1): Directory bread(block 3) failed 23:56:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:45 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x4000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 25) 23:56:45 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:45 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1202.428307] FAULT_INJECTION: forcing a failure. [ 1202.428307] name failslab, interval 1, probability 0, space 0, times 0 [ 1202.430921] CPU: 0 PID: 8121 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1202.432435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1202.434241] Call Trace: [ 1202.434830] dump_stack+0x107/0x167 [ 1202.435629] should_fail.cold+0x5/0xa [ 1202.436477] ? __kernfs_new_node+0xd4/0x850 [ 1202.437425] should_failslab+0x5/0x20 [ 1202.438256] kmem_cache_alloc+0x5b/0x360 [ 1202.439182] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1202.440492] __kernfs_new_node+0xd4/0x850 [ 1202.441516] ? lock_chain_count+0x20/0x20 [ 1202.442545] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1202.443709] ? lock_acquire+0x197/0x490 [ 1202.444743] ? task_rq_lock+0xab/0x270 [ 1202.445712] ? find_held_lock+0x2c/0x110 [ 1202.446709] ? set_user_nice.part.0+0x2fd/0x760 [ 1202.447856] kernfs_create_dir_ns+0x9c/0x230 [ 1202.448963] internal_create_group+0x793/0xb30 [ 1202.450094] ? set_user_nice.part.0+0x2fd/0x760 [ 1202.451235] ? sysfs_remove_group+0x170/0x170 [ 1202.452346] ? lockdep_init_map_type+0x2c7/0x780 [ 1202.453510] ? blk_queue_flag_set+0x22/0x30 [ 1202.454573] ? __loop_update_dio+0x2d2/0x690 [ 1202.455654] loop_configure+0x954/0x1480 [ 1202.456685] lo_ioctl+0xa72/0x1760 [ 1202.457561] ? avc_has_extended_perms+0x7f1/0xec0 [ 1202.458744] ? loop_set_status_old+0x250/0x250 [ 1202.459870] ? avc_ss_reset+0x180/0x180 [ 1202.460863] ? find_held_lock+0x2c/0x110 [ 1202.461879] ? __lock_acquire+0xbb1/0x5b00 [ 1202.462978] ? selinux_inode_getsecctx+0x90/0x90 [ 1202.464144] ? generic_block_fiemap+0x60/0x60 [ 1202.465260] ? loop_set_status_old+0x250/0x250 [ 1202.466388] blkdev_ioctl+0x291/0x710 [ 1202.467328] ? blkdev_common_ioctl+0x1870/0x1870 [ 1202.468514] ? selinux_file_ioctl+0xb1/0x260 [ 1202.469598] block_ioctl+0xf9/0x140 [ 1202.470491] ? blkdev_read_iter+0x1c0/0x1c0 [ 1202.471550] __x64_sys_ioctl+0x19a/0x210 [ 1202.472567] do_syscall_64+0x33/0x40 [ 1202.473484] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1202.474745] RIP: 0033:0x7f21cd5688d7 [ 1202.475664] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1202.480183] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1202.482046] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1202.483802] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1202.485567] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1202.487315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1202.489084] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1202.575089] FAT-fs (loop1): Directory bread(block 3) failed 23:56:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 26) 23:56:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xffffff7f, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x9, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x700000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x5000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1216.262124] FAULT_INJECTION: forcing a failure. [ 1216.262124] name failslab, interval 1, probability 0, space 0, times 0 [ 1216.264765] CPU: 1 PID: 8142 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1216.266131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1216.267777] Call Trace: [ 1216.268337] dump_stack+0x107/0x167 [ 1216.269073] should_fail.cold+0x5/0xa [ 1216.269833] ? create_object.isra.0+0x3a/0xa20 [ 1216.270746] should_failslab+0x5/0x20 [ 1216.271503] kmem_cache_alloc+0x5b/0x360 [ 1216.272339] create_object.isra.0+0x3a/0xa20 [ 1216.273217] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1216.274291] kmem_cache_alloc+0x159/0x360 [ 1216.275302] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1216.276601] __kernfs_new_node+0xd4/0x850 [ 1216.277621] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1216.278907] ? lock_chain_count+0x20/0x20 [ 1216.279913] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1216.281117] ? find_held_lock+0x2c/0x110 [ 1216.282111] ? set_user_nice.part.0+0x2fd/0x760 [ 1216.283260] kernfs_create_dir_ns+0x9c/0x230 [ 1216.284349] internal_create_group+0x793/0xb30 [ 1216.285484] ? set_user_nice.part.0+0x2fd/0x760 [ 1216.286624] ? sysfs_remove_group+0x170/0x170 [ 1216.287736] ? lockdep_init_map_type+0x2c7/0x780 [ 1216.288908] ? blk_queue_flag_set+0x22/0x30 [ 1216.289946] ? __loop_update_dio+0x2d2/0x690 [ 1216.291005] loop_configure+0x954/0x1480 [ 1216.291990] lo_ioctl+0xa72/0x1760 [ 1216.292861] ? avc_has_extended_perms+0x7f1/0xec0 [ 1216.294027] ? loop_set_status_old+0x250/0x250 [ 1216.295124] ? avc_ss_reset+0x180/0x180 [ 1216.296078] ? find_held_lock+0x2c/0x110 [ 1216.297085] ? __lock_acquire+0xbb1/0x5b00 [ 1216.298159] ? selinux_inode_getsecctx+0x90/0x90 [ 1216.299284] ? generic_block_fiemap+0x60/0x60 [ 1216.300370] ? loop_set_status_old+0x250/0x250 [ 1216.301459] blkdev_ioctl+0x291/0x710 [ 1216.302370] ? blkdev_common_ioctl+0x1870/0x1870 [ 1216.303515] ? selinux_file_ioctl+0xb1/0x260 [ 1216.304593] block_ioctl+0xf9/0x140 [ 1216.305464] ? blkdev_read_iter+0x1c0/0x1c0 [ 1216.306506] __x64_sys_ioctl+0x19a/0x210 [ 1216.307478] do_syscall_64+0x33/0x40 [ 1216.308383] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1216.309605] RIP: 0033:0x7f21cd5688d7 [ 1216.310495] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1216.314867] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1216.316594] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1216.318187] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1216.319776] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1216.321378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1216.322968] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1216.370959] FAT-fs (loop1): Directory bread(block 3) failed 23:56:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xffffff9e, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x3, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:56:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x800000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:56:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x6000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:56:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 27) 23:56:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1216.604130] FAULT_INJECTION: forcing a failure. [ 1216.604130] name failslab, interval 1, probability 0, space 0, times 0 [ 1216.606882] CPU: 0 PID: 8183 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1216.608295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1216.610006] Call Trace: [ 1216.610555] dump_stack+0x107/0x167 [ 1216.611309] should_fail.cold+0x5/0xa [ 1216.612098] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1216.613306] should_failslab+0x5/0x20 [ 1216.614093] kmem_cache_alloc+0x5b/0x360 [ 1216.615016] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1216.616168] idr_get_free+0x4b5/0x8f0 [ 1216.616984] idr_alloc_u32+0x170/0x2d0 [ 1216.617794] ? __fprop_inc_percpu_max+0x130/0x130 [ 1216.618786] ? lock_acquire+0x197/0x490 [ 1216.619601] ? __kernfs_new_node+0xff/0x850 [ 1216.620512] idr_alloc_cyclic+0x102/0x230 [ 1216.621377] ? idr_alloc+0x130/0x130 [ 1216.622141] ? rwlock_bug.part.0+0x90/0x90 [ 1216.623025] __kernfs_new_node+0x117/0x850 [ 1216.623887] ? lock_chain_count+0x20/0x20 [ 1216.624755] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1216.625726] ? lock_acquire+0x197/0x490 [ 1216.626543] ? task_rq_lock+0xab/0x270 [ 1216.627356] ? find_held_lock+0x2c/0x110 [ 1216.628197] ? set_user_nice.part.0+0x2fd/0x760 [ 1216.629178] kernfs_create_dir_ns+0x9c/0x230 [ 1216.630093] internal_create_group+0x793/0xb30 [ 1216.631036] ? set_user_nice.part.0+0x2fd/0x760 [ 1216.631995] ? sysfs_remove_group+0x170/0x170 [ 1216.632944] ? lockdep_init_map_type+0x2c7/0x780 [ 1216.633919] ? blk_queue_flag_set+0x22/0x30 [ 1216.634804] ? __loop_update_dio+0x2d2/0x690 [ 1216.635707] loop_configure+0x954/0x1480 [ 1216.636572] lo_ioctl+0xa72/0x1760 [ 1216.637360] ? avc_has_extended_perms+0x7f1/0xec0 [ 1216.638422] ? loop_set_status_old+0x250/0x250 [ 1216.639415] ? avc_ss_reset+0x180/0x180 [ 1216.640340] ? find_held_lock+0x2c/0x110 [ 1216.641378] ? __lock_acquire+0xbb1/0x5b00 [ 1216.642312] ? selinux_inode_getsecctx+0x90/0x90 [ 1216.643496] ? generic_block_fiemap+0x60/0x60 [ 1216.644450] ? loop_set_status_old+0x250/0x250 [ 1216.645587] blkdev_ioctl+0x291/0x710 [ 1216.646382] ? blkdev_common_ioctl+0x1870/0x1870 [ 1216.647569] ? selinux_file_ioctl+0xb1/0x260 [ 1216.648499] block_ioctl+0xf9/0x140 [ 1216.649411] ? blkdev_read_iter+0x1c0/0x1c0 [ 1216.650308] __x64_sys_ioctl+0x19a/0x210 [ 1216.651330] do_syscall_64+0x33/0x40 [ 1216.652106] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1216.653402] RIP: 0033:0x7f21cd5688d7 [ 1216.654180] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1216.658261] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1216.659912] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1216.661479] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1216.663023] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1216.664582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1216.666132] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1216.692604] FAT-fs (loop1): Directory bread(block 3) failed 23:57:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 28) 23:57:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x10, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x900000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xfffffff0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x7000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1229.770942] FAULT_INJECTION: forcing a failure. [ 1229.770942] name failslab, interval 1, probability 0, space 0, times 0 [ 1229.772613] CPU: 0 PID: 8208 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1229.773547] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1229.774666] Call Trace: [ 1229.775033] dump_stack+0x107/0x167 [ 1229.775531] should_fail.cold+0x5/0xa [ 1229.776144] ? create_object.isra.0+0x3a/0xa20 [ 1229.776784] should_failslab+0x5/0x20 [ 1229.777300] kmem_cache_alloc+0x5b/0x360 [ 1229.777866] create_object.isra.0+0x3a/0xa20 [ 1229.778463] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1229.779152] kmem_cache_alloc+0x159/0x360 [ 1229.779720] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1229.780484] idr_get_free+0x4b5/0x8f0 [ 1229.781069] idr_alloc_u32+0x170/0x2d0 [ 1229.781607] ? __fprop_inc_percpu_max+0x130/0x130 [ 1229.782263] ? lock_acquire+0x197/0x490 [ 1229.782800] ? __kernfs_new_node+0xff/0x850 [ 1229.783392] idr_alloc_cyclic+0x102/0x230 [ 1229.783958] ? idr_alloc+0x130/0x130 [ 1229.784469] ? rwlock_bug.part.0+0x90/0x90 [ 1229.785058] __kernfs_new_node+0x117/0x850 [ 1229.785635] ? lock_chain_count+0x20/0x20 [ 1229.786193] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1229.786904] ? lock_acquire+0x197/0x490 [ 1229.787443] ? task_rq_lock+0xab/0x270 [ 1229.788029] ? find_held_lock+0x2c/0x110 [ 1229.788664] ? set_user_nice.part.0+0x2fd/0x760 [ 1229.789374] kernfs_create_dir_ns+0x9c/0x230 [ 1229.790045] internal_create_group+0x793/0xb30 [ 1229.790746] ? set_user_nice.part.0+0x2fd/0x760 [ 1229.791451] ? sysfs_remove_group+0x170/0x170 [ 1229.792175] ? lockdep_init_map_type+0x2c7/0x780 [ 1229.792900] ? blk_queue_flag_set+0x22/0x30 [ 1229.793549] ? __loop_update_dio+0x2d2/0x690 [ 1229.794221] loop_configure+0x954/0x1480 [ 1229.794851] lo_ioctl+0xa72/0x1760 [ 1229.795400] ? avc_has_extended_perms+0x7f1/0xec0 [ 1229.796138] ? loop_set_status_old+0x250/0x250 [ 1229.796841] ? avc_ss_reset+0x180/0x180 [ 1229.797454] ? find_held_lock+0x2c/0x110 [ 1229.798097] ? __lock_acquire+0xbb1/0x5b00 [ 1229.798794] ? selinux_inode_getsecctx+0x90/0x90 [ 1229.799522] ? generic_block_fiemap+0x60/0x60 [ 1229.800219] ? loop_set_status_old+0x250/0x250 [ 1229.800918] blkdev_ioctl+0x291/0x710 [ 1229.801505] ? blkdev_common_ioctl+0x1870/0x1870 [ 1229.802248] ? selinux_file_ioctl+0xb1/0x260 [ 1229.802928] block_ioctl+0xf9/0x140 [ 1229.803487] ? blkdev_read_iter+0x1c0/0x1c0 [ 1229.804149] __x64_sys_ioctl+0x19a/0x210 [ 1229.804803] do_syscall_64+0x33/0x40 [ 1229.805380] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1229.806172] RIP: 0033:0x7f21cd5688d7 [ 1229.806750] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1229.809655] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1229.810835] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1229.811928] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1229.813036] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1229.814138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1229.815259] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:57:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 1) 23:57:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x9000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2010000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1229.845082] FAULT_INJECTION: forcing a failure. 23:57:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xffffffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1229.845082] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1229.847122] CPU: 0 PID: 8218 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1229.848171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1229.849441] Call Trace: [ 1229.849847] dump_stack+0x107/0x167 [ 1229.850405] should_fail.cold+0x5/0xa [ 1229.850992] _copy_from_user+0x2e/0x1b0 [ 1229.851603] __copy_msghdr_from_user+0x91/0x4b0 [ 1229.852306] ? __ia32_sys_shutdown+0x80/0x80 [ 1229.852993] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1229.853787] ? __lock_acquire+0x1657/0x5b00 [ 1229.854461] ? __lock_acquire+0xbb1/0x5b00 [ 1229.855112] sendmsg_copy_msghdr+0xa1/0x160 [ 1229.855771] ? do_recvmmsg+0x6d0/0x6d0 [ 1229.856374] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1229.857203] ? lock_downgrade+0x6d0/0x6d0 [ 1229.857833] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1229.858626] ___sys_sendmsg+0xc6/0x170 [ 1229.859215] ? sendmsg_copy_msghdr+0x160/0x160 [ 1229.859908] ? __fget_files+0x26d/0x480 [ 1229.860531] ? lock_downgrade+0x6d0/0x6d0 [ 1229.861175] ? find_held_lock+0x2c/0x110 [ 1229.861797] ? __fget_files+0x296/0x480 23:57:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x700, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1229.862421] ? __fget_light+0xea/0x290 [ 1229.863062] __sys_sendmsg+0xe5/0x1b0 [ 1229.863648] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1229.864304] ? rcu_read_lock_any_held+0x75/0xa0 [ 1229.865042] ? fput_many+0x2f/0x1a0 [ 1229.865594] ? ksys_write+0x1a9/0x260 [ 1229.866171] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1229.866978] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1229.867755] ? trace_hardirqs_on+0x5b/0x180 [ 1229.868406] do_syscall_64+0x33/0x40 [ 1229.868981] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1229.869765] RIP: 0033:0x7f5834968b19 [ 1229.870318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1229.873111] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1229.874259] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1229.875340] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1229.876411] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1229.877498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1229.878571] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:57:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1229.940868] FAT-fs (loop1): Directory bread(block 3) failed 23:57:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 2) 23:57:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x6, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:57:24 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 29) 23:57:24 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x2, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:24 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x900, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:24 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1242.034553] FAULT_INJECTION: forcing a failure. [ 1242.034553] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1242.037114] CPU: 0 PID: 8254 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1242.038565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1242.040330] Call Trace: [ 1242.040921] dump_stack+0x107/0x167 [ 1242.041694] should_fail.cold+0x5/0xa [ 1242.042504] _copy_from_user+0x2e/0x1b0 [ 1242.043348] iovec_from_user+0x141/0x400 [ 1242.044207] __import_iovec+0x67/0x590 [ 1242.045033] ? __ia32_sys_shutdown+0x80/0x80 [ 1242.045959] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1242.047070] import_iovec+0x83/0xb0 [ 1242.047842] sendmsg_copy_msghdr+0x131/0x160 [ 1242.048774] ? do_recvmmsg+0x6d0/0x6d0 [ 1242.049593] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1242.050688] ? lock_downgrade+0x6d0/0x6d0 [ 1242.051558] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1242.052668] ___sys_sendmsg+0xc6/0x170 [ 1242.053487] ? sendmsg_copy_msghdr+0x160/0x160 [ 1242.054451] ? __fget_files+0x26d/0x480 [ 1242.055284] ? lock_downgrade+0x6d0/0x6d0 [ 1242.056158] ? find_held_lock+0x2c/0x110 [ 1242.057030] ? __fget_files+0x296/0x480 [ 1242.057875] ? __fget_light+0xea/0x290 [ 1242.058700] __sys_sendmsg+0xe5/0x1b0 [ 1242.059504] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1242.060409] ? rcu_read_lock_any_held+0x75/0xa0 [ 1242.061417] ? fput_many+0x2f/0x1a0 [ 1242.062181] ? ksys_write+0x1a9/0x260 [ 1242.062993] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1242.064089] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1242.065181] ? trace_hardirqs_on+0x5b/0x180 [ 1242.066098] do_syscall_64+0x33/0x40 [ 1242.066887] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1242.067965] RIP: 0033:0x7f5834968b19 [ 1242.068773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1242.072654] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1242.074265] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1242.075765] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1242.077289] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1242.078789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1242.080292] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1242.084365] FAULT_INJECTION: forcing a failure. [ 1242.084365] name failslab, interval 1, probability 0, space 0, times 0 [ 1242.086884] CPU: 0 PID: 8256 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1242.088325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1242.090075] Call Trace: [ 1242.090632] dump_stack+0x107/0x167 [ 1242.091403] should_fail.cold+0x5/0xa [ 1242.092213] ? __kernfs_new_node+0xd4/0x850 [ 1242.093140] should_failslab+0x5/0x20 [ 1242.093939] kmem_cache_alloc+0x5b/0x360 [ 1242.094787] __kernfs_new_node+0xd4/0x850 [ 1242.095658] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1242.096655] ? lock_downgrade+0x6d0/0x6d0 [ 1242.097520] ? mutex_lock_io_nested+0x1110/0x1110 [ 1242.098512] ? __kernfs_new_node+0x549/0x850 [ 1242.099432] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1242.100434] kernfs_new_node+0x93/0x120 [ 1242.101279] __kernfs_create_file+0x51/0x350 [ 1242.102204] sysfs_add_file_mode_ns+0x221/0x560 [ 1242.103180] internal_create_group+0x324/0xb30 [ 1242.104145] ? sysfs_remove_group+0x170/0x170 [ 1242.105093] ? lockdep_init_map_type+0x2c7/0x780 [ 1242.106083] ? blk_queue_flag_set+0x22/0x30 [ 1242.106977] ? __loop_update_dio+0x2d2/0x690 [ 1242.107896] loop_configure+0x954/0x1480 [ 1242.108794] lo_ioctl+0xa72/0x1760 [ 1242.109539] ? avc_has_extended_perms+0x7f1/0xec0 [ 1242.110542] ? loop_set_status_old+0x250/0x250 [ 1242.111496] ? avc_ss_reset+0x180/0x180 [ 1242.112323] ? find_held_lock+0x2c/0x110 [ 1242.113193] ? __lock_acquire+0xbb1/0x5b00 [ 1242.114122] ? selinux_inode_getsecctx+0x90/0x90 [ 1242.115112] ? generic_block_fiemap+0x60/0x60 [ 1242.116051] ? loop_set_status_old+0x250/0x250 [ 1242.117008] blkdev_ioctl+0x291/0x710 [ 1242.117815] ? blkdev_common_ioctl+0x1870/0x1870 [ 1242.118805] ? selinux_file_ioctl+0xb1/0x260 [ 1242.119744] block_ioctl+0xf9/0x140 [ 1242.120496] ? blkdev_read_iter+0x1c0/0x1c0 [ 1242.121403] __x64_sys_ioctl+0x19a/0x210 [ 1242.122259] do_syscall_64+0x33/0x40 [ 1242.123036] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1242.124103] RIP: 0033:0x7f21cd5688d7 [ 1242.124893] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1242.128791] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1242.130431] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1242.131961] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1242.133502] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1242.135019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1242.136567] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:57:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x7, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:57:24 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x3, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:24 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x9effffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1242.190901] FAT-fs (loop1): Directory bread(block 3) failed 23:57:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8cffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:24 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:25 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 30) 23:57:25 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x4, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:25 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 3) [ 1242.313881] FAULT_INJECTION: forcing a failure. [ 1242.313881] name failslab, interval 1, probability 0, space 0, times 0 [ 1242.316174] CPU: 1 PID: 8292 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1242.317536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1242.319159] Call Trace: [ 1242.319685] dump_stack+0x107/0x167 [ 1242.320403] should_fail.cold+0x5/0xa [ 1242.321183] ? create_object.isra.0+0x3a/0xa20 [ 1242.322090] should_failslab+0x5/0x20 [ 1242.322847] kmem_cache_alloc+0x5b/0x360 [ 1242.323655] create_object.isra.0+0x3a/0xa20 [ 1242.324532] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1242.325545] kmem_cache_alloc+0x159/0x360 [ 1242.326375] __kernfs_new_node+0xd4/0x850 [ 1242.327199] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1242.328164] ? lock_downgrade+0x6d0/0x6d0 [ 1242.329021] ? mutex_lock_io_nested+0x1110/0x1110 [ 1242.330004] ? __kernfs_new_node+0x549/0x850 [ 1242.330952] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1242.331937] kernfs_new_node+0x93/0x120 [ 1242.332767] __kernfs_create_file+0x51/0x350 [ 1242.333666] sysfs_add_file_mode_ns+0x221/0x560 [ 1242.334620] internal_create_group+0x324/0xb30 [ 1242.335563] ? sysfs_remove_group+0x170/0x170 [ 1242.336472] ? lockdep_init_map_type+0x2c7/0x780 [ 1242.337447] ? blk_queue_flag_set+0x22/0x30 [ 1242.338322] ? __loop_update_dio+0x2d2/0x690 [ 1242.339217] loop_configure+0x954/0x1480 [ 1242.340055] lo_ioctl+0xa72/0x1760 [ 1242.340797] ? avc_has_extended_perms+0x7f1/0xec0 [ 1242.341786] ? loop_set_status_old+0x250/0x250 [ 1242.342715] ? avc_ss_reset+0x180/0x180 [ 1242.343531] ? find_held_lock+0x2c/0x110 [ 1242.344370] ? __lock_acquire+0xbb1/0x5b00 [ 1242.345295] ? selinux_inode_getsecctx+0x90/0x90 [ 1242.346262] ? generic_block_fiemap+0x60/0x60 [ 1242.347176] ? loop_set_status_old+0x250/0x250 [ 1242.348102] blkdev_ioctl+0x291/0x710 [ 1242.348643] FAULT_INJECTION: forcing a failure. [ 1242.348643] name failslab, interval 1, probability 0, space 0, times 0 [ 1242.348887] ? blkdev_common_ioctl+0x1870/0x1870 [ 1242.352114] ? selinux_file_ioctl+0xb1/0x260 [ 1242.353036] block_ioctl+0xf9/0x140 [ 1242.353783] ? blkdev_read_iter+0x1c0/0x1c0 [ 1242.354666] __x64_sys_ioctl+0x19a/0x210 [ 1242.355506] do_syscall_64+0x33/0x40 [ 1242.356276] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1242.357332] RIP: 0033:0x7f21cd5688d7 [ 1242.358102] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1242.361870] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1242.363426] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1242.364915] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1242.366377] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1242.367864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1242.369322] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1242.370795] CPU: 0 PID: 8296 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1242.372213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1242.373940] Call Trace: [ 1242.374492] dump_stack+0x107/0x167 [ 1242.375248] should_fail.cold+0x5/0xa [ 1242.376044] ? __alloc_skb+0x6d/0x620 [ 1242.376852] ? __alloc_skb+0x6d/0x620 [ 1242.377656] should_failslab+0x5/0x20 [ 1242.378447] kmem_cache_alloc_node+0x55/0x370 [ 1242.379386] __alloc_skb+0x6d/0x620 [ 1242.380149] netlink_sendmsg+0x98e/0xdf0 [ 1242.381017] ? netlink_unicast+0x7f0/0x7f0 [ 1242.381906] ? netlink_unicast+0x7f0/0x7f0 [ 1242.382793] sock_sendmsg+0x154/0x190 [ 1242.383592] ____sys_sendmsg+0x70d/0x870 [ 1242.384442] ? kernel_sendmsg+0x50/0x50 [ 1242.385272] ? do_recvmmsg+0x6d0/0x6d0 [ 1242.386081] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1242.387165] ? lock_downgrade+0x6d0/0x6d0 [ 1242.388023] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1242.389121] ___sys_sendmsg+0xf3/0x170 [ 1242.389928] ? sendmsg_copy_msghdr+0x160/0x160 [ 1242.390884] ? lock_downgrade+0x6d0/0x6d0 [ 1242.391747] ? find_held_lock+0x2c/0x110 [ 1242.392595] ? __fget_files+0x296/0x480 [ 1242.393449] ? __fget_light+0xea/0x290 [ 1242.394264] __sys_sendmsg+0xe5/0x1b0 [ 1242.395054] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1242.395948] ? rcu_read_lock_any_held+0x75/0xa0 [ 1242.396942] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1242.398033] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1242.399115] ? trace_hardirqs_on+0x5b/0x180 [ 1242.400011] do_syscall_64+0x33/0x40 [ 1242.400791] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1242.401853] RIP: 0033:0x7f5834968b19 [ 1242.402624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1242.406432] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1242.408001] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1242.409533] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1242.411048] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1242.412559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1242.414071] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1242.437275] FAT-fs (loop1): Directory bread(block 3) failed 23:57:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 4) 23:57:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 31) 23:57:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:37 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x8, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:57:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:37 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xe1000000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:37 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xf6ffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:37 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x5, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1254.247782] FAULT_INJECTION: forcing a failure. [ 1254.247782] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.250394] CPU: 0 PID: 8308 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1254.251923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1254.253782] Call Trace: [ 1254.254381] dump_stack+0x107/0x167 [ 1254.255204] should_fail.cold+0x5/0xa [ 1254.256060] ? __kernfs_new_node+0xd4/0x850 [ 1254.257059] should_failslab+0x5/0x20 [ 1254.257912] kmem_cache_alloc+0x5b/0x360 [ 1254.258832] __kernfs_new_node+0xd4/0x850 [ 1254.259767] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1254.260846] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1254.261932] ? wait_for_completion+0x270/0x270 [ 1254.262958] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1254.264144] kernfs_new_node+0x93/0x120 [ 1254.265056] __kernfs_create_file+0x51/0x350 [ 1254.266047] sysfs_add_file_mode_ns+0x221/0x560 [ 1254.267105] internal_create_group+0x324/0xb30 [ 1254.268135] ? sysfs_remove_group+0x170/0x170 [ 1254.269149] ? lockdep_init_map_type+0x2c7/0x780 [ 1254.270218] ? blk_queue_flag_set+0x22/0x30 [ 1254.271189] ? __loop_update_dio+0x2d2/0x690 [ 1254.272178] loop_configure+0x954/0x1480 [ 1254.273117] lo_ioctl+0xa72/0x1760 [ 1254.273923] ? avc_has_extended_perms+0x7f1/0xec0 [ 1254.275004] ? loop_set_status_old+0x250/0x250 [ 1254.276031] ? avc_ss_reset+0x180/0x180 [ 1254.276937] ? find_held_lock+0x2c/0x110 [ 1254.277862] ? __lock_acquire+0xbb1/0x5b00 [ 1254.278865] ? selinux_inode_getsecctx+0x90/0x90 [ 1254.279928] ? generic_block_fiemap+0x60/0x60 [ 1254.280963] ? loop_set_status_old+0x250/0x250 [ 1254.281986] blkdev_ioctl+0x291/0x710 [ 1254.282843] ? blkdev_common_ioctl+0x1870/0x1870 [ 1254.283903] ? selinux_file_ioctl+0xb1/0x260 [ 1254.284915] block_ioctl+0xf9/0x140 [ 1254.285721] ? blkdev_read_iter+0x1c0/0x1c0 [ 1254.286679] __x64_sys_ioctl+0x19a/0x210 [ 1254.287585] do_syscall_64+0x33/0x40 [ 1254.288414] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1254.289572] RIP: 0033:0x7f21cd5688d7 [ 1254.290423] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1254.294482] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1254.296153] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1254.297726] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1254.299308] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1254.300911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1254.302494] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:57:37 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfeffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1020, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:37 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xf0ffffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1254.320046] FAULT_INJECTION: forcing a failure. [ 1254.320046] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.321921] CPU: 1 PID: 8317 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1254.323012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1254.324341] Call Trace: [ 1254.324779] dump_stack+0x107/0x167 [ 1254.325365] should_fail.cold+0x5/0xa [ 1254.325961] ? create_object.isra.0+0x3a/0xa20 [ 1254.326693] should_failslab+0x5/0x20 [ 1254.327295] kmem_cache_alloc+0x5b/0x360 [ 1254.327952] create_object.isra.0+0x3a/0xa20 [ 1254.328650] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1254.329474] kmem_cache_alloc_node+0x169/0x370 [ 1254.330043] __alloc_skb+0x6d/0x620 [ 1254.330440] netlink_sendmsg+0x98e/0xdf0 [ 1254.330894] ? netlink_unicast+0x7f0/0x7f0 [ 1254.331358] ? netlink_unicast+0x7f0/0x7f0 [ 1254.331816] sock_sendmsg+0x154/0x190 [ 1254.332224] ____sys_sendmsg+0x70d/0x870 [ 1254.332662] ? kernel_sendmsg+0x50/0x50 [ 1254.333102] ? do_recvmmsg+0x6d0/0x6d0 [ 1254.333530] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1254.334101] ? lock_downgrade+0x6d0/0x6d0 [ 1254.334550] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1254.335118] ___sys_sendmsg+0xf3/0x170 [ 1254.335544] ? sendmsg_copy_msghdr+0x160/0x160 [ 1254.336047] ? lock_downgrade+0x6d0/0x6d0 [ 1254.336496] ? find_held_lock+0x2c/0x110 [ 1254.336943] ? __fget_files+0x296/0x480 [ 1254.337375] ? __fget_light+0xea/0x290 [ 1254.337797] __sys_sendmsg+0xe5/0x1b0 [ 1254.338209] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1254.338672] ? rcu_read_lock_any_held+0x75/0xa0 [ 1254.339187] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1254.339748] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1254.340295] ? trace_hardirqs_on+0x5b/0x180 [ 1254.340771] do_syscall_64+0x33/0x40 [ 1254.341175] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1254.341728] RIP: 0033:0x7f5834968b19 [ 1254.342131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1254.344082] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1254.344906] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1254.345668] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1254.346435] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1254.347203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1254.347969] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:57:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2010000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1254.407466] FAT-fs (loop1): Directory bread(block 3) failed 23:57:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x6, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 32) 23:57:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x9, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1266.226492] FAULT_INJECTION: forcing a failure. [ 1266.226492] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.229193] CPU: 1 PID: 8355 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1266.230757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1266.232654] Call Trace: [ 1266.233293] dump_stack+0x107/0x167 [ 1266.234139] should_fail.cold+0x5/0xa [ 1266.235016] should_failslab+0x5/0x20 [ 1266.235885] __kmalloc_node_track_caller+0x74/0x3f0 [ 1266.237032] ? netlink_sendmsg+0x98e/0xdf0 [ 1266.238004] __alloc_skb+0xb1/0x620 [ 1266.238843] netlink_sendmsg+0x98e/0xdf0 [ 1266.239778] ? netlink_unicast+0x7f0/0x7f0 [ 1266.240751] ? netlink_unicast+0x7f0/0x7f0 [ 1266.241725] sock_sendmsg+0x154/0x190 [ 1266.242596] ____sys_sendmsg+0x70d/0x870 [ 1266.243510] ? kernel_sendmsg+0x50/0x50 [ 1266.244416] ? do_recvmmsg+0x6d0/0x6d0 [ 1266.245325] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1266.246516] ? lock_downgrade+0x6d0/0x6d0 [ 1266.247474] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1266.248658] ___sys_sendmsg+0xf3/0x170 [ 1266.249569] ? sendmsg_copy_msghdr+0x160/0x160 [ 1266.250605] ? lock_downgrade+0x6d0/0x6d0 [ 1266.251548] ? find_held_lock+0x2c/0x110 [ 1266.252480] ? __fget_files+0x296/0x480 [ 1266.253415] ? __fget_light+0xea/0x290 [ 1266.254308] __sys_sendmsg+0xe5/0x1b0 [ 1266.255164] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1266.256141] ? rcu_read_lock_any_held+0x75/0xa0 [ 1266.257225] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1266.258429] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1266.259561] ? trace_hardirqs_on+0x5b/0x180 [ 1266.260506] do_syscall_64+0x33/0x40 [ 1266.261336] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1266.262488] RIP: 0033:0x7f5834968b19 [ 1266.263323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1266.267346] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1266.269011] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1266.270581] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1266.272131] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1266.273707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1266.275262] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1266.312014] FAULT_INJECTION: forcing a failure. [ 1266.312014] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.313383] CPU: 0 PID: 8367 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1266.314134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1266.315027] Call Trace: [ 1266.315330] dump_stack+0x107/0x167 [ 1266.315728] should_fail.cold+0x5/0xa [ 1266.316143] ? create_object.isra.0+0x3a/0xa20 [ 1266.316644] should_failslab+0x5/0x20 [ 1266.317064] kmem_cache_alloc+0x5b/0x360 [ 1266.317516] create_object.isra.0+0x3a/0xa20 [ 1266.318002] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1266.318554] kmem_cache_alloc+0x159/0x360 [ 1266.319014] __kernfs_new_node+0xd4/0x850 [ 1266.319466] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1266.319992] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1266.320519] ? wait_for_completion+0x270/0x270 [ 1266.321040] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1266.321614] kernfs_new_node+0x93/0x120 [ 1266.322064] __kernfs_create_file+0x51/0x350 [ 1266.322557] sysfs_add_file_mode_ns+0x221/0x560 [ 1266.323087] internal_create_group+0x324/0xb30 [ 1266.323586] ? sysfs_remove_group+0x170/0x170 [ 1266.324099] ? lockdep_init_map_type+0x2c7/0x780 [ 1266.324635] ? blk_queue_flag_set+0x22/0x30 [ 1266.325128] ? __loop_update_dio+0x2d2/0x690 [ 1266.325632] loop_configure+0x954/0x1480 [ 1266.326092] lo_ioctl+0xa72/0x1760 [ 1266.326491] ? avc_has_extended_perms+0x7f1/0xec0 [ 1266.327033] ? loop_set_status_old+0x250/0x250 [ 1266.327552] ? avc_ss_reset+0x180/0x180 [ 1266.328008] ? find_held_lock+0x2c/0x110 [ 1266.328470] ? __lock_acquire+0xbb1/0x5b00 [ 1266.328980] ? selinux_inode_getsecctx+0x90/0x90 [ 1266.329517] ? generic_block_fiemap+0x60/0x60 [ 1266.330025] ? loop_set_status_old+0x250/0x250 [ 1266.330517] blkdev_ioctl+0x291/0x710 [ 1266.330951] ? blkdev_common_ioctl+0x1870/0x1870 [ 1266.331468] ? selinux_file_ioctl+0xb1/0x260 [ 1266.331966] block_ioctl+0xf9/0x140 [ 1266.332361] ? blkdev_read_iter+0x1c0/0x1c0 [ 1266.332845] __x64_sys_ioctl+0x19a/0x210 [ 1266.333315] do_syscall_64+0x33/0x40 [ 1266.333737] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1266.334299] RIP: 0033:0x7f21cd5688d7 [ 1266.334719] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1266.336718] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1266.337582] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1266.338379] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1266.339182] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1266.339986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1266.340792] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:57:48 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 5) 23:57:48 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffff000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xfffff000, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xa, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:57:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x7, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2010, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xffffff7f, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8cffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:49 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff7f00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f00, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1266.385903] FAT-fs (loop1): Directory bread(block 3) failed 23:57:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xb, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:57:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x8, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:49 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 6) 23:57:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 33) 23:57:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x9, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1266.538145] FAULT_INJECTION: forcing a failure. [ 1266.538145] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.539457] CPU: 0 PID: 8403 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1266.540212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1266.541123] Call Trace: [ 1266.541426] dump_stack+0x107/0x167 [ 1266.541833] should_fail.cold+0x5/0xa [ 1266.542249] ? create_object.isra.0+0x3a/0xa20 [ 1266.542770] should_failslab+0x5/0x20 [ 1266.543186] kmem_cache_alloc+0x5b/0x360 [ 1266.543638] create_object.isra.0+0x3a/0xa20 [ 1266.544122] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1266.544687] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 1266.545256] ? netlink_sendmsg+0x98e/0xdf0 [ 1266.545728] __alloc_skb+0xb1/0x620 [ 1266.546129] netlink_sendmsg+0x98e/0xdf0 [ 1266.546582] ? netlink_unicast+0x7f0/0x7f0 [ 1266.547062] ? netlink_unicast+0x7f0/0x7f0 [ 1266.547527] sock_sendmsg+0x154/0x190 [ 1266.547948] ____sys_sendmsg+0x70d/0x870 [ 1266.548398] ? kernel_sendmsg+0x50/0x50 [ 1266.548831] ? do_recvmmsg+0x6d0/0x6d0 [ 1266.549272] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1266.549854] ? lock_downgrade+0x6d0/0x6d0 [ 1266.550301] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1266.550884] ___sys_sendmsg+0xf3/0x170 [ 1266.551303] ? sendmsg_copy_msghdr+0x160/0x160 [ 1266.551808] ? lock_downgrade+0x6d0/0x6d0 [ 1266.552254] ? find_held_lock+0x2c/0x110 [ 1266.552707] ? __fget_files+0x296/0x480 [ 1266.553154] ? __fget_light+0xea/0x290 [ 1266.553592] __sys_sendmsg+0xe5/0x1b0 [ 1266.554002] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1266.554474] ? rcu_read_lock_any_held+0x75/0xa0 [ 1266.554985] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1266.555567] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1266.556131] ? trace_hardirqs_on+0x5b/0x180 [ 1266.556608] do_syscall_64+0x33/0x40 [ 1266.557015] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1266.557581] RIP: 0033:0x7f5834968b19 [ 1266.557983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1266.559992] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1266.560809] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1266.561592] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1266.562391] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1266.563195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1266.564004] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1266.567039] FAULT_INJECTION: forcing a failure. [ 1266.567039] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.569651] CPU: 1 PID: 8405 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1266.571066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1266.572798] Call Trace: [ 1266.573384] dump_stack+0x107/0x167 [ 1266.574138] should_fail.cold+0x5/0xa [ 1266.574940] ? __kernfs_new_node+0xd4/0x850 [ 1266.575841] should_failslab+0x5/0x20 [ 1266.576644] kmem_cache_alloc+0x5b/0x360 [ 1266.577514] __kernfs_new_node+0xd4/0x850 [ 1266.578382] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1266.579365] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1266.580370] ? wait_for_completion+0x270/0x270 [ 1266.581368] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1266.582462] kernfs_new_node+0x93/0x120 [ 1266.583297] __kernfs_create_file+0x51/0x350 [ 1266.584207] sysfs_add_file_mode_ns+0x221/0x560 [ 1266.585200] internal_create_group+0x324/0xb30 [ 1266.586156] ? sysfs_remove_group+0x170/0x170 [ 1266.587102] ? lockdep_init_map_type+0x2c7/0x780 [ 1266.588097] ? blk_queue_flag_set+0x22/0x30 [ 1266.589026] ? __loop_update_dio+0x2d2/0x690 [ 1266.589944] loop_configure+0x954/0x1480 [ 1266.590832] lo_ioctl+0xa72/0x1760 [ 1266.591581] ? avc_has_extended_perms+0x7f1/0xec0 [ 1266.592605] ? loop_set_status_old+0x250/0x250 [ 1266.593561] ? avc_ss_reset+0x180/0x180 [ 1266.594415] ? find_held_lock+0x2c/0x110 [ 1266.595287] ? __lock_acquire+0xbb1/0x5b00 [ 1266.596220] ? selinux_inode_getsecctx+0x90/0x90 [ 1266.597240] ? generic_block_fiemap+0x60/0x60 [ 1266.598174] ? loop_set_status_old+0x250/0x250 [ 1266.599122] blkdev_ioctl+0x291/0x710 [ 1266.599921] ? blkdev_common_ioctl+0x1870/0x1870 [ 1266.600940] ? selinux_file_ioctl+0xb1/0x260 [ 1266.601856] block_ioctl+0xf9/0x140 [ 1266.602609] ? blkdev_read_iter+0x1c0/0x1c0 [ 1266.603510] __x64_sys_ioctl+0x19a/0x210 [ 1266.604370] do_syscall_64+0x33/0x40 [ 1266.605146] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1266.606201] RIP: 0033:0x7f21cd5688d7 [ 1266.606977] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1266.610838] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1266.612418] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1266.613897] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1266.615374] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1266.616824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1266.618298] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1266.628855] FAT-fs (loop1): Directory bread(block 3) failed 23:57:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 34) 23:57:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xffffff9e, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:57:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 7) 23:57:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:57:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xedc0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xf6ffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1277.039391] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:57:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:57:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1277.049976] FAULT_INJECTION: forcing a failure. [ 1277.049976] name failslab, interval 1, probability 0, space 0, times 0 [ 1277.052430] CPU: 1 PID: 8418 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1277.053954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1277.055781] Call Trace: [ 1277.056363] dump_stack+0x107/0x167 [ 1277.057175] should_fail.cold+0x5/0xa [ 1277.058007] ? __skb_ext_alloc+0x19/0x90 [ 1277.058899] should_failslab+0x5/0x20 [ 1277.059728] kmem_cache_alloc+0x5b/0x360 [ 1277.060617] __skb_ext_alloc+0x19/0x90 23:57:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x7, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1277.061471] skb_ext_add+0x508/0x670 [ 1277.062384] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1277.063519] __alloc_skb+0x3c1/0x620 [ 1277.064331] netlink_sendmsg+0x98e/0xdf0 [ 1277.065225] ? netlink_unicast+0x7f0/0x7f0 [ 1277.066149] ? netlink_unicast+0x7f0/0x7f0 [ 1277.067061] sock_sendmsg+0x154/0x190 [ 1277.067885] ____sys_sendmsg+0x70d/0x870 [ 1277.068767] ? kernel_sendmsg+0x50/0x50 [ 1277.069630] ? do_recvmmsg+0x6d0/0x6d0 [ 1277.070472] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 23:57:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x80000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1277.071602] ? lock_downgrade+0x6d0/0x6d0 [ 1277.072581] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1277.073725] ___sys_sendmsg+0xf3/0x170 [ 1277.074564] ? sendmsg_copy_msghdr+0x160/0x160 [ 1277.075551] ? lock_downgrade+0x6d0/0x6d0 [ 1277.076445] ? find_held_lock+0x2c/0x110 [ 1277.077336] ? __fget_files+0x296/0x480 [ 1277.078202] ? __fget_light+0xea/0x290 [ 1277.079046] __sys_sendmsg+0xe5/0x1b0 [ 1277.079864] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1277.080793] ? rcu_read_lock_any_held+0x75/0xa0 [ 1277.081831] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1277.082677] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1277.082961] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1277.084925] ? trace_hardirqs_on+0x5b/0x180 [ 1277.085863] do_syscall_64+0x33/0x40 [ 1277.086665] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1277.087768] RIP: 0033:0x7f5834968b19 [ 1277.088572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1277.092523] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1277.094183] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1277.095716] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1277.097256] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1277.098789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1277.100323] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1277.127297] FAULT_INJECTION: forcing a failure. [ 1277.127297] name failslab, interval 1, probability 0, space 0, times 0 [ 1277.128686] CPU: 0 PID: 8442 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1277.129458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1277.130378] Call Trace: [ 1277.130673] dump_stack+0x107/0x167 [ 1277.131074] should_fail.cold+0x5/0xa [ 1277.131504] ? create_object.isra.0+0x3a/0xa20 [ 1277.132017] should_failslab+0x5/0x20 [ 1277.132441] kmem_cache_alloc+0x5b/0x360 [ 1277.132894] create_object.isra.0+0x3a/0xa20 [ 1277.133392] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1277.133968] kmem_cache_alloc+0x159/0x360 [ 1277.134438] __kernfs_new_node+0xd4/0x850 [ 1277.134904] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1277.135428] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1277.135954] ? wait_for_completion+0x270/0x270 [ 1277.136461] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1277.137047] kernfs_new_node+0x93/0x120 [ 1277.137508] __kernfs_create_file+0x51/0x350 [ 1277.138007] sysfs_add_file_mode_ns+0x221/0x560 [ 1277.138580] internal_create_group+0x324/0xb30 [ 1277.139113] ? sysfs_remove_group+0x170/0x170 [ 1277.139633] ? lockdep_init_map_type+0x2c7/0x780 [ 1277.140176] ? blk_queue_flag_set+0x22/0x30 [ 1277.140676] ? __loop_update_dio+0x2d2/0x690 [ 1277.141195] loop_configure+0x954/0x1480 [ 1277.141669] lo_ioctl+0xa72/0x1760 [ 1277.142079] ? avc_has_extended_perms+0x7f1/0xec0 [ 1277.142633] ? loop_set_status_old+0x250/0x250 [ 1277.143159] ? avc_ss_reset+0x180/0x180 [ 1277.143616] ? find_held_lock+0x2c/0x110 [ 1277.144086] ? __lock_acquire+0xbb1/0x5b00 [ 1277.144601] ? selinux_inode_getsecctx+0x90/0x90 [ 1277.145163] ? generic_block_fiemap+0x60/0x60 [ 1277.145728] ? loop_set_status_old+0x250/0x250 [ 1277.146323] blkdev_ioctl+0x291/0x710 [ 1277.146812] ? blkdev_common_ioctl+0x1870/0x1870 [ 1277.147433] ? selinux_file_ioctl+0xb1/0x260 [ 1277.148005] block_ioctl+0xf9/0x140 [ 1277.148460] ? blkdev_read_iter+0x1c0/0x1c0 [ 1277.149018] __x64_sys_ioctl+0x19a/0x210 [ 1277.149481] do_syscall_64+0x33/0x40 [ 1277.149917] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1277.150538] RIP: 0033:0x7f21cd5688d7 [ 1277.151027] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1277.153464] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1277.154372] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1277.155276] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1277.156199] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1277.157138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1277.158024] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1277.220965] FAT-fs (loop1): Directory bread(block 3) failed 23:58:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 35) 23:58:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xce, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xfffffff0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1289.952902] FAULT_INJECTION: forcing a failure. [ 1289.952902] name failslab, interval 1, probability 0, space 0, times 0 [ 1289.954241] CPU: 0 PID: 8466 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1289.954999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1289.955916] Call Trace: [ 1289.956217] dump_stack+0x107/0x167 [ 1289.956622] should_fail.cold+0x5/0xa [ 1289.957046] ? create_object.isra.0+0x3a/0xa20 [ 1289.957576] should_failslab+0x5/0x20 [ 1289.958001] kmem_cache_alloc+0x5b/0x360 [ 1289.958465] create_object.isra.0+0x3a/0xa20 [ 1289.958952] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1289.959514] kmem_cache_alloc+0x159/0x360 [ 1289.959981] __skb_ext_alloc+0x19/0x90 [ 1289.960410] skb_ext_add+0x508/0x670 [ 1289.960839] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1289.961430] __alloc_skb+0x3c1/0x620 [ 1289.961857] netlink_sendmsg+0x98e/0xdf0 [ 1289.962152] FAULT_INJECTION: forcing a failure. [ 1289.962152] name failslab, interval 1, probability 0, space 0, times 0 [ 1289.962313] ? netlink_unicast+0x7f0/0x7f0 [ 1289.965181] ? netlink_unicast+0x7f0/0x7f0 [ 1289.965671] sock_sendmsg+0x154/0x190 [ 1289.966114] ____sys_sendmsg+0x70d/0x870 [ 1289.966569] ? kernel_sendmsg+0x50/0x50 [ 1289.967016] ? do_recvmmsg+0x6d0/0x6d0 [ 1289.967447] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1289.968048] ? lock_downgrade+0x6d0/0x6d0 [ 1289.968514] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1289.969119] ___sys_sendmsg+0xf3/0x170 [ 1289.969569] ? sendmsg_copy_msghdr+0x160/0x160 [ 1289.970086] ? lock_downgrade+0x6d0/0x6d0 [ 1289.970545] ? find_held_lock+0x2c/0x110 [ 1289.971011] ? __fget_files+0x296/0x480 [ 1289.971468] ? __fget_light+0xea/0x290 [ 1289.971910] __sys_sendmsg+0xe5/0x1b0 [ 1289.972332] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1289.972814] ? rcu_read_lock_any_held+0x75/0xa0 [ 1289.973342] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1289.973936] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1289.974505] ? trace_hardirqs_on+0x5b/0x180 [ 1289.974983] do_syscall_64+0x33/0x40 [ 1289.975392] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1289.975962] RIP: 0033:0x7f5834968b19 [ 1289.976375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1289.978428] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1289.979262] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1289.980049] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1289.980832] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1289.981633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1289.982414] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1289.983243] CPU: 1 PID: 8467 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1289.983712] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1289.984737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1289.984744] Call Trace: [ 1289.984767] dump_stack+0x107/0x167 [ 1289.984792] should_fail.cold+0x5/0xa [ 1289.989597] ? __kernfs_new_node+0xd4/0x850 [ 1289.990540] should_failslab+0x5/0x20 23:58:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 8) 23:58:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfeffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1289.991369] kmem_cache_alloc+0x5b/0x360 [ 1289.992433] __kernfs_new_node+0xd4/0x850 [ 1289.993358] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1289.994397] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1289.995454] ? wait_for_completion+0x270/0x270 [ 1289.996451] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1289.997612] kernfs_new_node+0x93/0x120 [ 1289.998483] __kernfs_create_file+0x51/0x350 [ 1289.999445] sysfs_add_file_mode_ns+0x221/0x560 [ 1290.000475] internal_create_group+0x324/0xb30 [ 1290.001496] ? sysfs_remove_group+0x170/0x170 [ 1290.002466] ? lockdep_init_map_type+0x2c7/0x780 [ 1290.003503] ? blk_queue_flag_set+0x22/0x30 [ 1290.004448] ? __loop_update_dio+0x2d2/0x690 [ 1290.005425] loop_configure+0x954/0x1480 [ 1290.006316] lo_ioctl+0xa72/0x1760 [ 1290.007092] ? avc_has_extended_perms+0x7f1/0xec0 [ 1290.008137] ? loop_set_status_old+0x250/0x250 [ 1290.009135] ? avc_ss_reset+0x180/0x180 [ 1290.010034] ? find_held_lock+0x2c/0x110 [ 1290.010936] ? __lock_acquire+0xbb1/0x5b00 [ 1290.011908] ? selinux_inode_getsecctx+0x90/0x90 [ 1290.012949] ? generic_block_fiemap+0x60/0x60 [ 1290.013951] ? loop_set_status_old+0x250/0x250 [ 1290.014960] blkdev_ioctl+0x291/0x710 [ 1290.015794] ? blkdev_common_ioctl+0x1870/0x1870 [ 1290.016837] ? selinux_file_ioctl+0xb1/0x260 [ 1290.017817] block_ioctl+0xf9/0x140 [ 1290.018627] ? blkdev_read_iter+0x1c0/0x1c0 [ 1290.019563] __x64_sys_ioctl+0x19a/0x210 [ 1290.020456] do_syscall_64+0x33/0x40 [ 1290.021284] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1290.022393] RIP: 0033:0x7f21cd5688d7 [ 1290.023203] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1290.027197] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1290.028851] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1290.030401] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1290.031947] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1290.033512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1290.035058] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 23:58:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 9) 23:58:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1290.056394] FAT-fs (loop1): Directory bread(block 3) failed 23:58:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x9, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x11, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 36) 23:58:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffff000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0xffffffff, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1290.114757] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1290.127434] FAULT_INJECTION: forcing a failure. [ 1290.127434] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1290.130108] CPU: 1 PID: 8486 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1290.131601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1290.133434] Call Trace: [ 1290.134017] dump_stack+0x107/0x167 [ 1290.134818] should_fail.cold+0x5/0xa [ 1290.135661] _copy_from_iter_full+0x1ff/0x940 [ 1290.136647] ? __check_object_size+0x319/0x440 [ 1290.137653] netlink_sendmsg+0x86f/0xdf0 [ 1290.138547] ? netlink_unicast+0x7f0/0x7f0 [ 1290.139477] ? netlink_unicast+0x7f0/0x7f0 [ 1290.140396] sock_sendmsg+0x154/0x190 [ 1290.141244] ____sys_sendmsg+0x70d/0x870 [ 1290.142132] ? kernel_sendmsg+0x50/0x50 [ 1290.142991] ? do_recvmmsg+0x6d0/0x6d0 23:58:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1290.143838] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1290.145103] ? lock_downgrade+0x6d0/0x6d0 [ 1290.146020] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1290.147167] ___sys_sendmsg+0xf3/0x170 [ 1290.148019] ? sendmsg_copy_msghdr+0x160/0x160 [ 1290.149022] ? lock_downgrade+0x6d0/0x6d0 [ 1290.149939] ? find_held_lock+0x2c/0x110 [ 1290.150827] ? __fget_files+0x296/0x480 [ 1290.151713] ? __fget_light+0xea/0x290 [ 1290.152564] __sys_sendmsg+0xe5/0x1b0 [ 1290.153433] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1290.154388] ? rcu_read_lock_any_held+0x75/0xa0 [ 1290.155433] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 23:58:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x7000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1290.156579] ? syscall_enter_from_user_mode+0x1d/0x50 23:58:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x300, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1290.157785] ? trace_hardirqs_on+0x5b/0x180 [ 1290.158796] do_syscall_64+0x33/0x40 [ 1290.159614] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1290.160728] RIP: 0033:0x7f5834968b19 [ 1290.161566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1290.165559] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1290.167205] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1290.168756] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1290.170310] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1290.171864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 23:58:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x60, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1290.173435] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1290.178383] FAULT_INJECTION: forcing a failure. [ 1290.178383] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.179694] CPU: 0 PID: 8485 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1290.180444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1290.181360] Call Trace: [ 1290.181655] dump_stack+0x107/0x167 [ 1290.182086] should_fail.cold+0x5/0xa [ 1290.182524] ? create_object.isra.0+0x3a/0xa20 [ 1290.183050] should_failslab+0x5/0x20 [ 1290.183482] kmem_cache_alloc+0x5b/0x360 [ 1290.183929] create_object.isra.0+0x3a/0xa20 [ 1290.184420] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1290.184979] kmem_cache_alloc+0x159/0x360 [ 1290.185449] __kernfs_new_node+0xd4/0x850 [ 1290.185907] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1290.186443] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1290.186974] ? wait_for_completion+0x270/0x270 [ 1290.187483] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1290.188064] kernfs_new_node+0x93/0x120 [ 1290.188506] __kernfs_create_file+0x51/0x350 [ 1290.188993] sysfs_add_file_mode_ns+0x221/0x560 [ 1290.189547] internal_create_group+0x324/0xb30 [ 1290.190054] ? sysfs_remove_group+0x170/0x170 [ 1290.190550] ? lockdep_init_map_type+0x2c7/0x780 [ 1290.191074] ? blk_queue_flag_set+0x22/0x30 [ 1290.191559] ? __loop_update_dio+0x2d2/0x690 [ 1290.192061] loop_configure+0x954/0x1480 [ 1290.192536] lo_ioctl+0xa72/0x1760 [ 1290.192949] ? avc_has_extended_perms+0x7f1/0xec0 [ 1290.193514] ? loop_set_status_old+0x250/0x250 [ 1290.194039] ? avc_ss_reset+0x180/0x180 [ 1290.194497] ? find_held_lock+0x2c/0x110 [ 1290.194971] ? __lock_acquire+0xbb1/0x5b00 [ 1290.195490] ? irqentry_enter+0x26/0x60 [ 1290.195948] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1290.196546] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1290.197170] ? loop_set_status_old+0x250/0x250 [ 1290.197714] blkdev_ioctl+0x291/0x710 [ 1290.198158] ? blkdev_common_ioctl+0x1870/0x1870 [ 1290.198705] ? block_ioctl+0xe8/0x140 [ 1290.199144] block_ioctl+0xf9/0x140 [ 1290.199573] ? blkdev_read_iter+0x1c0/0x1c0 [ 1290.200074] __x64_sys_ioctl+0x19a/0x210 [ 1290.200540] do_syscall_64+0x33/0x40 [ 1290.200969] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1290.201569] RIP: 0033:0x7f21cd5688d7 [ 1290.201995] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1290.204128] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1290.205015] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1290.205858] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1290.206679] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1290.207498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1290.208331] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1290.253859] FAT-fs (loop1): Directory bread(block 3) failed [ 1290.268408] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:58:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 10) 23:58:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x500, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 37) 23:58:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff7f00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1303.935063] FAULT_INJECTION: forcing a failure. [ 1303.935063] name failslab, interval 1, probability 0, space 0, times 0 [ 1303.936418] FAULT_INJECTION: forcing a failure. [ 1303.936418] name failslab, interval 1, probability 0, space 0, times 0 [ 1303.936876] CPU: 1 PID: 8530 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1303.939693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1303.940962] Call Trace: [ 1303.941375] dump_stack+0x107/0x167 [ 1303.941955] should_fail.cold+0x5/0xa [ 1303.942556] ? __kernfs_new_node+0xd4/0x850 [ 1303.943225] should_failslab+0x5/0x20 [ 1303.943824] kmem_cache_alloc+0x5b/0x360 [ 1303.944456] __kernfs_new_node+0xd4/0x850 [ 1303.945108] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1303.945884] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1303.946658] ? wait_for_completion+0x270/0x270 [ 1303.947396] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1303.948240] kernfs_new_node+0x93/0x120 [ 1303.948892] __kernfs_create_file+0x51/0x350 [ 1303.949626] sysfs_add_file_mode_ns+0x221/0x560 [ 1303.950395] internal_create_group+0x324/0xb30 [ 1303.951138] ? sysfs_remove_group+0x170/0x170 [ 1303.951865] ? lockdep_init_map_type+0x2c7/0x780 [ 1303.952635] ? blk_queue_flag_set+0x22/0x30 [ 1303.953323] ? __loop_update_dio+0x2d2/0x690 [ 1303.954053] loop_configure+0x954/0x1480 [ 1303.954726] lo_ioctl+0xa72/0x1760 [ 1303.955299] ? avc_has_extended_perms+0x7f1/0xec0 [ 1303.956070] ? loop_set_status_old+0x250/0x250 [ 1303.956794] ? avc_ss_reset+0x180/0x180 [ 1303.957447] ? find_held_lock+0x2c/0x110 [ 1303.958111] ? __lock_acquire+0xbb1/0x5b00 [ 1303.958852] ? selinux_inode_getsecctx+0x90/0x90 [ 1303.959623] ? generic_block_fiemap+0x60/0x60 [ 1303.960360] ? loop_set_status_old+0x250/0x250 [ 1303.961110] blkdev_ioctl+0x291/0x710 [ 1303.961723] ? blkdev_common_ioctl+0x1870/0x1870 [ 1303.962516] ? selinux_file_ioctl+0xb1/0x260 [ 1303.963226] block_ioctl+0xf9/0x140 [ 1303.963812] ? blkdev_read_iter+0x1c0/0x1c0 [ 1303.964534] __x64_sys_ioctl+0x19a/0x210 [ 1303.965212] do_syscall_64+0x33/0x40 [ 1303.965862] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1303.966678] RIP: 0033:0x7f21cd5688d7 [ 1303.967280] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1303.970247] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1303.971485] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1303.972667] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1303.973805] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1303.974997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1303.976162] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1303.977328] CPU: 0 PID: 8541 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1303.978513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1303.979933] Call Trace: [ 1303.980388] dump_stack+0x107/0x167 [ 1303.981005] should_fail.cold+0x5/0xa [ 1303.981666] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1303.982745] should_failslab+0x5/0x20 [ 1303.983385] __kmalloc+0x72/0x3f0 [ 1303.984008] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1303.985063] genl_family_rcv_msg_doit+0xda/0x330 [ 1303.985857] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1303.986940] ? cap_capable+0x1d6/0x240 [ 1303.987567] ? security_capable+0x95/0xc0 [ 1303.988261] ? ns_capable+0xdd/0x100 [ 1303.988872] genl_rcv_msg+0x33c/0x5a0 [ 1303.989513] ? genl_get_cmd+0x480/0x480 [ 1303.990166] ? nl80211_notify_iface+0x180/0x180 [ 1303.990955] ? lock_release+0x6b0/0x6b0 [ 1303.991622] ? netlink_deliver_tap+0xf4/0xc40 [ 1303.992363] netlink_rcv_skb+0x14b/0x430 [ 1303.993018] ? genl_get_cmd+0x480/0x480 [ 1303.993692] ? netlink_ack+0xab0/0xab0 [ 1303.994349] ? netlink_deliver_tap+0x1c4/0xc40 [ 1303.995100] ? is_vmalloc_addr+0x7b/0xb0 [ 1303.995769] genl_rcv+0x24/0x40 [ 1303.996293] netlink_unicast+0x549/0x7f0 [ 1303.996945] ? netlink_attachskb+0x810/0x810 [ 1303.997684] netlink_sendmsg+0x905/0xdf0 [ 1303.998328] ? netlink_unicast+0x7f0/0x7f0 [ 1303.999011] ? netlink_unicast+0x7f0/0x7f0 [ 1303.999713] sock_sendmsg+0x154/0x190 [ 1304.000306] ____sys_sendmsg+0x70d/0x870 [ 1304.000949] ? kernel_sendmsg+0x50/0x50 [ 1304.001574] ? do_recvmmsg+0x6d0/0x6d0 [ 1304.002172] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1304.002995] ? lock_downgrade+0x6d0/0x6d0 [ 1304.003660] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1304.004467] ___sys_sendmsg+0xf3/0x170 [ 1304.005077] ? sendmsg_copy_msghdr+0x160/0x160 [ 1304.005803] ? lock_downgrade+0x6d0/0x6d0 [ 1304.006456] ? find_held_lock+0x2c/0x110 [ 1304.007095] ? __fget_files+0x296/0x480 [ 1304.007738] ? __fget_light+0xea/0x290 [ 1304.008355] __sys_sendmsg+0xe5/0x1b0 [ 1304.008950] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1304.009640] ? rcu_read_lock_any_held+0x75/0xa0 [ 1304.010393] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1304.011213] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1304.012012] ? trace_hardirqs_on+0x5b/0x180 [ 1304.012724] do_syscall_64+0x33/0x40 [ 1304.013341] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1304.014134] RIP: 0033:0x7f5834968b19 [ 1304.014702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1304.017535] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1304.018702] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1304.019790] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1304.020877] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1304.022038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1304.023234] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1304.032517] 9pnet: Insufficient options for proto=fd 23:58:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 11) 23:58:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x600, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x9000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1304.076609] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1304.084073] FAULT_INJECTION: forcing a failure. [ 1304.084073] name failslab, interval 1, probability 0, space 0, times 0 [ 1304.085899] CPU: 0 PID: 8550 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1304.086933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1304.088205] Call Trace: [ 1304.088623] dump_stack+0x107/0x167 [ 1304.089170] should_fail.cold+0x5/0xa [ 1304.089775] ? create_object.isra.0+0x3a/0xa20 [ 1304.090495] should_failslab+0x5/0x20 [ 1304.091073] kmem_cache_alloc+0x5b/0x360 [ 1304.091723] create_object.isra.0+0x3a/0xa20 [ 1304.092415] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1304.093223] __kmalloc+0x16e/0x3f0 [ 1304.093793] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1304.094787] genl_family_rcv_msg_doit+0xda/0x330 [ 1304.095514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1304.096540] ? cap_capable+0x1d6/0x240 [ 1304.097160] ? security_capable+0x95/0xc0 [ 1304.097816] ? ns_capable+0xdd/0x100 [ 1304.098396] genl_rcv_msg+0x33c/0x5a0 [ 1304.099003] ? genl_get_cmd+0x480/0x480 [ 1304.099641] ? nl80211_notify_iface+0x180/0x180 [ 1304.100373] ? lock_release+0x6b0/0x6b0 23:58:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x2, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x181, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1304.100996] ? netlink_deliver_tap+0xf4/0xc40 [ 1304.101863] netlink_rcv_skb+0x14b/0x430 [ 1304.102555] ? genl_get_cmd+0x480/0x480 [ 1304.103202] ? netlink_ack+0xab0/0xab0 [ 1304.103808] ? netlink_deliver_tap+0x1c4/0xc40 [ 1304.104499] ? is_vmalloc_addr+0x7b/0xb0 [ 1304.105130] genl_rcv+0x24/0x40 [ 1304.105655] netlink_unicast+0x549/0x7f0 [ 1304.106284] ? netlink_attachskb+0x810/0x810 [ 1304.106962] netlink_sendmsg+0x905/0xdf0 [ 1304.107602] ? netlink_unicast+0x7f0/0x7f0 [ 1304.108250] ? netlink_unicast+0x7f0/0x7f0 [ 1304.108915] sock_sendmsg+0x154/0x190 [ 1304.109518] ____sys_sendmsg+0x70d/0x870 [ 1304.110156] ? kernel_sendmsg+0x50/0x50 [ 1304.110777] ? do_recvmmsg+0x6d0/0x6d0 [ 1304.111382] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1304.112191] ? lock_downgrade+0x6d0/0x6d0 [ 1304.112838] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1304.113664] ___sys_sendmsg+0xf3/0x170 [ 1304.114248] ? sendmsg_copy_msghdr+0x160/0x160 [ 1304.114940] ? lock_downgrade+0x6d0/0x6d0 [ 1304.115565] ? find_held_lock+0x2c/0x110 [ 1304.116182] ? __fget_files+0x296/0x480 [ 1304.116803] ? __fget_light+0xea/0x290 [ 1304.117410] __sys_sendmsg+0xe5/0x1b0 [ 1304.117999] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1304.118666] ? rcu_read_lock_any_held+0x75/0xa0 [ 1304.119389] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1304.120195] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1304.120952] ? trace_hardirqs_on+0x5b/0x180 [ 1304.121632] do_syscall_64+0x33/0x40 [ 1304.122199] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1304.122957] RIP: 0033:0x7f5834968b19 [ 1304.123531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1304.126358] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1304.127524] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1304.128617] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1304.129719] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1304.130814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1304.131906] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1304.135985] FAT-fs (loop1): Directory bread(block 3) failed 23:58:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x10, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 38) [ 1304.214048] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1304.224269] FAULT_INJECTION: forcing a failure. [ 1304.224269] name failslab, interval 1, probability 0, space 0, times 0 [ 1304.225978] CPU: 0 PID: 8567 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1304.226960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1304.228179] Call Trace: [ 1304.228568] dump_stack+0x107/0x167 [ 1304.229100] should_fail.cold+0x5/0xa [ 1304.229667] ? create_object.isra.0+0x3a/0xa20 [ 1304.230328] should_failslab+0x5/0x20 [ 1304.230877] kmem_cache_alloc+0x5b/0x360 [ 1304.231459] ? mark_held_locks+0x9e/0xe0 [ 1304.232059] create_object.isra.0+0x3a/0xa20 [ 1304.232693] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1304.233444] kmem_cache_alloc+0x159/0x360 [ 1304.234061] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1304.234885] idr_get_free+0x4b5/0x8f0 [ 1304.235453] idr_alloc_u32+0x170/0x2d0 [ 1304.236028] ? __fprop_inc_percpu_max+0x130/0x130 [ 1304.236726] ? lock_acquire+0x197/0x490 [ 1304.237312] ? __kernfs_new_node+0xff/0x850 [ 1304.237964] idr_alloc_cyclic+0x102/0x230 [ 1304.238579] ? idr_alloc+0x130/0x130 [ 1304.239123] ? rwlock_bug.part.0+0x90/0x90 [ 1304.239756] __kernfs_new_node+0x117/0x850 [ 1304.240387] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1304.241090] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1304.241819] ? wait_for_completion+0x270/0x270 [ 1304.242495] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1304.243276] kernfs_new_node+0x93/0x120 [ 1304.243877] __kernfs_create_file+0x51/0x350 [ 1304.244531] sysfs_add_file_mode_ns+0x221/0x560 [ 1304.245220] internal_create_group+0x324/0xb30 [ 1304.245908] ? sysfs_remove_group+0x170/0x170 [ 1304.246568] ? lockdep_init_map_type+0x2c7/0x780 [ 1304.247270] ? blk_queue_flag_set+0x22/0x30 [ 1304.247899] ? __loop_update_dio+0x2d2/0x690 [ 1304.248523] loop_configure+0x954/0x1480 [ 1304.249087] lo_ioctl+0xa72/0x1760 [ 1304.249595] ? avc_has_extended_perms+0x7f1/0xec0 [ 1304.250266] ? loop_set_status_old+0x250/0x250 [ 1304.250911] ? avc_ss_reset+0x180/0x180 [ 1304.251476] ? find_held_lock+0x2c/0x110 [ 1304.252065] ? __lock_acquire+0xbb1/0x5b00 [ 1304.252702] ? selinux_inode_getsecctx+0x90/0x90 [ 1304.253392] ? generic_block_fiemap+0x60/0x60 [ 1304.254032] ? loop_set_status_old+0x250/0x250 [ 1304.254665] blkdev_ioctl+0x291/0x710 [ 1304.255192] ? blkdev_common_ioctl+0x1870/0x1870 [ 1304.255861] ? selinux_file_ioctl+0xb1/0x260 [ 1304.256462] block_ioctl+0xf9/0x140 [ 1304.256983] ? blkdev_read_iter+0x1c0/0x1c0 [ 1304.257607] __x64_sys_ioctl+0x19a/0x210 [ 1304.258169] do_syscall_64+0x33/0x40 [ 1304.258695] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1304.259423] RIP: 0033:0x7f21cd5688d7 [ 1304.259930] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1304.262521] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1304.263593] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1304.264594] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1304.265616] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1304.266628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1304.267634] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1304.310874] FAT-fs (loop1): Directory bread(block 3) failed 23:58:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 39) 23:58:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x7, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:38 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x700, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:38 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x3, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:38 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x700, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:38 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:38 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 12) 23:58:38 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1316.121450] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1316.144881] FAULT_INJECTION: forcing a failure. [ 1316.144881] name failslab, interval 1, probability 0, space 0, times 0 [ 1316.147720] CPU: 0 PID: 8586 Comm: syz-executor.1 Not tainted 5.10.161 #1 [ 1316.149402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1316.151366] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1316.151441] Call Trace: [ 1316.151480] dump_stack+0x107/0x167 [ 1316.154733] should_fail.cold+0x5/0xa [ 1316.155683] ? __kernfs_new_node+0xd4/0x850 [ 1316.156746] should_failslab+0x5/0x20 [ 1316.157687] kmem_cache_alloc+0x5b/0x360 [ 1316.158701] __kernfs_new_node+0xd4/0x850 [ 1316.159723] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1316.160893] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1316.162098] ? wait_for_completion+0x270/0x270 [ 1316.163225] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1316.164519] kernfs_new_node+0x93/0x120 [ 1316.165507] __kernfs_create_file+0x51/0x350 [ 1316.166605] sysfs_add_file_mode_ns+0x221/0x560 [ 1316.167765] internal_create_group+0x324/0xb30 [ 1316.168904] ? sysfs_remove_group+0x170/0x170 [ 1316.170020] ? lockdep_init_map_type+0x2c7/0x780 [ 1316.171187] ? blk_queue_flag_set+0x22/0x30 [ 1316.172246] ? __loop_update_dio+0x2d2/0x690 [ 1316.173330] loop_configure+0x954/0x1480 [ 1316.174366] lo_ioctl+0xa72/0x1760 [ 1316.175244] ? avc_has_extended_perms+0x7f1/0xec0 [ 1316.175667] FAULT_INJECTION: forcing a failure. [ 1316.175667] name failslab, interval 1, probability 0, space 0, times 0 [ 1316.176431] ? loop_set_status_old+0x250/0x250 [ 1316.176458] ? avc_ss_reset+0x180/0x180 [ 1316.176488] ? find_held_lock+0x2c/0x110 [ 1316.181760] ? __lock_acquire+0xbb1/0x5b00 [ 1316.182899] ? selinux_inode_getsecctx+0x90/0x90 [ 1316.184063] ? generic_block_fiemap+0x60/0x60 [ 1316.185175] ? loop_set_status_old+0x250/0x250 [ 1316.186304] blkdev_ioctl+0x291/0x710 [ 1316.187244] ? blkdev_common_ioctl+0x1870/0x1870 [ 1316.188406] ? selinux_file_ioctl+0xb1/0x260 [ 1316.189489] block_ioctl+0xf9/0x140 [ 1316.190379] ? blkdev_read_iter+0x1c0/0x1c0 [ 1316.191429] __x64_sys_ioctl+0x19a/0x210 [ 1316.192419] do_syscall_64+0x33/0x40 [ 1316.193323] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1316.194589] RIP: 0033:0x7f21cd5688d7 [ 1316.195495] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1316.199975] RSP: 002b:00007f21caaddf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1316.201832] RAX: ffffffffffffffda RBX: 00007f21cd5b2970 RCX: 00007f21cd5688d7 [ 1316.203559] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1316.205278] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1316.207024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1316.208744] R13: 0000000000000004 R14: 00000000200013b0 R15: 0000000000000002 [ 1316.210510] CPU: 1 PID: 8592 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1316.212165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1316.214211] Call Trace: [ 1316.214862] dump_stack+0x107/0x167 [ 1316.215747] should_fail.cold+0x5/0xa [ 1316.216665] ? __alloc_skb+0x6d/0x620 [ 1316.217595] should_failslab+0x5/0x20 [ 1316.218513] kmem_cache_alloc_node+0x55/0x370 [ 1316.219605] __alloc_skb+0x6d/0x620 [ 1316.220489] nl80211_notify_iface+0x2e/0x180 [ 1316.221548] nl80211_set_interface+0x720/0x910 [ 1316.222683] ? nl80211_post_doit+0x2e0/0x2e0 [ 1316.223735] ? nl80211_notify_iface+0x180/0x180 [ 1316.224863] ? nl80211_pre_doit+0xa2/0x630 [ 1316.225899] genl_family_rcv_msg_doit+0x22d/0x330 [ 1316.226987] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 23:58:39 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x4, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1316.228400] ? cap_capable+0x1d6/0x240 [ 1316.229451] ? ns_capable+0xdd/0x100 [ 1316.230276] genl_rcv_msg+0x33c/0x5a0 [ 1316.231104] ? genl_get_cmd+0x480/0x480 [ 1316.232072] ? nl80211_notify_iface+0x180/0x180 [ 1316.233080] ? lock_release+0x6b0/0x6b0 [ 1316.234068] netlink_rcv_skb+0x14b/0x430 [ 1316.235016] ? genl_get_cmd+0x480/0x480 [ 1316.235970] ? netlink_ack+0xab0/0xab0 [ 1316.236913] ? netlink_deliver_tap+0x1c4/0xc40 [ 1316.238020] ? is_vmalloc_addr+0x7b/0xb0 [ 1316.239004] genl_rcv+0x24/0x40 [ 1316.239800] netlink_unicast+0x549/0x7f0 [ 1316.240774] ? netlink_attachskb+0x810/0x810 [ 1316.241864] netlink_sendmsg+0x905/0xdf0 [ 1316.242851] ? netlink_unicast+0x7f0/0x7f0 [ 1316.243880] ? netlink_unicast+0x7f0/0x7f0 [ 1316.244889] sock_sendmsg+0x154/0x190 [ 1316.245814] ____sys_sendmsg+0x70d/0x870 [ 1316.246791] ? kernel_sendmsg+0x50/0x50 [ 1316.247736] ? do_recvmmsg+0x6d0/0x6d0 [ 1316.248679] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1316.249945] ? lock_downgrade+0x6d0/0x6d0 [ 1316.250935] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1316.252195] ___sys_sendmsg+0xf3/0x170 [ 1316.253125] ? sendmsg_copy_msghdr+0x160/0x160 [ 1316.254250] ? lock_downgrade+0x6d0/0x6d0 [ 1316.255246] ? find_held_lock+0x2c/0x110 [ 1316.256228] ? __fget_files+0x296/0x480 [ 1316.257194] ? __fget_light+0xea/0x290 [ 1316.258155] __sys_sendmsg+0xe5/0x1b0 [ 1316.259061] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1316.260090] ? rcu_read_lock_any_held+0x75/0xa0 [ 1316.261236] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1316.262512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1316.263752] ? trace_hardirqs_on+0x5b/0x180 [ 1316.264779] do_syscall_64+0x33/0x40 [ 1316.265688] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1316.266907] RIP: 0033:0x7f5834968b19 [ 1316.267805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1316.272190] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1316.274021] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1316.275725] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 23:58:39 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x10000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1316.277426] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1316.279356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 23:58:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1316.281058] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:58:39 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 13) 23:58:39 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x900, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:39 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x900, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1316.451392] FAT-fs (loop1): Directory bread(block 3) failed [ 1316.568209] FAULT_INJECTION: forcing a failure. [ 1316.568209] name failslab, interval 1, probability 0, space 0, times 0 [ 1316.570628] CPU: 1 PID: 8612 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1316.571985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1316.573663] Call Trace: [ 1316.574200] dump_stack+0x107/0x167 [ 1316.574945] should_fail.cold+0x5/0xa [ 1316.575709] ? create_object.isra.0+0x3a/0xa20 [ 1316.576633] should_failslab+0x5/0x20 [ 1316.577396] kmem_cache_alloc+0x5b/0x360 [ 1316.578218] ? ieee80211_set_mon_options+0x4c1/0x810 [ 1316.579234] create_object.isra.0+0x3a/0xa20 [ 1316.580113] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1316.581134] kmem_cache_alloc_node+0x169/0x370 [ 1316.582072] __alloc_skb+0x6d/0x620 [ 1316.582811] nl80211_notify_iface+0x2e/0x180 [ 1316.583694] nl80211_set_interface+0x720/0x910 [ 1316.584610] ? nl80211_post_doit+0x2e0/0x2e0 23:58:39 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x500, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) (fail_nth: 40) [ 1316.585490] ? nl80211_notify_iface+0x180/0x180 [ 1316.586643] ? nl80211_pre_doit+0xa2/0x630 [ 1316.587502] genl_family_rcv_msg_doit+0x22d/0x330 [ 1316.588474] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1316.589812] ? cap_capable+0x1d6/0x240 [ 1316.590619] ? ns_capable+0xdd/0x100 [ 1316.591380] genl_rcv_msg+0x33c/0x5a0 [ 1316.592159] ? genl_get_cmd+0x480/0x480 [ 1316.593125] ? nl80211_notify_iface+0x180/0x180 [ 1316.594148] ? lock_release+0x6b0/0x6b0 [ 1316.595005] ? netlink_deliver_tap+0xf4/0xc40 [ 1316.596072] netlink_rcv_skb+0x14b/0x430 [ 1316.597052] ? genl_get_cmd+0x480/0x480 [ 1316.598028] ? netlink_ack+0xab0/0xab0 [ 1316.598975] ? netlink_deliver_tap+0x1c4/0xc40 [ 1316.600070] ? is_vmalloc_addr+0x7b/0xb0 [ 1316.601047] genl_rcv+0x24/0x40 [ 1316.601859] netlink_unicast+0x549/0x7f0 [ 1316.602844] ? netlink_attachskb+0x810/0x810 [ 1316.603918] netlink_sendmsg+0x905/0xdf0 [ 1316.604910] ? netlink_unicast+0x7f0/0x7f0 [ 1316.605860] ? netlink_unicast+0x7f0/0x7f0 [ 1316.606777] sock_sendmsg+0x154/0x190 [ 1316.607601] ____sys_sendmsg+0x70d/0x870 [ 1316.608481] ? kernel_sendmsg+0x50/0x50 [ 1316.609323] ? do_recvmmsg+0x6d0/0x6d0 [ 1316.610183] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1316.611310] ? lock_downgrade+0x6d0/0x6d0 [ 1316.612208] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1316.613338] ___sys_sendmsg+0xf3/0x170 [ 1316.614199] ? sendmsg_copy_msghdr+0x160/0x160 [ 1316.615195] ? lock_downgrade+0x6d0/0x6d0 [ 1316.616092] ? find_held_lock+0x2c/0x110 [ 1316.616980] ? __fget_files+0x296/0x480 [ 1316.617867] ? __fget_light+0xea/0x290 [ 1316.618713] __sys_sendmsg+0xe5/0x1b0 [ 1316.619531] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1316.619835] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1316.620465] ? rcu_read_lock_any_held+0x75/0xa0 [ 1316.620507] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1316.624719] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1316.625861] ? trace_hardirqs_on+0x5b/0x180 [ 1316.626921] do_syscall_64+0x33/0x40 [ 1316.627732] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1316.628989] RIP: 0033:0x7f5834968b19 [ 1316.629814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1316.634017] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1316.635670] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1316.637180] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1316.638745] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1316.640275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1316.641825] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:58:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x9, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1316.658101] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1316.720780] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:58:39 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x20000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:39 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x600, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:39 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf00, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1316.803414] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:58:57 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xce00, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:57 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x5, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:57 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x700, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:57 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1335.064949] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1335.077127] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:58:57 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 14) 23:58:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:58:57 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x20100000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1335.100756] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1335.129451] FAULT_INJECTION: forcing a failure. [ 1335.129451] name failslab, interval 1, probability 0, space 0, times 0 [ 1335.131509] CPU: 0 PID: 8664 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1335.132704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1335.134192] Call Trace: [ 1335.134666] dump_stack+0x107/0x167 [ 1335.135321] should_fail.cold+0x5/0xa [ 1335.136021] should_failslab+0x5/0x20 [ 1335.136691] __kmalloc_node_track_caller+0x74/0x3f0 [ 1335.137595] ? nl80211_notify_iface+0x2e/0x180 [ 1335.138508] __alloc_skb+0xb1/0x620 [ 1335.139152] nl80211_notify_iface+0x2e/0x180 [ 1335.139935] nl80211_set_interface+0x720/0x910 [ 1335.140728] ? nl80211_post_doit+0x2e0/0x2e0 [ 1335.141515] ? nl80211_notify_iface+0x180/0x180 [ 1335.142361] ? nl80211_pre_doit+0xa2/0x630 [ 1335.143125] genl_family_rcv_msg_doit+0x22d/0x330 [ 1335.143992] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1335.145169] ? cap_capable+0x1d6/0x240 [ 1335.145888] ? ns_capable+0xdd/0x100 [ 1335.146559] genl_rcv_msg+0x33c/0x5a0 [ 1335.147243] ? genl_get_cmd+0x480/0x480 [ 1335.147957] ? nl80211_notify_iface+0x180/0x180 [ 1335.148794] ? lock_release+0x6b0/0x6b0 [ 1335.149511] netlink_rcv_skb+0x14b/0x430 [ 1335.150253] ? genl_get_cmd+0x480/0x480 [ 1335.150966] ? netlink_ack+0xab0/0xab0 [ 1335.151671] ? netlink_deliver_tap+0x1c4/0xc40 [ 1335.152485] ? is_vmalloc_addr+0x7b/0xb0 [ 1335.153214] genl_rcv+0x24/0x40 [ 1335.153817] netlink_unicast+0x549/0x7f0 [ 1335.154551] ? netlink_attachskb+0x810/0x810 [ 1335.155348] netlink_sendmsg+0x905/0xdf0 [ 1335.156085] ? netlink_unicast+0x7f0/0x7f0 [ 1335.156853] ? netlink_unicast+0x7f0/0x7f0 [ 1335.157610] sock_sendmsg+0x154/0x190 [ 1335.158316] ____sys_sendmsg+0x70d/0x870 [ 1335.159046] ? kernel_sendmsg+0x50/0x50 [ 1335.159752] ? do_recvmmsg+0x6d0/0x6d0 [ 1335.160448] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1335.161385] ? lock_downgrade+0x6d0/0x6d0 [ 1335.162140] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1335.163081] ___sys_sendmsg+0xf3/0x170 [ 1335.163777] ? sendmsg_copy_msghdr+0x160/0x160 [ 1335.164600] ? lock_downgrade+0x6d0/0x6d0 [ 1335.165344] ? find_held_lock+0x2c/0x110 [ 1335.166090] ? __fget_files+0x296/0x480 [ 1335.166804] ? __fget_light+0xea/0x290 [ 1335.167500] __sys_sendmsg+0xe5/0x1b0 [ 1335.168172] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1335.168933] ? rcu_read_lock_any_held+0x75/0xa0 [ 1335.169771] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1335.170706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1335.171617] ? trace_hardirqs_on+0x5b/0x180 [ 1335.172381] do_syscall_64+0x33/0x40 [ 1335.173042] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1335.173952] RIP: 0033:0x7f5834968b19 [ 1335.174612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.177875] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1335.179224] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1335.180487] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1335.181747] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1335.183013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1335.184284] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1335.189908] FAT-fs (loop1): Directory bread(block 3) failed 23:58:57 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x6, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:58:57 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x900, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:58:57 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:58:58 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:10 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 15) 23:59:10 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xa00, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:10 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8cffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:10 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x7, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:10 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x34000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:10 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1348.183708] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1348.201337] FAT-fs (loop1): Directory bread(block 3) failed [ 1348.222925] FAULT_INJECTION: forcing a failure. [ 1348.222925] name failslab, interval 1, probability 0, space 0, times 0 [ 1348.225374] CPU: 0 PID: 8704 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1348.226818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1348.228548] Call Trace: [ 1348.229105] dump_stack+0x107/0x167 [ 1348.229869] should_fail.cold+0x5/0xa [ 1348.230682] should_failslab+0x5/0x20 [ 1348.231482] __kmalloc_node_track_caller+0x74/0x3f0 [ 1348.232524] ? nl80211_notify_iface+0x2e/0x180 [ 1348.233494] __alloc_skb+0xb1/0x620 [ 1348.234269] nl80211_notify_iface+0x2e/0x180 [ 1348.235199] nl80211_set_interface+0x720/0x910 [ 1348.236151] ? nl80211_post_doit+0x2e0/0x2e0 [ 1348.237064] ? nl80211_notify_iface+0x180/0x180 [ 1348.238046] ? nl80211_pre_doit+0xa2/0x630 [ 1348.238943] genl_family_rcv_msg_doit+0x22d/0x330 [ 1348.239955] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1348.241362] ? cap_capable+0x1d6/0x240 [ 1348.242211] ? ns_capable+0xdd/0x100 [ 1348.243005] genl_rcv_msg+0x33c/0x5a0 [ 1348.243805] ? genl_get_cmd+0x480/0x480 [ 1348.244634] ? nl80211_notify_iface+0x180/0x180 [ 1348.245631] ? lock_release+0x6b0/0x6b0 [ 1348.246484] ? netlink_deliver_tap+0xf4/0xc40 [ 1348.247440] netlink_rcv_skb+0x14b/0x430 [ 1348.248288] ? genl_get_cmd+0x480/0x480 [ 1348.249129] ? netlink_ack+0xab0/0xab0 [ 1348.249959] ? netlink_deliver_tap+0x1c4/0xc40 [ 1348.250938] ? is_vmalloc_addr+0x7b/0xb0 [ 1348.251788] genl_rcv+0x24/0x40 [ 1348.252477] netlink_unicast+0x549/0x7f0 [ 1348.253332] ? netlink_attachskb+0x810/0x810 [ 1348.254270] netlink_sendmsg+0x905/0xdf0 [ 1348.255119] ? netlink_unicast+0x7f0/0x7f0 [ 1348.256015] ? netlink_unicast+0x7f0/0x7f0 [ 1348.256900] sock_sendmsg+0x154/0x190 [ 1348.256921] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1348.259365] ____sys_sendmsg+0x70d/0x870 [ 1348.260223] ? kernel_sendmsg+0x50/0x50 [ 1348.261050] ? do_recvmmsg+0x6d0/0x6d0 [ 1348.261864] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1348.262964] ? lock_downgrade+0x6d0/0x6d0 23:59:11 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x8, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1348.263848] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1348.265099] ___sys_sendmsg+0xf3/0x170 [ 1348.265916] ? sendmsg_copy_msghdr+0x160/0x160 [ 1348.266885] ? lock_downgrade+0x6d0/0x6d0 [ 1348.267764] ? find_held_lock+0x2c/0x110 [ 1348.268629] ? __fget_files+0x296/0x480 [ 1348.269486] ? __fget_light+0xea/0x290 [ 1348.270329] __sys_sendmsg+0xe5/0x1b0 [ 1348.271129] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1348.272039] ? rcu_read_lock_any_held+0x75/0xa0 [ 1348.273040] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1348.274150] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1348.275231] ? trace_hardirqs_on+0x5b/0x180 [ 1348.276139] do_syscall_64+0x33/0x40 [ 1348.276916] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1348.277993] RIP: 0033:0x7f5834968b19 [ 1348.278780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1348.282606] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1348.284197] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1348.285684] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1348.287186] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1348.288671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1348.290181] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:59:11 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xc0ed0000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:11 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x80000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x10, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:11 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xb00, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:11 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1020, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1348.424037] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 23:59:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x9, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 16) 23:59:21 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xf6ffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:21 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x700, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:22 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x400300, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 1359.219694] FAULT_INJECTION: forcing a failure. [ 1359.219694] name failslab, interval 1, probability 0, space 0, times 0 [ 1359.222032] CPU: 1 PID: 8740 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1359.223412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1359.225115] Call Trace: [ 1359.225655] dump_stack+0x107/0x167 [ 1359.226431] should_fail.cold+0x5/0xa [ 1359.227197] ? __skb_ext_alloc+0x19/0x90 [ 1359.228018] should_failslab+0x5/0x20 [ 1359.228802] kmem_cache_alloc+0x5b/0x360 [ 1359.229621] __skb_ext_alloc+0x19/0x90 [ 1359.230418] skb_ext_add+0x508/0x670 [ 1359.231183] ? __kmalloc_node_track_caller+0x306/0x3f0 [ 1359.232233] __alloc_skb+0x3c1/0x620 [ 1359.233010] nl80211_notify_iface+0x2e/0x180 [ 1359.233919] nl80211_set_interface+0x720/0x910 [ 1359.234841] ? nl80211_post_doit+0x2e0/0x2e0 [ 1359.235748] ? nl80211_notify_iface+0x180/0x180 [ 1359.236681] ? nl80211_pre_doit+0xa2/0x630 [ 1359.237559] genl_family_rcv_msg_doit+0x22d/0x330 [ 1359.238547] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1359.239909] ? cap_capable+0x1d6/0x240 [ 1359.240705] ? ns_capable+0xdd/0x100 [ 1359.241477] genl_rcv_msg+0x33c/0x5a0 [ 1359.242254] ? genl_get_cmd+0x480/0x480 [ 1359.243149] ? nl80211_notify_iface+0x180/0x180 [ 1359.244198] ? lock_release+0x6b0/0x6b0 [ 1359.245103] ? netlink_deliver_tap+0xf4/0xc40 [ 1359.246136] netlink_rcv_skb+0x14b/0x430 [ 1359.247070] ? genl_get_cmd+0x480/0x480 [ 1359.247968] ? netlink_ack+0xab0/0xab0 [ 1359.248869] ? netlink_deliver_tap+0x1c4/0xc40 [ 1359.249896] ? is_vmalloc_addr+0x7b/0xb0 [ 1359.250836] genl_rcv+0x24/0x40 [ 1359.251574] netlink_unicast+0x549/0x7f0 [ 1359.252422] ? netlink_attachskb+0x810/0x810 [ 1359.253314] netlink_sendmsg+0x905/0xdf0 [ 1359.254155] ? netlink_unicast+0x7f0/0x7f0 [ 1359.255018] ? netlink_unicast+0x7f0/0x7f0 [ 1359.255888] sock_sendmsg+0x154/0x190 [ 1359.256649] ____sys_sendmsg+0x70d/0x870 [ 1359.257481] ? kernel_sendmsg+0x50/0x50 [ 1359.258285] ? do_recvmmsg+0x6d0/0x6d0 [ 1359.259080] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1359.260159] ? lock_downgrade+0x6d0/0x6d0 [ 1359.261019] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1359.262098] ___sys_sendmsg+0xf3/0x170 [ 1359.262910] ? sendmsg_copy_msghdr+0x160/0x160 [ 1359.263845] ? lock_downgrade+0x6d0/0x6d0 [ 1359.264703] ? find_held_lock+0x2c/0x110 [ 1359.265548] ? __fget_files+0x296/0x480 [ 1359.266376] ? __fget_light+0xea/0x290 [ 1359.267183] __sys_sendmsg+0xe5/0x1b0 [ 1359.267972] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1359.268862] ? rcu_read_lock_any_held+0x75/0xa0 [ 1359.269835] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1359.270928] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1359.271998] ? trace_hardirqs_on+0x5b/0x180 [ 1359.272890] do_syscall_64+0x33/0x40 [ 1359.273651] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1359.274708] RIP: 0033:0x7f5834968b19 [ 1359.275478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1359.279264] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1359.280835] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1359.282308] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1359.283760] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1359.285210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1359.286665] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:59:22 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfeffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1359.305441] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1359.310937] FAT-fs (loop1): Directory bread(block 3) failed 23:59:22 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x900, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 1359.390990] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1359.443597] FAT-fs (loop1): Directory bread(block 3) failed [ 1371.419824] FAULT_INJECTION: forcing a failure. [ 1371.419824] name failslab, interval 1, probability 0, space 0, times 0 [ 1371.422318] CPU: 1 PID: 8784 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1371.423717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1371.425409] Call Trace: [ 1371.425957] dump_stack+0x107/0x167 [ 1371.426732] should_fail.cold+0x5/0xa [ 1371.427535] ? create_object.isra.0+0x3a/0xa20 [ 1371.428474] should_failslab+0x5/0x20 [ 1371.429268] kmem_cache_alloc+0x5b/0x360 [ 1371.430112] create_object.isra.0+0x3a/0xa20 [ 1371.431050] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1371.432096] kmem_cache_alloc+0x159/0x360 [ 1371.432947] __skb_ext_alloc+0x19/0x90 [ 1371.433739] skb_ext_add+0x508/0x670 [ 1371.434504] ? __kmalloc_node_track_caller+0x306/0x3f0 23:59:34 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x1100, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf0ffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:34 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:34 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 17) 23:59:34 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffff0000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1371.435582] __alloc_skb+0x3c1/0x620 [ 1371.436628] nl80211_notify_iface+0x2e/0x180 [ 1371.437525] nl80211_set_interface+0x720/0x910 [ 1371.438459] ? nl80211_post_doit+0x2e0/0x2e0 [ 1371.439335] ? nl80211_notify_iface+0x180/0x180 [ 1371.440271] ? nl80211_pre_doit+0xa2/0x630 [ 1371.441121] genl_family_rcv_msg_doit+0x22d/0x330 [ 1371.442085] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1371.443402] ? cap_capable+0x1d6/0x240 [ 1371.444191] ? ns_capable+0xdd/0x100 [ 1371.444943] genl_rcv_msg+0x33c/0x5a0 [ 1371.445707] ? genl_get_cmd+0x480/0x480 [ 1371.446509] ? nl80211_notify_iface+0x180/0x180 [ 1371.447442] ? lock_release+0x6b0/0x6b0 [ 1371.448235] ? netlink_deliver_tap+0xf4/0xc40 [ 1371.449141] netlink_rcv_skb+0x14b/0x430 [ 1371.449953] ? genl_get_cmd+0x480/0x480 [ 1371.450767] ? netlink_ack+0xab0/0xab0 [ 1371.451556] ? netlink_deliver_tap+0x1c4/0xc40 [ 1371.452464] ? is_vmalloc_addr+0x7b/0xb0 [ 1371.453277] genl_rcv+0x24/0x40 [ 1371.453939] netlink_unicast+0x549/0x7f0 [ 1371.454766] ? netlink_attachskb+0x810/0x810 [ 1371.455653] netlink_sendmsg+0x905/0xdf0 [ 1371.456467] ? netlink_unicast+0x7f0/0x7f0 [ 1371.457321] ? netlink_unicast+0x7f0/0x7f0 [ 1371.458164] sock_sendmsg+0x154/0x190 [ 1371.458941] ____sys_sendmsg+0x70d/0x870 [ 1371.459753] ? kernel_sendmsg+0x50/0x50 [ 1371.460540] ? do_recvmmsg+0x6d0/0x6d0 [ 1371.461313] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1371.462360] ? lock_downgrade+0x6d0/0x6d0 [ 1371.463187] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1371.464231] ___sys_sendmsg+0xf3/0x170 [ 1371.465008] ? sendmsg_copy_msghdr+0x160/0x160 [ 1371.465924] ? lock_downgrade+0x6d0/0x6d0 [ 1371.466761] ? find_held_lock+0x2c/0x110 [ 1371.466790] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1371.467577] ? __fget_files+0x296/0x480 [ 1371.467609] ? __fget_light+0xea/0x290 [ 1371.470786] __sys_sendmsg+0xe5/0x1b0 [ 1371.471551] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1371.472405] ? rcu_read_lock_any_held+0x75/0xa0 [ 1371.473348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1371.474398] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1371.475424] ? trace_hardirqs_on+0x5b/0x180 [ 1371.476286] do_syscall_64+0x33/0x40 [ 1371.477029] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1371.478043] RIP: 0033:0x7f5834968b19 [ 1371.478804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1371.482439] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1371.483946] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1371.485353] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1371.486771] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1371.488186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1371.489596] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1371.511838] FAT-fs (loop1): Directory bread(block 3) failed 23:59:34 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff7f, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x1000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xedc0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:34 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff8c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1371.629488] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 23:59:34 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xe1, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:34 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x6000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x2000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1020, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:34 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x80000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1371.750216] FAT-fs (loop1): Directory bread(block 3) failed 23:59:34 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 18) [ 1371.793372] FAULT_INJECTION: forcing a failure. [ 1371.793372] name failslab, interval 1, probability 0, space 0, times 0 [ 1371.795938] CPU: 0 PID: 8836 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1371.797363] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1371.799096] Call Trace: [ 1371.799668] dump_stack+0x107/0x167 [ 1371.800431] should_fail.cold+0x5/0xa [ 1371.801225] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1371.802241] should_failslab+0x5/0x20 [ 1371.803044] __kmalloc_node_track_caller+0x74/0x3f0 [ 1371.804083] ? netlink_trim+0x1ee/0x250 [ 1371.804925] pskb_expand_head+0x15a/0x1040 [ 1371.805809] ? nl80211_send_iface+0xadd/0x1b50 [ 1371.806792] netlink_trim+0x1ee/0x250 23:59:34 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x3000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1371.807589] netlink_broadcast_filtered+0x60/0xdc0 [ 1371.808731] ? __skb_ext_alloc+0x6e/0x90 [ 1371.809593] ? skb_ext_add+0x4e3/0x670 [ 1371.810441] netlink_broadcast+0x35/0x50 [ 1371.811307] nl80211_notify_iface+0x116/0x180 [ 1371.812252] nl80211_set_interface+0x720/0x910 [ 1371.813219] ? nl80211_post_doit+0x2e0/0x2e0 [ 1371.814141] ? nl80211_notify_iface+0x180/0x180 [ 1371.815137] ? nl80211_pre_doit+0xa2/0x630 [ 1371.816029] genl_family_rcv_msg_doit+0x22d/0x330 [ 1371.817037] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1371.818413] ? cap_capable+0x1d6/0x240 [ 1371.819237] ? ns_capable+0xdd/0x100 [ 1371.820022] genl_rcv_msg+0x33c/0x5a0 [ 1371.820817] ? genl_get_cmd+0x480/0x480 [ 1371.821645] ? nl80211_notify_iface+0x180/0x180 [ 1371.822641] ? lock_release+0x6b0/0x6b0 [ 1371.823467] ? netlink_deliver_tap+0xf4/0xc40 [ 1371.824405] netlink_rcv_skb+0x14b/0x430 [ 1371.825254] ? genl_get_cmd+0x480/0x480 [ 1371.826081] ? netlink_ack+0xab0/0xab0 [ 1371.826911] ? netlink_deliver_tap+0x1c4/0xc40 [ 1371.827858] ? is_vmalloc_addr+0x7b/0xb0 [ 1371.828703] genl_rcv+0x24/0x40 [ 1371.829387] netlink_unicast+0x549/0x7f0 [ 1371.830240] ? netlink_attachskb+0x810/0x810 [ 1371.831200] netlink_sendmsg+0x905/0xdf0 [ 1371.832051] ? netlink_unicast+0x7f0/0x7f0 [ 1371.832953] ? netlink_unicast+0x7f0/0x7f0 [ 1371.833835] sock_sendmsg+0x154/0x190 [ 1371.834647] ____sys_sendmsg+0x70d/0x870 [ 1371.835504] ? kernel_sendmsg+0x50/0x50 [ 1371.836332] ? do_recvmmsg+0x6d0/0x6d0 [ 1371.837150] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1371.838247] ? lock_downgrade+0x6d0/0x6d0 [ 1371.839128] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1371.840232] ___sys_sendmsg+0xf3/0x170 [ 1371.841049] ? sendmsg_copy_msghdr+0x160/0x160 [ 1371.842022] ? lock_downgrade+0x6d0/0x6d0 [ 1371.842966] ? find_held_lock+0x2c/0x110 [ 1371.843918] ? __fget_files+0x296/0x480 [ 1371.844764] ? __fget_light+0xea/0x290 [ 1371.845622] __sys_sendmsg+0xe5/0x1b0 [ 1371.846480] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1371.847542] ? rcu_read_lock_any_held+0x75/0xa0 [ 1371.848717] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1371.850005] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1371.851302] ? trace_hardirqs_on+0x5b/0x180 [ 1371.852365] do_syscall_64+0x33/0x40 [ 1371.853282] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1371.854546] RIP: 0033:0x7f5834968b19 [ 1371.855467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1371.859965] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1371.861828] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1371.863598] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1371.865344] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1371.867095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1371.868843] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 23:59:46 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x4000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:46 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfffffff6, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:46 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 19) 23:59:46 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:46 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x8101, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:46 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:46 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:47 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x5000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1384.244405] FAULT_INJECTION: forcing a failure. [ 1384.244405] name failslab, interval 1, probability 0, space 0, times 0 [ 1384.247025] CPU: 1 PID: 8865 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1384.248558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1384.250422] Call Trace: [ 1384.251051] dump_stack+0x107/0x167 [ 1384.251880] should_fail.cold+0x5/0xa [ 1384.252742] ? create_object.isra.0+0x3a/0xa20 [ 1384.253763] should_failslab+0x5/0x20 [ 1384.254640] kmem_cache_alloc+0x5b/0x360 [ 1384.255552] create_object.isra.0+0x3a/0xa20 [ 1384.256547] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1384.257694] __kmalloc_node_track_caller+0x1a6/0x3f0 [ 1384.258847] ? netlink_trim+0x1ee/0x250 [ 1384.259741] pskb_expand_head+0x15a/0x1040 [ 1384.260690] ? nl80211_send_iface+0xadd/0x1b50 [ 1384.261721] netlink_trim+0x1ee/0x250 [ 1384.262607] netlink_broadcast_filtered+0x60/0xdc0 [ 1384.263705] ? __skb_ext_alloc+0x6e/0x90 [ 1384.264614] ? skb_ext_add+0x4e3/0x670 [ 1384.265503] netlink_broadcast+0x35/0x50 [ 1384.266421] nl80211_notify_iface+0x116/0x180 [ 1384.267438] nl80211_set_interface+0x720/0x910 [ 1384.268476] ? nl80211_post_doit+0x2e0/0x2e0 [ 1384.269463] ? nl80211_notify_iface+0x180/0x180 [ 1384.270536] ? nl80211_pre_doit+0xa2/0x630 [ 1384.271491] genl_family_rcv_msg_doit+0x22d/0x330 [ 1384.272580] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1384.274037] ? cap_capable+0x1d6/0x240 [ 1384.274932] ? ns_capable+0xdd/0x100 [ 1384.275767] genl_rcv_msg+0x33c/0x5a0 [ 1384.276623] ? genl_get_cmd+0x480/0x480 [ 1384.277507] ? nl80211_notify_iface+0x180/0x180 [ 1384.278559] ? lock_release+0x6b0/0x6b0 [ 1384.279440] ? netlink_deliver_tap+0xf4/0xc40 [ 1384.280448] netlink_rcv_skb+0x14b/0x430 [ 1384.281355] ? genl_get_cmd+0x480/0x480 [ 1384.282245] ? netlink_ack+0xab0/0xab0 [ 1384.283145] ? netlink_deliver_tap+0x1c4/0xc40 [ 1384.284165] ? is_vmalloc_addr+0x7b/0xb0 [ 1384.285075] genl_rcv+0x24/0x40 [ 1384.285811] netlink_unicast+0x549/0x7f0 [ 1384.286743] ? netlink_attachskb+0x810/0x810 [ 1384.287741] netlink_sendmsg+0x905/0xdf0 [ 1384.288652] ? netlink_unicast+0x7f0/0x7f0 [ 1384.289736] ? netlink_unicast+0x7f0/0x7f0 [ 1384.290961] sock_sendmsg+0x154/0x190 [ 1384.292049] ____sys_sendmsg+0x70d/0x870 [ 1384.293204] ? kernel_sendmsg+0x50/0x50 [ 1384.294324] ? do_recvmmsg+0x6d0/0x6d0 [ 1384.295397] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1384.296698] ? lock_downgrade+0x6d0/0x6d0 [ 1384.297713] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1384.298981] ___sys_sendmsg+0xf3/0x170 [ 1384.299916] ? sendmsg_copy_msghdr+0x160/0x160 [ 1384.301055] ? lock_downgrade+0x6d0/0x6d0 [ 1384.302037] ? find_held_lock+0x2c/0x110 [ 1384.303023] ? __fget_files+0x296/0x480 [ 1384.303973] ? __fget_light+0xea/0x290 [ 1384.304887] __sys_sendmsg+0xe5/0x1b0 [ 1384.305781] ? __sys_sendmsg_sock+0xb0/0xb0 [ 1384.306797] ? rcu_read_lock_any_held+0x75/0xa0 [ 1384.307908] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1384.309123] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1384.310322] ? trace_hardirqs_on+0x5b/0x180 [ 1384.311334] do_syscall_64+0x33/0x40 [ 1384.312208] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1384.313386] RIP: 0033:0x7f5834968b19 [ 1384.314249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1384.318493] RSP: 002b:00007f5831ede188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1384.320263] RAX: ffffffffffffffda RBX: 00007f5834a7bf60 RCX: 00007f5834968b19 [ 1384.321902] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1384.323577] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1384.325237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1384.326911] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1384.352364] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1384.354457] FAT-fs (loop1): Directory bread(block 3) failed 23:59:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x6000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) (fail_nth: 20) 23:59:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfffffffe, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x300, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1396.394637] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1396.397131] FAULT_INJECTION: forcing a failure. [ 1396.397131] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1396.399592] CPU: 0 PID: 8895 Comm: syz-executor.0 Not tainted 5.10.161 #1 [ 1396.401004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.402737] Call Trace: [ 1396.403291] dump_stack+0x107/0x167 [ 1396.404050] should_fail.cold+0x5/0xa [ 1396.404845] _copy_to_user+0x2e/0x180 [ 1396.405642] simple_read_from_buffer+0xcc/0x160 [ 1396.406620] proc_fail_nth_read+0x198/0x230 [ 1396.407515] ? proc_sessionid_read+0x230/0x230 [ 1396.408459] ? security_file_permission+0x24e/0x570 [ 1396.409489] ? perf_trace_initcall_start+0x101/0x380 [ 1396.410545] ? proc_sessionid_read+0x230/0x230 [ 1396.411495] vfs_read+0x228/0x580 [ 1396.412220] ksys_read+0x12d/0x260 [ 1396.412957] ? vfs_write+0xa30/0xa30 [ 1396.413733] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.414840] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.415914] do_syscall_64+0x33/0x40 [ 1396.416694] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1396.417755] RIP: 0033:0x7f583491b69c [ 1396.418526] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1396.422333] RSP: 002b:00007f5831ede170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1396.423917] RAX: ffffffffffffffda RBX: 0000000000000028 RCX: 00007f583491b69c [ 1396.425394] RDX: 000000000000000f RSI: 00007f5831ede1e0 RDI: 0000000000000005 [ 1396.426878] RBP: 00007f5831ede1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1396.428349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1396.429878] R13: 00007fffdf48780f R14: 00007f5831ede300 R15: 0000000000022000 [ 1396.447136] FAT-fs (loop1): Directory bread(block 3) failed 23:59:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x7000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 23:59:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xedc000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x7000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x500, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xedc0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 23:59:59 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x80000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1396.558455] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 23:59:59 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x9000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 23:59:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 23:59:59 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x600, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1396.728938] FAT-fs (loop1): Directory bread(block 3) failed 00:00:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x700, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1409.457407] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:00:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf0ffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x80000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1409.527940] FAT-fs (loop1): Directory bread(block 3) failed 00:00:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x900, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x1000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x9000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x9effffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf00, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1409.659592] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:00:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x100000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1409.695261] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:00:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x3, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x2000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1409.834435] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:00:24 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xe100, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:24 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xce000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x3000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:24 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x200000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1422.140294] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1422.163308] FAT-fs (loop1): Directory bread(block 3) failed [ 1422.183389] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:00:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:24 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x10000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1422.238197] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:00:36 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x5000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xe, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:36 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x20000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:36 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x7000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:36 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:36 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf0ffffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:36 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x700000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1434.194306] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1434.214359] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1434.228673] FAT-fs (loop1): Directory bread(block 3) failed 00:00:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x6, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x800000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:37 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x6000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:37 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xfffff000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1434.359940] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:00:37 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x34000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:37 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x20100000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x900000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x11, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x9000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x7, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1434.536317] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1434.567131] FAT-fs (loop1): Directory bread(block 3) failed 00:00:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x7000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xffffff7f, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x16, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:49 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x8, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:49 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xa00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x80000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1446.928237] FAT-fs (loop1): Directory bread(block 3) failed [ 1446.934706] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1446.939389] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:00:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xb00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x400300, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xffffff9e, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:00:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x18, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:00:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x1000000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x9, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:49 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8cffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:00:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:00:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2000000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1447.140891] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:00:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xfffffff0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1447.204403] FAT-fs (loop1): Directory bread(block 3) failed [ 1460.165531] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:01:02 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xffffffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:02 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x9000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:02 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf0ffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:02 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xa, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:02 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x10000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:02 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x2010000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x23, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:02 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xc0ed0000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1460.183830] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1460.213063] FAT-fs (loop1): Directory bread(block 3) failed 00:01:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x20000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1460.284294] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:01:15 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xb, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:15 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2e, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x20100000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:15 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x3f00000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:15 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x1000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:15 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xf6ffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:15 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xa000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:15 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x2}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:15 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:15 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x8cffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:15 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x5}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1472.599537] FAT-fs (loop1): Directory bread(block 3) failed [ 1472.602181] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:01:15 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfeffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:15 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x2000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:15 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xb000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:15 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xf6ffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xfeffffff00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x3000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:27 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffff0000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2f, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:27 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8cffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x6}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1484.375134] FAT-fs (loop1): Directory bread(block 3) failed 00:01:27 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffff000000000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xc0ed0000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x10000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x48, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:27 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff7f, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x4000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x7}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1484.446831] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:01:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x11, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:27 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xf6ffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0xffffff7f00000000, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4c, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x11000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x60, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x8}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1484.601568] FAT-fs (loop1): Directory bread(block 3) failed 00:01:38 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x9}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:38 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:38 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x5000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:38 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:38 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x60000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfeffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:38 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfffffff6, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x68, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 1496.196250] FAT-fs (loop1): Directory bread(block 3) failed [ 1496.197652] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:01:38 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x6000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffff0000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:39 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x7, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6c, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:39 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xa}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:39 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x81010000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1496.422365] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1496.426239] FAT-fs (loop1): Directory bread(block 3) failed 00:01:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x7000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x9effffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff7f, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x74, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xb}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfffffffe, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x1d6, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1509.296441] FAT-fs (loop1): Directory bread(block 3) failed [ 1509.301000] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:01:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xedc000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x9000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x78, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:01:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x9, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xc}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf0ffffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1509.430958] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:01:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xe}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:01:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfffffff6, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xfcffffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:01:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1509.507773] FAT-fs (loop1): Directory bread(block 3) failed [ 1509.517210] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:01:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x500, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:01:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xfffff000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:04 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xffffff7f, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:04 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:04 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x600, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:04 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:04 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xf}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:04 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfffffffe, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7a, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:02:04 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x9effffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1522.148926] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:02:04 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x10}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:04 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xe1000000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:04 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xffffff9e, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1522.210270] FAT-fs (loop1): Directory bread(block 3) failed 00:02:15 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:15 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xfffffff0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:15 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfc, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:02:15 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x700, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:15 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xf0ffffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:15 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x10, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xedc000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:15 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x11}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1532.749505] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:02:15 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x12}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1532.764177] FAT-fs (loop1): Directory bread(block 3) failed 00:02:15 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x700, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1532.844294] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:02:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xfffffffc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:27 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:27 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x900, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x13}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x112, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:02:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x900, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:27 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xfffff000, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:27 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x100000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1545.005134] FAT-fs (loop1): Directory bread(block 3) failed 00:02:27 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x200000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x14}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1545.061354] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:02:27 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:27 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x130, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:02:27 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xffffff7f, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xa00, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:27 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x700000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:27 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xffffffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:27 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x15}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1545.230287] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:02:28 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x100000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:28 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xffffff9e, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:28 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:28 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0f000000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1545.385497] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:02:39 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xfffffff0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:39 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1020, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x230, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:02:39 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xb00, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:39 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x800000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:39 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x16}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:39 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x200000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:39 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1556.532691] FAT-fs (loop1): Directory bread(block 3) failed 00:02:39 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0xffffffff, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:39 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x900000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:39 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x17}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x700000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa00000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:02:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x18}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x800000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x2}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1569.571500] FAT-fs (loop1): Directory bread(block 3) failed 00:02:52 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x19}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:52 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00e0000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:52 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x900000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb00000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x5}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:02:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x1100, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:02:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f00, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:02:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x505, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="e03f0300", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:06 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x6000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa00000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xedc0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x6b}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x6}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1583.816405] FAT-fs (loop1): Directory bread(block 3) failed 00:03:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb00000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="e8020020", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x80000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xd601, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:06 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x7}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x506, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:06 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x2}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2010000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:06 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1584.071866] FAT-fs (loop1): Directory bread(block 3) failed [ 1584.076173] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:03:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x8}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:21 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00f0ff7f", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f00000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:21 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:21 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x3}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:21 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x507, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2000000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8cffffff00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1599.012203] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) [ 1599.024057] FAT-fs (loop1): Directory bread(block 3) failed 00:03:21 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="effdffff", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:21 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x508, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:21 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x9}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x2010000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1599.170912] FAT-fs (loop1): Directory bread(block 3) failed 00:03:33 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xa}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f00000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:33 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x4}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:33 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28020000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x7000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:33 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x80000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xf6ffffff00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x509, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8cffffff00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1610.578942] FAT-fs (loop1): Directory bread(block 3) failed [ 1610.598139] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:03:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x50a, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:33 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28030000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:33 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf0ffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:33 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xb}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1610.701961] FAT-fs (loop1): Directory bread(block 3) failed 00:03:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfeffffff00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:33 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x5}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1610.756489] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1622.314315] FAT-fs (loop1): Directory bread(block 3) failed 00:03:45 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffff000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:45 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x9000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xf6ffffff00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x1000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:45 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28040000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:45 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xc}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:45 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x6}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1622.355287] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:03:45 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff7f00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:45 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28050000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x605, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:45 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xe}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:45 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xa000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfeffffff00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1622.483732] FAT-fs (loop1): Directory bread(block 3) failed [ 1622.533191] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1635.645400] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:03:58 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xb000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:58 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x22, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffff000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:58 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28060000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x2000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:58 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x7}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:58 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0xf}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1635.667304] FAT-fs (loop1): Directory bread(block 3) failed [ 1635.667413] 9pnet: Insufficient options for proto=fd 00:03:58 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x9}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x705, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:03:58 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x10000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:58 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0xf}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:58 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x10}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:03:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff7f00000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x3000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:03:58 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x2c, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:03:58 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\a\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1635.836079] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1635.864382] 9pnet: Insufficient options for proto=fd [ 1635.866930] FAT-fs (loop1): Directory bread(block 3) failed 00:04:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\b\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x20000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x805, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x22, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x22, {'wfdno', 0x3d, r1}}) 00:04:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0xce}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:12 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x11}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1649.783212] 9pnet: Insufficient options for proto=fd [ 1649.795761] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1649.811913] 9pnet: Insufficient options for proto=fd 00:04:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x22, r1}}) [ 1649.863077] 9pnet: Insufficient options for proto=fd 00:04:12 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\t\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1649.869185] FAT-fs (loop1): Directory bread(block 3) failed 00:04:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x20100000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:12 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x2c, r1}}) [ 1650.024843] 9pnet: Insufficient options for proto=fd [ 1650.038911] FAT-fs (loop1): Directory bread(block 3) failed 00:04:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x2c, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1661.849801] 9pnet: Insufficient options for proto=fd 00:04:24 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x905, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x22}) 00:04:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\n\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x5000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:24 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x3f000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:24 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x2}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:24 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x12}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1661.877275] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1661.886097] FAT-fs (loop1): Directory bread(block 3) failed [ 1661.887106] 9pnet: Insufficient options for proto=fd 00:04:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\v\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:24 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x3}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:24 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x13}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x22, {'wfdno', 0x3d, r1}}) 00:04:24 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa00, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:24 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8cffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x6000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1661.986125] 9pnet: Insufficient options for proto=fd [ 1661.995140] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 00:04:24 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x4}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:24 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280f0000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x22, r1}}) 00:04:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x7000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1662.055050] FAT-fs (loop1): Directory bread(block 3) failed [ 1662.092196] 9pnet: Insufficient options for proto=fd 00:04:37 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x14}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:37 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28100000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa05, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:37 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x2}}) [ 1675.225329] 9pnet: Insufficient options for proto=fd 00:04:38 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xc0ed0000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:38 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x5}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x2c, r1}}) [ 1675.250845] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1675.253922] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1675.278998] FAT-fs (loop1): Directory bread(block 3) failed 00:04:48 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x6}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:48 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x22}) 00:04:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb00, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x9000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:48 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x15}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:48 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28110000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:48 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xf6ffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:48 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x7}}) [ 1686.159447] FAT-fs (loop1): Directory bread(block 3) failed [ 1686.181520] 9pnet: Insufficient options for proto=fd [ 1686.184525] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 00:04:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc00, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:04:49 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xa000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:49 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x16}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:04:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(`\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:04:49 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfeffffff, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1686.278367] FAT-fs (loop1): Directory bread(block 3) failed 00:04:49 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x8}}) 00:04:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:04:49 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x7}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1686.349536] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1686.417945] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1697.898291] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:05:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x2}}) 00:05:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x9}}) 00:05:00 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x8}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:00 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28f00000", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd00, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:05:00 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x17}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:00 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffff0000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:05:00 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xb000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1697.945495] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) [ 1697.962942] FAT-fs (loop1): Directory bread(block 3) failed 00:05:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0xa}}) 00:05:00 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0xf000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:00 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28810100", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:00 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x9}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x7}}) 00:05:00 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff7f, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:05:00 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x18}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xe00, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 1698.030636] kernel write not supported for file /snd/seq (pid: 8851 comm: kworker/1:0) 00:05:00 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x10000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:00 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28000300", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) [ 1698.077878] kernel write not supported for file /snd/seq (pid: 4394 comm: kworker/1:3) 00:05:00 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x19}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:00 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0xf}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0xb}}) [ 1698.144295] FAT-fs (loop1): Directory bread(block 3) failed 00:05:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x8}}) 00:05:00 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xffffff8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1698.184637] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1698.201581] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:05:14 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfffffff6, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:05:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf00, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:05:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x10}}) [ 1711.643989] FAT-fs (loop1): Directory bread(block 3) failed 00:05:14 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0xce}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:14 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x11000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:14 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28000500", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:14 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x6b}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:14 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x9}}) 00:05:14 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xfffffffe, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:05:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1020, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) [ 1711.705036] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1711.712097] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1711.738644] FAT-fs (loop1): Directory bread(block 3) failed 00:05:25 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:25 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0xedc000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:05:25 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1100, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:05:25 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x60000000, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:25 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) read(r0, &(0x7f0000000380)=""/81, 0x51) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f00000001c0)={0x2, 0x5}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2c4240) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) mount$9p_fd(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240), 0x800000, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_none}], [{@fsuuid={'fsuuid', 0x3d, {[0x38, 0x65, 0x39, 0x64, 0x39, 0x36, 0x66, 0x64], 0x2d, [0x33, 0x39, 0x63, 0x34], 0x2d, [0x39, 0x64, 0x31, 0x36], 0x2d, [0x64, 0x62, 0x33, 0x33], 0x2d, [0x36, 0x63, 0x66, 0x61, 0x55, 0xdf783ceeeca77a68, 0x38, 0x35]}}}, {@fowner_lt={'fowner<', 0xffffffffffffffff}}, {@audit}, {@measure}, {@dont_hash}, {@obj_type={'obj_type', 0x3d, 'rfdno'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/zero\x00'}}, {@euid_lt}]}}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x30001, 0x0) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000080)="647becc5d979593600b63538165048835c27666336cf922b3a50c185395a833b7d8d4d87c731ecdfb0c501655223ec9c6797222782ed9ec39e970a7949418a78") 00:05:25 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0xa}}) 00:05:25 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28000600", @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:25 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0xf0}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x300}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x1000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1723.240675] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1723.246654] FAT-fs (loop1): Directory bread(block 3) failed 00:05:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x500}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x2}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) openat(r2, &(0x7f0000000280)='./file1\x00', 0x20000, 0x8a) fsmount(r2, 0x1, 0x74) execveat(r2, &(0x7f0000000000)='./file1\x00', &(0x7f0000000200)=[&(0x7f0000000080)='/dev/snd/seq\x00', &(0x7f00000001c0)='wfdno'], &(0x7f00000002c0)=[&(0x7f0000000240)='-@\x00', &(0x7f0000000280)='/dev/snd/seq\x00'], 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r3, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) fsetxattr$trusted_overlay_opaque(r4, &(0x7f0000002bc0), &(0x7f00000040c0), 0x2, 0x1) close(r0) r5 = syz_mount_image$nfs(&(0x7f0000000300), &(0x7f0000000340)='./file1\x00', 0x7fffffff, 0x9, &(0x7f0000002800)=[{&(0x7f0000000380)="0c33d17da6c20d4edcfdd89e8d960f3ee0239f55924792f0ff6f4f7b59db9ecfa9cb8461eb40c65c12010a617e5d089424e7caf9236e324c74ac4d7d4c0fea719b05fc2c60cf4b92589fdebf6c3adb8e561d0320ab816402138df50a70385df6e0890c26f5040a70872aaa1568ebf0299e9e0620887892960cf277e36144ad314c", 0x81, 0xbe94}, {&(0x7f0000000440)="7149333fb405f744e3b0222dd0501a2a1676c2db4791223c9825150d997d201dd1aa5dd94c45d16250290a7d41c1298f5f55f725360a58f805e10b5a0b457f29220a2adff586fc71ba0899dd3cce4dcd7d5b60ab77d2fd9ce62346dae3ffbec243b26fea53e6be695ad3a05901dc0df188206e0141de28192ed916c356b8fd9a", 0x80, 0x7}, {&(0x7f00000004c0)="68a0cff29be533086cfaf9dc49edf0948bd1e0286c6ee97ec442303531b70a633c3c772dee6b408703a496478086f11325ed21a57005269826e5f12e5ab602789cf46bd9a3a0b7ed7056707675ff4f2f88f8f9de2a89a8068e09948afe24a0f125ced9a864f781003e36bc83da066593eee54b8ed5e18c5a234df3a3762043d3f6274957be8f4a08c6776225d5b1fb1f12fe33ab3f2fd4fccae2964eb8faaebe8451764a4ab01b08b9f7fae8304cc3d4ea1be8ddd7da48bff193361720c33c813db397c9e6df4817240bceaa3a132a9780a5624fb913df26d7ea2dc05311f18f213ffb577ef818e5435f18f4c8bafe84fda46191f974514073ecf37048a13b", 0xff, 0x2}, {&(0x7f00000005c0)="d92b4ae84abb510c5efec13e35335cce85e082b8853ed88df25e9ec0cd16c6f220e47fe339fba052a32cd4453038f9e4ef0a823a25dfa81c02c42296eb122f7596360bc6e8733a8d88801e5f01b9b6a078567b0765af56999fa5c2cf8beade99d8236069a76334c9a901dc669436ba6502e37e9b3e50a7c2d15eb75c179802812f0aa63337653e7b1d6f33c672dbaf5e6d09740052f07cf2b51cca936236becd25df6c02408c2f4206d5b4895ce7d1755a3070a4e72386ce53e35c62ad7fe9c9522c2135416763ae9465c1c97a6313169ec8886d3e0e5e400b6f7b30c78f1f092e093d4eac0907e5332e28475509f0fc1936b6eebdf1410e8b61d426afded3bb9ee09fc8e319a753fa33efb553eb0d9bfd034d55132ab1d808cfb8c9d812702b1b525edd1931b5ab8b8f44c207a7fac6b0e3273153234e86110c87a8e58a39d5f1e093a3a9272087441cf2fbacae69e77231fb1017ed8c3c8cf021ed519c9feaa8e55174e4ae9c462e2a76a3f8f759c7189d66909ed91b3e2de53e549383a1fbed068715e3bfd798d5f64cd802889d291956ef9861921b41f4ba639ea0167b674bde60e576c8f0cb223e15c4728cbf67d4b3e8018d3fb1d0332ca48e31c1de527699672c28c129eb6141c8a8f083617524767a15d9b788a7818a8c0b2139f25d1f6440eb9314c05a5f1d6dafdc07bff306f8ebd39d6503b6a4b87f9f91a0b90b04d22db1d6ed3d04e2757cbd0386b91b7b8f74d5df04dce3d437e7877f3aca55b2210f1c004e3ddb6f89751b1991264f52f33c8b9e6d42a73aadce401a86a012abf4433f261cdd4d0a0eb1e839defe8b1664cc8713f1c95b71196483fd022d4312bd1a45cc69f9ea3a4e2f5721ae6b24ca2a9ed6b2bc3c8fa4cdeb44b9bee97aac98809f8c3f2cbf6b012b6e8c8c6790066f40adf48bdcda5df88d38eb32fd345f241dd80b9c1fa3c21219655856b7f4bec7e5c594cc629070e40da0ae5026988a341d9065c1095ad1109239c5ec26e035f434a67dcf83fa4a199ee040f305917fcaa9b27a1832a617b551ffe7d1976067946492dc0f0775772ab1cfe59bd5e4d373fb2c60cda70a8b5841dc866215143c757714d45dbb91e83ed82a3cec500b489cc5b63d43b37048960161ea9250691e3a8f4d2a5f8e484aebba3daa389b54588f41e895a55276d563f424490a82ba4862e20030672a68aedf3460c70c9a9d6cb52db0a0bb44c38f60cfb86e0b9d2b4660132d6f7d4102baf317076991d986772808b8086867c71ee98ff2ebb4859a5dd3c9d4c2dbc53dccf2a910f8c66259719912ead4141321f64ff439e7541a70665a3535c697d8ac94e4006a02f7415fda0f3bca73311391bbe787069807183f35f0c5bc6a80ff3640106426bc66e814e6bd091766556859f197f2a169de1c1ee76f620a44965a27607a53f2166339e33fc77adb5bccda29b38cee235ca402a998bb74886b129ddb3630e7739d64b48bada3a29fd6fe491dd3b1e7c8ae9d627481c2b19f6dc5eb35fbd5a1239bddef70ce5e252362ebb9ee66b79a9644692ca24c4363de4e985cf72e550285c40316878c7613b8ed6e6c0cdd2b9c37e68028152de18b0db47c9e19fb77e74ef239604f4d557c137cad58b18b2f0e30998fe02b79b3b4a7254a0fa274ed29a9788cc7308ea113f0f09f28cf4b7ddbe3eff75178be3d2126db9e70843a5bd3f13b14982d2e80a0019fbf8213fac33b21196d1c0b8a78e6ee86b0c0b85ea62b41c48181c4d7b68f52fb96406a376c7ef1b324f7ee84276afea3422fc5517ecfddd366137b4305486da7633a1c3979e0ac48cd57f7aa258c0fa8be5d4b0ec12c9c74833d8cdeb54bd949746d6febc969ac60c444ea80e1491f6f59f99436729127bcb32fe13e2b742bb8a06c02ea4dd589f5323d570532f102326961311817877f311a4eff164770c3acf5a2e850703189e8da1753fc048ae816a900544bb555d924378b70b1f397c95167ede7affdd8d1e043a37e8adca3a7720bf6a39d456cb96935e438bbba9c494c78c1e505691173b4fb46109271a143581a08d7ae80dea2f08994bd2eebedc1e1206200e40a1342fdd940df8d41ae107ee1c23d0712cba5b2f3f393349330ee57ed77dea2ed9917f64a1cdf98a08a522dc0d30d5de17d77b7157d688897113f12b663251545b8b732edd779d5793a0e057f10ce013ae4e2a48a2d3207e6ef0040bb4f183296c7c4a48dc2727da471b55a49aaae7f4fef251348d92aa78af9b074d8b2ea2b2813fb06d8d21751a135b8c112c7cc7d3e3febec2e157c1f7f0d4cce0d9214bd063be42434c4e6bb8acfdbd649d0d91837e4cfed9d66c4f79ea360e65fc6d305337e047786ab0d336292058f3c9de8bd512174aed0b371ddb0ff05922cf95c5b38dcb12395d7307c1e99eae1a86fef3a08efd676ca82d386a62a8fb2c427e6024bb7c522199ec19ebaf9a23e80395d77cc58057b5e288d340a552bbdd7924d6c15426535931e6c47e83a56396790eccbcc9712a4bd7aab80ab907bf1568f1f8b38c46c6f088e3ca6a9bdecdd833b9e80e837f4ccca1a05fa767ad9cd88930b923c5bfe4fc095b8abedd575b00074aebf5ed78c46265199290cf66d4b9bb4e21afe40a2490a365d5212889df2a39e0469fb06e6611953161c990fdd1cfc2f01465dea88b84426bfa1ac8eb50b2b58a1d6eaa3b06761c1a29c0764194f43b8bca281e344933287e6a640bd13badff3fd45975a3ab7a668ea38a78e4ba5fb3e873592da16a6ec27b8a3ceb2326ff45d1174e2b80ecb7195ed78ece245e08490bf606c91d7b08e1d7ed7118e4039b219739c5824dbfcae8950b436834a0a2b68e85b509d39481edcb26ad8b1c836b47a3093d9cfab9a19cbda27e33287cefa4c9655dd3f4b0deace0d1c22eee995fa2d3e9f69dbb5f603c6bd28946b9f0d3f831fa8942b34cd0ca9a846a986f9ba90c59a1d5de10ef14253ca4bdbdc2c6328df169b5876ced66206e93ab35f232d1fa811c39775f7b8c773bff463529b5456c9b34921b238d43992298f56a7145c2cca303b2b3f8e12e6762da691acce715b448b379dae483d2ad43e460ebdbe62faf1380b92a7f78c6c5d2e70a0f132eb6dca1f265993611289bdb98b6e60505d6dc8bcc6747dc644bc694638b11b803f01081b18b0c6dc428f58507847c7b88fb15da9f7443b7f741653141c7b7274a000861fa61a5c9c62a7bcbdb3473b1287a71325397cc44c09fc8fba636ade44f43011d5686f8bf241724947f8c0ce13303eea879e45b3b61690be54b447b2a0adbde02f8a562efece95c565782136a920469dfaec019aa692f699deb29cd444d04ddd32b05fc216a110ae9bb386321594f315abe2336b1a8b510d8694cb2e5079bd3e334a8804e40047031a69b250301e8ff44a9c80157f03ef3e8c9f0930759df0375d6c97298e4fa89e211a7b065dcfe50903ea0f29f56e8ec3fd4b3c7b095a17dc0b364c35f102c3caaf41f93de3d68971331a2d3ff47a669fd9539a4b7c4c8d6e0e19b1fd360a6a7c0bf3c66726ac97a2df05bb602e3e0332f457dc6117fc476d002adb89cfb1fbfcfa55da8e2d5493fdcbb701551442ca91f5644192e10dc62f49b713926a3931b53388159c4d38524285b8217d5664d660c134da06ae98c1fe4bf3301c6345340e95654287eb53c7307c88af322aad58e57a9bfb6c41d4882ef94a893ae2c56fa904b764640bf84a7e700c7f0b5d2f6dead57ee50d0110e08a6a88227e78055a5f2aa983b4c44aa7fcdd9d253dfae8c6052baed4525d70a1af9ddec7b5e38bac9785352602eb05628a55bb4ea61ad0a372eafdf6a86985aefca55c60dd00587478feb1aa60a82802289fa3ac44eeb97583be1393949139a03dbb55cd65142d0d902f30faafa8a917bdaa3a58400f1c8197229c9f94d881f123d97cb4049d5813427802149bc411ed807892d2d2153c0e2a6d9a460d799a1eb224244a62689e00831d64c492f04ed582f5be35dad726a278ede5a396db4f416e5a367ffdbfe6bc27d809fc92955ff66af58f2faf917a98492b10d8b727ebd9e6d697e44b94d2691599c2d70ef3e8e7ad68760ed644df55290c6e95a8593b0920e7e097724dcf79b5e2964cf93e3ffa6828b03cd99408c3ae13715b2462812bd78634cb230b90ae2c7d4de57d72a30e9b9b9e786e47d9258b49210a6ad238e3953bb57d64482b7f3e25702f0c3c5d9a5adfd8c77a695166fb0cc9e0fbda6566367228a7914435bc8fec7063c3b2202eead93c6b4c68036c9a2f3860704c99e1742a4263e68fb7bba3b29da2fd64be8bf40de8a6a9722c1c108eb57d1df5dbedf9b6c5c8c3d4d906bd6c66d82ae4030c52cd51643fdccf3dd9d6b8b041de7dbde49ba6bb6be542a2ad6bb34cc94373f220731696ad3cc319b17fb56b138eddcdf695d019ff608d77929f069f050bbbe9a59ed8ecf98d5e645f79da55b81cba1730647b09790f759489b1210ae3e1ab7d8ed8085deed6242f3be9bd9cfb91ff3e465c59cc9f1ec917581455f9477729b2a75f3566f6d0637628c878b92651fad207e625d95b34b7822942ad8515621db754a1bac0db94b51554bc0a7e301c1ce705e30157407fc3b190a5907ea446816244d49865a17a0b3ae83ec0c3c13453d0ccc9a1f14ed8159bf1cf553b4b76af24362f78e97eb7322aa5a0a9450c8313ba30506dc6a701e7a51ac238162646f8048d9c6309b67c4a5cc4d0fffa69648440c8a79bb7796dea5f6c0ad16758eaf63b681ef4e6cb8866d9c54a0b48254b3496cc9d271a34054f0692b394502f257c5d458967a32f3b6fb8e42ce613189f2a6e0ecae83a55978de282c33e6d4507f13c0dee9956e0a0b2ee816e55b7e632231ad7c557061dd4924b0844e650325b876933d58b085d1ab6124369ec0d21325010893e4481fbc93a780fea9f87ad0e39a73a7df5fb1e3b8ae08e97d856de506b3e9e34382c0eaa0d6bf8eb0903bc70178510b51fdbec494271c40200b4e0267158e878a0bb71322838b835233e356442ef6b6b42103927fda1e413dac00d845a455febaddd31a936714f15d0b5816a1e6d990917e82ff867e3b2e4a234f08cac2f76b544f44eeb39d9493534c3ac8a926f1a0412e8207dd9848ea56a42b4f2cc6a66aa82da768243098c62ed08ace4d728a4b544d18d612160944731b2460b1276140b512a7708412d244b0410f81bac7c3b5f2e271724d567b93a737f4cc3c4d6d8b4aa053b2243605a34bb1efb5924448dee5b0542e0ee43cbbdb0fade0f287dfe04ef8b69eb9149b14909f118dc1cf5ae612b3d0f5a2e9af2ea4058a36826690cb6866e0b94cf1392b0a2bb388acdfa16a692260332da4855b5880595bbae5de16982bff9b5609b861afb472b0ad819b81edf968cd5a8510031ef498f303649d590449e44f0aa27e49299ef222b3baee61aac8872e7bf8b2e5a9301d19e5224509b605867f2aaf8884262477a71eef1030e1be56f5a2621170af9f5f7005a5f38bbf561c03618cb54e4e0b6b86416029adf930191a9ade8aa35a8fa8cbf9e0779117bebd375063c22cc5d58f83e0fa013771507a7c16506fd24456e757c5c7423d717a895018342718ba2cc6a42fe2df5cc9b758ea2fc08aa657de16a2ff0f1e1b509900a92e680f75f0edf1f5b6d6e0766a71ec6d8a37676975d2191424a2abf979c80d49d3db05d3057855f95a43358a60c670fbd825082e76888ee5ba4a5bf6eacaffb957ee28d3b05ba601c25e2336d72e0d9b0c7a30572", 0x1000, 0x6}, {&(0x7f00000015c0)="fca0db60c74eb73b9fb89d58c8d771c7cb8c62d9cfd038bebce978408e69dae31f47ba337f52b876375e5071e92362da6f764ca1aa646ffa89f6436deccad669a3ca8d189792df573a482e5a39efc6ca7bcc2e89bed7fd", 0x57, 0xffffffff80000001}, {&(0x7f0000001640)="bcc5abc81afdfe7aea2a64aa2d381191f9aae43b58b820c4014ee4a56e8656576c63f3e09baf3c32e7f2f908ec767936bf37256e8512e7dccd57be36ac64d878a711f8d1ab886a", 0x47, 0xffff}, {&(0x7f00000016c0)="8696f12cf27bc7291254ea32d2817958911f260805c7c17aa8553d3ebe868aeebfb4a4a905f6ead1b0a348246b7de703ab4789521ddc853e0663e2139f32941b73ef8fe9d9499f3d35e4c9889a24e722f8dccb6afa79ed0e6440f89671cac38239af358e6240a17bf75b057e32e4274e3a97f7a9e362e9607821020e88808075464aed0dc8a76dfe3cf30c204705cc5c2f70020146ea89f5d1224e460582f5483a5762c0e893104784d85e9083c5570f19111f33e5bb90771dc71977c1908f9bd02eac6a534857927cbcc9b6ce7ed471e9619d8e33e1fa830b7bbfd2967194723ddcbe1a02b3b93527dff2536725316f977f6d3e3adaf6c89386bbd43847436b7939baa5ba56bd1392fae96449d1a62110590bf769154725810a93fad3e5f98e6038e18c0f03eb07e91dd299b3e25da19654b627eb76828d9e1ae54751614982783ae9865ac741021f7192d20481e79dab7e817669d1a9ae1d554037f6a18b8e40bfb56ee070104a30f68243c0316160030e4c723ec071f90157f0aab28b8a33b5495479fa654a51e9667da7b448ef2c2441e06bf056e273b99c0f32037a723f3d0821c9a54c5db1124b9e69a85d7e95239a1fb1782433c8e5dca136024a90e372f3e0ef6ca47879ef5e568351a5afd65603aefe23ca80b6e2eea5ed19a8ee4bbe8a0c02fd2e6af1c779678aa900155fff557350f95aee02648119e21a31a0fd9e213d453b19089cb6ce99654a278e00312501d5a2b9d1a83df6a4169d5b63a0ccf59464b089da487365b00180293c66f254197c3b4c35d3f9e225be0f2c191cd9bcc33c39d3534fe45c5092ac29d9f094700c950ec55fb02ce5b3eb67aaa76e339dab74f131fabb02088712b86ffa1cae67c7bb36a2ebb9a06e3441c94b1f2114a7b851692991229c4a7b5c279a8e367b3f9b71567fa450b4cb791dd94863631cb42bb9b5909318588225aa57ea9d6b1b08731c43935bc2f10be20f336be0b845592981f21aa02a23ea5bd41a2999ca7b699cc3525505f09bf26cde04d11af620431177a690c8bca9ef0fedf2e6051dbcc08c53ed87233b1315bf6d0c9e494fb762165ce309a272dbc2129ca77140ba0ebd542300cc912663d0455bf5d9c25e2fdd90551dfa4b4d6406ad739571cc4d026a83c845aa0de6c433384773159b7a42b06f1c2ff5825db3ec368ce4419bb19c46fafd16309be6d6a03189d9f095532a4f16c6ecccd9f1aa1549fcbc0eccb8c83f95148a39577cc696025af7b2fe5b5590f4d6be21a9d4d67308e72427ecb675cbcea4c8ebb72f3c8192ccbd711c077064c5f6399882c3c1479e7d9ec1e50fe29e2b958b5e3eb16d98ba1b4be279de2ad177548c54dd8cb8744ea34195cbe3c792cc68416313a28214950d60a55c4e14cfe296299ca7ee56189a2027f4fe3f3801af02cd88048259b921126765254225de8a329f4a383687b17f67ca8b346cead6138e8016d2884f7cf914e73855b2adefacc1c778458184b9549700a5b01862dedcb31f9db02e3c0af4c71c83bd8bd70f6c80f6af9cd45f2cbde14788749ad0b60168771df7e6dfccce50be843f3ad2da8c36171ecc52b470057bb168f0c6782b24b980bd7416e84e2ce65720ae99ad5da4459e6482cae2769883843418f0af6e0c2f22f4f5a2b7fc3118143d44c673390708771b3b9b8c8d143ef59761b1787dfad3bb9848aea974320527462f19ad8e131dc7861a41b9f5aa728b46fe2746f18cadf6770d7efbedb618ee61b6e08a7fe43692d286afecfd70bca7efdcd78daf413816cdec5bb9d03574688b571bf463bb649261a15c047f6378fc05d0414b99facdc5fb0d2a416ac1b3d3aa4479c6135705a82141f673aa51143e8003d01b4ab2ff16cc69e073f09858681b9bd15c74558243e85a5a1e4bf7e6ad21a0794c646259081aebafe91f99ca8090d72bfde612e5721a90d2a9f16976c2fe3f4ef727fd8c03a8443022facbfb5574c720a4088041b3cc0bd81d96c2c258246db1033025e9f0ab4b47fe1abe0b981faf5ba11e8b3c24a452a88eed89165aafefe00d6e371e391301123bbe17ee2f8aea8b008e43e69f948af2c4f271ef13f4fef85842a29d571e02e0d7bc50a2258aa153b73ac84acf9f4ce4f103d4da40db172cab5923ac224902c2317fc92d2dc4f64d3c53a67ad09991aea2574dd4354d9b3ab91ff946c3d1120ff4bf9baf5b75e3fa12c3ed8621a387c59f8f0d02489e8d0b0c937c9869bcc3c40a08b7b1ba9acf17a0fee1dc9bbebbbff90e11c04d675ad4d20b76220b476ab4133f5d5f4bd364c657d79601a44050736068876356b4fdc202107493fc45a2df4fa20651af18b1ed3da4e8c5054829c9ea7691cca1058d2afe80bba0df64fb47e3115dde4515b045c070b11b998c7faa73bcfb05940dba7f11a287035a1c8b31745d3e479a99e9c2bb99a54e3c0665b6824139c856205162b72447c4a314ab7241f1d9c90fc28dab55fc874102d9e9e5576f3fd4d73e7b50c2c469eb3fc44203e0231ce81884a18b66b2629ac85de58f5046bebfc48f756eca3726611319483a22d55d751a656748c8cc3dc0ccdd12cc049f3226f5599d2aec9e71e4fe2f2182b255a8fc63ff7e178af0c90e6bef6bb0c17ac55fa096725dc7e137f8aa8819748f2f82794ca4824e378d700883ada46f3376b859651c14b05f52a55cfdb16b91de221c5a0e9b2ec3d559161db43e3b1589a0b644d1b2e8cc37f0a3ff926e299dba83cffae73dd6e99e5303ff883abe1992dbf80bffe58ffda922c9b936853b69ca0c877b956b39b7652387fa1debee3423ded30145d9e8e1e9b825a8f6813688b04e3c8f3c1e40f56b3866fb90afecc90903b331ee7c7491dc7ae678ec4d21e7ff157bd7f486991c6f4e018e8f916dd1f1693976980865aef99dd09baeca6f214d6734ed49af1b75fd0e1dc6f69d0b0c2d94c47169195dbf8a6b6994dfcfbee988554257b196ad5564b4e940844b1312868730e8d87b2c2a71ae9ceb586eb29d2f8ba8f22397e4afb06d5b07913c37bcccdd03b8c7e7df3b6e31d334da96bc982ece2513ce481627734dd8c7ff84770b21eb2565f89ba73a5751f27fd97702451e415170dfa1ca88cb19cd3fbd4d2e23abcb441c614211a8f514760f47f3eed159ef3a44de64ace7d440246efa86f89cd25170dd30932e3bc8dab6833fc0ca3dd6292f8319f7c62686d27e2bf1204b21ff421bde94c9483f7626d845608cf6d0db66e1f9479ec234018d9680046cf894a3fa1b0fe4af06aabef6515caa1bc2e22e30b0d41082ca20479eec0da11380f26287308a0d9b11d39945d3c1daa2104cfe065dd434f7c4b3bc12ac6b6ec8b41659c72a19952ce77019cd9f2905c74ef436a26f496d790693dcd34965493dfd02e3ed4a6d829905afe6d7cf6e21d976599129521e1e2e2fa708abf1a012ec62c13860f51b6d6b7203c5e532d7f621062a60c9e8896477b3312a20605e6f4528c3bfe3a0f20752fe926a021177c8d7c2be522d4490c1e4914936661dfabceb62224811499f60f2140c397a9d211f6618d6bfeeab7e795f570395def86bc17ad654dd8d6e013502c3fe1729d1109a1abd05a5ce3c021b6bb3e6937a25617f1ea589abd371e1dfd79b6b57cb47cd0540d5c2a12a76b07b1d666bce45f16f47994fe5c00231f6adf963b3d86d46e38fd89c31419f166da94e907c0bff406370c76c1950b2384b50a888a12da38b99b88fafb32bd59f1ea02e4857be1b5c2fba7398405d6f190851d2280031ad6ff72fb95e4b6a18da941c9e0e03be049ec60c2ce6a4ed569abc377ceeba12713fd06fd0d6ea167ab8a6b11ac1d7b8af26b6220a348db191b2c00491a124e0c70cb8cd21e3584e67d6c489ec01afffc50aa2b3ff938e9c56e60c77a020ff7a099af790798491f16e2518e87719885a12419ca6967139c2e453a4192099ae55875ed1e3c3bff4952ffe4da2008b8f17e4698f5ec93e68d0e9eb9d452d14a9fb09896c556ef0fe79e6174f458bbe70ac7b394153fedca8131108a744a9592f4585c9302f12d6260fef854bed741fe98557983803dafa9b735c7dab37f18d06a3e445a0f06798478031ab80ea12dc892ec4238f06b12353ae47e484cda6d9064e1078064b7d55c7700e432a8a1bf26f9e1dbb100bafacc0d29ba3e82f2e71a84891c578691c79e4ab4b2aceb4fc2fabcdbfddad9924e630b241944dd3998bdba457d82c7d71fe6a2f21da1f3a0b247ef7292c55f5cb24c74599d5585d8f9be886cf332b7c2a5925b7ef74043ba74828aa6caaace4f33abcf2e68992845b7adf6d8cea38bdacc1d103ab6db81ccd52c4cfb5e6cd170b877fd73621059fa092f591295b3266208890961579ad82d6764a0f19044658b8903910c28578425a97f8ea499d58a76bd59c96bf9081069badee0d3df08aab0566b4b37df0bb4db173361357683353c0df9f6aaf5e9916ead82080c845c5bf95f1431bf2138a57857e3454769129cfdc73c57d25f760a23412a84c3f7fc09f9a6315caa205f123eecfcbdde5004ae9a7e0ed60e9084c36bfab7ca888f53640d536ca97e4967b773c9d5d4f5859963d48d81205525f357c1bf04af60187929f16b25cd9492a2cf1620b552c66205b0f53168fdf202df1f76c9259ec24953f5862ce477b52acab8029625b9aea3d1a7dbadd5137aa8d3bad4532328f94430c42f13a7263b66b714abef1328cdb6eb3effb63d6e7adfaaaf2a14f92ba9bcb0f32faae24e67c21f14ea2d5f054a91194bfdc4981a736db6eef5ce2f20b2ce643ef18a59880ea64aaa19f4902766c0fd44e6bfafce4b1cb92bcd9408b1a7de7c6fc9129b089554da4c62a93d32a0a359a33b0946a293342581516f62bb08db7e527ac8487d786cc3c09fb63582d166fafd276c0720550eef36643d85522761d0425e3425449dd943f3dc3c64e60ee29e59ed81cb6fb4264808e54c6cb2172e85f47609c8759ead62ddb55223e5a6f07d210f4de226b1d73b447e3d2a973e7772c0bbb14e92a82095c1f6815daeab19dff5cd1477a92a62160a7afd5301a7897d63e63ea9093cbf860d43920d78a67c0c17e405c69943dd5a67d6e3ce95bb831637f14c2a96fbc0658398d89d661eec748398b2066135b805c9897cb805dfe56f687fa993c6830c95fca6a3c507ef564a4f0b0eaa943eda28077f46418b85c3a27e0d6ead13205b76a334fced2b476b04de78422bfc50203cf7a3d74a2ed2e518d53c3eaa42dafab85b2ad0ee1754de65f51fc481b476707d2d7b7e971961ea11ab5392b74eff50c3ca5d979ecac8aa970c40583ac03a877aa2915e44717a6b3e97a8f1c38a90eccbc060d881b42b39bb73bbb2619ac514a7962eefe6e7eda2fa76d730aa8c5710f96a317afaf8f743161d3eca874d232ce3f1ccbe5bd63dfe8ded4929bde5e2921989d440c2488740ed41e1676f0e2f300747cc58317d812fa5fd7309d36b3be69c70888c468507c1441b795a4a1ca9caefdc4cbe775faf72e1faa08d39cb9bf060186fbf2656a9a18d3b0654cd0e6f66b76a4fc9ccbe4c101a6962a234d5faf5fed3e6926f0f42710292244acd27f2db0aa0c83e1896d8085e24896a8083ce7f452724f2ec84cffc3106a9c4591da081e9be1959f1a0d5b90d678f694c805ab11a97221b960dda5f2ef85af350f26bb88c815e664946a9451a502edb50c02514c3ed4bde90e514d41e69a0ef9466beb67e2d2fd3838a9f999c364c042fda0788d5374c6462b84ed8a011d2ee50ff8b36475d97c6cd1", 0x1000, 0x6}, {&(0x7f00000026c0)="f15267720b03e31946ab8dc586b7f0499720c2a9afec63102e9771d35635bb9dd0dab920dcca9e04dd86e0e50a54b55208532673b1abda31384fc8a820fccc7f", 0x40, 0x80}, {&(0x7f0000002700)="2798f68bf0f1826642db20aeb05b2b0dde027056379bf6e09cde5740b0c5d42733a4837fe7f294b88b3555dc5b7b5282a8268a8f3ee4ed1b8f8585ea37965a437834c8bf6d68fdbc63bc438ce93ed08bc6a3f54b0b03d8aec2a367e8051ee61e0f72008187629fd8b6a82c899dd63972bc18cdd2c570816715de25bc17e4b8180b1ae1382a24ad7a0f0620c67b4960d63da2db94aa84b327f617711a90e1deae858f59eac0acdb8964a74b650a5e38dc4a25083f3a48a2d50504ef0a4f5368195cce1e3d5cc8c24499ca119b21e72a31ec5e", 0xd2, 0x200}], 0x40000, &(0x7f0000002900)={[{'+'}, {'9p\x00'}, {'trans=fd,'}, {')-'}, {'trans=fd,'}, {'-@\x00'}, {}, {'rfdno'}, {'-@\x00'}, {'(!\'}#!@@'}], [{@smackfsdef={'smackfsdef', 0x3d, '^:[,'}}]}) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r5, 0xc080661a, &(0x7f0000002980)={@desc={0x1, 0x0, @desc2}}) r6 = syz_mount_image$msdos(&(0x7f0000002a00), &(0x7f0000002a40)='./file1\x00', 0x3ff, 0xa, &(0x7f0000003f40)=[{&(0x7f0000002a80)="a75373c74104b67c6abdca88dca43a26df76a6b158d4bfa42e1a0ce5a2e9cbe0111996abaab0ff8716956af2c4c62e99cd42ef1672430094c68832", 0x3b, 0x1}, {&(0x7f0000002ac0)="2aced32de96103589316aa11add600b34531ef168d2f14b252af30fbeb091666d1e15475e0357651bd86c4be15823c158eef7058c9908ecd05f0b3e8d2adad74202b11d5c595e508e6590af67c7e2e45114e0f1a94df0dd051adf5ad284c7bf68dcf545874c2b078a74910f4926f42b7a581636e56ccded89692362caf6e25d86e924d9693b973fe16f9b291439676962dbc6823f0a43913602004eb172555430c4a0b7e6692f37a1d710a11628e1f385811028d7d6deaa6a8389659336aa7dd630ea4b1a98bb20ce9245cf133ed323244654aa746919c196e26b3e9823c9635ad41a738709efb6ecad1bac91c706391018940633b34ddf3f1e54446", 0xfc, 0x7c}, {&(0x7f0000002bc0), 0x0, 0x4}, {&(0x7f0000002c00)="e65a61506a92cb9091a6a59042d1e635d850cb4cbf490a9ed93197fdb771964f0b5e0a97ed34812d2c886100ef93c0377b2d4f0fdbff71d76da8b64b", 0x3c, 0x4acb88d7}, {&(0x7f0000002c40)="8ce4cbb6ac842fb9e1331f59c3ef95013610ab502761338ba332b8a666b639aaddbd1c0d15830681ed3eb87882f2ee2439745bbce828eafb4f887e8c6335375591305dca0f1ffd24e37da20db6ac01e55bcade23ead0d59f56ce4a4e6454681f55a08ac57744e67e8cc9181672b6b76f1b07e02a017003c35806b59423ea084ff6b29c9ec8a534bb66a24363fd50d0352b37aa05590c2ba6686a6f1426a35ccd800b0ef1ce74fead67034a74bf4186b287da30313b5812c9e7452dbb6782635abc4510096566dfd4f0788daed418ab97820cfb646f181e75", 0xd8, 0x6}, {&(0x7f0000002d40)="1dc942074ba3e2595a612f1c77a14398e480b5431ecbf2b3", 0x18, 0x9}, {&(0x7f0000002d80)="4d42716c3330e88cde57ce6585e8b9b57271c1ede72449c22e4166b734d39ff5dfac8e66255ea3d7912f77ad491e77470baf8b13346ecb9b48c5976f7bcd06726247edca0229c1d8dbd3cefd36f3ac8e460c1a261666b1682af3a062ace71e04bb1b793ad8ae7597c682c8a34941db34a9c1941850026cc155da10fc0ccfbbf31a25c6e8e5b9c194a62f72c72c8e02b5389fe2af269ab4c258c5fffc19da90b9b8f426d071be667a1017bd8dc0b22170afda3313ff880e407e1010f52282ccd044142ff5c4d7d974ef6bfd52ec0b1f7627140447f71df389c3d008ddaabff3396353de14a915d295cc08f85df2ed74b3a5518e683e7616759d2277d193ae782a84fb20b492360fb137fac943f6a6f0142bdb15f887e4f0b1271b3d29c6d5534c810202679377671ba9641ab7838193e8ff7d85bffd2315146de03ad5b7e10cacc938dc1474345e5e5c7f40c5bf8ba906e33ab495814e0eab81a8c7ba8d1c92f166d2f1e6ddc2eae1210c27c0bb70d7b305f22c258aff0fa82369b58149aff715df877fb126668673434318c8748fc2aa17539921a4cee1ac8ff6b7f1538fc33a0ac9d0407a35b9b1e63c43a109d086919e13bf04f35b8f3c1a67e508dc25078990047bbed877cdf4be0bda280b9538833f601b1020c548dc374772b2e60ff528c51dc7a0e6c0c2274529734c40a810c46f8f8b881a0221fe3c347367721891d180255d9c590cea14230426c14552effedd0bd551e5ce8f217a1f3ff6fe5d29546ee8202601ec4acf851793cbd89beefee3030ffecb03908691cac0d27ef47eac06c9c08c0ba1066f6ecf10574c5925a49149ee1f32402712b84a518a35feb1f64955a6e8c66adaed03500d4ca347d2046228c0d80b2785192388c35c935b65b660945852832dd7a1d89a17fea0c1f703c56a9ab320f101ce38dbb293967b0124f1051e9c4b66a7bd7f5df4eee4001e0a4625f0e6a62b9de4a5879eef8828d542ad184e97b368f255bee30a2f49b859b04b241dcbc1453823cfcf07e6f7c78853a9054801c9e159ee0baa0e9f40e9c52ec8a8cded3a9a821aec44268d26d161c8b9955ffc47817d3215f9c23319938940abb4385d25674c692433fa4944122234120d019a29bf437e8d77722c011ed3506873301843f5750ea08df43e8acbd55152c118b8139e995c8e8928b3bff2a723fd9531fe022116a392e6a0a406c484a99fb2fe815541f15f0c828d47302613ddd25e4d2dcdb71b0108407ad421f69353076590535072422e7e3d3f47dd27436534e5545575994145821270cfe0ac6ec03ba17f0ee87e505d4d79a0721e3f82e55ea69b9fea591129654618810a76f285dc370bcea9900cbff0cd475a605fdcda34d93ed997c31115bf746454df40cd3937cad5443147b87b66e7977c75b971a0a74227eccfaa8ee9e4c39b622f0423d0f798e84723f44c695730e5305dad6200dc78995257d6bd979afa029f58211c1944267311d4f25c0b74fe5b06de7c9662942d1d215f719b7bc6ff2a593bf747996d301316d9061cbb3713d935e69a9044e0dd4a32ba359cd59101f09acb50c328495b328b0bed3639a8b8a7e6f6f6c361b57403e450e4636c7e4c788ca5597a81c5f2854f191886a0199b0b53700ff5775716635b57e1f8d4f93e10bd3b5cd34a2ff4725ff77b08b014936abd280550ff0a2ac0b14e0f9009a89f03d671d036cb3a058f610ac54714797392bcc8dd7b55ad9d1017f52faa2f48b429dbb5c5163c6f8c2bc1066e64e9b0d6730416d64393a4d17ef5363315f056197b2df877de63a5c5df725377680d47d8b180634d0e6af6e87f8e72c0d8f2f0f5206e5832ef10192a0f4dba4a2b7c7aa52a4b57b2d1683d62f234570d152bda7be552ce66d03f67dc2fe703b95fa725d59e6b4201250f413a1e4eb05b2109ff5ea00006486349d93fd991b33868b1cf54350a2d55916fdd82b957f258565b6da301ecf8192ad56fb60f2ca39363f0e4f0787aab79aae3f4f50bc9448f26272e0ed9961e456147396fce77f9f03e865d21f2d0b0e380d0df61f274810e1f9a97b4377182acaeefb108ab16f33f6e9d8b36e734fd84ae082a87335c1825c74f55f348b4b25c3082ba3df16189375d286d87fb0702f92b4a21c3e2a15a48b3e7fc21a653b084977f3423df67748691636af78b9a6d7a5c3d094065c9cc65a0cd545f5abcf655d2eba202b6281f7f80c8bf384f80ce340d23e95703a610cb5feaf0dff9098c25eb093313a6247b0f897c1371f75b0c400677828fc9fe9292a3446bc138cd6f66d21da82a824142fdc47839e58efead69493fc17392316870d002acd1f48d2b4a6ed59650948e494f63ca5ac8a9df698f7bbf038dd86f9d3f0e2af00e49b472f2131714080be4d0614a5e3a0843c031af89412583a189ad96c5d0884ebcbe21740bc92c11ecfe62b848c7523f9a2d67450e6364b5edfbfb56acede904c38c8d780573fbb0d64d749fc6e0eb6147b8c4a8d387981e994842810c57677d453663d6445a3e9323da1c63f9c87a66dece580083a1aaf5d42e77048f3a026dcefc6ba345964298a26f8f147a1941e61b229971aa8088b319ac57caafc87ce9140545e4707db015190a1575b510c163e30fdfd0b88fdab209dc579100df958f9ff0d2eba3ac3c61021d76fa9fea1d1c419b1b7ed1c80627b9f5021aefb56e5953e7309c79626ad0c04d7b93ec4aa7d61c4b40fdb2ac388885eb9b5f7b3e45401b774639cee29c3275dc28fde734ff8f798cb5970154523256bc40f16a4abcdb08490894f86381fe1555c115479524bd59e913b2e4e84ce569df56b813b56a542b9347921b7e1a73e1908f5e4690de617f6e06385bfa6807791bdc9ac6f5eec5f865fe25f00cf66796933980086a79594ef619e3a724bc3108a5e83bfd907cb2d8607b07f035a9550bc76ee6a21b70e9a1cb8019ac701e76f4bb955663d00d899bce7ec9f465bd7914a2e3b5f21d5078f017fe712f924192b67453c95cb13168b79494764fedb3ba197d63e9f46ad721290d6a2f28aceda12bcf8216c8f34a77d838f0ee6974cabd50d97483e3afeebed9221b3ec063ba6d77d019da7edd2aa1dfa8712c06e6bfdfac00fb24db8fb03d9b27b84db051726631076ecc4152f6375ce9f388b5a97ed47498b9056aa42f4bd9b6b351d3b9d6132f7dc69117f466194b843481887a39e073b22eba826e7d14349422c2511e0bf2e27fd09d89379f2815f160194f6f0374ec4a7c27f801fd328529158867159098f04329fe5091b835176f6b25acd336a82f6a5d300350cf17df3fa6896a54ea9651061e1ad38b1f34762f44868ca820f4c3685a5b374e3154425f7651518d8357c25624f00d5a9b96ae53ed43cb6e26646cd3d74d91d71810360f941817f9e287e99082f323f6d8a61d95b1b0c66b459011bae3fc3009da659972aa9b6ef227e369a8a3244b5f9902c31f078cbb7178d3788c46ceeb40410db0bf792abbe198c9bc0492fb04701e4f2d6e135bf9ecb27483a7010eb65e6f38d37868c550bbd138ca76b3a9bbd8fe83320a532cb43d8a9760ab11b3dcbfcb83658b82e72ec003becc0f12aaf8c8ae988c7acdf1a5ed5180cf0b7cb8d289c619b5cb89626ea2a259302d3be671b5dc067c8ebd0debe814a6edb2587193754e111f2a214f0ef9b99f87852271e66da4fbab27d1c10785c8cc27e06564aab1ed9ea27d679f81f5af990f9f032150261429ba4184665e47f41aeafbd72d5a86b3e98cc8369467889f2f0a550fd4de0e89f071b217844dc14fed4f5776250e94e079729eae5d20e4e13a4ba61046cc3d927534183c9e002c6c3b854d5d96419cd88a19c291361ffc032e48cc56a27f1da8f8a14436c8176e9cb1471fee8666db91485d989d3b08e78edd4305beca0100d64870c466d2391b7821113ef99659a996d8a54e48138f6fab02687a8690900660ab2cd6b789cded9fafbfc733ed39a80649c044c77d42175382883dd7bd0ac9c12303a9533e0ced7716f2ea32a68ba000b5bc2fe091c7c2fb4424b3437066fa8e9a9653aca9c947da2c52b63fa5df6381d88fcee923df1378ab4bf87eef9c4ada03900396b70f84699be48bc7fc224e589a53cfc9eb7cefe0e45d14fa27be12bbcb58f7ede3679d30ce9967861224ae26692f173c81d93858a0f46d714ab02dc856a9b6253b0540d8a5a2a6024795fe92d5d4aa6a8d2b84832e92aa3d6bf0dc3386dd06055da4456170021f19e77a972ddf08365c4ec2f9f68542ca12117d3f82afde0e4863a74d77a0982602eed3dc666fba1a60d4c460fee1c9b46345f6f3ab59f7acda04850842248fae4871d0d114116aa500736a65b75cb451c3385e58f833b8d39fc16af58bd72a8a4b8e1c7901949b6b6ea4f9dd25418ca594ee7e892332bf0f5c95cf52595cef35662030317df425193ada6acc06a63b6460386d8dfc0d525cbf8e10319447b6c8b0507862638fcf19660559b2de9ac81f7238b1fe54d42811ddb5d49195ce96b6858e9d0d24dbf67947fcdd203cb854bcd86c80c8a9d19001d94406a10580805ad21cfc9ecc6bd41056a730b5dae844a6c7536ea9284d165911c8d51f9e6e2969d797f1a3c6c04f149a6ce544756bc611f3f8f603879f911fbbaa1011e745ddb8ef21a65eb8f44e8c6b68478987c246a86ccf2c66519a88f6b96000319c842e274aa5e2ce7dc41c89e2fa0188368af0e551c88e79cab656a16d18e20717fe7ba2d82914f0a155cb560fa8a8f9d3cedce8544d8ff2c17258013da8bf72fe3680863cee971461c9800823ec047b54c1d675c6f72690dca9cbdda208c80a7cc56d6f519ae074d7bc521ada02a664b31c848e86bb1a39856638225772f2d1c8d085fbc5fdd9b2b4110309a2a478d0d5b981da27eb882ca7bb2ea2231043b74d8e6e9462b8cf02a1399f7a24b9577f4d5079fe496e66d6a15c6e6ac8652c9a51be730ba2eaa1c6447b1de0458eb7b504fc82249196aaad6e1eb83df8020915130fd24c2418a61c6db7b6cda194e368b2dcb34f03a04f6eb462aa74c771a8202e2a6849f002cdbe3b2645f284e4e5845f2f2e6c923a8215555bcb21e6874062f939aa0acccb5fbc58d3ecb3ef3012d88c59c98eb4556896a07f6314b9b7f61f996bf5dfd62729f6627c8db8d60209be53c7ebe3cb32e1436e59755b0da8f4479fe3701fe796c93ba2474ecc500d6d8066311730a7b0f3d8a78f90f1db45f8313bdda6d01da2351ccd21d1a6c7504f181255761ae94487fde474215f9e72f6d12dc5efe8fa571d0520cdd4697d8ddd4a5d88f2cfccd045cb0ff4965f0835eaebc603182a4fc1d0ca657075d46f21170a351adee64454e9f69a6c8cfa951a1f4d849ab308b22fa3cf886598ff39d52345cd67ccabb8a4e150eefdb89012a836e8e93237856bff3e1cd98872001bf826830873d1309c5eacf50c528057bb590484f28999060383de48d5a46f668ecbcbb5cec04a9e03c2cfe75beaf2a75dff42f91e6a12b8b05ab4218aee0ccf7c01407de2e01462ae028d7b91ea724619d733a54282ef3688ae015e078ae258550e312bd290c8c1e7761094f1f8e8bce43314847fe2d3f05abba0952e73e59f9a843ecb0018c6fa1eac95f68e26220f4f87c34e4e93dcb3088158e9c6657c444ba2ed4a93043ab5e020e8f9afebaa777246975a10caf7446aad441d88610e7062af999d074b929fe569fa56309d93cd4762f3e0dbbb16a4e41d069d079d752f9f0deaf4060674daf43a5b4b8ab707bc0f7d8d70", 0x1000, 0x12}, {&(0x7f0000003d80)="8d77dd4969278338623180f3d2d5e07848f33a66479278417c7f741a3d24f0712932c6e5730f088075ad2b9dae304d678de1686897e0dfc4a10c6eb6a9df3c9f12b8943c4168f4d6d1b91559ffc968843462d34025226fa84b2904647bc1c9a1d6ddf72bff5b93d471ef81710ac356b9d3acc8e096712b647c9b958d47326967ddabd8ecf60ba1de48", 0x89, 0x7}, {&(0x7f0000003e40)="91879f5690a4d836f6f79c2147a2f7721cdff911", 0x14, 0x5}, {&(0x7f0000003e80)="e5eac4c7423cc18aed40e98d2e0423214caa5c8a41fdb7fb84dfc6fe8b27fb9ff45d86ecac1853eab55ae0d57bad1baf411a85c87702445b1d967a063652d500e86b1beb1128fd13a195df17b9f6ef6f3211407c185f218549edc7eaf9c70bc9ffa954b6771fed80123355ed87518c8042c49d3a51ee1d635c7e52c8921f63c3c80434bf5dfe23c8e004c093a3337d605a417db9b2008c1b3e8cddae46904cc51297facd3a57a2ca", 0xa8, 0x6}], 0x19004, &(0x7f0000004100)=ANY=[@ANYBLOB="6e6f646f7474732c646f74732c6170707261b66e274bd16cd2df3f1221d1216973655f747970653d696d617369672c636f6e746578743d757365725f752c4e42378eb75227c8000000000a2dc943a1ef321f56424d141a003e3e0c0246e52e0a8a13ef86cb4ee59585255394b9"]) openat(r6, &(0x7f0000004080)='./file0\x00', 0x40, 0x10) r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}}) 00:05:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\a\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1201, 0x2, &(0x7f0000001380)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000140)={[{@fat=@check_strict}]}) 00:05:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x8000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:05:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x9effffff, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:26 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\t\x00', @ANYRES16=r1, @ANYBLOB="210100000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="040017800800050006"], 0x28}}, 0x0) 00:05:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x600}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0xb}}) 00:05:26 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x3}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) [ 1723.422899] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) 00:05:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x10}}) 00:05:26 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r0, 0x621, 0x0, 0x0, {{0x1a, 0x0, 0x700}}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x2}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) 00:05:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) close(r0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x100000000000000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 1723.485206] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) [ 1723.524974] kernel write not supported for file /snd/seq (pid: 5 comm: kworker/0:0) VM DIAGNOSIS: 00:10:35 Registers: info registers vcpu 0 RAX=ffffffff83e219f0 RBX=ffffffff84e322c0 RCX=ffffffff83e0973c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e21db3 RBP=fffffbfff09c6458 RSP=ffffffff84e07e40 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85670b08 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e219fe RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 ffff888000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000559306d1e678 CR3=000000000cd64000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=c75ef70000000000 401d FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=002002fe016c6c6f502e726567616e61 XMM02=00000000000000003fde666666666666 XMM03=00000000000000003fde666666666666 XMM04=00000000000000003fdae1e5b767d5bf XMM05=000000c0062c1140000000c0000ac300 XMM06=00000000000000003fd3333333333333 XMM07=00000000000000003fd0000000000000 XMM08=00000000000000003f4f495211094000 XMM09=0000000000000000bfde56c1bd5de1c6 XMM10=00000000000000003f999999999999a0 XMM11=000000c0042345a0000000c0011a2fc0 XMM12=000000c007cbdd80000000c0000ab080 XMM13=65672063657865080073646565732063 XMM14=74616469646e616320636578650e006e XMM15=000065676169727420636578650b0065 info registers vcpu 1 RAX=ffffffff83e219f0 RBX=ffff88800852b300 RCX=ffffffff83e0973c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e21db3 RBP=ffffed10010a5660 RSP=ffff88800856fe78 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85670b08 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e219fe RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8e0166c010 CR3=000000000cd64000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000412cd31000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000